I have a program that needs to do DNS lookups, etc. Things will go Really Wonky if there's a problem with DNS (from a client perspective). Thus, I'd like the program to be able to check if DNS isn't working. In this particular setup, the box runs its own named with a view setup for resolution/caching.
In particular, I want to test that: 1. named is running and answering calls to its port 2. named is getting real answers from the net (i.e. doing its recursive resolution properly; and port 53 to outside NS's isn't being blocked) 3. (rare) root NS's aren't getting DDoS'd / whole world's DNS is down
I want to do this inside a perl or php program, but any language pseudo-code will be fine as a template. I don't want to run a full-blown monitoring program separately.
Ideally, I'll have some php like: function IsDnsOk() { check named check resolution ok }
To be used possibly like: while (!IsDnsOk()) { sleep 10; } $important_dns_result=gethostbyname($host);
But I want any check to be fairly lightweight. I don't want to fire off useless DNS lookups to root name servers at a potential rate of thousands a minute. Plus, I guess I have to worry about cached results making things look ok when they are really not. Any solution I implement will probably be designed to only run these tests once a minute or something, which won't catch the instant DNS goes down, but will mitigate the damage caused.
I can think of a number of fairly simple tests I can try, but they feel kind of kludgy. Is there a better way?
Ideally, the PHP calls, like gethostbyname would be able to return a "down" status, but they decided to lump in to the same return value failure due to no dns record and failure due to any other reason.
Thanks!
Why don't you use dig+grep+sed in bash? On Apr 6, 2016 14:44, "Trevor Cordes" trevor@tecnopolis.ca wrote:
I have a program that needs to do DNS lookups, etc. Things will go Really Wonky if there's a problem with DNS (from a client perspective). Thus, I'd like the program to be able to check if DNS isn't working. In this particular setup, the box runs its own named with a view setup for resolution/caching.
In particular, I want to test that:
- named is running and answering calls to its port
- named is getting real answers from the net (i.e. doing its recursive
resolution properly; and port 53 to outside NS's isn't being blocked) 3. (rare) root NS's aren't getting DDoS'd / whole world's DNS is down
I want to do this inside a perl or php program, but any language pseudo-code will be fine as a template. I don't want to run a full-blown monitoring program separately.
Ideally, I'll have some php like: function IsDnsOk() { check named check resolution ok }
To be used possibly like: while (!IsDnsOk()) { sleep 10; } $important_dns_result=gethostbyname($host);
But I want any check to be fairly lightweight. I don't want to fire off useless DNS lookups to root name servers at a potential rate of thousands a minute. Plus, I guess I have to worry about cached results making things look ok when they are really not. Any solution I implement will probably be designed to only run these tests once a minute or something, which won't catch the instant DNS goes down, but will mitigate the damage caused.
I can think of a number of fairly simple tests I can try, but they feel kind of kludgy. Is there a better way?
Ideally, the PHP calls, like gethostbyname would be able to return a "down" status, but they decided to lump in to the same return value failure due to no dns record and failure due to any other reason.
Thanks! _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
On 2016-04-06 Robert Keizer wrote:
Why don't you use dig+grep+sed in bash?
Ya, that's one of the ideas (dig). It looks like dig will differentiate between named down, vs blocked 53, vs simple invalid domain.
I'm trying to see if there are other ways also, perhaps ones that don't require a fork. And the dig will send out real queries to real servers, but I guess it will be tempered by the cache? I'll have to test what dig does in the different failure modes when a) resolving a domain that isn't cached vs b) resolving one that is cached.
Maybe use:
Perl Net::DNS::Dig ?
Never tried it but it looks like it returns a lot of information similar to dig.
John
On Wed, Apr 6, 2016 at 3:41 PM, Trevor Cordes trevor@tecnopolis.ca wrote:
On 2016-04-06 Robert Keizer wrote:
Why don't you use dig+grep+sed in bash?
Ya, that's one of the ideas (dig). It looks like dig will differentiate between named down, vs blocked 53, vs simple invalid domain.
I'm trying to see if there are other ways also, perhaps ones that don't require a fork. And the dig will send out real queries to real servers, but I guess it will be tempered by the cache? I'll have to test what dig does in the different failure modes when a) resolving a domain that isn't cached vs b) resolving one that is cached. _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
-
John Lange -
Robert Keizer -
Trevor Cordes