Knowledge Base ISC Main Website Ask a Question/Contact ISC
Operating statistics provided by BIND 9.10 statistics channels
Author: Cathy Almond Reference Number: AA-01123 Views: 4535 Created: 2014-02-05 10:35 Last Updated: 2015-09-29 13:30 0 Rating/ Voters

BIND listens for queries on Port 53. It listens for communication from RNDC on port 953. And it can be configured to listen for statistics requests on another port, typically port 80. 

To configure BIND so that it will offer statistics to clients that connect looking for them, you must enable statistics channels in the BIND configuration file. Enter something like this:

    statistics-channels {
          inet 10.0.0.1 port 80 allow {my_nets;};
          inet 192.168.1.1 port 8080 allow {any;};
    };

With BIND using that configuration information, a client connecting to port 80 at 10.0.0.1 or to port 8080 at 192.168.1.1 can use the HTTP protocol to receive statistics. The format in which the statistics are delivered depends on the URI presented by the client. Statistics are available in XML and now JSON formats. Versions of BIND earlier than 9.10 offered more than one format for XML statistics. BIND 9.10 offers only the "new" or "v3" format. An XML-format reply from a statistics channel will be prefixed with a link to a CSS stylesheet that enables a CSS-compliant browser to display the XML file in a graphical format.

A simple browser connection to http://10.0.0.1/ (assuming the above configuration) will deliver a web page of various statistics. See the ARM for information on refining the received statistics by using a more intricate URI. The statistics channel now also includes many new statistics, including stats for the resolver, cache, address database, dispatch manager and task manager, which collectively can be used to monitor server health.

The full explanation of the statistics mechanism and how to interpret its results can be found in the BIND 9.10 ARM in Section 6.4; the full instructions for configuring and controlling the statistics mechanism are in the BIND 9.10 ARM in Section 6.2.20. 

Enabling the statistics channel in BIND

To use the statistics channel, you must first ensure that BIND has been built with the necessary "libxml2" runtime library included.  All current distributions of BIND for Windows available from ISC were built with this included. For other systems, you need to build BIND with libxml2 support by specifying --with-libxml2 when running ./configure.  For example:

./configure --with-openssl --enable-threads --with-libxml2
Make sure that you have both libxml2 and its headers files installed

The build will apparently succeed, but it will not be possible to use the statistics channel (and if configured, named will give a warning on start-up) unless both are present and named knows where to find them.  In many environments, this means that you need both libxml2 and libxml2-dev packages installed.

If you want to take advantage of the JSON formatted statistics, you will need to add libjson to the build:

./configure --with-openssl --enable-threads --with-libjson
Make sure that you have both libjson and its headers files installed

The build will apparently succeed, but it will not be possible to use JSON statistics channel.  In many environments, particularly when installing via a package manager, you will need both libjson and libjson-dev packages installed in order to provide the necessary header files for the BIND build.

Next, you need to add the necessary configuration to named.conf, for example:

statistics-channels {
        inet 10.1.10.10 port 8080 allow { 192.168.2.10; 10.1.10.2; };
        inet 127.0.0.1 port 8080 allow { 127.0.0.1; };
};


The syntax for this statement is defined in the BIND Administrator's Reference Manual (distributed in electronic form with BIND and also available on our website athttps://www.isc.org/software/bind/documentation/) and allows flexible control over which machines may query for the statistics information. The example given above configures BIND to listen on
two separate interfaces (10.1.10.10 and 127.0.0.1) and allow queries only from source IPs that match a specified address match list.

Statistics are not collected on a per-zone basis by default. If you wish per-zone statistics, you can specify them on a zone-by-zone basis using the "zone-statistics yes;" statement
inside a zone declaration or make the same declaration in the global options to enable zone statistics for all defined zones.  For example:

zone "example.net" in {
        type master;
        file "master/example.net";
        zone-statistics yes;
};


BIND9 provides a basic xml stylesheet bind9.xsl which is accessible automatically once you have configured statistics-channels and are connecting from an allowed client.

So now that you have both the functionality and the configuration, you can view the statistics via a stylesheet-capable web browser (for example, if your nameserver is at 192.168.2.13 and you have instructed the server to listen on that interface on port 8080, navigate to http://192.168.2.13:8080/). A graphic browser is not the only intended method for checking; any script or application that can use HTTP to access the statistics interface can collect the xml file directly if the origin of the request matches the permissions defined in the statistics-channels configuration block.  You can also create your own stylesheet.

Examples of XML-format statistics can be found towards the end of the older KB article AA-00769.


© 2001-2016 Internet Systems Consortium

Please help us to improve the content of our knowledge base by letting us know below how we can improve this article.

If you have a technical question or problem on which you'd like help, please don't submit it here as article feedback.

For assistance with problems and questions for which you have not been able to find an answer in our Knowledge Base, we recommend searching our community mailing list archives and/or posting your question there (you will need to register there first for your posts to be accepted). The bind-users and the dhcp-users lists particularly have a long-standing and active membership.

ISC relies on the financial support of the community to fund the development of its open source software products. If you would like to support future product evolution and maintenance as well having peace of mind knowing that our team of experts are poised to provide you with individual technical assistance whenever you call upon them, then please consider our Professional Subscription Support services - details can be found on our main website.

Feedback
  • There is no feedback for this article
Info Submit Feedback on this Article
Nickname: Your Email: Subject: Comment:
Enter the code below:
Quick Jump Menu