基于开源软件的DNS查询日志分析系统
郑海山

(厦门大学信息与网络中心,福建 厦门 361005)

域名系统; BIND; 大数据; 日志分析; 可视化; 部署自动化

DNS Query Log Analysis System Based on Open Source Software
ZHENG Haishan*

(Information & Network Center,Xiamen University,Xiamen 361005,China)

DOI: 10.6043/j.issn.0438-0479.201604023

备注

域名系统(domain name system,DNS)是互联网的核心基础服务,服务的健壮性和安全性非常重要.针对高等学校的DNS配置中存在的问题,提出了一个基于开源软件的DNS查询日志分析系统,给出构建DNS集群自动化部署的方案,利用开源工具监控DNS的配置信息和运行状态,并利用大数据分析工具结合少量的编程生成查询日志的可视化图表.实际运用后表明,该系统通过横向扩展可应对每日上亿条数据的实时分析要求.DNS服务整体架构清晰,安全性提高,用户的上网日志可实时统计展示,为分析DNS服务的运行状态、攻击预警、网络性能调优等方面提供了帮助.

Domain name system is one of the most important parts of the Internet.Robustness and security of the service are extremely important.However,numerous problems exist in the University's DNS configuration.This paper,through the setup experience of Xiamen University,proposes a DNS query log analysis system based on open source software.This system gives the best practice of how to automatically build DNS cluster,the method of monitoring and examining the DNS configuration and running status by using open source tools.Additionally,the system offers the query log visualizations generated by using big data analysis tools combined with a small amount of programming.Furthermore,the system can deal with real-time analysis of more than one hundred million bits of data daily through horizontal expansion.After using the system,DNS service exhibits a clear structure and security.The query log statistics shows in real time.All these features offer great help for analyzing the running status of the DNS server,showing attack warning,and optimizing network performance.