Heartbeat TCP DNS Query

Hi everyone,

I am looking to monitor a DNS server (or multiple) through heartbeat. Now it appears this isn't supported out of the box but it is possible to submit TCP requests. Is it at all possible to set up the following and if so how?:

  1. Perform nslookup of domain.com against dnserver.domain.com.
  2. If valid response received test passed.
  3. If error or timeout test failed.

The main aim here is to ensure the DNS service of a domain controller is functional. And before you ask, no I cannot install an agent on the DC. That would be far too easy!! Corporate policy restricts this due to the environment being highly secure, therefore a DNS lookup is the next best thing. A secondary aim is to trend response times for the DNS lookup, but this is secondary and not essential.

Thanks in advance.

I ran into a similar issue, and this is the workaround I came up with:

heartbeat:
  monitors:
  - hosts:
    - <ip_of_dns_server>
    id: dns-check
    name: DNS TCP Check
    ports:
    - 53
    processors:
    - dns:
        action: append
        failure_cache:
          capacity.initial: 1
          capacity.max: 1
        fields:
          monitor.ip: url.domain
        nameservers:
        - <ip_of_dns_server>
        success_cache:
          capacity.initial: 1
          capacity.max: 1
        tag_on_failure:
        - _dns_reverse_lookup_failed
        timeout: 500ms
        transport: udp
        type: reverse
    schedule: '@every 5s'
    type: tcp

Basically, the way it works is, the tcp check is just to make sure it is reachable, the "real" check is the dns processor, which is forced to perform a lookup against the monitored DNS server.

You can then have a check which looks for the tag: _dns_reverse_lookup_failed, if this tag shows up, that means your DNS server while reachable, doesn't actually work.

This topic was automatically closed 24 days after the last reply. New replies are no longer allowed.