DNS query monitoring doesn't work only with DNS0.eu ZERO resolvers

I had the same problem on my “on premise” Linux Desktop computer that was using an old version of dnsping (1.6.4) that vanished after updating to 2.0.2:

When monitoring the DNS resolvers as written on dns0.eu — Das europäische öffentliche DNS, das Ihr Internet sicherer macht everything works fine.

But when monitoring the DNS resovlers as written on ZERO — Verstärkte Sicherheit für hochsensible Umgebungen — dns0.eu I’m getting no results at all

Debugging from DNS query monitoring with Netdata | Learn Netdata

/usr/libexec/netdata/plugins.d# ./go.d.plugin -d -m dns_query
…
BEGIN 'dns_query_dns_eu.server_185_253_5_0_record_A_query_status' 9999779
SET 'success' = 1
SET 'network_error' = 0
SET 'dns_error' = 0
END

BEGIN 'dns_query_dns_eu.server_185_253_5_0_record_A_query_time' 9999779
SET 'query_time' = 49856132
END

…

BEGIN 'dns_query_dns_eu_zero.server_185_253_5_9_record_A_query_status' 9999739
SET 'success' = 0
SET 'network_error' = 0
SET 'dns_error' = 1
END

BEGIN 'dns_query_dns_eu_zero.server_185_253_5_9_record_A_query_time'
SET 'query_time' =
END
…

I’m running netdata v1.38.0-201-nightly

Can someone help me to monitor these DNS0.eu ZERO resolvers?

Hi, @thomasmerz. Can you show your dns_query.conf?

My config

jobs:
 - name: example
   record_types:
      - A
   domains:
     - google.com
     - github.com
     - reddit.com
   servers:
      - 185.253.5.9

Works for me

[ DEBUG ] dns_query[example] collect.go:22 current domain : github.com
BEGIN 'dns_query_example.server_185_253_5_9_record_A_query_status' 5000743
SET 'success' = 1
SET 'network_error' = 0
SET 'dns_error' = 0
END

BEGIN 'dns_query_example.server_185_253_5_9_record_A_query_time' 5000743
SET 'query_time' = 46361623
END

BEGIN 'netdata.execution_time_of_dns_query_example' 5000743
SET 'time' = 46
END

Hi @ilyam8

My dns_query.conf looks familiar - the important difference is that I’m querying some mooo.com DynDNS subdomains. For example:

- name: dns.eu zero
  update_every: 10
  domains:
    - nextcloud.mooo.com
  servers:
    - 193.110.81.9
    - 185.253.5.9

Querying your domain-examples works fine.

With native dnsping I get an answer:

$ dnsping -c 2 -w 1 -s 185.253.5.9 nextcloud.mooo.com
dnsping DNS: 185.253.5.9:53, hostname: nextcloud.mooo.com, proto: UDP, rdatatype: A, flags: RD
107 bytes from 185.253.5.9: seq=1   time=21.067 ms
107 bytes from 185.253.5.9: seq=2   time=22.170 ms

With my old native version (1.6.4 instead of 2.0.2 which is latest available version on my OpenSUSE distro) I also got no answer. So I thought of this and just wanted to ask if there’s a similiar problem over here…

@thomasmerz 185.253.5.9 returns NXDOMAIN ( a non-existent domain DNS error) for nextcloud.mooo.com.

$ dig @185.253.5.9 A nextcloud.mooo.com

; <<>> DiG 9.16.37-Debian <<>> @185.253.5.9 A nextcloud.mooo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32287
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;nextcloud.mooo.com.		IN	A

;; AUTHORITY SECTION:
nextcloud.mooo.com.	300	IN	SOA	negative-caching.dns0.eu. hostmaster.nextcloud.mooo.com. 0 1200 300 1209600 300

;; Query time: 51 msec
;; SERVER: 185.253.5.9#53(185.253.5.9)
;; WHEN: Tue Mar 07 18:35:59 EET 2023
;; MSG SIZE  rcvd: 107

That is why you get 'dns_error' = 1. I see that we treat all response codes except success as “dns error”.

Thanks for that “hint” And thanks for clarifying the response code handling

Because dnsping is measuring the time for also some “non-success” responses I ran into this trap. I will ask at DNS0.eu why they pretend not to block this and potentially some other domains or why they can’t an existing entry.