Monitor a host using hostname and WhatsUp Gold will use the Winsock GetHostByName to resolve the hostname and then proceed with a poll.
The DNS monitor uses a DNS query constructed by WUG and not by WinSock. Specifically, a PTR query (using UDP) for 1.0.0.127.in-addr.arpa, with the expected response being "localhost". Now, that will give an UP response as long as the DNS server (target) has a zone file for the 127/8 block of addresses. The lack of such config would give a permanent DOWN state. Not an intermittent DOWN, which is what I infer is happening here. > After the Win 2003 upgrade, I started to get a LOT of > notifications about DNS being down on these servers. Am I correct? In either case it would be interesting to see a packet capture for the failed query (submit via Tech Support rather than in this forum). I can think of a couple of workarounds. 1) If the problem is intermittent, how many polls normally get missed? Think about increasing the alert trigger. Having a higher threshold will make you more resilient for intermittent missed polls but will let you catch when the server is really down. 2) You don't say what OS the target servers are running. If they are Windows, you could think about using NT Service Monitor to keep and eye on DNS. Mark Symons Ipswitch, Inc Augusta GA -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Andrew Huey Sent: Monday, March 28, 2005 9:04 AM To: [email protected] Subject: RE: [WhatsUp Forum] DNS monitoring under Windows 2003 I was actually monitoring with the standard DNS plug-in, so I'm not sure if that uses TCP or UDP. The help just says that it's looking at port 53. That dnscmd didn't change anything. I'll probably try replacing the DNS plug-in with a generic TCP/IP monitor. That way, I can play with the settings a bit more. Thanks. [EMAIL PROTECTED] wrote on 03/26/2005 04:40:08 PM: > Are you monitoring DNS via TCP or UDP? > > Not sure that this will fix the problem, but Windows 2003 supports > so called EDNS-0. This extension to DNS allows requests larger than > 484 bytes (512 byte packet) to be transported in UDP DNS packets. > > On the Windows 2003 machine which is sending out the DNS packets, > you can run dnscmd /Config /EnableEDnsProbes 0. This will make sure > that this machine uses TCP for its 484+ byte DNS queries. (You will > need the Windows support tools for this - suptools.msi) > > From: [EMAIL PROTECTED] [mailto:WhatsUp_Forum- > [EMAIL PROTECTED] On Behalf Of Andrew Huey > Sent: Thursday, March 24, 2005 8:30 AM > To: [email protected] > Subject: [WhatsUp Forum] DNS monitoring under Windows 2003 > > I just upgraded the server I'm running WUG on from Windows 2000 to > Windows 2003. I use WUG to monitor DNS on several servers. After the > Win 2003 upgrade, I started to get a LOT of notifications about DNS > being down on these servers. There doesn't actually seem to be any > DNS problem with the servers -- it's just that WUG thinks there is. > Has anyone else seen similar behaviour after a Windows 2003 upgrade? > Thanks in advance for any help. Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/whatsup_forum%40list.ipswitch.com/
