Nagios: DNS CRITICAL – ‘/usr/bin/nslookup -sil’ msg parsing exited with no address

November 19, 2014 Jordansphere FreeBSD

Scenario: We changed from BIND to Unbound on a smarthost email server. As soon as this was changed Nagios started throwing up a "DNS CRITICAL – '/usr/bin/nslookup -sil' msg parsing exited with no address" . In the following example i've substituted myhost.domain.co.uk for the actual host.

Troubleshooting steps:

 From the Nagios server i checked the config file:

define host{

        use             freebsd-server          ; Inherit default values from a template
        host_name       myhost.domain.co.uk      ; The name we're giving to this host
        alias           myhost.domain.co.uk      ; A longer name associated with the host
        address         192.168.0.4            ; IP address of the host
        hostgroups      freebsd-servers         ; Host groups this host is associated with
        }

 

define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               myhost.domain.co.uk
        service_description     DNS
        check_command           check_dns_recursion
}

commands.cfg
# 'check_dns_recursion' command definition

define command{
        command_name    check_dns_recursion
        command_line    $USER1$/check_dns -H www.google.com -t 3 -s $HOSTADDRESS$ $ARG1$
        }

 

I then ran the command from Nagios server:

/usr/local/nagios/libexec/check_dns -H www.google.com -s myhost.domain.co.uk --timeout 3

DNS OK: 1.019 second response time. www.google.com returns 74.125.230.80,74.125.230.81,74.125.230.83,74.125.230.84,74.125.230.82|time=1.019290s;;;0.000000

 

That seemed to work fine. How strange.

 

Upon further investigation it appeared that myhost.domain.co.uk had 3 IP addresses:

# host myhost.domain.co.uk

myhost.domain.co.uk has address 192.168.0.4
myhost.domain.co.uk has address 192.168.0.5
myhost.domain.co.uk has address 192.168.0.6

The forward DNS looks like it was pointing to 192.168.0.5. I then tried an nslookup using IP the addresses rather than the CNAME:

# nslookup www.google.co.uk 192.168.0.4

;; connection timed out; no servers could be reached


 

# nslookup www.google.co.uk 192.168.0.5

Server:         192.168.0.5
Address:        192.168.0.5#53

Non-authoritative answer:
Name:   www.google.co.uk
Address: 74.125.230.87
Name:   www.google.co.uk
Address: 74.125.230.95
Name:   www.google.co.uk
Address: 74.125.230.88


Bingo! It appears Unbound has bound itself to one of the IP addesses. Changing myhost.domain to point to 192.168.0.5 in the nagios config file (where the host is defined)  fixed the issue.

bind unbound nagios,

Powered by WordPress. Designed by elogi.