Monitor DNS

[donnyforbes]

I have several DC's that we rely on the DNS services for some in house applications. What I need to be able to do is monitor them and be notified if those services goes down or is under a 90% ping avgtime.
Can someone please send me instructions on how to do this? I did look at the DNS query wizard, but not sure that is the correct one. Please advise. Basically right now
we have a system called Dozer and moving away to you guys, but this what we are doing now with DNS.

Code: Select all

[root@dozer ~]# cat /usr/local/bin/check_ip.pl |grep DNS
#       'ancient DNS tcp'                       => { ALERT => 1, TYPE => 'tcp',  PORT => 'domain',  IP => '192.168.1.2',    ATTEMPTS => 10, THRESHOLDPERCENT => 90, AVGTIMETHRESHOLD => 0.1, ALERTINTER        VAL => 10, HISTORY => 10 },
#       'asgard DNS tcp'                        => { ALERT => 1, TYPE => 'tcp',  PORT => 'domain',  IP => '192.168.1.3',    ATTEMPTS => 10, THRESHOLDPERCENT => 90, AVGTIMETHRESHOLD => 0.5, ALERTINTER        VAL => 10, HISTORY => 10 },
        'drakh DNS tcp'                 => { ALERT => 1, TYPE => 'tcp',  PORT => 'domain',  IP => '192.168.1.22',    ATTEMPTS => 10, THRESHOLDPERCENT => 90, AVGTIMETHRESHOLD => 0.5, ALERTINTERVAL =>         10, HISTORY => 10 },
        'drazi DNS tcp'                 => { ALERT => 1, TYPE => 'tcp',  PORT => 'domain',  IP => '192.168.1.23',    ATTEMPTS => 10, THRESHOLDPERCENT => 90, AVGTIMETHRESHOLD => 0.5, ALERTINTERVAL =>         10, HISTORY => 10 },
        'vorlon DNS tcp'                        => { ALERT => 1, TYPE => 'tcp',  PORT => 'domain',  IP => '192.168.39.8',   ATTEMPTS => 10, THRESHOLDPERCENT => 90, AVGTIMETHRESHOLD => 1.5, ALERTINTER        VAL => 10, HISTORY => 10 },
[root@dozer ~]#

[donnyforbes]

Can someone assist me with this I would really appreciate it.

Thanks

[cdienger]

You can use the DNS wizard to make sure your DNS server is up and doing it's job.

On the first page of the wizard enter the FQDN you'd like to try and resolve(IE http://www.google.com). On the second page enter your DNS server's IP in teh "DNS Server" field and make sure to uncheck the "DNS IP Match" option if the FQDN can resolve to more than just a single IP.

It's not completely clear to me what the check_ip.pl script from Dozer is doing, but it looks like it's maybe checking that tcp port 53 is open. DNS is usually done over udp, but if you want to verify that a tcp port is open you can also use the TCP/UDP Port wizard.

[donnyforbes]

You can use the DNS wizard to make sure your DNS server is up and doing it's job.

On the first page of the wizard enter the FQDN you'd like to try and resolve(IE http://www.google.com). On the second page enter your DNS server's IP in teh "DNS Server" field and make sure to uncheck the "DNS IP Match" option if the FQDN can resolve to more than just a single IP.

It's not completely clear to me what the check_ip.pl script from Dozer is doing, but it looks like it's maybe checking that tcp port 53 is open. DNS is usually done over udp, but if you want to verify that a tcp port is open you can also use the TCP/UDP Port wizard.

Ok I will give the DNS wizard a shot, basically what I need is if the DNS service goes down then we get notified or if the DNS service falls below a 90% ping which means it gets slow we get notified as well.
Does this make since?

[donnyforbes]

In this
Configuration Wizard: DNS Query - Step 2

IP Address:


Can I have more then one IP address? Or do I need to run this wizard on each server that I want to monitor DNS on?

[lmiltchev]

You can put multiple IP addresses, separated by commas in step 2 of the wizard. Keep in mind that the order is important. Here's an example of a "failed" and "working" check.

Code: Select all

[root@main-nagios-xi libexec]# /usr/local/nagios/libexec/check_dns -H yahoo.com -a 206.190.36.45,98.139.180.149,98.138.253.109
DNS CRITICAL - expected '206.190.36.45,98.139.180.149,98.138.253.109' but got '206.190.36.45,98.138.253.109,98.139.180.149'

[root@main-nagios-xi libexec]# /usr/local/nagios/libexec/check_dns -H yahoo.com -a 206.190.36.45,98.138.253.109,98.139.180.149
DNS OK: 0.006 seconds response time. yahoo.com returns 206.190.36.45,98.138.253.109,98.139.180.149|time=0.006102s;;;0.000000

The only difference is that 98.139.180.149 and 98.138.253.109 IP got swapped in the second example.

[donnyforbes]

Ok Thanks I will do it like this...

192.168.1.xxx, 192.168.1.xxx, 192.168.39.xxx

This would be the correct order... I keep you updated when I do it...

[ssax]

Sounds good, we'll keep an eye out.

Thank you

[donnyforbes]

Maybe I am not making myself clear in what I am trying to do. I don't need to monitor a certain website. I just need to be able to monitor the DNS services on all my DC's. If DNS goes down then I need to be notified.
Here is my setup...

3 DC's (domain controllers) I NEED ALL DNS services monitored on all 3 of these because we have inside program that relies on DNS.

DC1 - dc1.domain.com
DC2 - dc2.domain.com
Dc3 - dc3.domain.com

Each one of these are running DNS services in which we count on. Just need to monitor these. How can I do this? I can run the following command from my nag server

Code: Select all

[root@nag libexec]# /usr/local/nagios/libexec/check_dns -H yahoo.com -a 206.190.36.45,98.138.253.109,98.139.180.149
DNS OK: 0.011 seconds response time. yahoo.com returns 206.190.36.45,98.138.253.109,98.139.180.149|time=0.010792s;;;0.000000
[root@nag libexec]# /usr/local/nagios/libexec/check_dns -H google.com
DNS OK: 0.074 seconds response time. google.com returns 172.217.11.174|time=0.073587s;;;0.000000
[root@nag libexec]#

What I need to be able to do is monitor my DNS services ..

[donnyforbes]

Can someone please advise on this?

Thank you.