Setting up a NeTraMet meter: background and requirements

Nevil Brownlee, CAIDA | The University of Auckland


This web page explains how to set up a NeTraMet meter for monitoring the Domain Name System (DNS).

CAIDA collects `DNS performance' measurments, and makes summary data available via the web page We are looking for additional meter sites in order to enhance our view of global root/gTLD performance. As of March 2003, meters in San Diego (CA), Boulder (CO) and Auckland (New Zealand) are collecting data.

Where to locate a NeTraMet meter

To monitor DNS, we configure a meter to observe DNS request and response packets (i.e. packets to/from UDP port 53 on all root/gTLD nameservers.) The best location for the meter is at the gateway between a 'local' network and the Internet, as shown in the diagram below.

The diagram shows a `local net' to the left and the Internet to the right. The local net has several DNS resolvers (magenta dots), which ask root servers (green dots) and gTLD servers (blue dots) to resolve various domain names. The meter is attached to a `metering point,' where it can see the packets passing between local resolvers and root/gTLD servers.

Site Requirements

For a `local' network one could select a large single site, e.g. a University, or perhaps a whole ISP. The criteria for a site are:

Meter Requirements

The NeTraMet meter (lower middle of the diagram) is a dedicated PC running either BSD or Linux. The PC minimum specification is

Processor and RAM depends on the metering point technology (see below), as a rough guide I suggest

Connection Options

There are several ways to establish a metering point, depending on the physical network architecture at the site's gateway:

  1. If the site network uses switches or routers which can copy packets from a port or VLAN to a dedicated port, that port (usually called a `SPAN' port) can become a metering point. For this the NeTraMet meter will only need one metering NIC, and the router or switch will need to be configured to copy both ingress and egress packets for the site's resolvers to the metering port.
  2. If the single gateway link is 100 or 1000BaseT Ethernet, a `passive tap' (e.g. from NetOptics, can be used as the metering point. For this the NeTraMet PC will need two copper Ethernet NICs, one for each direction of the traffic. Passive taps are rather expensive, so this is not a very attractive option!
  3. If the site's traffic goes to a single ISP through a fibre link, one can use a pair of fibre splitters (one for each direction) to split off 10% of the light. In this case the NeTraMet PC will need two fibre NICs, to suit whatever link-layer is in use (e.g. 1000BaseSX, OC12 ATM).

How does one establish a CAIDA NeTraMet meter?

Although CAIDA is keen to establish more DNS performance metering sites, we have limited resources to support them. If you are interested in hosting a NeTraMet meter, please email your request, together with a brief description of your site, to

Once a meter PC is installed, you will need to give it an IP address and domain name, e.g. netramet.your-site.

If a CAIDA PC is used, we will set up and maintain user accounts on it. Otherwise, we will require you to set up a user account for `nevil.' In either case the `nevil' account must have sudo privilege, since that is required for NeTraMet to see packet headers on its metering

CAIDA will maintain the NetraMet software, and the DNS data collection system used to collect data for the CAIDA DNS performance web page.

In your request you should:

`CAIDA NeTraMet site' requests will be considered on a case-by-case basis.

Nevil Brownlee   (
Last updated: 11 March 2003