-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Stephane, Beastie, I am making a compromise. More statistics, but not the amount nor detail that a dedicated package like DSC provides. Without webpages with pretty graphs and data selection user interface; that does not belong inside the nameserver. More similar to the BIND8_STATS in NSD than the DSC package. As config option 'extended-statictics'; default turned off (because of speed). I think: types of queries, answer error codes, validation status, and also spoof-nearmiss-counter (a plain unwanted traffic counter). $ unbound-control stats thread0.num.queries: 1234 thread0.requestlist.exceeded: 0 thread1.num.queries: 1345 thread1.requestlist.exceeded: 1 total.num.queries: 12345 total.requestlist.exceeded: 1 num.query.type.AAAA: 12 num.answer.secure: 123 num.answer.bogus: 23 unwanted.replies: 200000 It does not examine the query names, server names, or addresses, as that creates a lot of extra code (and Stephane, I hear you, that is a problem). Is this format easy to use as input for rrdtool, cacti, munin, ... ? I could also print out: unwanted_replies=200000 Best regards, Wouter Stephane Bortzmeyer wrote: > On Fri, Sep 12, 2008 at 04:18:02PM +0300, > Beastie <beastie24 at gmail.com> wrote > a message of 22 lines which said: > >> It would be very useful to have the ability to see additional >> information insight of the unbound statistics reports. > > My personal opinion: no. > >> In general it would be grate to have separate tool/command that will >> produces this kind of statistics. > > A name server is already complicated enough and I no longer think it > is a good idea to complicate it further with statistics, specially > because of the security problems that may arise. Keep the code small > and clean, please. > > Statistics are, in my opinion, best handled with completely separate > programs which sniff the requests and the responses. I recommend DSC > <https://www.dns-oarc.net/oarc/src/dsc> > _______________________________________________ > Unbound-users mailing list > Unbound-users at unbound.net > http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkjPcyEACgkQkDLqNwOhpPjLdgCeJEDG2BjgkE6usVT+Wiq0xiPN NtkAniJrZOJ+BlU/s9QWhOkxVSNXtSGC =765M -----END PGP SIGNATURE-----