check_dns plugin only works with timeperiods

[midway]

Hiya,
I have a very strange issue on one of our dns servers.
Nagios Server is running on centOS 6.5 64 bit and running nagios 3.5.1 (epel version 6)
I would like to check_dns from our nagios server (to our dns server for google.com):-

Code: Select all

[root@nagios plugins]# ./check_dns -H <dns server> -s www.google.com
CRITICAL - Plugin timed out while executing system call

[root@nagios plugins]# ./check_dns -H <dns server> -s www.google.com -t 40
DNS OK: 30.017 seconds response time. <remote server> returns |time=30.016893s;;;0.000000

[root@nagios plugins]# uname -a
Linux nagios.xx.xx. 2.6.32-431.17.1.el6.x86_64 #1 SMP Wed May 7 23:32:49 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

As you will see, it only works with timeout value > 31. Hence I increased the time out accordingly under (on nagios server):

Code: Select all

/etc/nagios/objects/commands.cfg 
# 'check_dns' command definition
define command
{
        command_name    check_dns
        command_line    $USER1$/check_dns -H $ARG1$ -s $HOSTADDRESS$ -t 70
}

And on dns server too:

Code: Select all

/etc/nagios/nrpe.cfg
command_timeout=60

But still it does not work.
On the nagios core gui it says "Connection to DNS <IP> was refused".
On the nagios core server command line, check-dns only works if you pass -t 40 argument.
If I do not use -t option it says "CRITICAL - Plugin timed out while executing system call".

On our dns server logs it says:

Code: Select all

[root@dns server ~]# tail -f /var/log/messages
Jun 16 17:48:39 dns server named[2041]: client <nagios server IP>#60447: query (cache) 'www.google.com/A/IN' denied

I have tried to provide as much info as I could but if you would like any more pls ask.
many thanks,
M.

[eloyd]

./check_dns -H <dns server> -s http://www.google.com

If I read you correctly, you have things backwards. Try:

Code: Select all

check_dns -H <name to check> -s <server to query>

[midway]

thanks eloyd for your reply.

Code: Select all

ON NAGIOS SERVER
[root@nagios plugins]# ./check_dns -H google.com -s <my dns server>
Connection to DNS <my dns server> was refused

I have also double checked and I have allowed nagios core server IP under allowed hosts on my dns server nrpe.cfg.

[eloyd]

Your DNS server is not allowing connections. This is not a Nagios issue. Look at the following. The first is using Google's own public DNS server, while the second is using a private DNS server for a local university. The university is not blocking at the firewall level, it is blocking at the DNS level to prevent people outside the university from using their DNS servers:

Code: Select all

# ./check_dns -H www.google.com -s 8.8.8.8
DNS OK: 0.151 seconds response time. www.google.com returns 74.125.131.103,74.125.131.104,74.125.131.105,74.125.131.106,74.125.131.147,74.125.131.99|time=0.151444s;;;0.000000

# ./check_dns -H www.google.com -s 129.21.3.17
Connection to DNS 129.21.3.17 was refused

# ping 129.21.3.17
PING 129.21.3.17 (129.21.3.17) 56(84) bytes of data.
64 bytes from 129.21.3.17: icmp_seq=1 ttl=51 time=31.2 ms
64 bytes from 129.21.3.17: icmp_seq=2 ttl=51 time=31.3 ms

So, unfortunately, this is no longer a Nagios issue. I can help you with your DNS if you want to PM me.

[tmcdonald]

midway, are we clear to close this thread? Did you talk with eloyd about the DNS issue?

[eloyd]

We did discuss. Not sure whether there was still an issue or not, but this topic can be closed for now, since it's not a Nagios issue.

[tmcdonald]

@midway: I will be closing this now, but if you need it re-opened (ie you have related follow-up questions) let me know in a PM.