Issue with DNS Resolution after update to 5.7.2

[rferebee]

Does the port also need to be changed in the nsclient.ini file on each Windows host?

Firewalld is not running and neither is iptables, so in theory I should not need to open any ports. Have you found anything in the system profile I provided? I notice that 1248 and 5666 are also missing from the nmap scan. Shouldn't those be there?

I find it extremely hard to believe that nothing from a configuration standpoint was changed in 5.7. We've been utilizing the same ports for years and now all of a sudden it's using 12489. It's not like we were on some ancient version of XI, I updated from 5.6.13.

[scottwilkerson]

I think there is a misunderstanding...

The suggestion was that you should can the host you cannot connect to, localhost was just a placeholder

Code: Select all

sudo nmap -sT -O xxx.xxx.xxx.xxxx

[scottwilkerson]

I just read through this thread from the beginning and I'm not sure how it got sidetracked on the nsclient port of 12489 as it doesn't seem relevant.

Can you post the command that is being used for the service that is returning

Code: Select all

DNS CRITICAL - query type of -querytype=A was not found for XXX.XXX.XXX.XXX

[rferebee]

Ok, when I setup those checks, I used the DNS Query configuration wizard.

When I go to look at the service check 'DNS Resolution' in CCM, it doesn't show the command being used. It's just blank. There's no 'Run Check Command' button or anything, so I'm not sure how to get you that information.

Maybe this will help:

Code: Select all

root@nagiosxi:/usr/local/nagios/libexec>ls
box293_check_mysql_table_status  check_jabber                   check_radius.py               check_users
check_apt                        check_jvm.jar                  check_real                    check_vmware_api.pl
check_asterisk.pl                check_ldap                     check_rpc                     check_wave
check_asterisk_sip_peers.sh      check_ldaps                    check_rrdtraf                 check_webinject.sh
check_bl                         check_linux_stats_CPU_USED.pl  check_rrdtraf.php             check_win_snmp_disk.pl
check_bpi.php                    check_linux_stats.pl           check_s3.py                   check_wlsagent.sh
check_breeze                     check_load                     check_sensors                 check_wmi_plus.conf
check_by_ssh                     check_log                      check_sensors.sh              check_wmi_plus_help.pl
check_capacity_planning.py       check_log.sh                   check_services                check_wmi_plus.ini
check_clamd                      check_mailq                    check_simap                   check_wmi_plus.pl
check_cluster                    check_mongodb.py               check_sip                     check_xi_sla.php
check_cpu_stats.sh               check_mountpoints.sh           check_smtp                    check_xisla.php
check_dhcp                       check_mrtg                     check_smtp_send               check_yum
check_dig                        check_mrtgtraf                 check_smtp_send_epn           countdown_to_date.php
check_dir                        check_mssql                    check_snmp                    custom_check_mem
check_disk                       check_mssql_database.py        check_snmp_boostedge.pl       custom_check_procs
check_disk_smb                   check_mssql_server.py          check_snmp_cpfw.pl            DPS_LV_event_handler.sh
check_dns                        check_multiaddr.pl             check_snmp_css_main.pl        DPS_Servers_event_handler.sh
check_docker.py                  check_mysql                    check_snmp_css.pl             event_handler_test.sh
check_domain.php                 check_mysql_health             check_snmp_env.pl             failover_event_handler.sh
check_dummy                      check_mysql_query              check_snmp_generic.pl         folder_watch.pl
check_ec2.py                     check_nagios                   check_snmp_int.pl             hvac.pl
check_em01.pl                    check_nagioslogserver.php      check_snmp_linkproof_nhr.pl   lin_service_restart.sh
check_em08                       check_nagios_performance.php   check_snmp_load.pl            LV_Servers_event_handler.sh
check_email_delivery             check_nagiosxiserver.php       check_snmp_load_wizard.pl     Makefile.am
check_email_delivery_epn         check_ncpa.py                  check_snmp_mem.pl             Makefile.in
check_email_loop.pl              check_netstat.pl               check_snmp_nsbox.pl           nagisk.pl
check_esx3.pl                    check_nna.py                   check_snmp_process.pl         negate
check_file_age                   check_nntp                     check_snmp_process_wizard.pl  NRPE_failover_event_handler.sh
check_flexlm                     check_nntps                    check_snmp_storage.pl         PI_CC_event_handler.sh
check_fping                      check_nrpe                     check_snmp_storage_wizard.pl  PI_LV_event_handler.sh
check_ftp                        check_nt                       check_snmp_vrrp.pl            process_perfdata.pl
check_ftp_fully                  check_ntp                      check_snmp_win.pl             PureFlex_DOA_event_handler.sh
check_hpjd                       check_ntp_peer                 check_spop                    PureFlex_DWSS_817_event_handler.sh
check_http                       check_ntp_time                 check_ssh                     PureFlex_DWSS_818_event_handler.sh
check_icmp                       check_nwstat                   check_ssl_cert                PureFlex_DWSS_E25_event_handler.sh
check_ide_smart                  check_open_files.pl            check_ssmtp                   send_nsca
check_ifoperstatnag              check_oracle                   check_swap                    subst.in
check_ifoperstatus               check_oracle.sh                check_tcp                     urlize
check_ifstatus                   check_overcr                   check_telnet.pl               utils.pm
check_imap                       check_ping                     check_tftp.sh                 utils.pm.in
check_imap_receive               check_pnp_rrds.pl              check_time                    utils.sh
check_imap_receive_epn           check_pop                      check_udp                     utils.sh.in
check_init_service               check_postgres.pl              check_ups
check_ircd                       check_procs                    check_uptime
root@nagiosxi:/usr/local/nagios/libexec>./check_dns --help
check_dns v2.2.1 (nagios-plugins 2.2.1)
Copyright (c) 1999 Ethan Galstad <[email protected]>
Copyright (c) 2000-2014 Nagios Plugin Development Team
        <[email protected]>

This plugin uses the nslookup program to obtain the IP address for the given host/domain query.
An optional DNS server to use may be specified.
If no DNS server is specified, the default server(s) specified in /etc/resolv.conf will be used.


Usage:
check_dns -H host [-s server] [-q type ] [-a expected-address] [-A] [-n] [-t timeout] [-w warn] [-c crit]

Options:
 -h, --help
    Print detailed help screen
 -V, --version
    Print version information
 --extra-opts=[section][@file]
    Read options from an ini file. See
    https://www.nagios-plugins.org/doc/extra-opts.html
    for usage and examples.
 -H, --hostname=HOST
    The name or address you want to query
 -s, --server=HOST
    Optional DNS server you want to use for the lookup
 -q, --querytype=TYPE
    Optional DNS record query type where TYPE =(A, AAAA, SRV, TXT, MX, ANY)
    The default query type is 'A' (IPv4 host entry)
 -a, --expected-address=IP-ADDRESS|HOST
    Optional IP-ADDRESS you expect the DNS server to return. HOST must end with
    a dot (.). This option can be repeated multiple times (Returns OK if any
    value match). If multiple addresses are returned at once, you have to match
    the whole string of addresses separated with commas (sorted alphabetically).
    If you would like to test for the presence of a cname, combine with -n param.
 -A, --expect-authority
    Optionally expect the DNS server to be authoritative for the lookup
 -n, --accept-cname
    Optionally accept cname responses as a valid result to a query
    The default is to ignore cname responses as part of the result
 -w, --warning=seconds
    Return warning if elapsed time exceeds value. Default off
 -c, --critical=seconds
    Return critical if elapsed time exceeds value. Default off
 -t, --timeout=INTEGER:<timeout state>
    Seconds before connection times out (default: 10)
    Optional ":<timeout state>" can be a state integer (0,1,2,3) or a state STRING

Send email to [email protected] if you have questions regarding use
of this software. To submit patches or suggest improvements, send email to
[email protected]

[scottwilkerson]

digging into this more it looks like a bug that was fixed in the plugin is actually now causing an error for your checks

See the following thread
https://support.nagios.com/forum/viewto ... 16&t=58956

This would affect service checks for DNS resolution where you have an IP in the host address field

To correct this, in the service in the CCM, for the "Check command" select check_xi_service_dns, in the $ARG1$ field enter

Code: Select all

 -a 'server1.domain.com.' -q any

where server1.domain.com is what you expect this IP to resolve to

[rferebee]

Ok, I made that change.

Now, I need someone to answer this previous question.

Does the port also need to be changed in the nsclient.ini file on each Windows host?

Firewalld is not running and neither is iptables, so in theory I should not need to open any ports. Have you found anything in the system profile I provided? I notice that 1248 and 5666 are also missing from the nmap scan. Shouldn't those be there?

I find it extremely hard to believe that nothing from a configuration standpoint was changed in 5.7. We've been utilizing the same ports for years and now all of a sudden it's using 12489. It's not like we were on some ancient version of XI, I updated from 5.6.13.

After updating our XI Test host. I had thousands of checks that stopped working due to what appeared to be a default port change (1248 > 12489).

[scottwilkerson]

No, nothing has change in Nagios XI that would have required you to change any ports.

[rferebee]

Ok, I guess I'll try the update again on Monday.

You can lock this thread.

[scottwilkerson]

Ok, I guess I'll try the update again on Monday.

You can lock this thread.

Great

Locking thread