[dns-operations] Monitoring DNS Servers
Michael Friedrich
michael.friedrich at univie.ac.at
Wed Jun 8 13:34:58 UTC 2011
Hi,
david klein wrote:
> I have just inherrited my company's DNS infrastructure, which uses
> turn-key BIND-based appliances, with Windows 2008 servers running
> Microsoft's DNS service as bind-slave-style backups (the reasons for
> this are purely political). The appliances provide a robust monitoring
> capability, using SNMP. Does anyone here provide DNS services using
> the DNS service in Windows 2008, and if so, how do you monitor it? For
> many of the same political reasons, monitoring with MOM/SCOM would not
> be an option. I have considered using System Edge agent and
> monitoring in our NMS, though a lower-cost, easier to manage solution
> would be preferable. I come from a mostly Cisco and Linux background,
> so the idea of a platform not having an SNMP agent is a little
> surprising.
As the discussion lead into, you should split that up into various
monitoring topics:
* OS related
** linux/unix/embedded
** windows
* Service related
** Bind
** MS DNS
Given that, you should find a monitoring tool which could achieve such
things easily and modular.
I'd show with using Icinga, a Nagios fork which I am working on and
which we use in production. (http://www.icinga.org)
Icinga be installed on a variety of Linuxes/Unixes
https://www.icinga.org/download/ https://www.icinga.org/download/packages/
It provides the Classic UI (enhanced Nagios CGIs) or a new web interface
based on IDOUtils data source.
First off - everything being checked can be organized via plugins, even
written your own - but still fitting the plugin api
http://docs.icinga.org/latest/en/pluginapi.html
http://nagiosplug.sourceforge.net http://www.monitoringexchange.org
(Nagios plugins remain compatible)
As you said, the appliances allow SNMP which makes it rather good to get
the basic OS monitoring from the SNMP tree.
Basically this http://docs.icinga.org/latest/en/monitoring-routers.html
You could use different plugins, they only need to fit the plugin api
definitions though.
http://docs.icinga.org/latest/en/plugins.html
Another alternative on especially SNMP based checks would be the checkmk
inventory functionality over snmp
http://mathias-kettner.de/checkmk_snmp.html
For MS Windows, I'd suggest using a combination of NRPE+NSClient++
allowing calls to local script checking basically the same plus services.
http://docs.icinga.org/latest/en/monitoring-windows.html
Or as an alternative, keep an eye on the checkmk client in Python
http://mathias-kettner.de/checkmk_windows.html
Basically, on the hosts and basic service monitoring, keep an eye on
- load
- ram/swap
- filesystems
- interface traffic
- running processes like ssh, snmpd, httpd, named, etc
- backups
- scm versioning systems in case
Having that installed and configured for the startup, you should think
about the real service application monitoring, e.g. what you might wanna
check on your nameserver (authoritative and/or recursive).
- check_dns for asking a nameserver for a domain record
- check if nameserver is authoritative for the provided domain record
- check for recursion
- check for rcodes on different queries
- check soa
- check md5 sum of serials
- etc...
You can either run those checks as active (maybe even clustered with
check_multi or nagiosbp and returning conditional checkresult values) or
passive, e.g. if it's a longer lasting reporting pushing a summarized
report to the monitoring core system.
Also, it's quite a common idea to not only check the nameserver from a
single location, but to use a variety of satellites to do the checks
from external locations. this can be achieved with check_nrpe,
mod_gearman or with distributed setups, if you prefer the "big solution".
If you require statistics and/or SLA reporting, make sure the
checkplugins actually return performance data, and use addons like
pnp4nagios (rrd graphing) or icinga reporting based on jasper reports
and icinga idoutils.
If you happen to have specific questions, just keep in touch.
Kind regards,
Michael
--
DI (FH) Michael Friedrich
Vienna University Computer Center
Universitaetsstrasse 7 A-1010 Vienna, Austria
email: michael.friedrich at univie.ac.at
phone: +43 1 4277 14359
mobile: +43 664 60277 14359
fax: +43 1 4277 14338
web: http://www.univie.ac.at/zid
http://www.aco.net
Icinga Core& IDOUtils Developer
http://www.icinga.org
More information about the dns-operations
mailing list