Nagios: DNS CRITICAL – ‘/usr/bin/nslookup -sil’ msg parsing exited with no address

Scenario: We changed from BIND to Unbound on a smarthost email server. As soon as this was changed Nagios started throwing up a "DNS CRITICAL – '/usr/bin/nslookup -sil' msg parsing exited with no address" . In the following example i've substituted myhost.domain.co.uk for the actual host.

Troubleshooting steps:

 From the Nagios server i checked the config file:

define host{

        use             freebsd-server          ; Inherit default values from a template
        host_name       myhost.domain.co.uk      ; The name we're giving to this host
        alias           myhost.domain.co.uk      ; A longer name associated with the host
        address         192.168.0.4            ; IP address of the host
        hostgroups      freebsd-servers         ; Host groups this host is associated with
        }

 

define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               myhost.domain.co.uk
        service_description     DNS
        check_command           check_dns_recursion
}

commands.cfg
# 'check_dns_recursion' command definition

define command{
        command_name    check_dns_recursion
        command_line    $USER1$/check_dns -H www.google.com -t 3 -s $HOSTADDRESS$ $ARG1$
        }

 

I then ran the command from Nagios server:

/usr/local/nagios/libexec/check_dns -H www.google.com -s myhost.domain.co.uk --timeout 3

DNS OK: 1.019 second response time. www.google.com returns 74.125.230.80,74.125.230.81,74.125.230.83,74.125.230.84,74.125.230.82|time=1.019290s;;;0.000000

 

That seemed to work fine. How strange.

 

Upon further investigation it appeared that myhost.domain.co.uk had 3 IP addresses:

# host myhost.domain.co.uk

myhost.domain.co.uk has address 192.168.0.4
myhost.domain.co.uk has address 192.168.0.5
myhost.domain.co.uk has address 192.168.0.6

The forward DNS looks like it was pointing to 192.168.0.5. I then tried an nslookup using IP the addresses rather than the CNAME:


# nslookup www.google.co.uk 192.168.0.4

;; connection timed out; no servers could be reached


 

# nslookup www.google.co.uk 192.168.0.5

Server:         192.168.0.5
Address:        192.168.0.5#53

Non-authoritative answer:
Name:   www.google.co.uk
Address: 74.125.230.87
Name:   www.google.co.uk
Address: 74.125.230.95
Name:   www.google.co.uk
Address: 74.125.230.88


Bingo! It appears Unbound has bound itself to one of the IP addesses. Changing myhost.domain to point to 192.168.0.5 in the nagios config file (where the host is defined)  fixed the issue.