Re: dns-gtld.monitor.
Just updated the dns-gtld monitor. http://www.cmpublishers.com/oss/ More Output polishing. Enjoy. -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com signature.asc Description: OpenPGP digital signature ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: dns-gtld.monitor.
On Mon, May 17, 2010 at 7:48 PM, Nathan Gibbs nat...@cmpublishers.com wrote: * Augie Schwer wrote: my $res = Net::DNS::Resolver-new; my $que = $res-query($tldnsname,'A'); if ( $que ) When there is no A record if ( !$que ) is always true. So I never had to actually check for the A record. Yes, query should return 'undef' when there are no answers. -- Augie Schwer-au...@schwer.us-http://schwer.us Key fingerprint = 9815 AE19 AFD1 1FE7 5DEE 2AC3 CB99 2784 27B0 C072 ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: dns-gtld.monitor.
* Brandon S. Allbery KF8NH wrote:
On May 17, 2010, at 22:48 , Nathan Gibbs wrote:
Correct. The new version which just went up has a -4 option to enable
the
check. Otherwise it acts like the previous version and tries all the
TLD NS's.
Of course, you now have the opposite issue: what if the mon check is
being run on that .us nameserver host that is IPv6-only?
If ( the -4 option is given ) {
The monitor won't query any TLD NS that is IPv6 only.
}else{
It will query all TLD NS's.
# If the monitor is run on an IPv4 only host, this will throw an error
# in the event of an IPv6 only NS.
# Use the -4 option
}
So there shouldn't be an issue, unless I am misunderstanding the question.
:-)
Do you mean actually querying j.cctld.us with this?
If so, this won't work, because the monitor was designed to be fed domain
names in the form of domain.TLD[.], not hosts or sub domains.
./dns-gtld.monitor -l j.cctld.us.
j.cctld.us.
Domain Status TLD NS
j.cctld.us TLD Invalid
This is designed to compare the glue records on the TLD NS's with what the DNS
infrastructure at large is returning.
Here is an example similar to my setup of this.
hostgroup x-domains example.com example2.com example.net example.org
example.info
watch x-domains
service gtld
interval 1h
monitor dns-gtld.monitor
depend x-gateways:ping
period wd {Sun-Sat}
alertafter 3 6h
alert mail.alert someb...@example.com
upalert mail.alert someb...@example.com
Hope that helps, if not let me know.
Thanks
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
mon mailing list
mon@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/mon
Re: dns-gtld.monitor.
Nathan,
Not all TLD name servers have an IPv4 address, so running this monitor
on an IPv4 only host, may give you some false negatives.
--Augie
On Sat, May 15, 2010 at 7:44 PM, Nathan Gibbs nat...@cmpublishers.com wrote:
Just posted a dns-gtld monitor.
http://www.cmpublishers.com/oss/
What this does.
1. Looks up the NS's for a domain.
2. Looks up the NS's for the gtld involved.
3. Queries the NS's obtained in 2 and compares the results with the results
obtained in 1.
If ( they match ) {
OK
}else{
Error
}
The inspiration.
In Feb our ISP renumbered some of its nets. Our IP address was changed. Our
registrar took WAY to long to get its Act together, change, and propagate new
glue records. We spent WAY too much time practicing dig-fu, telling our
registrar what the ( their ) problems were, and pulling our hair out.
Somewhere in that chaos ( between premature baldness a nice padded cell ),
the thought occurred that their wasn't a monitor for this. Now there is.
:-)
Enjoy.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
___
mon mailing list
mon@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/mon
--
Augie Schwer-au...@schwer.us-http://schwer.us
Key fingerprint = 9815 AE19 AFD1 1FE7 5DEE 2AC3 CB99 2784 27B0 C072
___
mon mailing list
mon@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/mon
Re: dns-gtld.monitor.
* Augie Schwer wrote: Nathan, Not all TLD name servers have an IPv4 address, Good point. I'm glad somebody's thinking. :-) so running this monitor on an IPv4 only host, may give you some false negatives. So if I query the IPv6 only NS from an IPv4 only host we get an error, although nothing is wrong. Do I got that right? Is there a TLD that has an IPv6 only NS for testing purposes? I tested the monitor on .com .net .org and .info, so they don't have IPv6 only NS's. I've already done a bit of code cleanup, and was planning another release soon, so it would be great if I could get this issue fixed. Thanks -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com signature.asc Description: OpenPGP digital signature ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: dns-gtld.monitor.
On Mon, May 17, 2010 at 4:04 PM, Nathan Gibbs nat...@cmpublishers.com wrote:
* Augie Schwer wrote:
so running this monitor on an IPv4 only host, may give you some false
negatives.
So if I query the IPv6 only NS from an IPv4 only host we get an error,
although nothing is wrong. Do I got that right?
Yes, Net::DNS::Resolver will behave as if you gave it an empty string
for the name server to query.
Is there a TLD that has an IPv6 only NS for testing purposes?
I tested the monitor on .com .net .org and .info, so they don't have IPv6 only
NS's.
The .us TLD has one of its six name servers that only has an IPv6 address.
I've already done a bit of code cleanup, and was planning another release
soon, so it would be great if I could get this issue fixed.
You'll want to loop through your list of TLD name servers and remove
ones from the list that don't have an A record:
my $res = Net::DNS::Resolver-new;
my $que = $res-query($tldnsname,'A');
if ( $que )
{
# leave loop after we found one good one.
my @answer = $que-answer;
last if $answer[0]-type eq 'A';
}
I know that's out of context, but you get the idea.
The other thing to consider is making this all optional -- a IPv6
enabled mon host operator may not want you to force IPv4 on them.
--
Augie Schwer-au...@schwer.us-http://schwer.us
Key fingerprint = 9815 AE19 AFD1 1FE7 5DEE 2AC3 CB99 2784 27B0 C072
___
mon mailing list
mon@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/mon
Re: dns-gtld.monitor.
* Augie Schwer wrote:
On Mon, May 17, 2010 at 4:04 PM, Nathan Gibbs nat...@cmpublishers.com wrote:
* Augie Schwer wrote:
so running this monitor on an IPv4 only host, may give you some false
negatives.
So if I query the IPv6 only NS from an IPv4 only host we get an error,
although nothing is wrong. Do I got that right?
Yes, Net::DNS::Resolver will behave as if you gave it an empty string
for the name server to query.
All Righty.
Is there a TLD that has an IPv6 only NS for testing purposes?
I tested the monitor on .com .net .org and .info, so they don't have IPv6
only
NS's.
The .us TLD has one of its six name servers that only has an IPv6 address.
OK, Thanks.
I've already done a bit of code cleanup, and was planning another release
soon, so it would be great if I could get this issue fixed.
You'll want to loop through your list of TLD name servers and remove
ones from the list that don't have an A record:
my $res = Net::DNS::Resolver-new;
my $que = $res-query($tldnsname,'A');
if ( $que )
When there is no A record if ( !$que ) is always true.
So I never had to actually check for the A record.
Maybe that is because my system is IPv4 only.
I know enough about Net::DNS::Resolver to be dangerous, as I've already
demonstrated.
:-)
{
# leave loop after we found one good one.
my @answer = $que-answer;
last if $answer[0]-type eq 'A';
}
I know that's out of context, but you get the idea.
The other thing to consider is making this all optional -- a IPv6
enabled mon host operator may not want you to force IPv4 on them.
Correct. The new version which just went up has a -4 option to enable the
check. Otherwise it acts like the previous version and tries all the TLD NS's.
Thanks for your help.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
mon mailing list
mon@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/mon
Re: dns-gtld.monitor.
Just updated the dns-gtld monitor. http://www.cmpublishers.com/oss/ Code Output polishing. Added an option to access only IPv4 TLD NS's. Thanks to Augie Schwer from the mon development team for pointing that. issue out, and his help fixing it. Enjoy. -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com signature.asc Description: OpenPGP digital signature ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
Re: dns-gtld.monitor.
On May 17, 2010, at 22:48 , Nathan Gibbs wrote: Correct. The new version which just went up has a -4 option to enable the check. Otherwise it acts like the previous version and tries all the TLD NS's. Of course, you now have the opposite issue: what if the mon check is being run on that .us nameserver host that is IPv6-only? -- brandon s. allbery [solaris,freebsd,perl,pugs,haskell] allb...@kf8nh.com system administrator [openafs,heimdal,too many hats] allb...@ece.cmu.edu electrical and computer engineering, carnegie mellon universityKF8NH PGP.sig Description: This is a digitally signed message part ___ mon mailing list mon@linux.kernel.org http://linux.kernel.org/mailman/listinfo/mon
