Page 1 of 1
check the domain name using the stub zone IP
Posted: Mon May 06, 2019 9:07 am
by 9manloon
Hi everyone,
I would like to resolve one domain name let's say 'name.com' with is behind the stub zone, and get the IP.
how can I use the plug-in in Nagios server?
I have tried using check_dig but failed.
p.s.: my Nagios server can get respond by just using the dig command: dig @192.xx.xx.xx name.com
but I cannot get respond by using Nagios plug-in check_dig.
What am I doing wrong? Can I have any suggestion?
Re: check the domain name using the stub zone IP
Posted: Mon May 06, 2019 12:42 pm
by scottwilkerson
Can you show how you are running the check_dig command? It is working for me...
Code: Select all
/usr/local/nagios/libexec/check_dig -H 8.8.8.8 -4 -l www.nagios.com
DNS OK - 0.028 seconds response time (www.nagios.com. 297 IN CNAME com1.nagios.com.)|time=0.028189s;;;0.000000
Re: check the domain name using the stub zone IP
Posted: Tue May 07, 2019 1:40 am
by 9manloon
scottwilkerson wrote:Can you show how you are running the check_dig command? It is working for me...
Code: Select all
/usr/local/nagios/libexec/check_dig -H 8.8.8.8 -4 -l www.nagios.com
DNS OK - 0.028 seconds response time (www.nagios.com. 297 IN CNAME com1.nagios.com.)|time=0.028189s;;;0.000000
Is your domain name
www.nagios.com behind stub zone?
It's also working for me as long as I'm resolving the IP with normal dns server not stub zone.
However, I need to resolve IP which is behine stub zone.
Example:
Let say
1. name.com is behind the stub zone
2. stub zone server IP is 192.11.11.11
3. The DNS Server (dns.com) and Nagios Server are authorized by the stub zone. Which mean the Nagios server can get respond by using dig command:
dig @192.11.11.11 name.com
Resolve IP from DNS Server
Code: Select all
./check_dig -H dns.com -l name.com
DNS OK - 0.228 seconds response time (name.com. 14 IN A 192.13.13.13)|time=0.228338s;;;0.000000
Code: Select all
./check_dig -H 192.11.11.11 -l name.com
DNS CRITICAL - 0.024 seconds response time (No ANSWER SECTION found)|time=0.024185s;;;0.000000
Re: check the domain name using the stub zone IP
Posted: Tue May 07, 2019 7:24 am
by scottwilkerson
Can yo show the results from
Re: check the domain name using the stub zone IP
Posted: Tue May 07, 2019 9:53 pm
by 9manloon
scottwilkerson wrote:Can yo show the results from
Sure, why not?
This is the result below: (I did alter the IP address and domain name for privacy purpose, but not affect your understanding)
Code: Select all
# dig @192.11.11.11 name.com
; <<>> DiG 9.9.4-RedHat-9.9.4-73.el7_6 <<>> @192.11.11.11 name.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22029
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;name.com. IN A
;; AUTHORITY SECTION:
xxx.org. 593 IN NS stubzone1.xxx.org.
xxx.org. 593 IN NS stubzone2.xxx.org.
xxx.org. 593 IN NS stubzone1.org.
xxx.org. 593 IN NS stubzone2.org.
;; ADDITIONAL SECTION:
stubzone1.xxx.org. 593 IN A 192.11.11.11
stubzone2.xxx.org. 593 IN A 192.11.22.11
stubzone1.xxx.org. 593 IN AAAA 2ff6:0:8ff5:4ff0::af5:bff
stubzone2.xxx.org. 593 IN AAAA 2fff:0:80ff:8ff0::ff5:fff6
;; Query time: 4 msec
;; SERVER: 192.11.11.11#53(192.11.11.11)
;; WHEN: Wed May 08 10:29:35 HKT 2019
;; MSG SIZE rcvd: 207
Thank you!
Re: check the domain name using the stub zone IP
Posted: Wed May 08, 2019 7:41 am
by scottwilkerson
full disclosure, I'm not really familiar with these stub zone DNS servers, but I am noticing that your dig results do not have an answer, just additional information
Code: Select all
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 5
A response from a normal DNS server has the following
Code: Select all
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
For example
Code: Select all
# dig @8.8.8.8 google.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 <<>> @8.8.8.8 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9522
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 299 IN A 172.217.14.238
;; Query time: 23 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed May 8 06:25:27 2019
;; MSG SIZE rcvd: 44
I have a feeling that check_dig requires an actual ANSWER
Re: check the domain name using the stub zone IP
Posted: Thu May 09, 2019 2:40 am
by 9manloon
scottwilkerson wrote:full disclosure, I'm not really familiar with these stub zone DNS servers, but I am noticing that your dig results do not have an answer, just additional information
Code: Select all
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 5
A response from a normal DNS server has the following
Code: Select all
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
For example
Code: Select all
# dig @8.8.8.8 google.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 <<>> @8.8.8.8 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9522
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 299 IN A 172.217.14.238
;; Query time: 23 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed May 8 06:25:27 2019
;; MSG SIZE rcvd: 44
I have a feeling that check_dig requires an actual ANSWER
I did think about your concern, but I believe Nagios should have any method to check domain name resolving through stub zone directly.
I just don't know how.
Re: check the domain name using the stub zone IP
Posted: Thu May 09, 2019 6:59 am
by scottwilkerson
It doesn't look that way, I did some searching and didn't come up with anything.
One good thing about Nagios is that you can create your own plugins, so you could create one (or have one created) that does what you desire.
Here are the Nagios Plugin Development guidelines
https://nagios-plugins.org/doc/guidelines.html