Ubuntu
monitoring-plugins package

check_dns reports bogus "connection refused" for "REFUSED" DNS responses

Bug #1978511 reported by Paul Collins
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
monitoring-plugins (Ubuntu)
New
Undecided
Unassigned

Bug Description

Running monitoring-plugins-standard 2.2-6ubuntu1.2 from Ubuntu 20.04 LTS (focal).

check_dns was failing as follows:

$ /usr/lib/nagios/plugins/check_dns -H localhost -a 127.0.0.1 -s 127.0.0.1
Connection to DNS 127.0.0.1 was refused
$ _

However, the nameserver is clearly working:

$ dig +short localhost 127.0.0.1
127.0.0.1
$ _

I straced check_dns and discovered that it was forking nslookup. Running nslookup directly reveals:

$ /usr/bin/nslookup -sil localhost 127.0.0.1
Server: 127.0.0.1
Address: 127.0.0.1#53

** server can't find localhost.openstack.lan: REFUSED

$ _

So it's not that the connection to the DNS server was refused, but the query itself was refused by the DNS server. These are very different cases.

A workaround is to change my nrpe check_dns command to query "localhost.".

See original description
Revision history for this message
Paul Collins (pjdc) wrote :

P.S. And why did `dig` work? Because it silently appended the "." itself:

;; QUESTION SECTION:
;localhost. IN A

;; ANSWER SECTION:
localhost. 0 IN A 127.0.0.1

Paul Collins (pjdc)
description: updated
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.