Can we verify the DNS response
list Mike Cavanagh
An entry in the bb-host file like: 192.168.10.10 bambam # dns=fred will perform a DNS query against the server bambam for the hostname: fred. The way I understand it is if a response is received, the DNS is considered good. I would like to know if here are any options to verify the result. In my particular case, we want to query against a "Split DNS" server and confirm the correct IP is being returned in the A record. So, 192.168.10.10 bambam.dom.com # dns=fred.dom.com 71.137.200.10 bambam.dom.com # dns=fred.dom.com The first entry should return: 192.168.10.15 The second entry should return: 71.137.200.15 If DNS views are broken, the 2nd entry may return: 192.168.10.15 If so, I want to get a page so DNS can be fixed. Thanks, Mike
list Xymon User in Richmond
▸
On Wed, November 3, 2010 20:21, Mike Cavanagh wrote:
An entry in the bb-host file like: 192.168.10.10 bambam # dns=fred will perform a DNS query against the server bambam for the hostname: fred. The way I understand it is if a response is received, the DNS is considered good. I would like to know if here are any options to verify the result. In my particular case, we want to query against a "Split DNS" server and confirm the correct IP is being returned in the A record. So, 192.168.10.10 bambam.dom.com # dns=fred.dom.com 71.137.200.10 bambam.dom.com # dns=fred.dom.com The first entry should return: 192.168.10.15 The second entry should return: 71.137.200.15 If DNS views are broken, the 2nd entry may return: 192.168.10.15 If so, I want to get a page so DNS can be fixed.
Don't know how to do what you want the way you want, but you'll need "testip" on those bb-hosts entries or they're both going to test whatever the Xymon server returns for bambam.dom.com. A possible workaround for what you want: is it possible to insert an A record into the external zone for a host name that doesn't exist in the internal zone? If a test on that failed, you'd know that either the external DNS server was down or that the internal DNS zone was incorrectly being used. You'd probably want a page either way.
list Vernon Everett
Hi Mike
As Richard suggests, I suspect the config you proposed is going to cause
Xymon, and yourself a world of hurt.
Remember, Xymon uses the hostname as the index (for lack of a better word)
Now you have the same host with 2 IP addresses.
Xymon will perform 2 pings, using lookup to resolve IP. bbtest-net is going
to bleat.
I suspect, the IP address from the lookup is the one that will be used as
the DNS server IP.
So both DNS lookups will be to the same IP address.
I would suggest a simple script to do what you need.
Regards
Vernon
▸
On Thu, Nov 4, 2010 at 8:21 AM, Mike Cavanagh <user-aa53cad052d4@xymon.invalid>wrote:
An entry in the bb-host file like: 192.168.10.10 bambam # dns=fred will perform a DNS query against the server bambam for the hostname: fred. The way I understand it is if a response is received, the DNS is considered good. I would like to know if here are any options to verify the result. In my particular case, we want to query against a “Split DNS” server and confirm the correct IP is being returned in the A record. So,
192.168.10.10 bambam.dom.com # dns=
fred.dom.com
71.137.200.10 bambam.dom.com # dns=
fred.dom.com
▸
The first entry should return: 192.168.10.15
The second entry should return: 71.137.200.15
If DNS views are broken, the 2nd entry may return: 192.168.10.15 If so,
I want to get a page so DNS can be fixed.
Thanks,
Mike
list Mike Cavanagh
Richand and Vernon. Thanks for the replies.
Richard, I will look into the concept of a "fake" host entry. It sounds
like a good workaround. I am not sure what the testip is for but I will
look into it. For that matter, not sure if I still need the network
option (comes from BB). I think I can remove it. Do not seem to see it
in the Xymon docs.
The entries I presented earlier were not real. I wanted to keep it
simple to help understand what I was trying to accomplish. Here is what
I am running on (items changed to protect the innocent). It seems to be
running correctly, but Xymon has been running for just 2 days so I am
still learning its ins n outs.
BB-Hosts file:
192.168.14.15 bambam.domain.com # conn network
prtdiag ftp smtp dns=smtp.domain.com
76.x.y.z ns1.domain.com # noconn
dns=smtp.domain.com
Here are the results from Xymon DNS queries:
For bambam.domain.com
Service dns on bambam.domain.com is OK (up)
id: 60029
flags: qr aa rd ra
opcode: QUERY
rcode: NOERROR
Questions:
smtp.domain.com .
A
Answers:
smtp.domain.com . 86400 A
192.168.11.15
NS records:
domain.com . 86400 NS
ns1.domain.com.
domain.com . 86400 NS
ns1.domain2.com.
Additional records:
ns1.domain.com . 86400 A
192.168.14.15
ns1.domain2.com. 86400 A
192.168.11.15
Seconds: 0.098
For ns1.domain.com
Service dns on ns1.domain.com is OK (up)
id: 2822
flags: qr aa rd
opcode: QUERY
rcode: NOERROR
Questions:
smtp.domain.com . A
Answers:
smtp.domain.com . 86400 A 71.a.b.d
NS records:
domain.com . 86400 NS ns1.domain2.com.
domain.com . 86400 NS ns1.domain.com.
Additional records:
ns1.domain.com . 86400 A 76.x.y.z
ns1.domain2.com. 86400 A 71.a.b.c
Seconds: 0.099
Please drop a note if you see something that is just does not seem
correct.
Thanks,
Mike
▸
From: Vernon Everett [mailto:user-b3f8dacb72c8@xymon.invalid]
Sent: Wednesday, November 03, 2010 7:01 PM
To: xymon at xymon.com
Subject: Re: [xymon] Can we verify the DNS response
Hi Mike
As Richard suggests, I suspect the config you proposed is going to cause
Xymon, and yourself a world of hurt.
Remember, Xymon uses the hostname as the index (for lack of a better
word)
Now you have the same host with 2 IP addresses.
Xymon will perform 2 pings, using lookup to resolve IP. bbtest-net is
going to bleat.
I suspect, the IP address from the lookup is the one that will be used
as the DNS server IP.
So both DNS lookups will be to the same IP address.
I would suggest a simple script to do what you need.
Regards
Vernon
On Thu, Nov 4, 2010 at 8:21 AM, Mike Cavanagh <user-aa53cad052d4@xymon.invalid>
▸
wrote:
An entry in the bb-host file like:
192.168.10.10 bambam # dns=fred
will perform a DNS query against the server bambam for the hostname:
fred. The way I understand it is if a response is received, the DNS is
considered good.
I would like to know if here are any options to verify the result. In
my particular case, we want to query against a "Split DNS" server and
confirm the correct IP is being returned in the A record. So,
192.168.10.10 bambam.dom.com #
dns=fred.dom.com
71.137.200.10 bambam.dom.com #
dns=fred.dom.com
The first entry should return: 192.168.10.15
The second entry should return: 71.137.200.15
If DNS views are broken, the 2nd entry may return: 192.168.10.15 If
so, I want to get a page so DNS can be fixed.
Thanks,
Mike
list Xymon User in Richmond
I'm not a Richard, although I sometimes play its diminutive on the list. The "testip" tag tells Xymon to use the IP on the bb-hosts entry. Otherwise it uses DNS to resolve the name, falling back on the ip only if the name fails to resolve. But Everett pointed out more important consequences of the server name duplication that I had overlooked. IIRC, the "network" tag was essentially the BB equivalent of "conn" (or perhaps a synonym). I don't recall it being in Hobbit/Xymon at all. Regards, j.
▸
On Thu, November 4, 2010 00:03, Mike Cavanagh wrote:Richand and Vernon. Thanks for the replies.
Richard, I will look into the concept of a "fake" host entry. It sounds
like a good workaround. I am not sure what the testip is for but I will
look into it. For that matter, not sure if I still need the network
option (comes from BB). I think I can remove it. Do not seem to see it
in the Xymon docs.
The entries I presented earlier were not real. I wanted to keep it
simple to help understand what I was trying to accomplish. Here is what
I am running on (items changed to protect the innocent). It seems to be
running correctly, but Xymon has been running for just 2 days so I am
still learning its ins n outs.
BB-Hosts file:
192.168.14.15 bambam.domain.com # conn network
prtdiag ftp smtp dns=smtp.domain.com
76.x.y.z ns1.domain.com # noconn
dns=smtp.domain.com
Here are the results from Xymon DNS queries:
For bambam.domain.com
Service dns on bambam.domain.com is OK (up)
id: 60029
flags: qr aa rd ra
opcode: QUERY
rcode: NOERROR
Questions:
smtp.domain.com .
A
Answers:
smtp.domain.com . 86400 A
192.168.11.15
NS records:
domain.com . 86400 NS
ns1.domain.com.
domain.com . 86400 NS
ns1.domain2.com.
Additional records:
ns1.domain.com . 86400 A
192.168.14.15
ns1.domain2.com. 86400 A
192.168.11.15
Seconds: 0.098
For ns1.domain.com
Service dns on ns1.domain.com is OK (up)
id: 2822
flags: qr aa rd
opcode: QUERY
rcode: NOERROR
Questions:
smtp.domain.com . A
Answers:
smtp.domain.com . 86400 A 71.a.b.d
NS records:
domain.com . 86400 NS ns1.domain2.com.
domain.com . 86400 NS ns1.domain.com.
Additional records:
ns1.domain.com . 86400 A 76.x.y.z
ns1.domain2.com. 86400 A 71.a.b.c
Seconds: 0.099
Please drop a note if you see something that is just does not seem
correct.
Thanks,
Mike
From: Vernon Everett [mailto:user-b3f8dacb72c8@xymon.invalid]
Sent: Wednesday, November 03, 2010 7:01 PM
To: xymon at xymon.com
Subject: Re: [xymon] Can we verify the DNS response
Hi Mike
As Richard suggests, I suspect the config you proposed is going to cause
Xymon, and yourself a world of hurt.
Remember, Xymon uses the hostname as the index (for lack of a better
word)
Now you have the same host with 2 IP addresses.
Xymon will perform 2 pings, using lookup to resolve IP. bbtest-net is
going to bleat.
I suspect, the IP address from the lookup is the one that will be used
as the DNS server IP.
So both DNS lookups will be to the same IP address.
I would suggest a simple script to do what you need.
Regards
Vernon
On Thu, Nov 4, 2010 at 8:21 AM, Mike Cavanagh <user-aa53cad052d4@xymon.invalid>
wrote:
An entry in the bb-host file like:
192.168.10.10 bambam # dns=fred
will perform a DNS query against the server bambam for the hostname:
fred. The way I understand it is if a response is received, the DNS is
considered good.
I would like to know if here are any options to verify the result. In
my particular case, we want to query against a "Split DNS" server and
confirm the correct IP is being returned in the A record. So,
192.168.10.10 bambam.dom.com #
dns=fred.dom.com
71.137.200.10 bambam.dom.com #
dns=fred.dom.com
The first entry should return: 192.168.10.15
The second entry should return: 71.137.200.15
If DNS views are broken, the 2nd entry may return: 192.168.10.15 If
so, I want to get a page so DNS can be fixed.
Thanks,
Mike
list Mike Cavanagh
Thanks J. I saw Richard in Vernon's' email and just ran with it. Sorry about that. Good to know about the testip. I can see uses for it. I thought the network was like conn, but it's been years and I could not remember. Mike Michael D. Cavanagh Phone [916] 853-9658 The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, transmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited and may be unlawful. If you received this in error, please notify the sender and delete the material from your system. THINK GREEN. Please consider the environment before printing this e-mail notice.
▸
-----Original Message-----
From: Xymon User in Richmond [mailto:user-24d6f8323faa@xymon.invalid]
Sent: Thursday, November 04, 2010 5:50 AM
To: xymon at xymon.com
Subject: RE: [xymon] Can we verify the DNS response
I'm not a Richard, although I sometimes play its diminutive on the list.
The "testip" tag tells Xymon to use the IP on the bb-hosts entry.
Otherwise it uses DNS to resolve the name, falling back on the ip only
if
the name fails to resolve. But Everett pointed out more important
consequences of the server name duplication that I had overlooked.
IIRC, the "network" tag was essentially the BB equivalent of "conn" (or
perhaps a synonym). I don't recall it being in Hobbit/Xymon at all.
Regards,
j.
On Thu, November 4, 2010 00:03, Mike Cavanagh wrote:Richand and Vernon. Thanks for the replies.
Richard, I will look into the concept of a "fake" host entry. It
sounds
like a good workaround. I am not sure what the testip is for but I
will
look into it. For that matter, not sure if I still need the network
option (comes from BB). I think I can remove it. Do not seem to see
it
in the Xymon docs.
The entries I presented earlier were not real. I wanted to keep it
simple to help understand what I was trying to accomplish. Here is
what
I am running on (items changed to protect the innocent). It seems to
be
running correctly, but Xymon has been running for just 2 days so I am
still learning its ins n outs.
BB-Hosts file:
192.168.14.15 bambam.domain.com # conn network
prtdiag ftp smtp dns=smtp.domain.com
76.x.y.z ns1.domain.com # noconn
dns=smtp.domain.com
Here are the results from Xymon DNS queries:
For bambam.domain.com
Service dns on bambam.domain.com is OK (up)
id: 60029
flags: qr aa rd ra
opcode: QUERY
rcode: NOERROR
Questions:
smtp.domain.com .
A
Answers:
smtp.domain.com . 86400 A
192.168.11.15
NS records:
domain.com . 86400 NS
ns1.domain.com.
domain.com . 86400 NS
ns1.domain2.com.
Additional records:
ns1.domain.com . 86400 A
192.168.14.15
ns1.domain2.com. 86400 A
192.168.11.15
Seconds: 0.098
For ns1.domain.com
Service dns on ns1.domain.com is OK (up)
id: 2822
flags: qr aa rd
opcode: QUERY
rcode: NOERROR
Questions:
smtp.domain.com . A
Answers:
smtp.domain.com . 86400 A 71.a.b.d
NS records:
domain.com . 86400 NS
ns1.domain2.com.
domain.com . 86400 NS ns1.domain.com.
Additional records:
ns1.domain.com . 86400 A 76.x.y.z
ns1.domain2.com. 86400 A 71.a.b.c
Seconds: 0.099
Please drop a note if you see something that is just does not seem
correct.
Thanks,
Mike
From: Vernon Everett [mailto:user-b3f8dacb72c8@xymon.invalid]
Sent: Wednesday, November 03, 2010 7:01 PM
To: xymon at xymon.com
Subject: Re: [xymon] Can we verify the DNS response
Hi Mike
As Richard suggests, I suspect the config you proposed is going to
cause
Xymon, and yourself a world of hurt.
Remember, Xymon uses the hostname as the index (for lack of a better
word)
Now you have the same host with 2 IP addresses.
Xymon will perform 2 pings, using lookup to resolve IP. bbtest-net is
going to bleat.
I suspect, the IP address from the lookup is the one that will be used
as the DNS server IP.
So both DNS lookups will be to the same IP address.
I would suggest a simple script to do what you need.
Regards
Vernon
On Thu, Nov 4, 2010 at 8:21 AM, Mike Cavanagh<user-aa53cad052d4@xymon.invalid>
wrote: An entry in the bb-host file like: 192.168.10.10 bambam # dns=fred will perform a DNS query against the server bambam for the hostname: fred. The way I understand it is if a response is received, the DNS is considered good. I would like to know if here are any options to verify the result. In my particular case, we want to query against a "Split DNS" server and confirm the correct IP is being returned in the A record. So, 192.168.10.10 bambam.dom.com # dns=fred.dom.com 71.137.200.10 bambam.dom.com # dns=fred.dom.com The first entry should return: 192.168.10.15 The second entry should return: 71.137.200.15 If DNS views are broken, the 2nd entry may return: 192.168.10.15 If so, I want to get a page so DNS can be fixed. Thanks, Mike