DNS probes - BlueCat Infrastructure Assurance - 26.1.0

BlueCat LiveAssurance User Guide
ft:locale
en-US
Product name
BlueCat Infrastructure Assurance
Version
26.1.0

LiveAssurance supports a DNS probe, which is a diagnostic tool that checks whether a DNS server is working properly. You can configure LiveAssurance to run DNS lookups from BlueCat DNS/DHCP Servers (BDDS) periodically (default: every 5 minutes). Starting in v25.1.0, BlueCat Edge service points are also supported.

LiveAssurance connects to the specified BDDS or Edge service points in your environment via SSH and runs the required dig commands to perform DNS lookup from the BDDS or Edge service points based on the requirements you define.

Example 1: Test DNS lookup from a single BDDS

  1. Edit the Configuration file dns_probe.config.yaml

    (path: parsers/src/crossvendor/probes/crossvendor_probe_dns/dns_probe.config.yaml)

  2. Define the requirements and probes for the test as shown in the following example:

    In this example, ip-address is the IP address of the BDDS that LiveAssurance must connect to, dns is the type of test. For dns, the list of URLs pertains to the list of records of the specified type to perform a lookup. Optionally, you can specify the type of the record. 

    - requirements:
    ip-address : '10.255.253.152'
  probes :
    dns:
      - fqdn: bluecatnetworks.corp
      - fqdn : www.google.com
        type: AAAA
      - fqdn: www.bluecat.com
        type: TXT
      - fqdn: bluecatnetworks.corp 
        type: TXT

  3. LiveAssurance performs a DNS lookup automatically based on the requirements and probes you've defined.

    If the lookup fails for any of the queries, LiveAssurance generates an alert that you can view in the Issues tab. Issue Items are used to identify the failed tests.

    The issue resolves itself if the subsequent test is successful. Similar to other issues, it will then go into the cooldown state. If the subsequent test remains unsuccessful, the issue will remain open.

    1. Click Overview to view detailed information. From here, you can access the configuration file (dns_probe.config.yaml) by navigating to the Rule Configuration section and clicking View Configuration.

    2. You are taken to the Knowledge Explorer tab; from here, navigate to the Remediation section and click the code icon (< >).

  4. To view the status of the probes:

    1. Select Devices from the sidebar. From the device list displayed, select the BDDS that you specified in the test (10.255.253.152 in this example). From the drawer that appears on the right side of the page, select More Device Info.

    2. If a DNS probe is configured, you can see the user-defined probe's status and whether the test was successful from the Device Info page. DOWN/INACTIVE indicates a failed test to the URL, while UP/ACTIVE indicates a successful test.

Example 2: Test DNS lookup from multiple BDDS on the same subnet

To perform DNS lookup from all the BDDS located in a particular subnet, all with the same list of domains to test, you must specify the subnet when defining the requirements, instead of a single IP address as shown in Example 1. The rest of the procedure remains the same as Example 1. The following is an example:

- requirements:
    ip-address : '10.255.253.128/25'
  probes :
    dns:
      - fqdn: bluecatnetworks.corp
      - fqdn: www.google.com
        type: AAAA
      - fqdn: www.bluecat.com
        type: TXT
      - fqdn: bluecatnetworks.corp 
        type: TXT

Example 3: Test DNS lookup from multiple BDDS on different subnets and to different list of domains

To perform DNS lookup from multiple BDDS located in different subnets, and to different list of domains to test, you must define the requirements and probes separately. In this example, the DNS servers connected with LiveAssurance in blue (that is, device IP 10.255.253.135 and 10.255.253.149) belong to the same subnet (10.255.253.128/25) and must test a specific list of domains, while the DNS servers connected with LiveAssurance in pink must test a different list of domains.

The rest of the procedure remains the same as Example 1. The following configuration is an example:

- requirements:
    ip-address : '10.255.253.128/25'
  probes :
      - fqdn: bluecatnetworks.corp
      - fqdn: www.google.com
        type: AAAA
      - fqdn: www.bluecat.com
        type: TXT
      - fqdn: bluecatnetworks.corp 
        type: TXT
- requirements:
    or:
      - ip-address : '10.14.2.86'
      - ip-address : '10.14.4.52'
      - ip-address : '10.11.85.128/25'
  probes :
    dns:
      - fqdn: indeni.com
      - fqdn: www.f5.com
        type: SRV
      - fqdn: www.checkpoint.com
        type: TXT
      - fqdn: bluecatnetworks.corp 
        type: TXT