New Member
Posts: 47
Registered: ‎09-25-2016
Kudos: 5
Solutions: 1
Accepted Solution

Error using 'show dns forwarding statistics'

ubnt@ubnt:~$ show dns forwarding statistics
Use of uninitialized value in split at /opt/vyatta/bin/sudo-users/vyatta-op-dns-forwarding.pl line 41.
Use of uninitialized value in split at /opt/vyatta/bin/sudo-users/vyatta-op-dns-forwarding.pl line 43.
Use of uninitialized value in split at /opt/vyatta/bin/sudo-users/vyatta-op-dns-forwarding.pl line 49.
Use of uninitialized value $cache_size in concatenation (.) or string at /opt/vyatta/bin/sudo-users/vyatta-op-dns-forwarding.pl line 56.
Use of uninitialized value $queries_forwarded in concatenation (.) or string at /opt/vyatta/bin/sudo-users/vyatta-op-dns-forwarding.pl line 57.
Use of uninitialized value $queries_answered_locally in concatenation (.) or string at /opt/vyatta/bin/sudo-users/vyatta-op-dns-forwarding.pl line 58.
Use of uninitialized value $entries_inserted in concatenation (.) or string at /opt/vyatta/bin/sudo-users/vyatta-op-dns-forwarding.pl line 59.
Use of uninitialized value $entries_removed in concatenation (.) or string at /opt/vyatta/bin/sudo-users/vyatta-op-dns-forwarding.pl line 60.
----------------
Cache statistics
----------------
Cache size: 
Queries forwarded: 
Queries answered locally: 
Total DNS entries inserted into cache: 
DNS entries removed from cache before expiry: 

---------------------
Nameserver statistics
---------------------

Accepted Solutions
Highlighted
New Member
Posts: 47
Registered: ‎09-25-2016
Kudos: 5
Solutions: 1

Re: Error using 'show dns forwarding statistics'

I removed DNSSEC and statistics seem to be working.

View solution in original post


All Replies
New Member
Posts: 47
Registered: ‎09-25-2016
Kudos: 5
Solutions: 1

Re: Error using 'show dns forwarding statistics'

#!/usr/bin/perl
#
# Module: vyatta-op-dns-forwarding.pl
#
# **** License ****
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# General Public License for more details.
#
# This code was originally developed by Vyatta, Inc.
# Portions created by Vyatta are Copyright (C) 2008 Vyatta, Inc.
# All Rights Reserved.
#
# Author: Mohit Mehta
# Date: August 2008
# Description: Script to execute op-mode commands for DNS forwarding
#
# **** End License ****
#

use lib "/opt/vyatta/share/perl5/";
use Getopt::Long;
use Vyatta::Config;
use strict;
use warnings;

my $show_stats_output="";
my $show_nameservers_output="";
my $dnsmasq_log='/var/log/dnsmasq.log';

sub get_cache_stats {
    my ($cache_size, $queries_forwarded, $queries_answered_locally, $entries_inserted, $entries_removed);

    my $grepped_line = `grep 'cache size' $dnsmasq_log`;
    my @split_line = split(/\s+/, $grepped_line);
    my @temp_split = split(/,/, $split_line[6]);
    $cache_size = $temp_split[0];
    @temp_split = split(/\//, $split_line[7]);
    $entries_removed = $temp_split[0];
    $entries_inserted = $temp_split[1];

    $grepped_line = `grep 'queries forwarded' $dnsmasq_log`;
    @split_line = split(/\s+/, $grepped_line);
    @temp_split = split(/,/, $split_line[6]);
    $queries_forwarded = $temp_split[0];
    $queries_answered_locally = $split_line[10];

    $show_stats_output .= "----------------\n";
    $show_stats_output .= "Cache statistics\n";
    $show_stats_output .= "----------------\n";
    $show_stats_output .= "Cache size: $cache_size\n";
    $show_stats_output .= "Queries forwarded: $queries_forwarded\n";
    $show_stats_output .= "Queries answered locally: $queries_answered_locally\n";
    $show_stats_output .= "Total DNS entries inserted into cache: $entries_inserted\n";
    $show_stats_output .= "DNS entries removed from cache before expiry: $entries_removed\n";

}

sub get_nameserver_stats {

    $show_stats_output .= "\n---------------------\n";
    $show_stats_output .=   "Nameserver statistics\n";
    $show_stats_output .=   "---------------------\n";

    my @grepped_lines = `grep ': server' $dnsmasq_log`;

    foreach my $lines (@grepped_lines) {
            my @each_line = split(/\s+/, $lines);
            my $nameserver_word = $each_line[5];
            my @nameserver_split = split(/#/, $nameserver_word);
            my $nameserver = $nameserver_split[0];
            my $queries_sent_word = $each_line[8];
            my @queries_sent_split = split(/,/, $queries_sent_word);
            my $queries_sent = $queries_sent_split[0];
            my $queries_retried_failed = $each_line[12];

            $show_stats_output .= "Server: $nameserver\nQueries sent: $queries_sent\nQueries retried or failed: $queries_retried_failed\n\n";

    }
}

sub print_stats {
    print $show_stats_output;
}

sub get_dns_nameservers {
    my $vyatta_config = new Vyatta::Config;

    $vyatta_config->setLevel("service dns forwarding");
    my $use_system_nameservers = $vyatta_config->existsOrig("system");
    my @use_dhcp_nameservers = $vyatta_config->returnOrigValues("dhcp");
    my @use_nameservers = $vyatta_config->returnOrigValues("name-server");
    my @resolv_conf_nameservers = `grep "^nameserver" /etc/resolv.conf`;
    my @dnsmasq_conf_nameservers = `grep "server=" /etc/dnsmasq.conf`;
    my @dnsmasq_running = `ps ax | grep dnsmasq | grep -v grep`;

    if (!(defined $use_system_nameservers) && (@use_dhcp_nameservers == 0) && (@use_nameservers == 0)) {

       # no specific nameservers specified under DNS forwarding, so dnsmasq is getting nameservers from /etc/resolv.conf

       if (! @resolv_conf_nameservers > 0){
           $show_nameservers_output .= "No DNS servers present to forward queries to.\n";
           if (! @dnsmasq_running > 0){
               $show_nameservers_output .= "DNS forwarding has not been configured either.\n";
           }
       } else {
            if (! @dnsmasq_running > 0){
               $show_nameservers_output .= "\n**DNS forwarding has not been configured**\n\n";
            }
            $show_nameservers_output .=    "-----------------------------------------------\n";
            if ( @dnsmasq_running > 0){
               $show_nameservers_output .= "   Nameservers configured for DNS forwarding\n";
            } else {
              $show_nameservers_output .=  " Nameservers NOT configured for DNS forwarding\n";
            }
            $show_nameservers_output .=    "-----------------------------------------------\n";
            foreach my $line (@resolv_conf_nameservers) {
               my @split_line = split(/\s+/, $line);
               my $nameserver = $split_line[1];
               my $nameserver_via = "system";
               if (@split_line > 2) {
                  my @dhclient_resolv_files = `ls /etc/resolv.conf.dhclient-new-* 2>/dev/null`;
                  foreach my $each_dhcp_resolv_conf (@dhclient_resolv_files) {
                        my @ns_dhclient_resolv=`grep "$nameserver\$" $each_dhcp_resolv_conf`;
                        if ( @ns_dhclient_resolv > 0) {
                            my @dhclient_file_array = split(/-/, $each_dhcp_resolv_conf);
                            $nameserver_via = $dhclient_file_array[2];
                            chomp $nameserver_via;
                            $nameserver_via = 'dhcp ' . $nameserver_via;
                     }
                  }
                  # check here if nameserver_via is still system, if yes then search /etc/ppp/resolv-interface.conf
                  if ($nameserver_via eq "system") {
                    my @ppp_resolv_files = `ls /etc/ppp/resolv-*conf 2>/dev/null`;
                    foreach my $each_ppp_resolv_conf (@ppp_resolv_files) {
                      my @ns_ppp_resolv=`grep "$nameserver\$" $each_ppp_resolv_conf`;
                      if ( @ns_ppp_resolv > 0) {
                        my @ppp_file_array = split(/-/, $each_ppp_resolv_conf);
                        @ppp_file_array = split(/\./, $ppp_file_array[1]);
                        $nameserver_via = $ppp_file_array[0];
                        chomp $nameserver_via;
                        $nameserver_via = 'ppp ' . $nameserver_via;
                      }
                    }
                  }
               }
               $show_nameservers_output .= "$nameserver available via '$nameserver_via'\n";
            }
      }
      $show_nameservers_output .= "\n";
    } else {

        # nameservers specified under DNS forwarding, so dnsmasq getting nameservers from /etc/dnsmasq.conf

	my @active_nameservers;
        my $active_nameserver_count = 0;
        $show_nameservers_output .= "-----------------------------------------------\n";
        $show_nameservers_output .= "   Nameservers configured for DNS forwarding\n";
        $show_nameservers_output .= "-----------------------------------------------\n";
	foreach my $line (@dnsmasq_conf_nameservers) {
	        my @split_line = split(/=/, $line);
		my @nameserver_array = split(/\s+/, $split_line[1]);
                my $nameserver = $nameserver_array[0];
		$active_nameservers[$active_nameserver_count] = $nameserver;
		$active_nameserver_count++;
                my $nameserver_via = $nameserver_array[2];
                if (@nameserver_array > 3){
		   my $dhcp_interface = $nameserver_array[3];
	           $show_nameservers_output .= "$nameserver available via '$nameserver_via $dhcp_interface'\n";
                 } else {
	           my $nameserver_via = "optionally configured";
 		   $show_nameservers_output .= "$nameserver available via '$nameserver_via'\n";
 		}
        }

	# then you need to get nameservers from /etc/resolv.conf that are not in dnsmasq.conf to show them as inactive

        my $active_dnsmasq_nameserver;
	my $output_inactive_nameservers = 0;
	foreach my $resolv_conf_line (@resolv_conf_nameservers) {
               my @resolv_conf_split_line = split(/\s+/, $resolv_conf_line);
               my $resolv_conf_nameserver = $resolv_conf_split_line[1];
	       $active_dnsmasq_nameserver = 0;
	       my $resolv_nameserver_via = "system";
	       foreach my $dnsmasq_nameserver (@active_nameservers) {
		       if ($dnsmasq_nameserver eq $resolv_conf_nameserver) {
			   $active_dnsmasq_nameserver = 1;
		       }
	       }
	       if ($active_dnsmasq_nameserver == 0) {
                 if ($output_inactive_nameservers == 0){
                     $output_inactive_nameservers = 1;
                     $show_nameservers_output .= "\n-----------------------------------------------\n";
                     $show_nameservers_output .=   " Nameservers NOT configured for DNS forwarding\n";
                     $show_nameservers_output .=   "-----------------------------------------------\n";
                 }
                 if (@resolv_conf_split_line > 2) {
                     my @dhclient_resolv_files = `ls /etc/resolv.conf.dhclient-new-* 2>/dev/null`;
                     foreach my $each_dhcp_resolv_conf (@dhclient_resolv_files) {
                        chomp $each_dhcp_resolv_conf;
                        my @ns_dhclient_resolv=`grep "$resolv_conf_nameserver\$" $each_dhcp_resolv_conf`;
                        if ( @ns_dhclient_resolv > 0) {
                            my @dhclient_file_array = split(/-/, $each_dhcp_resolv_conf);
			    $resolv_nameserver_via = $dhclient_file_array[2];
                            chomp $resolv_nameserver_via;
                            $resolv_nameserver_via = 'dhcp ' . $resolv_nameserver_via;
                        }
                     }
                     # check here if resolv_nameserver_via is still system, if yes then search /etc/ppp/resolv-interface.conf
                     if ($resolv_nameserver_via eq "system") {
                       my @ppp_resolv_files = `ls /etc/ppp/resolv-*conf 2>/dev/null`;
                       foreach my $each_ppp_resolv_conf (@ppp_resolv_files) {
                         my @ns_ppp_resolv=`grep "$resolv_conf_nameserver\$" $each_ppp_resolv_conf`;
                         if ( @ns_ppp_resolv > 0) {
                           my @ppp_file_array = split(/-/, $each_ppp_resolv_conf);
                           @ppp_file_array = split(/\./, $ppp_file_array[1]);
                           $resolv_nameserver_via = $ppp_file_array[0];
                           chomp $resolv_nameserver_via;
                           $resolv_nameserver_via = 'ppp ' . $resolv_nameserver_via;
                         }
                       }
                     }
                  }

		  $show_nameservers_output .= "$resolv_conf_nameserver available via '$resolv_nameserver_via'\n";
	       }
	}
    $show_nameservers_output .= "\n";
    }
}

sub print_nameservers {
    print $show_nameservers_output;
}

sub wait_for_write {

    my $last_size = (stat($dnsmasq_log))[7];
    my $cnt=0;
    while(1) {
        system("usleep 10000");         # sleep for 0.01 second
        my $curr_size = (stat($dnsmasq_log))[7];
        if( $curr_size == $last_size ) {
            # Not modified
            $cnt++;
            last if($cnt > 1);
        } else {
            # Modified\n
            $cnt=0;
        }
        $last_size = $curr_size;
    }

}

#
# main
#
my ($clear_cache, $clear_all, $show_statistics, $show_nameservers);

GetOptions("clear-cache!"               => \$clear_cache,
           "clear-all!"                 => \$clear_all,
           "show-statistics!"           => \$show_statistics,
           "show-nameservers!"          => \$show_nameservers);

if (defined $clear_cache) {
    system("kill -HUP `pidof dnsmasq`");
}

if (defined $clear_all) {
     system("/etc/init.d/dnsmasq restart >&/dev/null");
}

if (defined $show_statistics) {
    system("echo > $dnsmasq_log; kill -USR1 `pidof dnsmasq`");
    wait_for_write;
    get_cache_stats;
    get_nameserver_stats;
    print_stats;
}

if (defined $show_nameservers) {
    get_dns_nameservers;
    print_nameservers;
}

exit 0;

# end of file
New Member
Posts: 47
Registered: ‎09-25-2016
Kudos: 5
Solutions: 1

Re: Error using 'show dns forwarding statistics'

firewall {
    all-ping enable
    broadcast-ping disable
    ipv6-receive-redirects disable
    ipv6-src-route disable
    ip-src-route disable
    log-martians enable
    name WAN_IN {
        default-action drop
        description "WAN to internal"
        rule 10 {
            action accept
            description "Allow established/related"
            state {
                established enable
                related enable
            }
        }
        rule 20 {
            action drop
            description "Drop invalid state"
            state {
                invalid enable
            }
        }
        rule 21 {
            action reject
            description "Reject DNS Query to outside"
            log enable
            protocol tcp_udp
            source {
                port 53
            }
        }
    }
    name WAN_LOCAL {
        default-action drop
        description "WAN to router"
        rule 10 {
            action accept
            description "Allow established/related"
            state {
                established enable
                related enable
            }
        }
        rule 20 {
            action drop
            description "Drop invalid state"
            state {
                invalid enable
            }
        }
    }
    receive-redirects disable
    send-redirects enable
    source-validation disable
    syn-cookies enable
}
interfaces {
    ethernet eth0 {
        address dhcp
        description Internet
        dhcp-options {
            default-route update
            default-route-distance 210
            name-server no-update
        }
        duplex auto
        firewall {
            in {
                name WAN_IN
            }
            local {
                name WAN_LOCAL
            }
        }
        poe {
            output off
        }
        speed auto
    }
    ethernet eth1 {
        address 192.168.2.1/24
        description Local
        dhcp-options {
            default-route update
            default-route-distance 210
            name-server no-update
        }
        duplex auto
        poe {
            output off
        }
        speed auto
    }
    ethernet eth2 {
        description "Local 2"
        duplex auto
        poe {
            output off
        }
        speed auto
    }
    ethernet eth3 {
        description "Cloud Key"
        duplex auto
        poe {
            output 48v
        }
        speed auto
    }
    ethernet eth4 {
        description "Access Point"
        duplex auto
        poe {
            output 48v
        }
        speed auto
    }
    loopback lo {
        address 8.8.8.8/32
        address 8.8.4.4/32
    }
    switch switch0 {
        address 192.168.1.1/24
        description "Local 2"
        mtu 1500
        switch-port {
            interface eth2 {
            }
            interface eth3 {
            }
            interface eth4 {
            }
            vlan-aware disable
        }
    }
}
protocols {
    static {
    }
}
service {
    dhcp-server {
        disabled false
        hostfile-update disable
        shared-network-name LAN1 {
            authoritative enable
            subnet 192.168.2.0/24 {
                default-router 192.168.2.1
                dns-server 208.67.222.222
                dns-server 199.85.126.10
                lease 86400
                start 192.168.2.10 {
                    stop 192.168.2.243
                }
            }
        }
        shared-network-name LAN2 {
            authoritative enable
            subnet 192.168.1.0/24 {
                default-router 192.168.1.1
                dns-server 192.168.1.1
                lease 86400
                start 192.168.1.10 {
                    stop 192.168.1.243
                }
                static-mapping Apple-TV-2 {
                    ip-address 192.168.1.16
                    mac-address c8:69:cd:62:fc:ce
                }
                static-mapping TelstraTV-173 {
                    ip-address 192.168.1.12
                    mac-address 88:de:a9:75:a4:4f
                }
                static-mapping TelstraTV-820 {
                    ip-address 192.168.1.14
                    mac-address b8:a1:75:c7:3c:4f
                }
                unifi-controller 192.168.1.10
            }
        }
        use-dnsmasq disable
    }
    dns {
        forwarding {
            cache-size 400
            listen-on eth1
            listen-on switch0
            listen-on lo
            name-server 208.67.222.222
            name-server 208.67.220.220
            name-server 185.121.177.177
            name-server 111.67.16.202
            name-server 27.100.36.191
            options server=/netflix.com/nflximg.net/nflximg.com/nflxvideo.net/54.252.183.4
            options server=/hulu.com/54.252.183.4
            options server=/getflix.com.au/54.252.183.4
            options server=/akamaiedge.net/akamai.net/54.252.183.4
            options all-servers
            options dnssec
            options trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D
            options dnssec-check-unsigned
            options dnssec-timestamp=/config/dnssect
        }
    }
    gui {
        http-port 80
        https-port 443
        older-ciphers enable
    }
    nat {
        rule 1 {
            description "DNS Redirect"
            destination {
                address !192.168.1.1
                port 53
            }
            inbound-interface switch0
            inside-address {
                address 54.252.183.4
            }
            log enable
            protocol tcp_udp
            source {
                address 192.168.1.16
            }
            type destination
        }
        rule 2 {
            description "DNS Redirect"
            destination {
                address !192.168.1.1
                port 53
            }
            inbound-interface switch0
            inside-address {
                address 54.252.183.4
            }
            log enable
            protocol tcp_udp
            source {
                address 192.168.1.12
            }
            type destination
        }
        rule 3 {
            description "DNS Redirect"
            destination {
                address !192.168.1.1
                port 53
            }
            inbound-interface switch0
            inside-address {
                address 54.252.183.4
            }
            log enable
            protocol tcp_udp
            source {
                address 192.168.1.14
            }
            type destination
        }
        rule 5010 {
            description "masquerade for WAN"
            outbound-interface eth0
            type masquerade
        }
    }
    ssh {
        port 22
        protocol-version v2
    }
    upnp2 {
        listen-on eth1
        listen-on eth2
        listen-on eth3
        listen-on eth4
        nat-pmp enable
        secure-mode enable
        wan eth0
    }
}
system {
    host-name ubnt
    login {
        user ubnt {
            authentication {
                encrypted-password $6$4FsgkFd.sMxnNMAW$MxdUri3C7OeJBR8kAOdkUQlPnPDCuzp4hG1/MhVg3EgPj8k/o1rOTIysJkFZPB.X2tKS3nlqUWr2gKhP0SeK9/
            }
            level admin
        }
    }
    name-server 127.0.0.1
    ntp {
        server 0.ubnt.pool.ntp.org {
        }
        server 1.ubnt.pool.ntp.org {
        }
        server 2.ubnt.pool.ntp.org {
        }
        server 3.ubnt.pool.ntp.org {
        }
    }
    syslog {
        global {
            facility all {
                level notice
            }
            facility protocols {
                level debug
            }
        }
    }
    time-zone UTC
    traffic-analysis {
        dpi enable
        export enable
    }
}


/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "config-management@1:conntrack@1:cron@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@5:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:ubnt-util@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: v1.9.1.1.4977347.170426.0359 */
New Member
Posts: 47
Registered: ‎09-25-2016
Kudos: 5
Solutions: 1

Re: Error using 'show dns forwarding statistics'

ubnt@ubnt:~$ df -h
Filesystem                Size      Used Available Use% Mounted on
/dev/root                 1.6G    190.0M      1.3G  12% /root.dev
unionfs                   1.6G    190.0M      1.3G  12% /
tmpfs                   241.9M    136.0K    241.8M   0% /run
tmpfs                   241.9M    136.0K    241.8M   0% /run
tmpfs                   241.9M     60.0K    241.9M   0% /var/log
tmpfs                   241.9M         0    241.9M   0% /dev/shm
tmpfs                   241.9M      4.0K    241.9M   0% /tmp
none                    241.9M    564.0K    241.4M   0% /opt/vyatta/config
unionfs                 241.9M      4.0K    241.9M   0% /opt/vyatta/config/tmp/new_config_l5pi2i44o8jn6e0t43n75dd0kmagj760
Ubiquiti Employee
Posts: 579
Registered: ‎01-06-2017
Kudos: 211
Solutions: 20

Re: Error using 'show dns forwarding statistics'

Hi,

1. Which EdgeOS version and ER device model?
2. Is /var/log/dnsmasq.log present? Could you kindly post the contents?

Regards,
Sandis
New Member
Posts: 47
Registered: ‎09-25-2016
Kudos: 5
Solutions: 1

Re: Error using 'show dns forwarding statistics'

[ Edited ]

1) EdgeRouter PoE v1.9.1.1 ER5-POE

2) File exists but nothing in the file

Ubiquiti Employee
Posts: 579
Registered: ‎01-06-2017
Kudos: 211
Solutions: 20

Re: Error using 'show dns forwarding statistics'

Is dnsmasq running?

Is there a core file in /var/core?

New Member
Posts: 47
Registered: ‎09-25-2016
Kudos: 5
Solutions: 1

Re: Error using 'show dns forwarding statistics'


@UBNT-sandisn wrote:
Is dnsmasq running?

Is there a core file in /var/core?


No but I have dnssec running.

 

No file in core.

Ubiquiti Employee
Posts: 579
Registered: ‎01-06-2017
Kudos: 211
Solutions: 20

Re: Error using 'show dns forwarding statistics'

dnssec?
Ubiquiti Employee
Posts: 579
Registered: ‎01-06-2017
Kudos: 211
Solutions: 20

Re: Error using 'show dns forwarding statistics'

Could you kindly post the log file when the issue reappears?
Highlighted
New Member
Posts: 47
Registered: ‎09-25-2016
Kudos: 5
Solutions: 1

Re: Error using 'show dns forwarding statistics'

I removed DNSSEC and statistics seem to be working.