eG Help

A resolver is a program that resolves questions about names by sending those questions to appropriate servers and responding appropriately to the servers’ replies. In the most common application, a web browser uses a local stub resolver library on the same computer to look up names in the DNS. That stub resolver is part of the operating system. (Many operating system distributions use the BIND resolver library.) The stub resolver usually will forward queries to a caching resolver, a server or group of servers on the network dedicated to DNS services. Those resolvers will send queries to one or multiple authoritative servers in order to find the IP address for that DNS name.

This means that latencies/errors experienced by the resolver can cause overall query processing by BIND DNS to significantly slow down. This is why, where name resolution queries take too long to provide answers, administrators should look at how much time the resolver program took to process those queries and if any queries failed at the resolver. The Bind Resolver Statistics test provides administrators with this insight.

This test monitors the queries sent/forwarded by the resolver program , and measures the average round trip time of the queries. Administrators are alerted if even one query registers an abnormally high round trip time. Query failures are also brought to the immediate attention of administrators, so that they can investigate the reason for the same and fix it. In addition, the test also tracks the responses received by the resolver program to queries it forwarded. In the process, the test sheds light on error responses and the probable reason for those errors.

Measurement	Description	Measurement Unit	Interpretation
ipv4_sent	Indicates the number of IPv4 queries sent by the resolver.	Number	These are good measures of the current workload of the resolver program.
ipv6_sent	Indicates the number of IPv6 queries sent by the resolver.	Number
v4_recv	Indicates the number of IPv4 responses received by the resolver.	Number
v6_recv	Indicates the number of IPv6 responses received by the resolver.	Number
rtt_1	Indicates the number of queries with round trip time (RTT) less than 10 ms.	Number	A high value is desired for this measure.
rtt_1_1	Indicates the number of queries with round trip time (RTT) between 10 ms and 100 ms.	Number	Ideally, the value of this measure should be 0. A non-zero value indicates that one/more queries are slow.
rtt_1_5	Indicates the number of queries with round trip time (RTT) between 100 ms and 500 ms.	Number	Ideally, the value of this measure should be 0. A non-zero value indicates that one/more queries are slow.
rtt_5_8	Indicates the number of queries with round trip time (RTT) between 500 ms and 800 ms.	Number	Ideally, the value of this measure should be 0. A non-zero value indicates that one/more queries are slow.
rtt_8_16	Indicates the number of queries with round trip time (RTT) between 800 ms and 1600 ms.	Number	Ideally, the value of this measure should be 0. A non-zero value indicates that one/more queries are slow.
rtt_16	Indicates the number of queries with round trip time (RTT) over 1600 ms.	Number	Ideally, the value of this measure should be 0. A non-zero value indicates that one/more queries are slow.
nx_recv	Indicates the number of queries that resulted in NXDOMAIN error.	Number	The NXDOMAIN error occurs when the domain name queried does not exist. Ideally, the value of this measure should be 0.
servfails	Indicates the number of queries that resulted in SERVFAIL error.	Number	The value of this measure indicates the number of queries that the server failed to complete because of errors when communicating with the delegated name server. Ideally, the value of this measure should be 0.
former	Indicates the number of queries that resulted in FORMERR error.	Number	A non-zero value of this measure indicates that one/more FORMERR errors have occurred. A FORMERR refers to a DNS query format error.
oth_err	Indicates the number of queries that resulted in errors other than the NXDOMAIN, SERVFAIL, and FORMERR errors.	Number	Ideally, the value of this measure should be 0.
que_fails	Indicates the number of EDNS(0) query failures.	Number	Extension mechanisms for DNS (EDNS) is a specification for expanding the size of several parameters of the Domain Name System (DNS) protocol which had size restrictions that the Internet engineering community deemed too limited for increasing functionality of the protocol. EDNS adds information to DNS messages in the form of pseudo-Resource Records (“pseudo-RRs”) included in the “additional data” section of a DNS message. Note that this section exists in both requests and responses. EDNS introduces a single pseudo-RR type: OPT. As pseudo-RRs, OPT type RRs never appear in any zone file; they exist only in messages, fabricated by the DNS participants. The OPT pseudo-record provides space for up to 16 flags and it extends the space for the response code. The overall size of the UDP packet and the version number (at present 0) are contained in the OPT record. A variable length data field allows further information to be registered in future versions of the protocol. Ideally, the value of this measure should be 0.
qry_tout	Indicates the number of query timeouts.	Number	The default timeout value for the first round of queries at the resolver is 5 seconds er name server. After each round of queries, the resolver doubles the initial timeout. BIND 8.2 and previous resolvers send a total of four rounds of queries; BIND 8.2.1 and later resolvers send two. There is no way to modify the timeouts in a Windows resolver. However, the default timeouts are fairly short in newer Windows resolvers (one second for the first query in Windows 2000, for example), so adjusting them may not be necessary.
qry_retry	Indicates the number of query retries that were performed by the resolver program.	Number	Higher the number of retries slower will be query processing. Ideally therefore, this measure value should be very low.
lame_del	Indicates the number of queries that could not be serviced due to lame delegations.	Number	A lame delegation occurs when an authoritative DNS server (eg. .com) has a delegation (eg.lamedelegation.com) to other DNS server that are not authoritative for this zone. Ideally, the value of this measure should be 0.
v4_ns_fet	Indicates the number of IPv4 NS address fetches invoked.	Number
v4_ft_fail	Indicates the number of IPv4 NS address fetches failed.	Number	Ideally, the value of this measure should be 0.