check_dns

Carroll, Jim P [Contractor] jcarro10 at sprintspectrum.com
Wed Mar 19 21:54:58 CET 2003
Previous message: check_dns
Next message: weird problems with hostgroups/services/inheritance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sorry for the delay.

I take it the hostnames aurumit-domain and ns1 can be resolved, either from
definitions within hosts.cfg or through the local monitoring host's resolver
library?

Assuming you're relying on the resolver (and haven't defined the names in
hosts.cfg), what happens when you do the following command:

  ./check_dns -H mail.aurumit.com -s aurumit-domain

or this:

  ./check_dns -H mail.aurumit.com -s ns1

jc


> -----Original Message-----
> From: mark [mailto:mark at woodstream.net]
> Sent: Thursday, March 13, 2003 9:05 PM
> To: Carroll, Jim P [Contractor]
> Subject: RE: [Nagios-users] check_dns
> 
> 
> Here is the information. As you guessed, I am NOT running dnscachex, 
> just tinydns. It should be noted that the dns servers I'm 
> monitoring are 
> external DNS servers located in our DMZ. The monitor is on 
> the internal 
> network but has full "vision" of the DMZ servers. I've included a dig 
> output, an nslookup output, /etc/resolv.conf (which points to 
> our internal 
> dns but you can see the queries point to the DMZ dns server, 
> my check_dns 
> command definition, and the service definition for dns. In 
> the service 
> definition ns1 is the DMZ server and aurumit-domain is the 
> internal dns 
> server. They both have ping services defined that are working 
> correctly. 
> Let me know if you need further info.
> 
> The DMZ external dns server is 172.16.1.2.
> 
> mon1# dig @172.16.1.2 mail.aurumit.com
> 
> ; <<>> DiG 8.3 <<>> @172.16.1.2 mail.aurumit.com
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUERY SECTION:
> ;;      mail.aurumit.com, type = A, class = IN
> 
> ;; ANSWER SECTION:
> mail.aurumit.com.       1D IN A         206.183.235.131
> 
> ;; AUTHORITY SECTION:
> aurumit.com.            3D IN NS        ns1.aurumit.com.
> aurumit.com.            3D IN NS        ns2.aurumit.com.
> 
> ;; ADDITIONAL SECTION:
> ns1.aurumit.com.        3D IN A         206.183.235.134
> ns2.aurumit.com.        3D IN A         206.183.235.135
> 
> ;; Total query time: 6 msec
> ;; FROM: mon1.aurumit.com to SERVER: 172.16.1.2  172.16.1.2
> ;; WHEN: Thu Mar 13 21:59:03 2003
> ;; MSG SIZE  sent: 34  rcvd: 118
> 
> mon1# nslookup
> Default Server:  aurumit-domain.aurumit.com
> Address:  10.1.2.133
> 
> > server 172.16.1.2
> Default Server:  [172.16.1.2]
> Address:  172.16.1.2
> 
> > mail.aurumit.com
> Server:  [172.16.1.2]
> Address:  172.16.1.2
> 
> Name:    mail.aurumit.com
> Address:  206.183.235.131
> 
> > exit
> 
> mon1# cat /etc/resolv.conf
> domain  aurumit.com
> nameserver      10.1.2.133
> 
> mon1# more /usr/local/nagios/etc/checkcommands.cfg
> 
> # 'check_dns' command definition
> define command{
>         command_name    check_dns
>         command_line    $USER1$/check_dns -H $ARG1$ -s $HOSTADDRESS$
>         }
> 
> mon1# more /usr/local/nagios/etc/services.cfg
> 
> # Generic service definition template
> define service{
>         name                            active-service ;template name
>         passive_checks_enabled          1       ; Passive 
> service checks 
> are ena
>         active_checks_enabled           1       ; Enable active checks
>         parallelize_check               1       ; Active 
> service checks 
> should b
>         obsess_over_service             1       ; We should 
> obsess over 
> this ser
>         check_freshness                 0       ; Default is 
> to NOT check 
> servic
>         notifications_enabled           1       ; Service 
> notifications 
> are enab
>         event_handler_enabled           1       ; Service 
> event handler is 
> enabl
>         flap_detection_enabled          0       ; Flap detection is 
> enabled
>         process_perf_data               0       ; Process 
> performance data
>         retain_status_information       1       ; Retain status 
> information acro
>         retain_nonstatus_information    1       ; Retain non-status 
> information
>         register                        0       ; DONT REGISTER THIS 
> DEFINITION
>         }
> # Service definition
> define service{
>         use                             active-service        
>  ; template
>         host_name                       aurumit-domain,ns1
>         service_description             DNS
>         is_volatile                     0
>         check_period                    24x7
>         max_check_attempts              3
>         normal_check_interval           5
>         retry_check_interval            1
>         contact_groups                  unix-admins
>         notification_interval           120
>         notification_period             24x7
>         notification_options            w,u,c,r
>         check_command                   check_dns!mail.aurumit.com
>         }
> mon1#
> 
> On Thu, 13 Mar 2003, Carroll, Jim P [Contractor] wrote:
> 
> > We're running tinydns here, and dnscachex as well.  I'll 
> assume for this
> > discussion that you're not running dnscachex.
> > 
> > AFAIK, check_dns does *not* require tcp port 53 to be open.
> > 
> > Please provide the following:
> > 
> > - cut-and-paste output of your nslookup query
> > - cut-and-paste output of your dig query
> > - cut-and-paste of your /etc/resolv.conf
> > - the IP address(es) of your DNS server(s)
> > 
> > Please do NOT hand-edit anything in an attempt to obfuscate 
> details to the
> > general public.  One typo is all that I'll need in order to 
> mis-diagnose
> > your situation.
> > 
> > jc
> > 
> > 
> > > -----Original Message-----
> > > From: mark [mailto:mark at woodstream.net]
> > > Sent: Thursday, March 13, 2003 2:37 PM
> > > To: nagios-users at lists.sourceforge.net
> > > Subject: [Nagios-users] check_dns
> > > 
> > > 
> > > 
> > > After reading the docs and the check_dns -help info I have a 
> > > question. 
> > > We run tinydns which listens to port 53 udp only. When I 
> > > check the dns 
> > > service with check_dns, the plugin always times out even 
> > > though I can do a 
> > > dig or nslookup successfully from my monitoring server. Does 
> > > anyonw know 
> > > if check_dns requires port 53 "tcp" to be open? If not, any 
> > > ideas why my 
> > > check_dns is timing out when other tools are successful? Thanks!
> > > 
> > > Mark
> > > 
> > > 
> > > 
> > > -------------------------------------------------------
> > > This SF.net email is sponsored by:Crypto Challenge is now open! 
> > > Get cracking and register here for some mind boggling fun and 
> > > the chance of winning an Apple iPod:
> > > http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en
> > > _______________________________________________
> > > Nagios-users mailing list
> > > Nagios-users at lists.sourceforge.net
> > > https://lists.sourceforge.net/lists/listinfo/nagios-users
> > > ::: Please include Nagios version, plugin version (-v) and OS 
> > > when reporting any issue. 
> > > ::: Messages without supporting info will risk being sent 
> to /dev/null
> > > 
> > 
> 


-------------------------------------------------------
This SF.net email is sponsored by: Does your code think in ink? 
You could win a Tablet PC. Get a free Tablet PC hat just for playing. 
What are you waiting for?
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
Previous message: check_dns
Next message: weird problems with hostgroups/services/inheritance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list