07-17-2017 12:26 PM
I am evaluating the builtin DNS Health Check tool within the NIOS 7.3 DNS Properties. Stopping the DNS service manually does not cause an error condition. Is anyone aware of a method to simulate an DNS outage and cause the SNMP alert? Thanks.
07-20-2017 04:28 PM
In the admin guide, it says:
"The DNS Health Check monitor might not work properly if DNS blackhole feature is enabled or if any named ACL is blocking the query sent to the loopback interface."
So what I did was:
1. Ensure you have snmp traps enabled and a trap receiver set correctly.
2. Go to DNS settings and went to DNS health check and enabled "resolve additional domain".
3. I also lowered the health check timers just to speed up the process.
4. Finally, in Grid DNS settings, enable blackhole for ANY.
5. Enable packet capture on the appliance.
Immediately after enabling blackhole, i get the syslog message "DNS Health Check failed for 172.16.229.3 (domain www.google.com) with timeout 1 after 1 retries".
As I did a traffic capture on the appliance itself, when I checked the pcap file, sure enough I see the trap sent to my trap destination with this OID: 184.108.40.206.4.1.77220.127.116.11.18.104.22.168 that has a value "107".
If you then look into our admin guide yet again you see that this corresponds to " (22.214.171.124.2.4.0) ibProbableCause" and the value of 107 corresponds to "ibDnsHealthCheckFailed: The DNS health check has failed."
Looks good to me!