search

blechschmidt / massdns

A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
GNU General Public License v3.0
3.1k stars 459 forks source link

Limits can slow massdns? #27

Closed Roundik closed 6 years ago

Roundik commented 6 years ago

Hello! Run as root --root -s 5000, but still uses about 40 mbps (half of the channel). Virtualbox ubuntu 16.04: 64 bit, 12gb ram 3 core, Connection PPPoe.

Maybe problem with limits: ?

root@ri:~# ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 64040
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 100000
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 64040
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Cheers,

blechschmidt commented 6 years ago

Your limits should not be an issue in this case. MassDNS does not open a large amount of sockets. However, MassDNS only makes use of one single-threaded process by default. Is the CPU that is being used by MassDNS fully occupied? Does specifying an amount of more than one process using --processes option improve your performance?

On 30.05.2018 18:51, Roundik wrote:

Hello! Run as root --root -s 5000, but still uses about 40 mbps (half of the channel). Virtualbox ubuntu 16.04: 64 bit, 12gb ram 3 core, Connection PPPoe.

Maybe problem with limits: ?

|root@ri:~# ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 64040 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 100000 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 64040 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited Cheers, |

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/blechschmidt/massdns/issues/27, or mute the thread https://github.com/notifications/unsubscribe-auth/AReys1ALBkVowZRKWY4OldHhd1TxyTvlks5t3s3zgaJpZM4UTpV2.

Roundik commented 6 years ago

Thank you for answer!

Does specifying an amount of more than one process using --processes option improve your performance? That helped!

Can you advise please the optimal settings for 100 Mbps? now the speed is about 30,000 per second with --processes 5 -s 5000 and use 80-90 mbps This is a good speed for such settings and network 100mbps, you think?

Also, at the end of the work there are errors:

Could not send stats atomically.

What could be the problem?

Best regards, Round

Roundik commented 6 years ago

"Error sending: Operation not permitted" I get this error when try to search false-positive answers(also system slows down) by sending random queries.

Why can this error occur?

Thanks!

blechschmidt commented 6 years ago

Yes, I think 80 to 90 Mbps is acceptable for a 100 Mbps network. Obviously, the goal is to make use of the full available bandwidth. However, your CPU as well as your hard drive may be the bottleneck as well. You may want to play with the -i parameter as well.

The Could not send stats atomically. message may occur due to the first process that also handles displaying the stats finishing its work earlier than the others. As a result, the pipe is closed and other processes fail to send their stats to this process. However, this should not affect the resolving process. But I agree that this behavior is annoying, especially if the child processes are notably slower, and I will fix this.

Concerning the Error sending: Operation not permitted message, I do not really know what the issue is. I have seen Operation not permitted messages in the past when trying to send packets to a destination IP address that has been filtered by iptables. Maybe this applies to your case as well.

Damian89 commented 6 years ago

@Roundik may I ask which VPS/Server provider you use?

blechschmidt commented 6 years ago

The Could not send stats atomically. message should have been fixed by 4073a0de4f85b7936c2b4575241df5e1ce8815a8. The main process which displays the stats now waits for the children to exit when its resolving work is done.

@Damian89, I am not @Roundik but I have been mostly using Packet.net (x1.small.x86) for massdns.