Resolution Success Ratio

Prerequisites

The outgoing and incoming paths of the DNS request and reply packets must be the same. Otherwise, the resolution success ratio stays zero all the time.

You must run the anti-ddos server-flow-statistic enable command on the inbound interface to enable the upstream traffic analysis function.

Function

The successful resolution ratio is the ratio of the rate of responses from the DNS server to the rate of requests for DNS services. When the DNS server is not attacked, observe and record the normal value of the successful resolution ratio. If you find that the successful resolution ratio is strikingly lower than the normal value, capture packets and check whether the DNS server is being attacked.

Parameter

**Table 1** Query parameters of Resolution Success Ratio
Parameter	Description
Device	Select a device from the drop-down list. Total-Cleaning and Total-Detecting are described as follows: Total-Cleaning: Indicates that DNS traffic on all cleaning devices is queried. Total-Detecting: If two or more detecting devices in a defense group work in Load Redundancy mode, the maximum DNS traffic volume in the defense group is queried and the sum of DNS traffic volumes among defense groups is queried. If two or more detecting devices in each defense group work in Load Balancing mode, the sum of DNS traffic volumes within each defense group and among defense groups is queried.
Zone	Click , select a Zone on the Zone page that is displayed, and then click OK.
IP address	Enter the destination IP address. Both IPv4 and IPv6 addresses are applicable. DNS traffic destined for the IP address is queried.
Time	Click to select the start time and end time of statistics. Or you can change the time values in corresponding text boxes. The end time should be later than the start time and the interval cannot be longer than one year. If the query interval is longer than or equal to seven days and shorter than one year, statistics are collected daily. If the query interval is longer than or equal to one day and shorter than seven days, statistics are collected hourly. If the query interval is shorter than one day, statistics are collected every five minutes.

Example

If the Device is set to Total-Cleaning and the Zone to Total, the success resolution ratio within a period of time is displayed in Figure 1.

Figure 1 Success resolution ratio

NOTE:

The request rate indicates the rate of requests for DNS services from the extranet.
The response rate indicates the rate of responses by the DNS server to the external requests for DNS services.

Procedure

Choose Report > Report > DNS Analysis.
Click the Resolution Success Ratio tab.
Set query parameters.
Click Search.
The success resolution ratio that meets query conditions is displayed.
Optional: Open or save the query results as files, or send queried reports to the specified email address.
- Click to open or save the query results as PDF files. A maximum of 10,000 entries can be displayed.
- Click to open or save the query results as EXCEL files. A maximum of 10,000 entries can be displayed.
- Click to open or save the query results as CSV files. All data except figures can be displayed.
- Click to enter a recipient mail address and select an attachment format. Then click OK.