doomi
commented
2 years ago I can confirm the issue. the check does a simple dig @"dns server" which in our environment with hardened DNS servers will result in a "status: REFUSED"
the check should explicitly test for an A or PTR record, i.e. dig @"dns server" -x "node-ip"
I have standard cluster 4.0.2f and i run last version available of hypercheck and DNS check is failing. But if i SSH to every CVM's I'm able to do execute dig for every node for example dig esxi01 @ 10.21.2.230 or dig scvm01 @10.21.1.230 and so on. Why is only executing @10.21.216.230 and only testing one DNS server?
2022-02-07 05:34:13 - HX_TOOL - INFO - Executing command: stcli services dns show 2022-02-07 05:34:15 - HX_TOOL - INFO - **** CMD OUTPUT **** 2022-02-07 05:34:15 - HX_TOOL - INFO - ---------------------------------------- 2022-02-07 05:34:15 - HX_TOOL - INFO - 10.21.1.230 2022-02-07 05:34:15 - HX_TOOL - INFO - ---------------------------------------- 2022-02-07 05:34:15 - HX_TOOL - INFO - 10.21.2.230 2022-02-07 05:34:15 - HX_TOOL - INFO - ---------------------------------------- 2022-02-07 05:34:15 - HX_TOOL - INFO - ***** 2022-02-07 05:34:15 - HX_TOOL - INFO - DNS IP Address: 10.21.1.230 2022-02-07 05:34:15 - HX_TOOL - INFO - DNS IP Address: 10.21.2.230 2022-02-07 05:34:15 - HX_TOOL - INFO - ############################################################# 2022-02-07 05:34:15 - HX_TOOL - INFO - Executing command: dig @10.21.216.230 2022-02-07 05:34:27 - HX_TOOL - INFO - **** CMD OUTPUT **** 2022-02-07 05:34:27 - HX_TOOL - INFO - 2022-02-07 05:34:27 - HX_TOOL - INFO - ; <<>> DiG 9.10.3-P4-Ubuntu <<>> @10.21.2.230 2022-02-07 05:34:27 - HX_TOOL - INFO - ; (1 server found) 2022-02-07 05:34:27 - HX_TOOL - INFO - ;; global options: +cmd 2022-02-07 05:34:27 - HX_TOOL - INFO - ;; Got answer: 2022-02-07 05:34:27 - HX_TOOL - INFO - ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 64597 2022-02-07 05:34:27 - HX_TOOL - INFO - ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 2022-02-07 05:34:27 - HX_TOOL - INFO - 2022-02-07 05:34:27 - HX_TOOL - INFO - ;; OPT PSEUDOSECTION: 2022-02-07 05:34:27 - HX_TOOL - INFO - ; EDNS: version: 0, flags:; udp: 4000 2022-02-07 05:34:27 - HX_TOOL - INFO - ;; QUESTION SECTION: 2022-02-07 05:34:27 - HX_TOOL - INFO - ;. IN NS 2022-02-07 05:34:27 - HX_TOOL - INFO - 2022-02-07 05:34:27 - HX_TOOL - INFO - ;; Query time: 1534 msec 2022-02-07 05:34:27 - HX_TOOL - INFO - ;; SERVER: 10.21.2.230#53(10.21.2.230) 2022-02-07 05:34:27 - HX_TOOL - INFO - ;; WHEN: Mon Feb 07 17:34:27 WET 2022 2022-02-07 05:34:27 - HX_TOOL - INFO - ;; MSG SIZE rcvd: 28 2022-02-07 05:34:27 - HX_TOOL - INFO -