How to Сreate Devices and Targets
How it Works
DNS Server monitoring queries a specified DNS server in order to resolve a specific internet protocol (IP) address.
Creating a Target
Enter the URL that you wish to resolve. The address should be formed exactly as you would use it in a browser such as www.example.com. You should not include a proceeding http://.
To use the particular DNS server, select the Custom radio button and enter the URL name, IPv4 or IPv6 address of the DNS server you wish to poll. If you do not enter a value the field will automatically be filled with ‘a.root-servers.net’ and a random root server (from A to M) will be polled each time.
Select which NS record type to query. The record type only defines the content of the query, it does not automatically define what the expected response will look like:
- A – IPv4 address record that maps a hostname to an IPv4 address.
- AAAA – IPv6 address record that maps a hostname to an IPv6 address.
- NS -name server record that delegates the authoritative name servers.
- CNAME – canonical name record that is an alias to another name record.
- SOA – start of authority record returns the most authoritative information regarding the domain, mail and record timing information.
- TXT – text record can be used for general information as well as Sender Policy Information or other machine-readable information.
- MX – mail exchange record defines the message transfer agents for the domain.
- PTR – pointer record points to a canonical record for reverse DNS lookup.
- SPF – Sender Policy Framework is a legacy record that is now generally handled in the TXT record.
You must still explicitly define the expected response in the Expected Responses section based upon your query. In addition, the Authority Resource Records and Additional Resource Records fields can also be used to validate the query response.
PTR reversed IP address
“PTR” Record Type causes a reverse DNS look-up. Host name to Resolve in this case should contain a reversed IP address in the following format:
If the IP address is 10.12.34.56
The expected response would be 22.214.171.124.in-addr.arpa
A reverse DNS look-up uses the special domain “ip6.arpa.”:
where “126.96.36.199.188.8.131.52.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2” is a reversed IP address. 2001:0db8::1:2345 is the non-reversed original.
Enables or disables the recursion desired (RD) flag in outgoing DNS queries:
- NO – the DNS query will not send an RD flag if you only wish to perform a single iteration to see if the selected DNS server resolves the target in one hop or not.
- YES – requests that the DNS server perform recursion for the monitoring service (ie. the remote server will scan a DNS tree for the monitoring service in search of an appropriate result).
Most applications such as internet browsers enable the RD flag by default so that they receive a successful DNS resolution even if the DNS server queried does not have a valid response. In this case the DNS server queried will contact a top level DNS server and follow the result path until it has received an authoritative result.
Verify Response On
Defines how a DNS answers with a required record type are interpreted:
- All Servers – answers only from end-leaves of DNS tree are verified for proper response. NOTE that you will encounter more random failures from root servers timing out if you require a successful response from all root servers. This does not necessarily indicate an outage, rather it may indicate that one or more root servers are under a heavy load and did not respond in time.
- First Responding – only the first found answer with the desired record type is further analyzed. The first appropriate answer is also considered the end of a DNS tree.
Completion Timeout (in seconds)
Enter the number of seconds the task should wait for a response from the web page before ending the task and returning an error. If this is left blank the default timeout for a task is 120 seconds.
When querying multiple servers it is common to receive a timeout from one or more servers. This filter allows you to specify whether you want to ignore such timeouts or if you wish to receive alerts for these timeouts. Options include alert on all timeouts, filtering out network and time-out errors from exact hosts, or a range of nodes based on a mask:
- * – all network-related and timeout errors are included and will trigger alerting
- empty field – the engine ignores all network-related and timeout errors
IPv4: 192.168.* filters any address beginning with 192.168.
IPv6: 2001:501:* filters any address beginning with 2001:501:
url: len*a.ru filters any url that begins with len and ends with a.ru
Multiple servers are divided by a semi-colon:
2001:501:* ; len*ra.ru
Answer: If the returned string result includes the value entered in the expected answer field the task returns a success. You can use logical expressions to define more complex results.
For example can you use: 10.0.0.1 | 127.0.0.1 | 192.168.1.1
If any of the specified IP addresses occur in the returned string then the query will be considered a success.
Authority: Parses the response to retrieve the value in the Authority section.
Additional: Shows additional resource records returned. If there are multiple DNS servers in the list this may return quite a few results.
An example of complex constructions
(answer.Name=tut.by | answer.Name=google.com) & !answer.Type=A & 'additional.Name=ns2.company.com' & key value | fftb
The Authority and Additional adjustments are only suitable when a custom DNS server is specified in the DNS Server field (not a ROOT server and not specified by a direct IP address).
Determines which mode to utilize to resolve an NS address. For more details, see DNS Mode Option.