[Nagiosplug-devel] [ nagiosplug-Bugs-2946553 ] check_dns returns incorrect state when specifying server

SourceForge.net noreply at sourceforge.net
Thu Jul 29 15:04:33 UTC 2010


Bugs item #2946553, was opened at 2010-02-05 08:59
Message generated for change (Comment added) made by lelutin
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2946553&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: dicko (dicko82)
Assigned to: Nobody/Anonymous (nobody)
Summary: check_dns returns incorrect state when specifying server

Initial Comment:
Plugin Version (-V output): check_dns v1992 (nagios-plugins 1.4.13)
Plugin Name: check_dns
Plugin Commandline showing issues: /usr/lib/nagios/plugins/check_dns -H www.test.com -s 1.1.1.1
Operating System: Red Hat Enterprise Linux Server release 5.4 (Tikanga)

An incorrect state is returned when checking that the dns server ( 1.1.1.1 ) can resolve the host www.test.com when the dns server is down. The following command is used

 /usr/lib/nagios/plugins/check_dns -H www.test.com -s 1.1.1.1

If the DNS server is unavailable the check still returns OK. This worked correctly on RHEL 5.3 but not in Rhel 5.4

It appears that the behaviour of nslookup has changed between 

bind-utils-9.3.4-10.P1.el5

and 

bind-utils-9.3.6-4.P1.el5

On RHEL 5.3  bind-utils-9.3.4-10.P1.el5, nslookup timed out when querying against a server that was not working. 

[root at nagios nagios]# nslookup www.rm.com 194.238.49.43
;; connection timed out; no servers could be reached

On RHEL 5.4 bind-utils-9.3.6-4.P1.el5, the same query against a non existent dns server returns an ip address.

[root at nagios ~]# nslookup www.rm.com 1.1.1.1
Server:         10.34.1.11
Address:        10.34.1.11#53

Non-authoritative answer:
Name:   www.rm.com
Address: 2.2.2.2

It appears that nslookup now makes best efforts to resolve the query even if it cant resolve it against the server specified. This results in an incorrect state being returned when using check dns to ensure that a specific mail server is working correctly.

----------------------------------------------------------------------

Comment By: lelutin (lelutin)
Date: 2010-07-29 11:04

Message:
On Ubuntu Lucid Lynx, the dnsutils package is version 9.7.0.dfsg.P1. If I
try the nslookup command mentioned in the details of the bug, I don't get
the same output:

root at zaptop:~# nslookup www.rm.com 1.1.1.1
;; connection timed out; no servers could be reached

It seems like there could be a bug in the version shipped with RHEL 5.4.
Maybe a patch didn't get backported or something. You should open a bug
report against the RHEL package.

----------------------------------------------------------------------

Comment By: Thomas Guyot-Sionnest (dermoth)
Date: 2010-07-28 09:27

Message:
We'd really need a native dns check IMHO, shouldn't be very hard to do if
we don't implement the TCP part of it or use an existing library....

----------------------------------------------------------------------

Comment By: Ton Voon (tonvoon)
Date: 2010-07-27 16:32

Message:
Damn, that looks painful. It means we will have to parse the complete
output to see if the answer section contains the IP address we originally
requested.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2946553&group_id=29880




More information about the Nagiosplugin-devel mailing list