[Nagiosplug-devel] [ nagiosplug-Bugs-2946553 ] check_dns returns incorrect state when specifying server
SourceForge.net
noreply at sourceforge.net
Fri Jan 21 21:03:59 CET 2011
Bugs item #2946553, was opened at 2010-02-05 05:59
Message generated for change (Comment added) made by mattkent
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2946553&group_id=29880
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: dicko (dicko82)
Assigned to: Nobody/Anonymous (nobody)
Summary: check_dns returns incorrect state when specifying server
Initial Comment:
Plugin Version (-V output): check_dns v1992 (nagios-plugins 1.4.13)
Plugin Name: check_dns
Plugin Commandline showing issues: /usr/lib/nagios/plugins/check_dns -H www.test.com -s 1.1.1.1
Operating System: Red Hat Enterprise Linux Server release 5.4 (Tikanga)
An incorrect state is returned when checking that the dns server ( 1.1.1.1 ) can resolve the host www.test.com when the dns server is down. The following command is used
/usr/lib/nagios/plugins/check_dns -H www.test.com -s 1.1.1.1
If the DNS server is unavailable the check still returns OK. This worked correctly on RHEL 5.3 but not in Rhel 5.4
It appears that the behaviour of nslookup has changed between
bind-utils-9.3.4-10.P1.el5
and
bind-utils-9.3.6-4.P1.el5
On RHEL 5.3 bind-utils-9.3.4-10.P1.el5, nslookup timed out when querying against a server that was not working.
[root at nagios nagios]# nslookup www.rm.com 194.238.49.43
;; connection timed out; no servers could be reached
On RHEL 5.4 bind-utils-9.3.6-4.P1.el5, the same query against a non existent dns server returns an ip address.
[root at nagios ~]# nslookup www.rm.com 1.1.1.1
Server: 10.34.1.11
Address: 10.34.1.11#53
Non-authoritative answer:
Name: www.rm.com
Address: 2.2.2.2
It appears that nslookup now makes best efforts to resolve the query even if it cant resolve it against the server specified. This results in an incorrect state being returned when using check dns to ensure that a specific mail server is working correctly.
----------------------------------------------------------------------
Comment By: Matthew Kent (mattkent)
Date: 2011-01-21 12:03
Message:
Can't seem to attach a file here, but I've got a patch to fix this in
https://sourceforge.net/tracker/?func=detail&aid=3163584&group_id=29880&atid=397599
could use some help testing on various distributions.
----------------------------------------------------------------------
Comment By: lelutin (lelutin)
Date: 2010-07-29 08:04
Message:
On Ubuntu Lucid Lynx, the dnsutils package is version 9.7.0.dfsg.P1. If I
try the nslookup command mentioned in the details of the bug, I don't get
the same output:
root at zaptop:~# nslookup www.rm.com 1.1.1.1
;; connection timed out; no servers could be reached
It seems like there could be a bug in the version shipped with RHEL 5.4.
Maybe a patch didn't get backported or something. You should open a bug
report against the RHEL package.
----------------------------------------------------------------------
Comment By: Thomas Guyot-Sionnest (dermoth)
Date: 2010-07-28 06:27
Message:
We'd really need a native dns check IMHO, shouldn't be very hard to do if
we don't implement the TCP part of it or use an existing library....
----------------------------------------------------------------------
Comment By: Ton Voon (tonvoon)
Date: 2010-07-27 13:32
Message:
Damn, that looks painful. It means we will have to parse the complete
output to see if the answer section contains the IP address we originally
requested.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2946553&group_id=29880
More information about the Devel
mailing list