DNS query monitoring doesn't work only with DNS0.eu ZERO resolvers

I had the same problem on my “on premise” Linux Desktop computer that was using an old version of dnsping (1.6.4) that vanished after updating to 2.0.2:

When monitoring the DNS resolvers as written on dns0.eu — Das europäische öffentliche DNS, das Ihr Internet sicherer macht everything works fine.

But when monitoring the DNS resovlers as written on ZERO — Verstärkte Sicherheit für hochsensible Umgebungen — dns0.eu I’m getting no results at all :slightly_frowning_face:

Debugging from DNS query monitoring with Netdata | Learn Netdata

/usr/libexec/netdata/plugins.d# ./go.d.plugin -d -m dns_query
…
BEGIN 'dns_query_dns_eu.server_185_253_5_0_record_A_query_status' 9999779
SET 'success' = 1
SET 'network_error' = 0
SET 'dns_error' = 0
END

BEGIN 'dns_query_dns_eu.server_185_253_5_0_record_A_query_time' 9999779
SET 'query_time' = 49856132
END

…

BEGIN 'dns_query_dns_eu_zero.server_185_253_5_9_record_A_query_status' 9999739
SET 'success' = 0
SET 'network_error' = 0
SET 'dns_error' = 1
END

BEGIN 'dns_query_dns_eu_zero.server_185_253_5_9_record_A_query_time'
SET 'query_time' =
END
…

I’m running netdata v1.38.0-201-nightly

:question: Can someone help me to monitor these DNS0.eu ZERO resolvers?

Hi, @thomasmerz. Can you show your dns_query.conf?

My config

jobs:
 - name: example
   record_types:
      - A
   domains:
     - google.com
     - github.com
     - reddit.com
   servers:
      - 185.253.5.9

Works for me

[ DEBUG ] dns_query[example] collect.go:22 current domain : github.com
BEGIN 'dns_query_example.server_185_253_5_9_record_A_query_status' 5000743
SET 'success' = 1
SET 'network_error' = 0
SET 'dns_error' = 0
END

BEGIN 'dns_query_example.server_185_253_5_9_record_A_query_time' 5000743
SET 'query_time' = 46361623
END

BEGIN 'netdata.execution_time_of_dns_query_example' 5000743
SET 'time' = 46
END

Hi @ilyam8

My dns_query.conf looks familiar - the important difference is that I’m querying some mooo.com DynDNS subdomains. For example:

- name: dns.eu zero
  update_every: 10
  domains:
    - nextcloud.mooo.com
  servers:
    - 193.110.81.9
    - 185.253.5.9

Querying your domain-examples works fine.

With native dnsping I get an answer:

$ dnsping -c 2 -w 1 -s 185.253.5.9 nextcloud.mooo.com
dnsping DNS: 185.253.5.9:53, hostname: nextcloud.mooo.com, proto: UDP, rdatatype: A, flags: RD
107 bytes from 185.253.5.9: seq=1   time=21.067 ms
107 bytes from 185.253.5.9: seq=2   time=22.170 ms

With my old native version (1.6.4 instead of 2.0.2 which is latest available version on my OpenSUSE distro) I also got no answer. So I thought of this and just wanted to ask if there’s a similiar problem over here… :man_shrugging:

@thomasmerz 185.253.5.9 returns NXDOMAIN ( a non-existent domain DNS error) for nextcloud.mooo.com.

$ dig @185.253.5.9 A nextcloud.mooo.com

; <<>> DiG 9.16.37-Debian <<>> @185.253.5.9 A nextcloud.mooo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32287
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;nextcloud.mooo.com.		IN	A

;; AUTHORITY SECTION:
nextcloud.mooo.com.	300	IN	SOA	negative-caching.dns0.eu. hostmaster.nextcloud.mooo.com. 0 1200 300 1209600 300

;; Query time: 51 msec
;; SERVER: 185.253.5.9#53(185.253.5.9)
;; WHEN: Tue Mar 07 18:35:59 EET 2023
;; MSG SIZE  rcvd: 107

That is why you get 'dns_error' = 1. I see that we treat all response codes except success as “dns error”.

Thanks for that “hint” :wink: And thanks for clarifying the response code handling :+1:

Because dnsping is measuring the time for also some “non-success” responses I ran into this trap. I will ask at DNS0.eu why they pretend not to block this and potentially some other domains or why they can’t an existing entry.