Thanks for those details. I'm definitely getting an intermittent down. The target servers are two Windows 2003 machines, and one Fedora machine running BIND 9.2.2. I'll see if I can get a packet capture at some point today.
[EMAIL PROTECTED] wrote on 03/28/2005 10:38:51 AM:
> Monitor a host using hostname and WhatsUp Gold will use the Winsock
> GetHostByName to resolve the hostname and then proceed with a poll.
>
> The DNS monitor uses a DNS query constructed by WUG and not by WinSock.
>
> Specifically, a PTR query (using UDP) for 1.0.0.127.in-addr.arpa, with the
> expected response being "localhost".
>
> Now, that will give an UP response as long as the DNS server (target) has a
> zone file for the 127/8 block of addresses. The lack of such config would
> give a permanent DOWN state. Not an intermittent DOWN, which is what I
> infer is happening here.
>
> > After the Win 2003 upgrade, I started to get a LOT of
> > notifications about DNS being down on these servers.
>
> Am I correct?
>
> In either case it would be interesting to see a packet capture for the
> failed query (submit via Tech Support rather than in this forum).
>
> I can think of a couple of workarounds.
>
> 1) If the problem is intermittent, how many polls normally get missed?
> Think about increasing the alert trigger. Having a higher threshold will
> make you more resilient for intermittent missed polls but will let you catch
> when the server is really down.
>
> 2) You don't say what OS the target servers are running. If they are
> Windows, you could think about using NT Service Monitor to keep and eye on
> DNS.
>
> Mark Symons
> Ipswitch, Inc
> Augusta GA
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Andrew Huey
> Sent: Monday, March 28, 2005 9:04 AM
> To: [email protected]
> Subject: RE: [WhatsUp Forum] DNS monitoring under Windows 2003
>
>
>
> I was actually monitoring with the standard DNS plug-in, so I'm not sure if
> that uses TCP or UDP. The help just says that it's looking at port 53.
> That dnscmd didn't change anything. I'll probably try replacing the DNS
> plug-in with a generic TCP/IP monitor. That way, I can play with the
> settings a bit more. Thanks.
>
> [EMAIL PROTECTED] wrote on 03/26/2005 04:40:08 PM:
>
> > Are you monitoring DNS via TCP or UDP?
> >
> > Not sure that this will fix the problem, but Windows 2003 supports
> > so called EDNS-0. This extension to DNS allows requests larger than
> > 484 bytes (512 byte packet) to be transported in UDP DNS packets.
> >
> > On the Windows 2003 machine which is sending out the DNS packets,
> > you can run dnscmd /Config /EnableEDnsProbes 0. This will make sure
> > that this machine uses TCP for its 484+ byte DNS queries. (You will
> > need the Windows support tools for this - suptools.msi)
> >
> > From: [EMAIL PROTECTED] [mailto:WhatsUp_Forum-
> > [EMAIL PROTECTED] On Behalf Of Andrew Huey
> > Sent: Thursday, March 24, 2005 8:30 AM
> > To: [email protected]
> > Subject: [WhatsUp Forum] DNS monitoring under Windows 2003
>
> >
> > I just upgraded the server I'm running WUG on from Windows 2000 to
> > Windows 2003. I use WUG to monitor DNS on several servers. After the
> > Win 2003 upgrade, I started to get a LOT of notifications about DNS
> > being down on these servers. There doesn't actually seem to be any
> > DNS problem with the servers -- it's just that WUG thinks there is.
> > Has anyone else seen similar behaviour after a Windows 2003 upgrade?
> > Thanks in advance for any help.
>
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
> An Archive of this list is available at:
> http://www.mail-archive.com/whatsup_forum%40list.ipswitch.com/
- [WhatsUp Forum] DNS monitoring under Windows 2003 Andrew Huey
- RE: [WhatsUp Forum] DNS monitoring under Windows 20... Eric E. Osterholm
- RE: [WhatsUp Forum] DNS monitoring under Window... Andrew Huey
- RE: [WhatsUp Forum] DNS monitoring under Wi... Mark Symons
- Andrew Huey
