Flamethrower
This project is in active development.
A DNS performance and functional testing utility.
2017-2022© NSONE, Inc.
Overview
Flamethrower is a small, fast, configurable tool for functional testing, benchmarking, and stress testing DNS servers and networks. It supports IPv4, IPv6, UDP, TCP, DoT, and DoH and has a modular system for generating queries used in the tests.
Originally built as an alternative to dnsperf, many of the command line options are compatible.
Getting Started
The easiest way to get started with Flamethrower is to use the public docker image:
docker pull ns1labs/flame
docker run ns1labs/flame --help
There are currently no prebuilt operating system packages. If you would like to build your own executable, please see the Build section below.
Usage
Current command line options are described with:
flame --help
Quick Examples
Flame localhost port 53, UDP, maximum speed:
flame localhost
Flame target, port 5300, TCP:
flame -p 5300 -P tcp target.test.com
Flame target, port 443, DoT:
flame -p 443 -P dot target.test.com
Flame target, DNS over HTTPS GET:
flame -P doh target.test.com/dns-query
Flame target, DNS over HTTPS POST:
flame -P doh -M POST target.test.com/dns-query
Flame target with random labels:
flame target.test.com -g randomlabel lblsize=10 lblcount=4 count=1000
Flame multiple target at once, reading the list from a file:
flame file --targets myresolvers.txt
Detailed Features
Query Generators
Flamethrower uses a modular system for generating queries. Most modules generate all queries before sending begins, for performance reasons.
Each module may include its own list of configuration options which can be set via key/value pairs on the command line.
See full --help
for the current list of generators and their options.
Rate Limiting
By default, Flamethrower will send traffic as fast as possible. To limit to a specific overall queries per second, use -Q
Dynamic QPS Flow
Flamethrower can adjust its QPS flow over time. This is useful for generating a "signal" of traffic (e.g. a square wave) for calibrating metrics collection. For example, to send 10 QPS for 120000ms, then 80 QPS for 120000ms, etc use --qps-flow "10,120000;80,120000;10,120000;"
. Flow change will not loop, you should list as many changes as necessary. Once the flow reaches the final QPS number, it will hold it until program termination.
Output Metrics
Flamethrower can generate detailed metrics for each of its concurrent senders. Metrics include send and receive counts, timeouts, min, max and average latency, errors, and the like. The output format is JSON, and is suitable for ingestion into databases such as Elastic for further processing or visualization. See the -o
flag.
Concurrency
Flamethrower is single threaded, async i/o. You specify the amount of concurrent senders with the -c
option. Each of these senders will send a configurable number of consecutive queries (see -q
), then enter a configurable delay period (see -d
) before looping.
Each concurrent sender will pull the next query from the total queries generated by the Query Generator, looping once it reaches the end of the query list (if the program is configured to continue).
There is currently no built-in support for multiprocess sending, so the maximum throughput will be reached once a single CPU is saturated. However, you may manually start several concurrent flame
processes, including up to 1 per CPU available. There is future planned support for builtin multiprocess sending.
Build Dependencies
- CMake >= 3.8
- Linux or OSX
- libuv >= 1.30.0
- libldns >= 1.7.0
- gnutls >= 3.3
- C++ compiler supporting C++17
Optional DoH support requires:
- nghttp2
Optional dependencies:
- docopt
- nlohmann-json >= 3.7.3
- cpp-httplib
- uvw >= 1.18.0
Building
Building is based on CMake.
Default build:
mkdir build; cd build
cmake ..
make
To build with DoH support:
mkdir build; cd build
cmake -DDOH_ENABLE=ON ..
make
Building the docker image:
docker build . --tag ns1labs/flame --file Dockerfile
docker run --rm --net host ns1labs/flame --help
Contributions
Pull Requests and issues are welcome. See the NS1 Contribution Guidelines for more information.
License
This code is released under Apache License 2.0. You can find terms and conditions in the LICENSE file.