Search

Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

You can use the audit log, the replication status, the traffic capture tool, and the capacity report in a Grid or HA pair to monitor administrative activities and capture traffic for diagnostic purposes. You can also use CLI commands to monitor certain DNS transactions.
This section includes the following topics:

In addition, if Grid members manage Microsoft servers, Grid Manager creates a synchronization log file for each managed Microsoft server. For information, see Viewing Synchronization Logs.

...

This option helps you to troubleshoot and monitor performance issues that impact specific WAPI calls and track WAPI usage. When you select this option, you can view additional columns such as URI, InData and Response Time in the Audit log

The following example shows an audit log entry for a POST WAPI call: [2018-05-29 09:20:12.026Z] [admin]: Created(POST) v2.9/zone_auth {"fqdn":"foo.com"} 2.233 AuthZone foo.com DnsView=default: Set fqdn="foo.com"
In the example above:

...

  • Start and stop actions performed on the members for traffic capture.
  • If the traffic capture file was transferred to a server or downloaded to a local directory. For more information about the audit log, see Using the Audit Log.
Note
titleNote

This feature captures traffic of all the direct responses received from the cache accelerator on the IB-4030.

...

    • Name: Click the Add icon to add either a single or multiple Grid members for which you want to capture traffic. When you click the Add icon, Grid Manager displays the Member Selector dialog box from which you can select one or multiple members. Use SHIFT+click to select multiple contiguous rows or use CTRL+click to select multiple non-contiguous rows. Click OK. The selected members are added to the list of members in the Members table. You cannot add offline members to the list or capture traffic on an offline member.

      Note
      titleNote

      Selecting members in the Grid Manager → Members tab does not capture traffic for the selected member. To capture traffic, you must select members from the Member Selector dialog box.


    • Interface: Select the port on which you want to capture traffic. You can view the selected interface while the traffic capture is in progress. Note that if you enabled the LAN2 failover feature, the LAN and LAN2 ports generate the same output and Grid Manager displays the interface as BOND while the traffic capture is in progress. By default the interface is set to ALL after the traffic capture process stops. For information about the LAN2 failover feature, see About Port Redundancy.

      • LAN: Select this to capture all the traffic the LAN port receives and transmits.
      • MGMT: Select this to capture all the traffic the MGMT port receives and transmits.
      • LAN2: Select to capture all the traffic the LAN2 port (if enabled) receives and transmits.
      • ALL: Select this to capture the traffic addressed to all ports. Note that the NIOS appliance only captures traffic that is addressed to it.
      • LANxnnnn: If you have configured VLANs on the LAN1 or LAN2 port, the appliance displays the VLANs in the format LANx nnnn, where x represents the port number and nnnn represents the associated VLAN ID.

        Note
        titleNote

        Riverbed virtual appliances support capturing traffic only on the LAN port.

    • File Size: Displays the size of the traffic capture log file, in kilobytes, for the respective member.
    • Status: Displays the status of the traffic capture session on the member. The status can be one of the following: 
      • STOPPED: Indicates that the traffic capture session has stopped.
      • RUNNING: Indicates that the traffic capture session is in progress. 
      • NOT STARTED: Indicates that the traffic capture session has not started.
    • Transfer Status: Displays the status of the traffic capture file transfer. The status can be one of the following:
      • NOT STARTED: Indicates that the file transfer has not started. 
      • STARTED: Indicates that the file transfer has started.
      • COMPLETED: Indicates that the file transfer has been completed.
      • FAILED: Indicates that the file transfer has failed.

...

An invalid TXID is a DNS response that arrives from UDP port 53, and the TXID does not match the TXID of an outstanding DNS request. Figure 37.1 illustrates how the appliance detects an invalid port and an invalid TXID.

...

...

You can verify the rate limiting rules after you configure them. For information, see Viewing Rate Limiting Rules

Anchor
bookmark2829
bookmark2829
Anchor
bookmark2830
bookmark2830
Enabling and Disabling DNS Alert Monitoring

...

You can then view the alert status to identify the primary source of invalid DNS responses. For information, see Viewing DNS Alert Indicator Status.

Anchor
Viewing DNS Alert Indicator Status
Viewing DNS Alert Indicator Status
Anchor
bookmark2831
bookmark2831
Viewing DNS Alert Indicator Status

...

When you enable rate limiting, the appliance applies the rate limiting rules that you configured. You might want to configure the rate limiting rules before enabling rate limiting. For information on how to configure rate limiting rules, see Configuring Rate Limiting Rules.
You can also disable rate limiting by entering the following command:

...