Monitor Bind With Cacti

If someone puts in a support ticket saying they are having DNS issues with your server, what do you do to quantify how your server is acting…? This is the “boat” I found myself in a while back. I decided to use cacti to poll my devices. I happen to run Bind9. I built off of a handy template I found on the Cacti forums. Though I did end up modifying it quite a bit. You can grab my version here: Cacti-Bind (3933 downloads) .

Install Steps

You can follow the Template steps, but I’ve got some tweaks specific for my Centos CactiEZ install.

Install SNMP on your DNS server

1

yum install net-snmp net-snmp-utils net-snmp-devel

Edit snmpd.conf [/etc/snmp/snmp.conf]
# Set new community string

1

com2sec notConfigUser  default       NewString

Allow your new string to view more of the snmp tree.

1

view    systemview    included   .1.3.6.1

Add DNS query extend

1
2

# DNS query
extend .1.3.6.1.4.1.18689.0.1 dnscache-stats /root/bin/runstats.sh

Restart snmp service

1

service snmpd restart

Be sure to set the SNMPD service to start on boot.

Edit your linux firewall to allow your cacti machine to access UDP port 161 on the DNS server.

Create the folder /var/cache/bind and make it writable.

Edit /etc/named.conf
Set “statistics-file “/var/named/data/named_stats.txt”;” to statistics-file “/var/cache/bind/named.stats”;

Reload your named service

1

service named restart

From the CLI issue “rndc stats”.

1

rndc stats

Ensure that the stats file is generated in /var/cache/bind. If it produces an RNDC warning[WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)] you will need to:

Copy the dnsstats.pl and runstats.sh files to the /root/bin folder and ensure they are executable.

On Cacti Server

Add the modified bind-stats.sh file(ensure it is executable) to the scripts folder.

Import your cacti xml file.

Live long and prosper.