PowerDNS 3.4.11

Uptime: 4.86 months
Queries/second, 1, 5, 10 minute averages: 7.39e-64, 2.16e-15, 1.36e-09. Max queries/second: 27.8
Cache hitrate, 1, 5, 10 minute averages: 0.0%, 0.0%, 0.0%
Backend query cache hitrate, 1, 5, 10 minute averages: 0.0%, 0.0%, 0.0%
Backend query load, 1, 5, 10 minute averages: 5.06e-22, 1.34e-06, 6.72e-05. Max queries/second: 0.233
Total queries: 20009. Question/answer latency: 0.115ms


Reset

Log Messages

HTTP STL Exception: Timeout writing data266.7%
HTTP STL Exception: Reading from a socket: Connection reset by peer133.3%
Total:3100%
Reset

Queries for existing records, but for type we don't have

Total:0100%
Reset

Queries for non-existent records within existent domains

Total:0100%
Reset

UDP Queries Received

www.yahoo.com/A440.0%
version.bind/TXT330.0%
dnsscan.shadowserver.org/A110.0%
leth.cc/ANY110.0%
www.cybergreen.net/A110.0%
Total:10100%
Reset

Remote server IP addresses

52.200.167.56419.0%
54.145.143.236419.0%
185.188.207.1329.5%
34.228.18.5129.5%
34.238.148.14329.5%
52.201.240.19729.5%
54.208.63.8129.5%
185.94.111.114.8%
52.73.169.16914.8%
74.82.47.614.8%
Total:21100%
Reset

Remote hosts sending corrupt packets

139.162.126.1031100.0%
Total:1100%
Reset

Remote hosts querying domains for which we are not auth

52.200.167.56220.0%
54.145.143.236220.0%
139.162.117.40110.0%
34.228.18.51110.0%
34.238.148.143110.0%
52.201.240.197110.0%
52.73.169.169110.0%
74.82.47.6110.0%
Total:10100%
Reset

Queries that could not be answered due to backend errors

Total:0100%
Reset

Queries for domains that we are not authoritative for

dnsscan.shadowserver.org/A125.0%
www.cybergreen.net/A125.0%
www.qq.com/A125.0%
www.yahoo.com/A125.0%
Total:4100%

Variables

corrupt-packets109Number of corrupt packets received
deferred-cache-inserts0Amount of cache inserts that were deferred because of maintenance
deferred-cache-lookup0Amount of cache lookups that were deferred because of maintenance
dnsupdate-answers0DNS update packets successfully answered.
dnsupdate-changes0DNS update changes to records in total.
dnsupdate-queries0DNS update packets received.
dnsupdate-refused0DNS update packets that are refused.
packetcache-hit19
packetcache-miss19787
packetcache-size0
query-cache-hit48Number of hits on the query cache
query-cache-miss2302Number of misses on the query cache
rd-queries19978Number of recursion desired questions
recursing-answers0Number of recursive answers sent out
recursing-questions0Number of questions sent to recursor
recursion-unanswered0Number of packets unanswered by configured recursor
security-status0Security status based on regular polling
servfail-packets0Number of times a server-failed packet was sent out
signatures0Number of DNSSEC signatures made
tcp-answers87Number of answers sent out over TCP
tcp-queries90Number of TCP queries received
timedout-packets0Number of packets which weren't answered within timeout set
udp-answers20009Number of answers sent out over UDP
udp-answers-bytes856338Total size of answers sent out over UDP
udp-do-queries1Number of UDP queries received with DO bit
udp-queries20009Number of UDP queries received
udp4-answers20009Number of IPv4 answers sent out over UDP
udp4-queries20010Number of IPv4 UDP queries received
udp6-answers0Number of IPv6 answers sent out over UDP
udp6-queries0Number of IPv6 UDP queries received
key-cache-size0Number of entries in the key cache
latency115Average number of microseconds needed to answer a question
meta-cache-size0Number of entries in the metadata cache
qsize-q0Number of questions waiting for database attention
signature-cache-size0Number of entries in the signature cache
sys-msec118927Number of msec spent in system time
uptime12745812Uptime of process in seconds
user-msec641277Number of msec spent in user time
Arguments
allow-axfr-ips127.0.0.0/8,::1Allow zonetransfers only to these subnets
allow-dnsupdate-from127.0.0.0/8,::1A global setting to allow DNS updates from these IP ranges.
allow-notify-from0.0.0.0/0,::/0Allow AXFR NOTIFY from these IP ranges. If empty, drop all incoming notifies.
allow-recursion0.0.0.0/0List of subnets that are allowed to recurse
also-notifyWhen notifying a domain, also notify these nameservers
any-to-tcpyesAnswer ANY queries with tc=1, shunting to TCP
cache-ttl20Seconds to store packets in the PacketCache
carbon-interval30Number of seconds between carbon (graphite) updates
carbon-ournameIf set, overrides our reported hostname for carbon stats
carbon-serverIf set, send metrics in carbon (graphite) format to this server
chrootIf set, chroot to this directory for more security
confignoProvide configuration file on standard output
config-dir/etc/pdnsLocation of configuration directory (pdns.conf)
config-nameName of this virtual configuration - will rename the binary image
control-consolenoDebugging switch - don't use
daemonOperate as a daemon
default-ksk-algorithmsrsasha256Default KSK algorithms
default-ksk-size0Default KSK size (0 means default)
default-soa-editDefault SOA-EDIT value
default-soa-edit-signedDefault SOA-EDIT value for signed zones
default-soa-mailmail address to insert in the SOA record if none set in the backend
default-soa-namea.misconfigured.powerdns.servername to insert in the SOA record if none set in the backend
default-ttl3600Seconds a result is valid if not set otherwise
default-zsk-algorithmsrsasha256Default ZSK algorithms
default-zsk-size0Default ZSK size (0 means default)
direct-dnskeynoFetch DNSKEY RRs from backend during DNSKEY synthesis
disable-axfrnoDisable zonetransfers but do allow TCP queries
disable-axfr-rectifynoDisable the rectify step during an outgoing AXFR. Only required for regression testing.
disable-syslognoDisable logging to syslog, useful when running inside a supervisor that logs stdout
disable-tcpnoDo not listen to TCP queries
distributor-threads3Default number of Distributor (backend) threads to start
do-ipv6-additional-processingyesDo AAAA additional processing
edns-subnet-processingnoIf we should act on EDNS Subnet options
entropy-source/dev/urandomIf set, read entropy from this file
experimental-api-keyREST API Static authentication key (required for API use)
experimental-api-readonlynoIf the JSON API should disallow data modification
experimental-dname-processingnoIf we should support DNAME records
experimental-dnsupdatenoEnable/Disable DNS update (RFC2136) support. Default is no.
experimental-json-interfacenoIf the webserver should serve JSON data
experimental-logfile/var/log/pdns.logFilename of the log file for JSON parser
forward-dnsupdateyesA global setting to allow DNS update packages that are for a Slave domain, to be forwarded to the master.
gmysql-activate-domain-key-queryupdate cryptokeys set active=1 where domain_id=(select id from domains where name='%s') and cryptokeys.id=%d
gmysql-add-domain-key-queryinsert into cryptokeys (domain_id, flags, active, content) select id, %d, %d, '%s' from domains where name='%s'
gmysql-any-id-querySELECT content,ttl,prio,type,domain_id,disabled,name,auth FROM records WHERE disabled=0 and name='%s' and domain_id=%dAny with ID query
gmysql-any-querySELECT content,ttl,prio,type,domain_id,disabled,name,auth FROM records WHERE disabled=0 and name='%s'Any query
gmysql-basic-querySELECT content,ttl,prio,type,domain_id,disabled,name,auth FROM records WHERE disabled=0 and type='%s' and name='%s'Basic query
gmysql-clear-domain-all-keys-querydelete from cryptokeys where domain_id=(select id from domains where name='%s')
gmysql-clear-domain-all-metadata-querydelete from domainmetadata where domain_id=(select id from domains where name='%s')
gmysql-clear-domain-metadata-querydelete from domainmetadata where domain_id=(select id from domains where name='%s') and domainmetadata.kind='%s'
gmysql-dbnamepowerdnsPdns backend database name to connect to
gmysql-deactivate-domain-key-queryupdate cryptokeys set active=0 where domain_id=(select id from domains where name='%s') and cryptokeys.id=%d
gmysql-delete-comment-rrset-queryDELETE FROM comments WHERE domain_id=%d AND name='%s' AND type='%s'
gmysql-delete-comments-queryDELETE FROM comments WHERE domain_id=%d
gmysql-delete-domain-querydelete from domains where name='%s'
gmysql-delete-empty-non-terminal-querydelete from records where domain_id='%d' and name='%s' and type is nulldelete empty non-terminal from zone
gmysql-delete-names-querydelete from records where domain_id = %d and name='%s'
gmysql-delete-rrset-querydelete from records where domain_id=%d and name='%s' and type='%s'
gmysql-delete-tsig-key-querydelete from tsigkeys where name='%s'
gmysql-delete-zone-querydelete from records where domain_id=%d
gmysql-dnssecnoEnable DNSSEC processing
gmysql-get-all-domain-metadata-queryselect kind,content from domains, domainmetadata where domainmetadata.domain_id=domains.id and name='%s'
gmysql-get-all-domains-queryselect domains.id, domains.name, records.content, domains.type, domains.master, domains.notified_serial, domains.last_check, domains.account from domains LEFT JOIN records ON records.domain_id=domains.id AND records.type='SOA' AND records.name=domains.name WHERE records.disabled=0 OR %dRetrieve all domains
gmysql-get-domain-metadata-queryselect content from domains, domainmetadata where domainmetadata.domain_id=domains.id and name='%s' and domainmetadata.kind='%s'
gmysql-get-order-after-queryselect ordername from records where ordername > '%s' and domain_id=%d and disabled=0 and ordername is not null order by 1 asc limit 1DNSSEC Ordering Query, after
gmysql-get-order-before-queryselect ordername, name from records where ordername <= '%s' and domain_id=%d and disabled=0 and ordername is not null order by 1 desc limit 1DNSSEC Ordering Query, before
gmysql-get-order-first-queryselect ordername, name from records where domain_id=%d and disabled=0 and ordername is not null order by 1 asc limit 1DNSSEC Ordering Query, first
gmysql-get-order-last-queryselect ordername, name from records where ordername != '' and domain_id=%d and disabled=0 and ordername is not null order by 1 desc limit 1DNSSEC Ordering Query, last
gmysql-get-tsig-key-queryselect algorithm, secret from tsigkeys where name='%s'
gmysql-get-tsig-keys-queryselect name,algorithm, secret from tsigkeys
gmysql-groupclientPdns backend MySQL 'group' to connect as
gmysql-hostlocalhostDatabase backend host to connect to
gmysql-id-querySELECT content,ttl,prio,type,domain_id,disabled,name,auth FROM records WHERE disabled=0 and type='%s' and name='%s' and domain_id=%dBasic with ID query
gmysql-info-all-master-queryselect id,name,master,last_check,notified_serial,type from domains where type='MASTER'
gmysql-info-all-slaves-queryselect id,name,master,last_check,type from domains where type='SLAVE'
gmysql-info-zone-queryselect id,name,master,last_check,notified_serial,type,account from domains where name='%s'
gmysql-innodb-read-committedyesUse InnoDB READ-COMMITTED transaction isolation level
gmysql-insert-comment-queryINSERT INTO comments (domain_id, name, type, modified_at, account, comment) VALUES (%d, '%s', '%s', %d, '%s', '%s')
gmysql-insert-empty-non-terminal-queryinsert into records (domain_id,name,type,disabled,auth) values ('%d','%s',null,0,'1')insert empty non-terminal in zone
gmysql-insert-ent-order-queryinsert into records (type,domain_id,disabled,name,ordername,auth) values (null,'%d',0,'%s','%s','%d')insert empty non-terminal in zone
gmysql-insert-ent-queryinsert into records (type,domain_id,disabled,name,auth) values (null,'%d',0,'%s','%d')insert empty non-terminal in zone
gmysql-insert-record-order-queryinsert into records (content,ttl,prio,type,domain_id,disabled,name,ordername,auth) values ('%s',%d,%d,'%s',%d,%d,'%s','%s','%d')
gmysql-insert-record-queryinsert into records (content,ttl,prio,type,domain_id,disabled,name,auth) values ('%s',%d,%d,'%s',%d,%d,'%s','%d')
gmysql-insert-slave-queryinsert into domains (type,name,master,account) values('SLAVE','%s','%s','%s')
gmysql-insert-zone-queryinsert into domains (type,name) values('NATIVE','%s')
gmysql-list-comments-querySELECT domain_id,name,type,modified_at,account,comment FROM comments WHERE domain_id=%d
gmysql-list-domain-keys-queryselect cryptokeys.id, flags, active, content from domains, cryptokeys where cryptokeys.domain_id=domains.id and name='%s'
gmysql-list-querySELECT content,ttl,prio,type,domain_id,disabled,name,auth FROM records WHERE (disabled=0 OR %d) and domain_id='%d' order by name, typeAXFR query
gmysql-list-subzone-querySELECT content,ttl,prio,type,domain_id,disabled,name,auth FROM records WHERE disabled=0 and (name='%s' OR name like '%s') and domain_id='%d'Subzone listing
gmysql-master-zone-queryselect master from domains where name='%s' and type='SLAVE'Data
gmysql-nullify-ordername-and-auth-queryupdate records set ordername=NULL,auth=0 where name='%s' and type='%s' and domain_id='%d' and disabled=0DNSSEC nullify ordername and auth query
gmysql-nullify-ordername-and-update-auth-queryupdate records set ordername=NULL,auth=%d where domain_id='%d' and name='%s' and disabled=0DNSSEC nullify ordername and update auth query
gmysql-passwordSCvTEdCSSXMKSmfTz5KeftEaPdns backend password to connect with
gmysql-port0Database backend port to connect to
gmysql-remove-domain-key-querydelete from cryptokeys where domain_id=(select id from domains where name='%s') and cryptokeys.id=%d
gmysql-remove-empty-non-terminals-from-zone-querydelete from records where domain_id='%d' and type is nullremove all empty non-terminals from zone
gmysql-set-auth-on-ds-record-queryupdate records set auth=1 where domain_id='%d' and name='%s' and type='DS' and disabled=0DNSSEC set auth on a DS record
gmysql-set-domain-metadata-queryinsert into domainmetadata (domain_id, kind, content) select id, '%s', '%s' from domains where name='%s'
gmysql-set-order-and-auth-queryupdate records set ordername='%s',auth=%d where name='%s' and domain_id='%d' and disabled=0DNSSEC set ordering query
gmysql-set-tsig-key-queryreplace into tsigkeys (name,algorithm,secret) values('%s','%s','%s')
gmysql-socketPdns backend socket to connect to
gmysql-supermaster-name-to-ipsselect ip,account from supermasters where nameserver='%s' and account='%s'
gmysql-supermaster-queryselect account from supermasters where ip='%s' and nameserver='%s'
gmysql-update-account-queryupdate domains set account='%s' where name='%s'
gmysql-update-kind-queryupdate domains set type='%s' where name='%s'
gmysql-update-lastcheck-queryupdate domains set last_check=%d where id=%d
gmysql-update-master-queryupdate domains set master='%s' where name='%s'
gmysql-update-serial-queryupdate domains set notified_serial=%d where id=%d
gmysql-userpowerdns_userDatabase backend user to connect as
gmysql-zone-lastchange-queryselect max(change_date) from records where domain_id=%d
guardiannoRun within a guardian process
helpnoProvide a helpful message
include-dirInclude *.conf files from this directory
launchgmysqlWhich backends to launch and order to query them in
list-modulesnoLists all modules available
load-modulesLoad this module - supply absolute or relative path
local-address0.0.0.0Local IP addresses to which we bind
local-address-nonexist-failyesFail to start if one or more of the local-address's do not exist on this server
local-ipv6Local IP address to which we bind
local-ipv6-nonexist-failyesFail to start if one or more of the local-ipv6 addresses do not exist on this server
local-port53The port on which we listen
log-dns-detailsnoIf PDNS should log DNS non-erroneous details
log-dns-queriesnoIf PDNS should log all incoming DNS queries
logging-facilityLog under a specific facility
loglevel4Amount of logging. Higher is more. Do not set below 3
lua-prequery-scriptLua script with prequery handler
masternoAct as a master
max-cache-entries1000000Maximum number of cache entries
max-ent-entries100000Maximum number of empty non-terminals in a zone
max-nsec3-iterations500Limit the number of NSEC3 hash iterations
max-queue-length5000Maximum queuelength before considering situation lost
max-signature-cache-entriesMaximum number of signatures cache entries
max-tcp-connections10Maximum number of TCP connections
module-dir/usr/lib64/pdnsDefault directory for modules
negquery-cache-ttl60Seconds to store negative query results in the QueryCache
no-confignoDon't parse configuration file
no-shuffleoffSet this to prevent random shuffling of answers - for regression testing
only-notify0.0.0.0/0,::/0Only send AXFR NOTIFY to these IP addresses or netmasks
out-of-zone-additional-processingyesDo out of zone additional processing
overload-queue-length0Maximum queuelength moving to packetcache only
pipebackend-abi-version1Version of the pipe backend ABI
prevent-self-notificationyesDon't send notifications to what we think is ourself
query-cache-ttl20Seconds to store query results in the QueryCache
query-local-address0.0.0.0Source IP address for sending queries
query-local-address6::Source IPv6 address for sending queries
query-loggingnoHint backends that queries should be logged
queue-limit1500Maximum number of milliseconds to queue a query
receiver-threads1Default number of