[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [xymon] Can we verify the DNS response



I'm not a Richard, although I sometimes play its diminutive on the list.

The "testip" tag tells Xymon to use the IP on the bb-hosts entry. 
Otherwise it uses DNS to resolve the name, falling back on the ip only if
the name fails to resolve.  But Everett pointed out more important
consequences of the server name duplication that I had overlooked.

IIRC, the "network" tag was essentially the BB equivalent of "conn" (or
perhaps a synonym).  I don't recall it being in Hobbit/Xymon at all.

Regards,
j.

On Thu, November 4, 2010 00:03, Mike Cavanagh wrote:
> Richand and Vernon.  Thanks for the replies.
>
>
>
> Richard, I will look into the concept of a "fake" host entry.  It sounds
> like a good workaround.  I am not sure what the testip is for but I will
> look into it.  For that matter, not sure if I still need the network
> option (comes from BB).  I think I can remove it.  Do not seem to see it
> in the Xymon docs.
>
>
>
> The entries I presented earlier were not real.  I wanted to keep it
> simple to help understand what I was trying to accomplish.  Here is what
> I am running on (items changed to protect the innocent).  It seems to be
> running correctly, but Xymon has been running for just 2 days so I am
> still learning its ins n outs.
>
>
>
> BB-Hosts file:
>
> 192.168.14.15          bambam.domain.com           # conn network
> prtdiag ftp smtp dns=smtp.domain.com
>
> 76.x.y.z                  ns1.domain.com                 # noconn
> dns=smtp.domain.com
>
>
>
>
>
> Here are the results from Xymon DNS queries:
>
> For bambam.domain.com
>
>             Service dns on bambam.domain.com is OK (up)
>             id: 60029
>             flags: qr aa rd ra
>             opcode: QUERY
>             rcode: NOERROR
>             Questions:
>                         smtp.domain.com .
> A
>             Answers:
>                         smtp.domain.com .            86400    A
> 192.168.11.15
>             NS records:
>                         domain.com      .              86400    NS
> ns1.domain.com.
>                         domain.com      .              86400    NS
> ns1.domain2.com.
>             Additional records:
>                         ns1.domain.com  .            86400    A
> 192.168.14.15
>                         ns1.domain2.com.             86400    A
> 192.168.11.15
>             Seconds: 0.098
>
> For ns1.domain.com
>
>         Service dns on ns1.domain.com is OK (up)
>         id: 2822
>         flags: qr aa rd
>         opcode: QUERY
>         rcode: NOERROR
>         Questions:
>                 smtp.domain.com .              A
>         Answers:
>                 smtp.domain.com .      86400   A       71.a.b.d
>         NS records:
>                 domain.com      .      86400   NS      ns1.domain2.com.
>                 domain.com      .      86400   NS      ns1.domain.com.
>         Additional records:
>                 ns1.domain.com  .      86400   A       76.x.y.z
>                 ns1.domain2.com.       86400   A       71.a.b.c
>         Seconds: 0.099
>
>
> Please drop a note if you see something that is just does not seem
> correct.
>
> Thanks,
> Mike
>
>
> ________________________________
>
>
> From: Vernon Everett [mailto:everett.vernon (at) gmail.com]
> Sent: Wednesday, November 03, 2010 7:01 PM
> To: xymon (at) xymon.com
> Subject: Re: [xymon] Can we verify the DNS response
>
>
>
> Hi Mike
>
> As Richard suggests, I suspect the config you proposed is going to cause
> Xymon, and yourself a world of hurt.
> Remember, Xymon uses the hostname as the index (for lack of a better
> word)
> Now you have the same host with 2 IP addresses.
> Xymon will perform 2 pings, using lookup to resolve IP. bbtest-net is
> going to bleat.
> I suspect, the IP address from the lookup is the one that will be used
> as the DNS server IP.
> So both DNS lookups will be to the same IP address.
>
> I would suggest a simple script to do what you need.
>
> Regards
>      Vernon
>
>
>
> On Thu, Nov 4, 2010 at 8:21 AM, Mike Cavanagh <mike (at) terrapintesting.com>
> wrote:
>
> An entry in the bb-host file like:
>
>
>
> 192.168.10.10     bambam              # dns=fred
>
>
>
> will perform a DNS query against the server bambam for the hostname:
> fred.  The way I understand it is if a response is received, the DNS is
> considered good.
>
>
>
> I would like to know if here are any options to verify the result.  In
> my particular case, we want to query against a "Split DNS" server and
> confirm the correct IP is being returned in the A record.  So,
>
>
>
> 192.168.10.10     bambam.dom.com                         #
> dns=fred.dom.com
>
> 71.137.200.10     bambam.dom.com                         #
> dns=fred.dom.com
>
>
>
> The first entry should return:  192.168.10.15
>
> The second entry should return: 71.137.200.15
>
>
>
> If DNS views are broken, the 2nd entry may return:  192.168.10.15   If
> so, I want to get a page so DNS can be fixed.
>
>
>
> Thanks,
>
> Mike
>
>
>
>
>
>