check the domain name using the stub zone IP

[9manloon]

Hi everyone,

I would like to resolve one domain name let's say 'name.com' with is behind the stub zone, and get the IP.
how can I use the plug-in in Nagios server?
I have tried using check_dig but failed.

p.s.: my Nagios server can get respond by just using the dig command: dig @192.xx.xx.xx name.com
but I cannot get respond by using Nagios plug-in check_dig.

What am I doing wrong? Can I have any suggestion?

[scottwilkerson]

Can you show how you are running the check_dig command? It is working for me...

Code: Select all

/usr/local/nagios/libexec/check_dig -H 8.8.8.8 -4 -l www.nagios.com
DNS OK - 0.028 seconds response time (www.nagios.com.  297 IN CNAME com1.nagios.com.)|time=0.028189s;;;0.000000

[9manloon]

Can you show how you are running the check_dig command? It is working for me...

Code: Select all

/usr/local/nagios/libexec/check_dig -H 8.8.8.8 -4 -l www.nagios.com
DNS OK - 0.028 seconds response time (www.nagios.com.  297 IN CNAME com1.nagios.com.)|time=0.028189s;;;0.000000

Is your domain name www.nagios.com behind stub zone?
It's also working for me as long as I'm resolving the IP with normal dns server not stub zone.
However, I need to resolve IP which is behine stub zone.

Example:
Let say
1. name.com is behind the stub zone
2. stub zone server IP is 192.11.11.11
3. The DNS Server (dns.com) and Nagios Server are authorized by the stub zone. Which mean the Nagios server can get respond by using dig command: dig @192.11.11.11 name.com


Resolve IP from DNS Server

Code: Select all

./check_dig -H dns.com -l name.com
DNS OK - 0.228 seconds response time (name.com. 14 IN A 192.13.13.13)|time=0.228338s;;;0.000000

Resolve IP from Stub-zone Server(10.110.10.10)

Code: Select all

 ./check_dig -H 192.11.11.11 -l name.com
DNS CRITICAL - 0.024 seconds response time (No ANSWER SECTION found)|time=0.024185s;;;0.000000

[scottwilkerson]

Can yo show the results from

Code: Select all

dig @192.11.11.11 name.com

[9manloon]

Can yo show the results from

Code: Select all

dig @192.11.11.11 name.com

Sure, why not?
This is the result below: (I did alter the IP address and domain name for privacy purpose, but not affect your understanding)

Code: Select all

# dig @192.11.11.11 name.com

; <<>> DiG 9.9.4-RedHat-9.9.4-73.el7_6 <<>> @192.11.11.11 name.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22029
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 5

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;name.com.            IN      A

;; AUTHORITY SECTION:
xxx.org.            593     IN      NS      stubzone1.xxx.org.
xxx.org.            593     IN      NS      stubzone2.xxx.org.
xxx.org.            593     IN      NS      stubzone1.org.
xxx.org.            593     IN      NS      stubzone2.org.

;; ADDITIONAL SECTION:
stubzone1.xxx.org.        593     IN      A       192.11.11.11
stubzone2.xxx.org.        593     IN      A       192.11.22.11
stubzone1.xxx.org.        593     IN      AAAA    2ff6:0:8ff5:4ff0::af5:bff
stubzone2.xxx.org.        593     IN      AAAA    2fff:0:80ff:8ff0::ff5:fff6

;; Query time: 4 msec
;; SERVER: 192.11.11.11#53(192.11.11.11)
;; WHEN: Wed May 08 10:29:35 HKT 2019
;; MSG SIZE  rcvd: 207

Thank you!

[scottwilkerson]

full disclosure, I'm not really familiar with these stub zone DNS servers, but I am noticing that your dig results do not have an answer, just additional information

Code: Select all

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 5

A response from a normal DNS server has the following

Code: Select all

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

For example

Code: Select all

# dig @8.8.8.8 google.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 <<>> @8.8.8.8 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9522
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;google.com.                    IN      A

;; ANSWER SECTION:
google.com.             299     IN      A       172.217.14.238

;; Query time: 23 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed May  8 06:25:27 2019
;; MSG SIZE  rcvd: 44

I have a feeling that check_dig requires an actual ANSWER

[9manloon]

full disclosure, I'm not really familiar with these stub zone DNS servers, but I am noticing that your dig results do not have an answer, just additional information

Code: Select all

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 5

A response from a normal DNS server has the following

Code: Select all

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

For example

Code: Select all

# dig @8.8.8.8 google.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 <<>> @8.8.8.8 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9522
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;google.com.                    IN      A

;; ANSWER SECTION:
google.com.             299     IN      A       172.217.14.238

;; Query time: 23 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed May  8 06:25:27 2019
;; MSG SIZE  rcvd: 44

I have a feeling that check_dig requires an actual ANSWER

I did think about your concern, but I believe Nagios should have any method to check domain name resolving through stub zone directly.
I just don't know how.

[scottwilkerson]

It doesn't look that way, I did some searching and didn't come up with anything.

One good thing about Nagios is that you can create your own plugins, so you could create one (or have one created) that does what you desire.

Here are the Nagios Plugin Development guidelines
https://nagios-plugins.org/doc/guidelines.html