使用Zabbix监控DNS服务器

公司使用BIND9 作为内部DNS服务器用于日常内外网的域名解析，后期我们也会打算在外网部署DNS服务器用于解析外网服务器的内部域名，为后期自动化运维做好准备。所以对DNS的监控很有必要。

监控原理描述

监控BIND主要通过rndc这个工具来监控，不同版本的BIND，使用rndc显示的信息会有所不同。

[root@www ~]# whereis rndc rndc: /usr/sbin/rndc /etc/rndc.conf /etc/rndc.key /usr/share/man/man8/rndc.8.gz [root@www ~]# whatis rndc rndc                (8)  - name server control utility rndc-confgen        (8)  - rndc key generation tool rndc.conf [rndc]    (5)  - rndc configuration file

CentOS5系列默认的BIND版本是9.3，CentOS6系列默认的BIND版本是9.8

[root@www ~]# cat /etc/issue.net  CentOS release 5.10 (Final) Kernel r on an m [root@www ~]# named -v BIND 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 [root@www ~]# rndc stats [root@www ~]# cat  /var/named/chroot/var/named/data/named_stats.txt  Statistics Dump (1419998880) success 59887 referral 0 nxrrset 7457 nxdomain 8143 recursion 36479 failure 2358 --- Statistics Dump --- (1419998880)

[root@test1 ~]# cat /etc/issue.net  CentOS release 6.4 (Final) Kernel r on an m [root@test1 ~]# named -v BIND 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.1 [root@test1 ~]# rndc status version: 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.1 CPUs found: 2 worker threads: 2 number of zones: 19 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is OFF recursive clients: 0/0/1000 tcp clients: 0/100 server is up and running [root@test1 ~]# rndc stats [root@test1 ~]# cat /var/named/data/named_stats.txt  Statistics Dump (1419998423) Incoming Requests Incoming Queries Outgoing Queries [View: default]                   20 A                   12 NS                   21 AAAA                   14 DNSKEY [View: _bind] Name Server Statistics Zone Maintenance Statistics Resolver Statistics [Common] [View: default]                   37 IPv4 queries sent                   30 IPv6 queries sent                   24 IPv4 responses received                   36 query retries                   13 query timeouts                   12 IPv4 NS address fetches                   15 IPv6 NS address fetches                   3 IPv4 NS address fetch failed                   2 IPv6 NS address fetch failed                   4 DNSSEC validation attempted                   4 DNSSEC validation succeeded                   10 queries with RTT 10-100ms                   14 queries with RTT 100-500ms [View: _bind] Cache DB RRsets [View: default]                   49 A                   11 NS                   29 AAAA                   8 DS                   17 RRSIG                   2 DNSKEY [View: _bind (Cache: _bind)] Socket I/O Statistics                   38 UDP/IPv4 sockets opened                   31 UDP/IPv6 sockets opened                   2 TCP/IPv4 sockets opened                   2 TCP/IPv6 sockets opened                   37 UDP/IPv4 sockets closed                   30 UDP/IPv6 sockets closed                   11 TCP/IPv4 sockets closed                   30 UDP/IPv6 socket connect failures                   37 UDP/IPv4 connections established                   12 TCP/IPv4 connections accepted                   30 UDP/IPv6 send errors Per Zone Query Statistics --- Statistics Dump --- (1419998423)