DNS Statistics
Following table provides the complete list of DNS server statistics available in Cisco Prime Network Registrar. For information on how to view these statistics using web UI and CLI, see DNS Statistics.
Statistic |
Description |
---|---|
DNS Server Statistics |
|
Server Identifier (id) |
Identifies this DNS Server. |
Recursive Service (config-recurs) |
Describes the recursion services offered by this name server. Values are:
|
Process Uptime (config-up-time) |
Reports the time elapsed since the DNS Server process was started. |
Time Since Reset (config-reset-time) |
Reports the time elapsed since the DNS Server was last reset (restarted). |
Server Status (config-reset) |
Describes the name server state. Possible values are:
|
counter-reset-time |
Reports the most recent time the server counters were reset by the dns resetStats command. |
sample-time |
Reports the time the server collected the last set of sample statistics. |
Statistics Interval (sample-interval) |
Reports the sample interval used by the server when collecting the last set of sample statistics. |
statistics-request-time |
Reports the time the server processed this request for statistics. |
Total Zones (total-zones) |
Reports the total number of zones managed by the DNS server, including both primary and secondary zones. |
Total RRs (total-rrs) |
Reports the total number of RRs in the server, contained in both primary and secondary zones. |
DNS Server Performance Statistics |
|
packets-in |
Reports the total number of packets received. |
packets-out |
Reports the total number of packets sent. |
packets-in-udp |
Reports the total number of UDP packets received. |
packets-out-udp |
Reports the total number of UDP packets sent. |
packets-in-tcp |
Reports the total number of TCP packets received. |
packets-out-tcp |
Reports the total number of TCP packets sent. |
ipv4-packets-in |
Reports the total number of IPv4 packets received. |
ipv4-packets-out |
Reports the total number of IPv4 packets sent. |
ipv6-packets-in |
Reports the total number of IPv6 packets received. |
ipv6-packets-out |
Reports the total number of IPv6 packets sent. |
update-packets |
Reports the number of successful DNS updates. |
updated-rrs |
Reports the total number of RRs added and deleted, including updates from the CPNR UIs, whether or not there were database errors. |
notifies-in |
Reports the number of inbound notifies. Each notify packet received is counted separately. |
notifies-out |
Reports the number of outbound notifies. Each notify packet sent is counted separately. |
ixfrs-in |
Reports the number of successful inbound incremental transfers, including incremental requests that resulted in full zone transfers. |
ixfrs-out |
Reports the number of successful outbound incremental transfers. |
ixfrs-full-resp |
Reports the number of outbound full zone transfers in response to IXFR requests. These may have been due to IXFR errors, insufficient serial history, or too many changes in the zone. |
axfrs-in |
Reports the number of successful inbound AXFRs. |
axfrs-out |
Reports the number of successful outbound full zone transfers, including those counted in ixfrs-full-resp. |
xfrs-in-at-limit |
Reports the number of times that inbound transfers reached the concurrent limit. |
xfrs-out-at-limit |
Reports the number of times that outbound transfers reached the concurrent limit. |
responses-with-NOTIMP |
Reports the numbers of requests with OP codes that are not implemented. |
DNS Server Query Statistics |
|
queries-total |
Total number of queries received by the DNS Server. |
queries-failed-acl |
Reports the number of query ACL (restrict-query-acl) failures. |
queries-over-udp |
Total number of queries received over UDP by the DNS Server. |
queries-over-tcp |
Total number of queries received over TCP by the DNS Server. |
queries-over-ipv4 |
Total number of IPv4 queries received by the DNS Server. |
queries-over-ipv6 |
Total number of IPv6 queries received by the DNS Server. |
queries-over-tls |
Total number of queries received over TLS by the DNS Server. |
queries-over-tls-failed |
Total number of TLS queries failed during TLS handshake. |
queries-with-edns |
Reports the number of OPT RR packets processed. |
queries-type-A |
Number of A queries received. |
queries-type-AAAA |
Number of AAAA queries received. |
queries-type-ANY |
Number of ANY queries received. |
queries-type-CAA |
Number of CAA queries received. |
queries-type-CNAME |
Number of CNAME queries received. |
queries-type-DNSKEY |
Number of DNSKEY queries received. |
queries-type-DS |
Number of DS queries received. |
queries-type-HTTPS |
Number of HTTPS RR (TYPE 65) queries received. |
queries-type-MX |
Number of MX queries received. |
queries-type-NAPTR |
Number of NAPTR queries received. |
queries-type-NS |
Number of NS queries received. |
queries-type-NSEC |
Number of NSEC queries received. |
queries-type-PTR |
Number of PTR queries received. |
queries-type-RRSIG |
Number of RRSIG queries received. |
queries-type-SOA |
Number of SOA queries received. |
queries-type-SRV |
Number of SRV queries received. |
queries-type-TXT |
Number of TXT queries received. |
queries-type-SVCB |
Number of SVCB (TYPE 64) queries received. |
queries-type-URI |
Number of URI queries received. |
queries-type-other |
All other queries received. |
queries-rpz |
Reports the number of queries for Response Policy Zones (RPZ). |
queries-dnssec |
Reports the total number of queries requesting that responses to include DNSSEC related RRs (EDNS option DO bit). |
query-answers-total |
Reports the total number of query responses. |
query-answers-with-NOERROR |
Reports the number of queries that were authoritatively answered. |
query-answers-with-NXDOMAIN |
Reports the number of queries that failed with no such name responses. |
query-answers-with-NODATA |
Reports the number of queries that failed with no data (empty answer) responses. |
query-answers-with-REFUSED |
Reports the number of queries refused. |
query-answers-with-NOTAUTH |
Reports the number of queries that failed with not authoritative responses. |
query-answers-with-FORMERR |
Reports the number of query responses with rcode of FORMERR. |
query-answers-with-SERVFAIL |
Reports the number of query responses with rcode of SERVFAIL. |
query-answers-with-referral |
Reports the number of requests that were referred to other servers. |
query-answers-with-other-errors |
Reports the number of queries with other errors. |
query-answers-rpz-hits |
Reports the number of RPZ queries that matched RRs in Response Policy Zones. |
query-answers-rpz-misses |
Reports the number of RPZ queries that did not match RRs in Response Policy Zones. |
queries-dropped |
Reports the number of non-error dropped packets. Queries restricted by server, TSIG, or update policies are included, but DNS updates, xfer requests, and notifies are excluded. |
queries-dropped-recursive |
Number of recursive queries dropped. |
queries-dropped-unwanted-class |
Total number of queries dropped due to unwanted classes. Only queries of class IN are allowed. |
queries-dropped-unwanted-type |
Total number of queries dropped due to unwanted types. Unwanted RR types are specified in the query-types-unwanted DNS server attribute. |
cache-hits |
Reports the number of times incoming client queries were found in the query cache. |
cache-misses |
Reports the number of times incoming client queries were not found in the query cache. |
DNS Server Update Statistics |
|
update-total |
Total number of updates received by the DNS server. |
update-total-rrs |
The total number of RRs updated by DNS update requests. |
update-failed-acl |
Total number of updates that refused due to failing ACL and/or Update Policy authorization. |
update-dropped |
Total number of updates that are dropped by the DNS server. |
update-prereq-only |
Total number of prereq-only updates received by the DNS server. |
update-simulated |
Total number of updates that are simulated. Simulated RR updates return a NOERROR response, but don't cause any RR changes. |
update-over-udp |
Total number of updates received over UDP. |
update-over-tcp |
Total number of updates received over TCP. |
update-over-ipv4 |
Total number of updates received over IPv4. |
update-over-ipv6 |
Total number of updates received over IPv6. |
update-delete |
Total number of RRs deleted by DNS update. |
update-add |
Total number of RRs added by DNS update. |
update-refresh |
Total number of RRs refreshed by DNS update. |
update-type-A |
Total number of updates for A records. |
update-type-AAAA |
Total number of updates for AAAA records. |
update-type-DHCID |
Total number of updates for DHCID records. |
update-type-TXT |
Total number of updates for TXT records. |
update-type-other |
Total number of updates for all other record types that are not specifically counted. |
update-resp-total |
Total number of update responses returned by the DNS server. |
update-resp-NOERROR |
Total number of update responses with rcode of NOERROR. |
update-resp-failures |
Total number of updates that failed. |
update-resp-REFUSED |
Total number of update responses with rcode of REFUSED. |
update-resp-NOTAUTH |
Total number of update responses with rcode of NOTAUTH. |
update-resp-NOTZONE |
Total number of update responses with rcode of NOTZONE. |
update-resp-FORMERR |
Total number of update responses with rcode of FORMERR. |
update-resp-SERVFAIL |
Total number of update responses with rcode of SERVFAIL. |
update-resp-prereq-failures |
Total number of update responses with prereq failures (YXDOMAIN, YXRRSET, NXDOMAIN, NXRRSET). |
update-resp-YXDOMAIN |
Total number of update responses with rcode of YXDOMAIN. |
update-resp-YXRRSET |
Total number of update responses with rcode of YXRRSET. |
update-resp-NXDOMAIN |
Total number of update responses with rcode of NXDOMAIN. |
update-resp-NXRRSET |
Total number of update responses with rcode of NXRRSET. |
DNS Server Security Statistics |
|
security-events |
Total number of security events detected and captured. |
security-events-periodic |
Total number of security events detected and captured within the last 30 minutes. |
security-events- amplification-attack |
Total number of security events due to amplification attack detected and captured. |
security-events-dns-tunneling |
Total number of security events due to DNS tunneling detected and captured. |
security-events-dos |
Total number of security events due to a potential DoS attack detected and captured. |
security-events-poisoning |
Total number of security events due to DNS poisoning detected and captured. |
security-events-snooping |
Total number of security events due to caching or data snooping detected and captured. |
rcvd-tsig-packets |
Reports the number of TSIG RR packets processed, if TSIG processing is enabled for the type of packet. |
detected-tsig-bad-time |
Reports the number of bad timestamps in incoming TSIG packets. |
detected-tsig-bad-key |
Reports the number of bad keynames (those with an invalid or unknown key) in incoming TSIG packets. |
detected-tsig-bad-sig |
Reports the number of bad signatures in incoming TSIG packets. |
rcvd-tsig-bad-time |
Reports the number of BADTIME errors received after sending a TSIG packet. |
rcvd-tsig-bad-key |
Reports the number of BADKEY errors received after sending a TSIG packet. |
rcvd-tsig-bad-sig |
Reports the number of BADSIG errors received after sending a TSIG packet. |
unauth-xfer-reqs |
Reports the number of ACL authorization failures in zone transfers. |
unauth-update-reqs |
Reports the number of ACL authorization failures in DNS updates. Administrative RR updates (from CPNR UIs) are excluded. |
restrict-query-acl |
Reports the number of ACL authorization failures in DNS queries. |
acl-blocklist-dropped-requests |
Reports the number of DNS requests dropped by the server subject to acl-blocklist. |
dnssec-zones |
Reports the number of zones with DNSSEC enabled. |
dnssec-sign-zone |
Reports the number of times the server signed a DNSSEC zone. |
dnssec-queries |
Reports the total number of queries requesting that responses to include DNSSEC related RRs (EDNS option DO bit). |
dnssec-responses |
Reports the total number of responses to DNNSEC enabled queries (EDNS option DO bit). |
dnssec-requests-dropped |
Reports the total number of DNS requests that were dropped due to the server being in the process of signing a DNSSEC zone. |
tls-queries |
Total number of queries received over TLS by the DNS Server. |
tls-queries-failed |
Total number of TLS queries failed during TLS handshake. |
DNS Server Errors Statistics |
|
update-errors |
Reports the total number of updates resulting in errors. This excludes negative responses to update prerequisite checks, and TSIG responses. Both update packets and updates generated by the CNR UIs may be included in this count. |
update-prereq-failures |
Reports the total number of updates resulting in prerequisite failures. |
ixfr-in-errors |
Reports the total in-bound IXFR errors, excluding packet format errors. |
ixfr-out-errors |
Reports the total IXFR error responses sent, excluding packet format errors. |
axfr-in-errors |
Reports the total in-bound AXFR errors, excluding packet format errors. |
axfr-out-errors |
Reports the total AXFR error responses sent, excluding packet format errors. |
sent-total-errors |
Reports the total number of requests the server answered with errors (RCODE values other than 0,3,6,7, and 8). See RFC 1611. |
sent-format-errors |
Reports the number of requests received that were unparseable. See RFC 1611. |
sent-refusal-errors |
Reports the number of requests that resulted in REFUSED. See RFC1611. |
xfer-in-auth-errors |
Reports the number of secondary IXFR/AXFR requests that were refused because of authorization errors. |
xfer-failed-attempts |
Reports the number of secondary IXFR/AXFR failures, excluding authorization refusals. |
exceeded-max-dns-packets |
Reports the number of times inbound packets exceeded the maximum DNS packets defined by max-dns-packets. |
DNS Server Max Counter Statistics |
|
concurrent-xfrs-in |
Reports the maximum number of concurrent threads processing inbound transfers during the last sampling period. |
concurrent-xfrs-out |
Reports the maximum number of concurrent threads processing outbound transfers during the last sampling period. |
ha-batch-count-limit |
Reports the number of times the ha-dns-max-batch-count limit was reached during the last sampling period. |
ha-rr-pending-list |
Reports the maximum number of RRs in the pending List, waiting acknowledgement from the HA DNS backup server, during the last sampling period. |
ha-rr-active-list |
Reports the maximum number of RRs in the active list, waiting to be sent to the HA DNS backup server, during the last sampling period. |
ha-persisted-edit-list |
Reports the maximum number of names persisted in the edit list database during the last sampling period. |
ha-update-latency-max |
Reports the maximum DNS update latency in seconds, during the last sampling period. Latency is measured as the time an update remains in the pending List. |
dns-concurrent-packets |
Reports the maximum number of concurrent packets processed by the DNS server during the sampling period. |
DNS Server Host Health Check Statistics |
|
hhc-domains |
Reports the total number of domains checked for ping and gtp-echo Host Health Check. |
hhc-domains-failed |
Reports the total number of domains check failed for ping and gtp-echo Host Health Check. When all the RRs in the RR set are down, this stat is incremented. |
hhc-domains-passed |
Reports the total number of domains check passed for ping and gtp-echo Host Health Check. Any A/AAAA RR in the RR set is up, this stat is incremented. |
hhc-rrs |
Reports the total number of RRs checked for ping and gtp-echo Host Health Check. |
hhc-rrs-passed |
Reports the total number of RRs that have passed ping and gtp-echo health check. |
hhc-rrs-failed |
Reports the total number of RRs that have failed ping and gtp-echo health check. |
hhc-ping-domains |
Reports the total number of domains checked for ping Host Health Check. |
hhc-ping-domains-failed |
Reports the total number of domains check failed for ping Host Health Check. When all the RRs in the RR set are down, this stat is incremented. |
hhc-ping-domains-passed |
Reports the total number of domains check passed for ping Host Health Check. When any RR in the RR set is up, this stat is incremented. |
hhc-ping-rrs |
Reports the total number of RRs checked for ping Host Health Check. |
hhc-ping-rrs-failed |
Reports the total number of RRs that have failed ping Host Health Check health check. |
hhc-ping-rrs-passed |
Reports the total number of RRs that have passed ping Host Health Check health check. |
hhc-gtp-echo-domains |
Reports the total number of domains checked for gtp-echo Host Health Check. |
hhc-gtp-echo-domains-failed |
Reports the total number of domains check failed for gtp-echo Host Health Check. When all the RRs in the RR set are down, this stat is incremented. |
hhc-gtp-echo-domains-passed |
Reports the total number of domains check passed for gtp-echo Host Health Check. When any RR in the RR set is up, this stat is incremented. |
hhc-gtp-echo-rrs |
Reports the total number of RRs checked for gtp-echo Host Health Check. |
hhc-gtp-echo-rrs-failed |
Reports the total number of RRs that have failed gtp-echo Host Health Check health check. |
hhc-gtp-echo-rrs-passed |
Reports the total number of RRs that have passed gtp-echo Host Health Check health check. |
DNS Server DB Statistics |
|
rrdb-txn |
Reports the total number of RR DB database transactions. |
rrdb-txn-commits |
Reports the total number of RR DB database transactions committed. |
rrdb-txn-aborts |
Reports the total number of RR DB database transactions aborted. |
rrdb-reads |
Reports the total number of RR DB read operations. |
rrdb-writes |
Reports the total number of RR DB write operations. |
rrdb-deletes |
Reports the total number of RR DB delete operations. |
rrdb-check-pts |
Reports the total number of RR DB check point operations. |
rrdb-log-purges |
Reports the total number of RR DB log purge operations. |
rrdb-log-purges-count |
Reports the total number of RR DB logs purged. |
csetq-count |
Reports the total of number of change sets queued up to be written to the cset DB. |
csetdb-txn |
Reports the total number of CSET DB database transactions. |
csetdb-txn-commits |
Reports the total number of CSET DB database transactions committed. |
csetdb-txn-aborts |
Reports the total number of CSET DB database transactions aborted. |
csetdb-reads |
Reports the total number of CSET DB read operations. |
csetdb-writes |
Reports the total number of CSET DB write operations. |
csetdb-deletes |
Reports the total number of CSET DB delete operations. |
csetdb-csets-trimmed |
Reports the total number of change sets trimmed from the CSET DB by the history trimming process or by inline trimming. |
csetdb-check-pts |
Reports the total number of CSET DB check point operations. |
csetdb-log-purges |
Reports the total number of CSET DB log purge operations. |
csetdb-log-purges-count |
Reports the total number of CSET DB logs purged. |
DNS Server Cache Statistics |
|
cache-size |
Reports the size of the in-memory query cache in bytes. |
cache-records |
Reports the total number of RR name sets stored in the query cache. |
cache-rrs |
Reports the total number of RRs stored in the query cache. |
cache-nxdomain |
Reports the total number of NXDOMAIN entries in the query cache. |
cache-hits |
Reports the number of times incoming client queries were found in the query cache. |
cache-misses |
Reports the number of times incoming client queries were not found in the query cache. |
cache-full |
Reports the number of times the query cache was found to be at its configured limit (mem-cache-size). |
DNS Server HA Statistics |
|
ha-state-current |
Current HA server state. |
ha-state-last-change-time |
Last time when HA state changed. |
ha-state-startup |
Number of occurrences where the server enters Startup State (HA_STARTUP). |
ha-state-negotiating |
Number of occurrences where the server enters the Negotiating state (HA_STATE_NEGOTIATING). |
ha-state-normal |
Number of occurrences where the server enters Normal State (HA_NORMAL). |
ha-state-comm-interrupted |
Number of occurrences where the server enters the communication-interrupted state (HA_STATE_COMMINTR). |
ha-state-partner-down |
Number of occurrences where the server enters the partner-down state (HA_STATE_PARTNERDOWN). |
ha-msg-req-sent |
Number of HA request messages sent to the HA partner. |
ha-msg-req-sent-time |
Specifies the date and time the HA server last sent a request message to the HA partner. |
ha-msg-req-recv |
Number of HA request messages received from the HA partner. |
ha-msg-req-recv-time |
Specifies the date and time the HA server last received a request message from the HA partner. |
ha-msg-connect-recv |
Number of connection establishment request messages received (HA_DNS_ESTABLISH_CONNECTION). |
ha-msg-connect-sent |
Number of connection establishment request messages sent (HA_DNS_ESTABLISH_CONNECTION). |
ha-msg-heartbeat-recv |
Number of heartbeat request messages received (HA_DNS_HEARTBEAT). |
ha-msg-heartbeat-sent |
Number of heartbeat request messages sent (HA_DNS_HEARTBEAT). |
ha-msg-reconcile-recv |
Number of zone reconciliation request messages received (HA_DNS_RECONCILIATION). |
ha-msg-reconcile-sent |
Number of zone reconciliation request messages sent (HA_DNS_RECONCILIATION). |
ha-msg-resp-recv |
Number of response messages received. Response messages are used to acknowledge all types of request messages. |
ha-msg-resp-sent |
Number of response messages sent. Response messages are used to acknowledge all types of request messages. |
ha-msg-rrsync-recv |
Number of rr-sync messages request received (HA_DNS_RR_SYNC). |
ha-msg-rrsync-sent |
Number of rr-sync request messages sent (HA_DNS_RR_SYNC). |
ha-msg-rrupdate-recv |
Number of rr-update request messages received (HA_DNS_RR_UPDATE). |
ha-msg-rrupdate-sent |
Number of rr-update request messages sent (HA_DNS_RR_UPDATE). |
ha-msg-zonesync-recv |
Number of zone synchronization request messages received (HA_DNS_ZONE_SYNC). |
ha-msg-zonesync-sent |
Number of zone synchronization request messages sent (HA_DNS_ZONE_SYNC). |
ha-msg-shutdown-recv |
Number of shutdown request messages received. |
ha-msg-shutdown-sent |
Number of shutdown request messages sent. |
ha-resp-inconsistent |
Number of responses reporting an inconsistent server state (HA_DNS_RESP_ERR_INCONSISTENT_STATE). |
ha-sync-conflict |
Number of zones with name conflicts during nameset reconciliation. |
ha-sync-discard-name |
Number of name conflicts where one nameset must be discarded to synchronize the zone. |
ha-sync-merge-name |
Number of name conflicts which the namesets can be merged to synchronize the zone. |
ha-full-zone-resync |
Number of zones requiring full-zone resynchronization for nameset reconciliation. |
ha-zone-mismatch |
Number of zones reporting a mismatch error (HA_DNS_RESP_ERR_MISMATCH). |
ha-resp-servfail |
Number of responses reporting a server failure error (HA_DNS_RESP_ERR_SERVFAIL). |
ha-resp-unknown |
Number of responses with an unknown message type (HA_DNS_RESP_ERR_UNKNOWN_MSG_TYPE). |
ha-update-reject |
Number of DNS updates rejected by the server. |
DNS Server IPv6 Statistics |
|
ipv6-packets-in |
Total number of IPv6 packets received. |
ipv6-packets-out |
Total number of IPv6 packets sent. |