A number of counters and variables are set during PDNS Authoritative Server operation. These can be queried with the init.d dump, show and mrtg commands, or viewed with the webserver.
Number of corrupt packets received
Average number of microseconds a packet spends within PDNS
Number of packets which were answered out of the cache
Number of times a packet could not be answered out of the cache
Amount of packets in the packetcache
Size of the queue before the transmitting socket.
Number of packets waiting for database attention
Amount of packets that could not be answered due to database problems
Number of answers sent out over TCP
Number of questions received over TCP
Amount of packets that were dropped because they had to wait too long internally
Number of answers sent out over UDP
Number of questions received over UDP
Besides counters, PDNS also maintains the ringbuffers. A ringbuffer records events, each new event gets a place in the buffer until it is full. When full, earlier entries get overwritten, hence the name 'ring'.
By counting the entries in the buffer, statistics can be generated. These statistics can currently only be viewed using the webserver and are in fact not even collected without the webserver running.
The following ringbuffers are available:
All messages logged
Queries for, say, the AAAA record of a domain, when only an A is available. Queries are listed in the following format: name/type. So an AAA query for pdns.powerdns.com looks like pdns.powerdns.com/AAAA.
If PDNS knows it is authoritative over a domain, and it sees a question for a record in that domain that does not exist, it is able to send out an authoritative 'no such domain' message. Indicates that hosts are trying to connect to services really not in your zone.
All UDP queries seen.
Hosts querying PDNS. Be aware that UDP is anonymous - person A can send queries that appear to be coming from person B.
Hosts sending PDNS broken packets, possibly meant to disrupt service. Be aware that UDP is anonymous - person A can send queries that appear to be coming from person B.
It may happen that there are misconfigured hosts on the internet which are configured to think that a PDNS installation is in fact a resolving nameserver. These hosts will not get useful answers from PDNS. This buffer lists hosts sending queries for domains which PDNS does not know about.
For one reason or another, a backend may be unable to extract answers for a certain domain from its storage. This may be due to a corrupt database or to inconsistent data. When this happens, PDNS sends out a 'servfail' packet indicating that it was unable to answer the question. This buffer shows which queries have been causing servfails.
If a domain is delegated to a PDNS instance, but the backend is not made aware of this fact, questions come in for which no answer is available, nor is the authority. Use this ringbuffer to spot such queries.