How to measure DNS cache efficiency / cached items?
I do not have access to dnsmasq but according to this thread titled: dnsmasq is it caching? you can send the signal USR1 to the dnsmasq process, causing it to dump statistics to the system log.
$ sudo pkill -USR1 dnsmasq
Then consult the system logs:
$ sudo tail /var/log/syslog
Jan 21 13:37:57 dnsmasq[29469]: time 1232566677
Jan 21 13:37:57 dnsmasq[29469]: cache size 150, 0/475 cache insertions re-used unexpired cache entries.
Jan 21 13:37:57 dnsmasq[29469]: queries forwarded 392, queries answered locally 16
Jan 21 13:37:57 dnsmasq[29469]: server 208.67.222.222#53: queries sent 206, retried or failed 12
Jan 21 13:37:57 dnsmasq[29469]: server 208.67.220.220#53: queries sent 210, retried or failed 6
NOTE: I believe that dnsmasq retains its cache in RAM.
So if you want to dump the cache you'll need to enable the -q switch when dnsmasq is invoked. This is mentioned in the dnsmasq man page:
-d, --no-daemon
Debug mode: don't fork to the background, don't write a pid file,
don't change user id, generate a complete cache dump on
receipt on SIGUSR1, log to stderr as well as syslog, don't fork new
processes to handle TCP queries. Note that this option is for use in
debugging only, to stop dnsmasq daemonising in production, use -k.
-q, --log-queries
Log the results of DNS queries handled by dnsmasq. Enable a full
cache dump on receipt of SIGUSR1.
Another way to get this info from the man page:
The cache statistics are also available in the DNS as answers to queries of class CHAOS and type TXT in domain bind. The domain names are cachesize.bind, insertions.bind, evictions.bind, misses.bind, hits.bind, auth.bind and servers.bind. An example command to query this, using the dig utility would be
dig +short chaos txt cachesize.bind
dig +short chaos txt hits.bind
dig +short chaos txt misses.bind
If you have something like systemd-resolve on your system then you'll need to query the server directly with:
dig +short chaos txt hits.bind @serverIP