what IS the "DNS" check in xymon?
list Ian Diddams
if we set a hosts.cfg line 10.24.38.132? ? walkie # ssh dns we can expect xymon to check that ssh connections exist for thats erver, and also does some sort of dns check. what exactly IS this check? becasue the dns on that server is runjning fine - but the xymon alert shopws red. Service dns on walkie is not OK : Service unavailable Name not found Seconds: 0.007559000 any ideas please/? Ive googled and come up with nothing (though my googling skills are not the greatest)
list Christoph Zechner
▸
On 15/02/2022 09:38, Ian Diddams wrote:
if we set a hosts.cfg line 10.24.38.132? ? walkie # ssh dns we can expect xymon to check that ssh connections exist for thats erver, and also does some sort of dns check. what exactly IS this check?
Quote from the man page of hosts.cfg (Debian 11):
"DNS SERVER TESTS
These tags are used to setup monitoring of DNS servers.
dns Simple DNS test. It will attempt to lookup the A record for the hostname of the DNS server.
dig This is an alias for the "dns" test. In xymonnet, the "dns" and "dig" tests are handled identically, so all of the facilities for testing described for the "dns" test are also available for the "dig" test.
dns=hostname
dns=TYPE:lookup[,TYPE:lookup...]
The default DNS tests will attempt a DNS lookup of the DNS' servers own hostname. You can specify the hostname to lookup on a DNS server by listing it on each test.
The second form of the test allows you to perform multiple queries of the DNS server, requesting different types of DNS records. The TYPE defines the type of DNS data: A (IP-address), MX (Mail eXchanger), PTR (re?
verse), CNAME (alias), SOA (Start-Of-Authority), NS (Name Server) are among the more common ones used. The "lookup" is the query. E.g. to lookup the MX records for the "foo.com" domain, you would use
"dns=mx:foo.com". Or to lookup the nameservers for the "bar.org" domain, "dns=ns:bar.org". You can list multiple lookups, separated by commas. For the test to end up with a green status, all lookups must succeed."
Cheers
Christoph
▸
becasue the dns on that server is runjning fine - but the xymon alert shopws red. Service dns on walkie is not OK : Service unavailable Name not found Seconds: 0.007559000 any ideas please/? Ive googled and come up with nothing (though my googling skills are not the greatest)
list Christoph Zechner
Follow-up, because I just realised this question has already been asked on this mailing list: https://lists.xymon.com/archive/2019-March/046162.html Cheers Christoph
▸
On 15/02/2022 10:12, Christoph Zechner wrote:On 15/02/2022 09:38, Ian Diddams wrote:if we set a hosts.cfg line 10.24.38.132? ? walkie # ssh dns we can expect xymon to check that ssh connections exist for thats erver, and also does some sort of dns check. what exactly IS this check?Quote from the man page of hosts.cfg (Debian 11): "DNS SERVER TESTS ?????? These tags are used to setup monitoring of DNS servers. ?????? dns??? Simple DNS test. It will attempt to lookup the A record for the hostname of the DNS server. ?????? dig??? This is an alias for the "dns" test. In xymonnet, the "dns" and "dig" tests are handled identically, so all of the facilities for testing described for the "dns" test are also available for the "dig" test. ?????? dns=hostname ?????? dns=TYPE:lookup[,TYPE:lookup...] ????????????? The default DNS tests will attempt a DNS lookup of the DNS' servers own hostname. You can specify the hostname to lookup on a DNS server by listing it on each test. ????????????? The second form of the test allows you to perform multiple queries of the DNS server, requesting different types of DNS records. The TYPE defines the type of DNS data: A (IP-address), MX (Mail eXchanger),? PTR? (re? ????????????? verse),? CNAME? (alias),? SOA? (Start-Of-Authority),? NS (Name? Server)? are? among? the? more? common? ones? used.? The "lookup" is the query. E.g. to lookup the MX records for the "foo.com" domain, you would use ????????????? "dns=mx:foo.com". Or to lookup the nameservers for the "bar.org" domain, "dns=ns:bar.org".? You can list multiple lookups, separated by commas. For the test to end up with a green status, all lookups must succeed." Cheers Christophbecasue the dns on that server is runjning fine - but the xymon alert shopws red. Service dns on walkie is not OK : Service unavailable Name not found Seconds: 0.007559000 any ideas please/? Ive googled and come up with nothing (though my googling skills are not the greatest)
list John Thurston
'tis in the man page for hosts.cfg, but I'll paste it here for ready reference:
▸
*dns*
Simple DNS test. It will attempt to lookup the A record for the hostname of the DNS server.
Which means the test performed by xymonnet is attempting to look up an A-record for the name "walkie" and failing. It is doing something like:
dig +short +notcp A walkie @10.24.38.132
Either change your hostname to a fully-qualified domain name (FQDN) (e.g. walkie.foo.bar.com), or change your DNS test to use the long-form:
▸
*dns=TYPE:lookup[,TYPE:lookup...]*
The default DNS tests will attempt a DNS lookup of the DNS' servers own hostname. You can specify the hostname to lookup on a DNS server by listing it on each test.
That would make the right side of your line look like:
dns=A:walkie.foo.bar.com
--
Do things because you should, not just because you can.
John Thurston XXX-XXX-XXXX
user-ce4d79d99bab@xymon.invalid
Department of Administration
State of Alaska
▸
On 2/14/2022 11:38 PM, Ian Diddams via Xymon wrote:if we set a hosts.cfg line 10.24.38.132 walkie # ssh dns we can expect xymon to check that ssh connections exist for thats erver, and also does some sort of dns check. what exactly IS this check? becasue the dns on that server is runjning fine - but the xymon alert shopws red.
list Richard L. Hamilton
Would an AAAA lookup also work? I realize that most of Xymon isn't yet IPv6 aware, but if one can define a DNS test to use arbitrary types, it seems that _ought_ to work.
▸
On Feb 15, 2022, at 11:28, John Thurston <user-ce4d79d99bab@xymon.invalid> wrote: 'tis in the man page for hosts.cfg, but I'll paste it here for ready reference: *dns* Simple DNS test. It will attempt to lookup the A record for the hostname of the DNS server. Which means the test performed by xymonnet is attempting to look up an A-record for the name "walkie" and failing. It is doing something like: dig +short +notcp A walkie @10.24.38.132 Either change your hostname to a fully-qualified domain name (FQDN) (e.g. walkie.foo.bar.com), or change your DNS test to use the long-form: *dns=TYPE:lookup[,TYPE:lookup...]* The default DNS tests will attempt a DNS lookup of the DNS' servers own hostname. You can specify the hostname to lookup on a DNS server by listing it on each test. That would make the right side of your line look like: dns=A:walkie.foo.bar.com -- Do things because you should, not just because you can. John Thurston XXX-XXX-XXXX user-ce4d79d99bab@xymon.invalid Department of Administration State of Alaska On 2/14/2022 11:38 PM, Ian Diddams via Xymon wrote:if we set a hosts.cfg line 10.24.38.132 walkie # ssh dns we can expect xymon to check that ssh connections exist for thats erver, and also does some sort of dns check. what exactly IS this check? becasue the dns on that server is runjning fine - but the xymon alert shopws red.
list Jeremy Laidman
The dns/dig test is essentially doing "dig @<hostname> <hostname>" or
"dig @<hostname> <type> <lookup>" (when using the "dns=type:lookup" form),
for each entry in the comma-separated dig=..,..,.. list. If the requests
all return valid results (NOERROR status, and one or more answer records),
the status is green. Xymon also times how long all of the lookups take to
complete, so that a graph of response times can be displayed.
Yes AAAA works. The query type is matched against a lookup list defined as
per below (from xymonnet/dns2.c). This includes AAAA. Not all valid record
types are supported, but the DNS test isn't really supposed to be
exercising a range of record types, just testing that the DNS server can
respond to some typical query and give a valid response, so support for all
possible types is not warranted.
Cheers
Jeremy
static const struct nv types[] = {
{ "A", T_A },
{ "NS", T_NS },
{ "MD", T_MD },
{ "MF", T_MF },
{ "CNAME", T_CNAME },
{ "SOA", T_SOA },
{ "MB", T_MB },
{ "MG", T_MG },
{ "MR", T_MR },
{ "NULL", T_NULL },
{ "WKS", T_WKS },
{ "PTR", T_PTR },
{ "HINFO", T_HINFO },
{ "MINFO", T_MINFO },
{ "MX", T_MX },
{ "TXT", T_TXT },
{ "RP", T_RP },
{ "AFSDB", T_AFSDB },
{ "X25", T_X25 },
{ "ISDN", T_ISDN },
{ "RT", T_RT },
{ "NSAP", T_NSAP },
{ "NSAP_PTR", T_NSAP_PTR },
{ "SIG", T_SIG },
{ "KEY", T_KEY },
{ "PX", T_PX },
{ "GPOS", T_GPOS },
{ "AAAA", T_AAAA },
{ "LOC", T_LOC },
{ "SRV", T_SRV },
{ "AXFR", T_AXFR },
{ "MAILB", T_MAILB },
{ "MAILA", T_MAILA },
{ "ANY", T_ANY }
};
On Wed, 16 Feb 2022 at 06:58, Richard L. Hamilton <user-af55987f6d56@xymon.invalid>
▸
wrote:
Would an AAAA lookup also work? I realize that most of Xymon isn't yet IPv6 aware, but if one can define a DNS test to use arbitrary types, it seems that _ought_ to work.On Feb 15, 2022, at 11:28, John Thurston <user-ce4d79d99bab@xymon.invalid> wrote: 'tis in the man page for hosts.cfg, but I'll paste it here for ready reference: *dns* Simple DNS test. It will attempt to lookup the A record for the hostname of the DNS server. Which means the test performed by xymonnet is attempting to look up anA-record for the name "walkie" and failing. It is doing something like:dig +short +notcp A walkie @10.24.38.132 Either change your hostname to a fully-qualified domain name (FQDN)(e.g. walkie.foo.bar.com), or change your DNS test to use the long-form:*dns=TYPE:lookup[,TYPE:lookup...]* The default DNS tests will attempt a DNS lookup of the DNS' servers own hostname. You can specify the hostname to lookup on a DNS server by listing it on each test. That would make the right side of your line look like: dns=A:walkie.foo.bar.com -- Do things because you should, not just because you can. John Thurston XXX-XXX-XXXX user-ce4d79d99bab@xymon.invalid Department of Administration State of Alaska On 2/14/2022 11:38 PM, Ian Diddams via Xymon wrote:if we set a hosts.cfg line 10.24.38.132 walkie # ssh dns we can expect xymon to check that ssh connections exist for thats erver, and also does some sort of dns check. what exactly IS this check? becasue the dns on that server is runjning fine - but the xymon alert shopws red.