DX Unified Infrastructure Management

  • Private Community
 View Only

 BIND application monitoring

Joachim Stenhjem's profile image
Joachim Stenhjem posted Nov 30, 2021 05:23 PM
Anyone with experience for DNS BIND application monitoring in UIM.
Customer is requesting performance and statistics. I have found some 3de party addons for monitoring, but would try to keep uim as main application.

Any suggestions?
Gregg Stillwell's profile image
Broadcom Employee Gregg Stillwell posted Dec 01, 2021 08:26 AM
TYpically you can monitor bind deamon with processes probe to gather cpu and memory stats. Process name varies for different flavors. Also use logmon to monitor any associated logs. For performance monitoring of DNS you can use dns_response probe on robots through out your environment to track response times and connectivity from different points.
Keith Kruepke's profile image
Keith Kruepke posted Dec 01, 2021 11:58 AM
I'll second the recommendation to use the dns_response probe. From a performance monitoring perspective, nothing is more important than how the application is behaving, which the dns_response probe does a good job of measuring. I've been pretty impressed with the options available in that probe; it seems to work well multiple purposes:

  • Health of authoritative DNS servers
  • Health of caching DNS servers
  • Validation of important DNS entries
It sounds like you also have a need for data the dns_response probe doesn't collect (maybe even something like queries per minute), so you'll probably need to combine it with other information.
Joachim Stenhjem's profile image
Joachim Stenhjem posted Dec 05, 2021 10:11 AM

Thanks for the feedback. It's always good to have a chat at the watercooler before diving into something new. :)

During my own investigations I found a clever initiative internal to the Bind service.

BIND listens for queries on Port 53. It listens for communication from RNDC on port 953. And it can be configured to listen for statistics requests on another port, typically port 80. 

To configure BIND so that it will offer statistics to clients that connect looking for them, you must enable statistics channels in the BIND configuration file. Enter something like this:

    statistics-channels {

         inet 10.0.0.1 port 80 allow {my_nets;};

         inet 192.168.1.1 port 8080 allow {any;};

    };

Shell

Copy

With BIND using that configuration information, a client connecting to port 80 at 10.0.0.1 or to port 8080 at 192.168.1.1 can use the HTTP protocol to receive statistics. The format in which the statistics are delivered depends on the URI presented by the client. Statistics are available in XML and now JSON formats.


I believe I will combine a setup using the DNS_responce probe for confirming the "users point of view" and using the server statistics for proactive performance monitoring with another probe for XML or JSON. I have not concluded the last part yet, but will probably make use of the logmon probe.