Scenario: We changed from BIND to Unbound on a smarthost email server. As soon as this was changed Nagios started throwing up a "DNS CRITICAL – '/usr/bin/nslookup -sil' msg parsing exited with no address" . In the following example i've substituted myhost.domain.co.uk for the actual host.
Troubleshooting steps:
From the Nagios server i checked the config file:
define host{
use freebsd-server ; Inherit default values from a template host_name myhost.domain.co.uk ; The name we're giving to this host alias myhost.domain.co.uk ; A longer name associated with the host address 192.168.0.4 ; IP address of the host hostgroups freebsd-servers ; Host groups this host is associated with }
define service{ use generic-service ; Inherit default values from a template host_name myhost.domain.co.uk service_description DNS check_command check_dns_recursion }
commands.cfg
# 'check_dns_recursion' command definition
define command{ command_name check_dns_recursion command_line $USER1$/check_dns -H www.google.com -t 3 -s $HOSTADDRESS$ $ARG1$ }
I then ran the command from Nagios server:
/usr/local/nagios/libexec/check_dns -H www.google.com -s myhost.domain.co.uk --timeout 3
DNS OK: 1.019 second response time. www.google.com returns 74.125.230.80,74.125.230.81,74.125.230.83,74.125.230.84,74.125.230.82|time=1.019290s;;;0.000000
That seemed to work fine. How strange.
Upon further investigation it appeared that myhost.domain.co.uk had 3 IP addresses:
# host myhost.domain.co.uk
myhost.domain.co.uk has address 192.168.0.4
myhost.domain.co.uk has address 192.168.0.5
myhost.domain.co.uk has address 192.168.0.6
The forward DNS looks like it was pointing to 192.168.0.5. I then tried an nslookup using IP the addresses rather than the CNAME:
# nslookup www.google.co.uk 192.168.0.4
;; connection timed out; no servers could be reached
# nslookup www.google.co.uk 192.168.0.5
Server: 192.168.0.5
Address: 192.168.0.5#53
Non-authoritative answer:
Name: www.google.co.uk
Address: 74.125.230.87
Name: www.google.co.uk
Address: 74.125.230.95
Name: www.google.co.uk
Address: 74.125.230.88
Bingo! It appears Unbound has bound itself to one of the IP addesses. Changing myhost.domain to point to 192.168.0.5 in the nagios config file (where the host is defined) fixed the issue.