From: Pieter Lexis Date: Mon, 17 Jul 2017 20:08:12 +0000 (+0200) Subject: Recursor documentation additions X-Git-Tag: rec-4.1.0-alpha1~5^2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4368d62f7cdf0c94a51bf37e63f023060e435aa6;p=pdns Recursor documentation additions * Add MIB to docs * Update some functions based on the changelog * Update the changelog --- diff --git a/pdns/recursordist/Makefile.am b/pdns/recursordist/Makefile.am index a425cd53c..39555d72f 100644 --- a/pdns/recursordist/Makefile.am +++ b/pdns/recursordist/Makefile.am @@ -58,7 +58,8 @@ EXTRA_DIST = \ rrd/* \ html incfiles \ test_libcrypto \ - pdns-recursor.service.in + pdns-recursor.service.in \ + RECURSOR-MIB.txt dist-hook: for file in $$(find $(distdir)/docs -type l); do \ diff --git a/pdns/recursordist/RECURSOR-MIB.txt b/pdns/recursordist/RECURSOR-MIB.txt new file mode 100644 index 000000000..ccbacf889 --- /dev/null +++ b/pdns/recursordist/RECURSOR-MIB.txt @@ -0,0 +1,908 @@ +-- -*- snmpv2 -*- +-- ---------------------------------------------------------------------- +-- MIB file for PowerDNS Recursor +-- ---------------------------------------------------------------------- + +PDNSRECURSOR-MIB DEFINITIONS ::= BEGIN + +IMPORTS + OBJECT-TYPE, MODULE-IDENTITY, enterprises, + Counter64, NOTIFICATION-TYPE + FROM SNMPv2-SMI + CounterBasedGauge64 + FROM HCNUM-TC + OBJECT-GROUP, MODULE-COMPLIANCE, NOTIFICATION-GROUP + FROM SNMPv2-CONF; + +rec MODULE-IDENTITY + LAST-UPDATED "201611290000Z" + ORGANIZATION "PowerDNS BV" + CONTACT-INFO "support@powerdns.com" + DESCRIPTION + "This MIB module describes information gathered through PowerDNS Recursor." + + REVISION "201611290000Z" + DESCRIPTION "Initial revision." + + ::= { powerdns 2 } + +powerdns OBJECT IDENTIFIER ::= { enterprises 43315 } + +stats OBJECT IDENTIFIER ::= { rec 1 } + +questions OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of questions" + ::= { stats 1 } + +ipv6Questions OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv6 questions" + ::= { stats 2 } + +tcpQuestions OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of TCP questions" + ::= { stats 3 } + +cacheHits OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of cache hits" + ::= { stats 4 } + +cacheMisses OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of cache misses" + ::= { stats 5 } + +cacheEntries OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of cache entries" + ::= { stats 6 } + +cacheBytes OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Size of the cache in bytes" + ::= { stats 7 } + +packetcacheHits OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of packetcache hits" + ::= { stats 8 } + +packetcacheMisses OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of packetcache misses" + ::= { stats 9 } + +packetcacheEntries OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of packetcache entries" + ::= { stats 10 } + +packetcacheBytes OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Size of the packetcache in bytes" + ::= { stats 11 } + +mallocBytes OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of bytes allocated by malloc" + ::= { stats 12 } + +servfailAnswers OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of servfail answers" + ::= { stats 13 } + +nxdomainAnswers OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of nxdomain answers" + ::= { stats 14 } + +noerrorAnswers OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of noerror answers" + ::= { stats 15 } + +unauthorizedUdp OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of unauthorized UDP queries" + ::= { stats 16 } + +unauthorizedTcp OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of unauthorized TCP queries" + ::= { stats 17 } + +tcpClientOverflow OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of TCP client connections refused because of too many connections" + ::= { stats 18 } + +clientParseErrors OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of client parse errors" + ::= { stats 19 } + +serverParseErrors OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of server parse errors" + ::= { stats 20 } + +tooOldDrops OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of responses dropped because of a timeout" + ::= { stats 21 } + +answers01 OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries answered in less than 1 ms" + ::= { stats 22 } + +answers110 OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries answered in 1-10 ms" + ::= { stats 23 } + +answers10100 OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries answered in 10-100 ms" + ::= { stats 24 } + +answers1001000 OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries answered in 100-1000 ms" + ::= { stats 25 } + +answersSlow OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries answered in more than 1000 ms" + ::= { stats 26 } + +auth4Answers01 OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv4 queries answered in less than 1 ms" + ::= { stats 27 } + +auth4Answers110 OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv4 queries answered in 1-10 ms" + ::= { stats 28 } + +auth4Answers10100 OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv4 queries answered in 10-100 ms" + ::= { stats 29 } + +auth4Answers1001000 OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv4 queries answered in 100-1000 ms" + ::= { stats 30 } + +auth4Answersslow OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv4 queries answered in more than 1000 ms" + ::= { stats 31 } + +auth6Answers01 OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv6 queries answered in less than 1 ms" + ::= { stats 32 } + +auth6Answers110 OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv6 queries answered in 1-10 ms" + ::= { stats 33 } + +auth6Answers10100 OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv6 queries answered in 10-100 ms" + ::= { stats 34 } + +auth6Answers1001000 OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv6 queries answered in 100-1000 ms" + ::= { stats 35 } + +auth6AnswersSlow OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv6 queries answered in more than 1000 ms" + ::= { stats 36 } + +qaLatency OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Average latency in microseconds" + ::= { stats 37 } + +unexpectedPackets OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of unexpected packets" + ::= { stats 38 } + +caseMismatches OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of case mismatches" + ::= { stats 39 } + +spoofPrevents OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of spoof prevents" + ::= { stats 40 } + +nssetInvalidations OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of nsset invalidations" + ::= { stats 41 } + +resourceLimits OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of resolution aborted because of a local resource limit" + ::= { stats 42 } + +overCapacityDrops OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries dropped because the threads limit was reached" + ::= { stats 43 } + +policyDrops OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries dropped because of a policy" + ::= { stats 44 } + +noPacketError OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of noPacketError" + ::= { stats 45 } + +dlgOnlyDrops OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of records dropped because of they belonged to a delegation-only zone" + ::= { stats 46 } + +ignoredPackets OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of ignored packets" + ::= { stats 47 } + +maxMthreadStack OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Maximum size of the Mthread stack" + ::= { stats 48 } + +negcacheEntries OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of negcache entries" + ::= { stats 49 } + +throttleEntries OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of throttle entries" + ::= { stats 50 } + +nsspeedsEntries OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of nsspeeds entries" + ::= { stats 51 } + +failedHostEntries OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of failed host entries" + ::= { stats 52 } + +concurrentQueries OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of concurrent queries" + ::= { stats 53 } + +securityStatus OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Current security status" + ::= { stats 54 } + +outgoingTimeouts OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of outgoing timeouts" + ::= { stats 55 } + +outgoing4Timeouts OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv4 outgoing timeouts" + ::= { stats 56 } + +outgoing6Timeouts OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv6 outgoing timeouts" + ::= { stats 57 } + +tcpOutqueries OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of outgoing TCP queries sent" + ::= { stats 58 } + +allOutqueries OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of outgoing queries sent" + ::= { stats 59 } + +ipv6Outqueries OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of IPv6 outgoing queries sent" + ::= { stats 60 } + +throttledOutqueries OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of throttled outgoing queries" + ::= { stats 61 } + +dontOutqueries OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of outgoing queries not sent because of a 'dont-query' setting" + ::= { stats 62 } + +unreachables OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of errors due to an unreachable server" + ::= { stats 63 } + +chainResends OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of chain resends" + ::= { stats 64 } + +tcpClients OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of TCP clients" + ::= { stats 65 } + +udpRecvbufErrors OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of UDP recvbuf errors (Linux only)" + ::= { stats 66 } + +udpSndbufErrors OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of UDP sndbuf errors (Linux only)" + ::= { stats 67 } + +udpNoportErrors OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of UDP noport errors (Linux only)" + ::= { stats 68 } + +udpinErrors OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of UDP in errors (Linux only)" + ::= { stats 69 } + +ednsPingMatches OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of EDNS Ping matches" + ::= { stats 70 } + +ednsPingMismatches OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of EDNS Ping mismatches" + ::= { stats 71 } + +dnssecQueries OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of DNSSEC queries" + ::= { stats 72 } + +nopingOutqueries OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of outgoing queries w/o ping" + ::= { stats 73 } + +noednsOutqueries OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of outgoing queries w/o EDNS" + ::= { stats 74 } + +uptime OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Process uptime in seconds" + ::= { stats 75 } + +realMemoryUsage OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Memory usage" + ::= { stats 76 } + +fdUsage OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "File descriptors usage" + ::= { stats 77 } + +userMsec OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "CPU usage (user) in ms" + ::= { stats 78 } + +sysMsec OBJECT-TYPE + SYNTAX CounterBasedGauge64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "CPU usage (system) in ms" + ::= { stats 79 } + +dnssecValidations OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of DNSSEC validations" + ::= { stats 80 } + +dnssecResultInsecure OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of DNSSEC insecure results" + ::= { stats 81 } + +dnssecResultSecure OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of DNSSEC secure results" + ::= { stats 82 } + +dnssecResultBogus OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of DNSSEC bogus results" + ::= { stats 83 } + +dnssecResultIndeterminate OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of DNSSEC indeterminate results" + ::= { stats 84 } + +dnssecResultNta OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of DNSSEC NTA results" + ::= { stats 85 } + +policyResultNoaction OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of policy-mandated no-action results" + ::= { stats 86 } + +policyResultDrop OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of policy-mandated drops" + ::= { stats 87 } + +policyResultNxdomain OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of policy-mandated NXdomain results" + ::= { stats 88 } + +policyResultNodata OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of policy-mandated nodata results" + ::= { stats 89 } + +policyResultTruncate OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of policy-mandated truncate results" + ::= { stats 90 } + +policyResultCustom OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of policy-mandated custom results" + ::= { stats 91 } + +--- +--- Traps / Notifications +--- + +trap OBJECT IDENTIFIER ::= { rec 10 } +traps OBJECT IDENTIFIER ::= { trap 0 } --- reverse-mappable +trapObjects OBJECT IDENTIFIER ::= { rec 11 } + +trapReason OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Reason for this trap" + ::= { trapObjects 1 } + +customTrap NOTIFICATION-TYPE + OBJECTS { + trapReason + } + STATUS current + DESCRIPTION "Trap sent by sendCustomTrap" + ::= { traps 1 } + +--- +--- Conformance +--- + +recConformance OBJECT IDENTIFIER ::= { rec 100 } + +recCompliances MODULE-COMPLIANCE + STATUS current + DESCRIPTION "PowerDNS Recursor compliance statement" + MODULE + MANDATORY-GROUPS { + recGroup, + recTrapsGroup + } + ::= { recConformance 1 } + +recGroup OBJECT-GROUP + OBJECTS { + questions, + ipv6Questions, + tcpQuestions, + cacheHits, + cacheMisses, + cacheEntries, + cacheBytes, + packetcacheHits, + packetcacheMisses, + packetcacheEntries, + packetcacheBytes, + mallocBytes, + servfailAnswers, + nxdomainAnswers, + noerrorAnswers, + unauthorizedUdp, + unauthorizedTcp, + tcpClientOverflow, + clientParseErrors, + serverParseErrors, + tooOldDrops, + answers01, + answers110, + answers10100, + answers1001000, + answersSlow, + auth4Answers01, + auth4Answers110, + auth4Answers10100, + auth4Answers1001000, + auth4Answersslow, + auth6Answers01, + auth6Answers110, + auth6Answers10100, + auth6Answers1001000, + auth6AnswersSlow, + qaLatency, + unexpectedPackets, + caseMismatches, + spoofPrevents, + nssetInvalidations, + resourceLimits, + overCapacityDrops, + policyDrops, + noPacketError, + dlgOnlyDrops, + ignoredPackets, + maxMthreadStack, + negcacheEntries, + throttleEntries, + nsspeedsEntries, + failedHostEntries, + concurrentQueries, + securityStatus, + outgoingTimeouts, + outgoing4Timeouts, + outgoing6Timeouts, + tcpOutqueries, + allOutqueries, + ipv6Outqueries, + throttledOutqueries, + dontOutqueries, + unreachables, + chainResends, + tcpClients, + udpRecvbufErrors, + udpSndbufErrors, + udpNoportErrors, + udpinErrors, + ednsPingMatches, + ednsPingMismatches, + dnssecQueries, + nopingOutqueries, + noednsOutqueries, + uptime, + realMemoryUsage, + fdUsage, + userMsec, + sysMsec, + dnssecValidations, + dnssecResultInsecure, + dnssecResultSecure, + dnssecResultBogus, + dnssecResultIndeterminate, + dnssecResultNta, + policyResultNoaction, + policyResultDrop, + policyResultNxdomain, + policyResultNodata, + policyResultTruncate, + policyResultCustom, + trapReason + } + STATUS current + DESCRIPTION "Objects conformance group for PowerDNS Recursor" + ::= { recConformance 2 } + +recTrapsGroup NOTIFICATION-GROUP + NOTIFICATIONS { + customTrap + } + STATUS current + DESCRIPTION "Traps conformance group for PowerDNS Recursor" + ::= { recConformance 3 } + +END diff --git a/pdns/recursordist/docs/changelog/4.1.rst b/pdns/recursordist/docs/changelog/4.1.rst index c43285aa9..1d0e2cd54 100644 --- a/pdns/recursordist/docs/changelog/4.1.rst +++ b/pdns/recursordist/docs/changelog/4.1.rst @@ -29,14 +29,13 @@ Changelogs for 4.1.x .. change:: :tags: Improvements, DNSSEC - :pullreq: 5463, 5223 + :pullreq: 5463, 5223, 5486 :tickets: 4994, 4490, 4362, 4254 - Implement "on-the-fly" DNSSEC processing. - This places the DNSSEC processing alongside the regular recursion, reducing possible cornercases. + Implement "on-the-fly" DNSSEC processing. This places the DNSSEC processing alongside the regular recursion, reducing possible cornercases, adding unit tests and making the code better maintainable. .. change:: - :tags: Improvements + :tags: New Features :pullreq: 5063 :tickets: 2818 @@ -49,3 +48,187 @@ Changelogs for 4.1.x Show a useful error when an invalid :ref:`setting-lua-config-file` is configured. + .. change:: + :tags: New Features, Protobuf + :pullreq: 4291 + :tickets: 4109 + + Add ``taggedOnly`` option to :func:`protobufServer` to only send protobuf messages with a policy or tag set. + + .. change:: + :tags: Bug Fixes + :pullreq: 4860 + + Fix :class:`DNSQuestion` members alterations from Lua not being taken into account. + + .. change:: + :tags: Bug Fixes, Protobuf + :pullreq: 4984 + :tickets: 4969 + + Fix ``remote``/``local`` inversion in :func:`preoutquery`. + + .. change:: + :tags: New Features, Scripting + :pullreq: 4982 + :tickets: 4981 + + Allow returning the :attr:`DNSQuestion.data` table from :func:`gettag`. + + .. change:: + :tags: New Features, SNMP + :pullreq: 4990, 5404 + + Add :ref:`SNMP ` support. + + .. change:: + :tags: Improvements + :pullreq: 5106 + + Split SyncRes::doResolveAt, add const and static whenever possible. Possibly improving performance while making the code easier to maintain. + + .. change:: + :tags: Improvements + :pullreq: 5102 + + Packet cache speedup and cleanup. + + .. change:: + :tags: Improvements + :pullreq: 5146 + + Make Lua mandatory for recursor builds. + + .. change:: + :tags: Improvements, Performance + :pullreq: 5103, 5487 + + Use one listening socket per thread when reuseport is enabled. + + .. change:: + :tags: Improvements, RPZ + :pullreq: 5057 + + Use the RPZ zone's TTL and add a new `maxTTL` setting. + + .. change:: + :tags: Improvements, Lua + :pullreq: 5141 + + Stop (de)serializing :attr:`DNSQuestion.data`. + + .. change:: + :tags: New Features, Lua + :pullreq: 5198 + :tickets: 5195 + + Allow access to EDNS options from the :func:`gettag` hook. + + .. change:: + :tags: Improvements + :pullreq: 5226 + + Refactor the negative cache into a class. + + .. change:: + :tags: Bug Fixes + :pullreq: 5209 + + Ensure locks can not be copied. + + .. change:: + :tags: Improvements, RPZ + :pullreq: 5275, 5307 + :tickets: 5231, 5236 + + RPZ updates are done zone by zone, zones are now shared pointers. + + .. change:: + :tags: Bug Fixes + :pullreq: 5252 + :tickets: 5246 + + Only apply :ref:`setting-root-nx-trust` if the received SOA is ".". + + .. change:: + :tags: New Features + :pullreq: 4569 + + Pass ``tcp`` to :func:`gettag`, allow setting the requestor ID from hooks. + + .. change:: + :tags: Bug Fixes + :pullreq: 5312 + + Don't throw an exception when logging to protobuf without a question set. + + .. change:: + :tags: New Features, Lua + :pullreq: 5293 + + Allow retrieving stats from Lua via the :func:`getStat` call. + + .. change:: + :tags: New Features, RPZ + :pullreq: 5265 + :tickets: 5237 + + Add support for RPZ wildcarded target names. + + .. change:: + :tags: Bug Fixes + :pullreq: 5320 + + Correctly truncate EDNS Client Subnetmasks. + + .. change:: + :tags: Improvements + :pullreq: 5319 + + Only check the netmask for subnet specific cache entries. + + .. change:: + :tags: Improvements + :pullreq: 5236 + + Refactor and split ``SyncRes::doResolveAt()``, making it easier to understand. + Get rid of ``SyncRes::d_nocache``, makes sure we can't get into a root refresh loop. + Limit the use of global variables in SyncRes, to make it easier to understand the interaction between components + + .. change:: + :tags: Improvements, EDNS Client Subnet + :pullreq: 5461, 5472 + + Add an ECS index to the cache + + .. change:: + :tags: New Features, EDNS Client Subnet + :pullreq: 5409 + + Add ECS metrics. + + .. change:: + :tags: Improvements, EDNS Client Subnet, DNSSEC + :pullreq: 5484 + + Use ECS when updating the validation state if needed. + + .. change:: + :tags: Bug Fixes, API + :pullreq: 5466 + :tickets: 5398 + + Clean up auth/recursor code mismatches in the API (Christian Hofstaedtler). + + .. change:: + :tags: Bug Fixes + :pullreq: 5474 + :tickets: 5474 + + Only increase ``no-packet-error`` on the first read. + + .. change:: + :tags: Improvements + :pullreq: 5511 + + When dumping the cache, also dump RRSIGs. diff --git a/pdns/recursordist/docs/lua-config/protobuf.rst b/pdns/recursordist/docs/lua-config/protobuf.rst index 33785c24e..fa585357e 100644 --- a/pdns/recursordist/docs/lua-config/protobuf.rst +++ b/pdns/recursordist/docs/lua-config/protobuf.rst @@ -8,68 +8,37 @@ In addition, messages related to responses contain the name, type, class and rda Finally, if a RPZ or custom Lua policy has been applied, response messages also contain the applied policy name and some tags. This is particularly useful to detect and act on infected hosts. -The protocol buffers message types can be found in the `dnsmessage.proto `_ file. - Configuring Protocol Buffer logs -------------------------------- Protobuf export to a server is enabled using the ``protobufServer()`` directive: -.. code-block:: Lua - - protobufServer("192.0.2.1:4242" [[[[[[[, timeout], maxQueuedEntries], reconnectWaitTime], maskV4], maskV6], asyncConnect], taggedOnly]) - -timeout -^^^^^^^ -Time in seconds to wait when sending a message, defaults to 2. - -maxQueuedEntries -^^^^^^^^^^^^^^^^ -How many entries will be kept in memory if the server becomes unreachable, defaults to 100. - -reconnectWaitTime -^^^^^^^^^^^^^^^^^ -How long to wait, in seconds, between two reconnection attempts, defaults to 1. +.. function:: protobufServer(server [[[[[[[, timeout=2], maxQueuedEntries=100], reconnectWaitTime=1], maskV4=32], maskV6=128], asyncConnect=false], taggedOnly=false]) -maskV4 -^^^^^^ -network mask to apply to the client IPv4 addresses, for anonymization purposes. -The default of 32 means no anonymization. - -maskV6 -^^^^^^ -Same as maskV4, but for IPv6. Defaults to 128. - -taggedOnly -^^^^^^^^^^ -Only entries with a policy or a policy tag set will be sent. - -asyncConnect -^^^^^^^^^^^^ -When set to false (default) the first connection to the server during startup will block up to ``timeout`` seconds, otherwise the connection is done in a separate thread. +:param string server: The IP and port to connect to +:param int timeout: Time in seconds to wait when sending a message +:param int maxQueuedEntries: How many entries will be kept in memory if the server becomes unreachable +:param int reconnectWaitTime: How long to wait, in seconds, between two reconnection attempts +:param int maskV4: network mask to apply to the client IPv4 addresses, for anonymization purposes. The default of 32 means no anonymization. +:param int maskV6: Same as maskV4, but for IPv6. Defaults to 128. +:param bool taggedOnly: Only entries with a policy or a policy tag set will be sent. +:param bool asyncConnect: When set to false (default) the first connection to the server during startup will block up to ``timeout`` seconds, otherwise the connection is done in a separate thread. Logging outgoing queries and responses -------------------------------------- -While ``protobufServer()`` only exports the queries sent to the recursor from clients, with the corresponding responses, ``outgoingProtobufServer()`` can be used to export outgoing queries sent by the recursor to authoritative servers, along with the corresponding responses. - -.. code-block:: Lua - - outgoingProtobufServer("192.0.2.1:4242" [[[[, timeout], maxQueuedEntries], reconnectWaitTime], asyncConnect]) +While :func:`protobufServer` only exports the queries sent to the recursor from clients, with the corresponding responses, ``outgoingProtobufServer()`` can be used to export outgoing queries sent by the recursor to authoritative servers, along with the corresponding responses. -The optional parameters for ``outgoingProtobufServer()`` are: +.. function:: outgoingProtobufServer(server [[[[, timeout=2], maxQueuedEntries=100], reconnectWaitTime=1], asyncConnect=false]) -timeout -^^^^^^^ -Time in seconds to wait when sending a message, defaults to 2. +:param string server: The IP and port to connect to +:param int timeout: Time in seconds to wait when sending a message +:param int maxQueuedEntries: How many entries will be kept in memory if the server becomes unreachable +:param int reconnectWaitTime: How long to wait, in seconds, between two reconnection attempts +:param bool asyncConnect: When set to false (default) the first connection to the server during startup will block up to ``timeout`` seconds, otherwise the connection is done in a separate thread. -maxQueuedEntries -^^^^^^^^^^^^^^^^ -How many entries will be kept in memory if the server becomes unreachable, defaults to 100. +Protobol Buffers Definition +--------------------------- -reconnectWaitTime -^^^^^^^^^^^^^^^^^ -How long to wait, in seconds, between two reconnection attempts, defaults to 1. +The protocol buffers message types can be found in the `dnsmessage.proto `_ file and is included here: -asyncConnect -^^^^^^^^^^^^ -When set to false (default) the first connection to the server during startup will block up to ``timeout`` seconds, otherwise the connection is done in a separate thread. +.. literalinclude:: ../../../dnsmessage.proto diff --git a/pdns/recursordist/docs/lua-scripting/hooks.rst b/pdns/recursordist/docs/lua-scripting/hooks.rst index 2c022806a..801629044 100644 --- a/pdns/recursordist/docs/lua-scripting/hooks.rst +++ b/pdns/recursordist/docs/lua-scripting/hooks.rst @@ -296,6 +296,8 @@ Example script end end +.. _snmp: + SNMP Traps ---------- @@ -312,3 +314,8 @@ For example, to send a custom SNMP trap containing the qname from the sendCustomSNMPTrap('Trap from preresolve, qname is '..dq.qname:toString()) return false end + +MIB +^^^ + +.. literalinclude:: ../../RECURSOR-MIB.txt diff --git a/pdns/recursordist/docs/lua-scripting/statistics.rst b/pdns/recursordist/docs/lua-scripting/statistics.rst index 1df9201d2..9a1a7fa99 100644 --- a/pdns/recursordist/docs/lua-scripting/statistics.rst +++ b/pdns/recursordist/docs/lua-scripting/statistics.rst @@ -50,6 +50,13 @@ Looking at Statistics .. versionadded:: 4.1.0 Statistics can be retrieved from Lua using the :func:`getStat` call. + +.. function:: getStat(name) -> int + + Returns the value of a statistic. + + :param string name: The name of the statistic. + For example, to retrieve the number of cache misses: .. code-block:: Lua @@ -57,5 +64,3 @@ For example, to retrieve the number of cache misses: cacheMisses = getStat("cache-misses") Please be aware that retrieving statistics is a relatively costly operation, and as such should for example not be done for every query. - - diff --git a/pdns/recursordist/powerdns-example-script.lua b/pdns/recursordist/powerdns-example-script.lua deleted file mode 120000 index 4cf87e020..000000000 --- a/pdns/recursordist/powerdns-example-script.lua +++ /dev/null @@ -1 +0,0 @@ -../powerdns-example-script.lua \ No newline at end of file