In "Building a low-latency WAF inside NGINX using Lua" John Graham-Cumming talks about how cloudflare reimplemented mod_security in lua to build a web application firewall with nginx for their customers. A textual summary of this can be found here.
The really interesting part is when he talks about the instrumentation they use to find performance problems in their nginx based services. it seems they added systemtap support to nginx for this. This allows them to track performance problems in the C and the lua parts of the services. broken down to proper functions. Allow them to generate flame graphs and other statistics from a live instance.
In "Building a low-latency WAF inside NGINX using Lua" John Graham-Cumming talks about how cloudflare reimplemented mod_security in lua to build a web application firewall with nginx for their customers. A textual summary of this can be found here.
The really interesting part is when he talks about the instrumentation they use to find performance problems in their nginx based services. it seems they added systemtap support to nginx for this. This allows them to track performance problems in the C and the lua parts of the services. broken down to proper functions. Allow them to generate flame graphs and other statistics from a live instance.
Might be something that would help powerdns too.