Monitor Bind With Cacti
If someone puts in a support ticket saying they are having DNS issues with your server, what do you do to quantify how your server is acting…? This is the “boat” I found myself in a while back. I decided to use cacti to poll my devices. I happen to run Bind9. I built off of a handy template I found on the Cacti forums. Though I did end up modifying it quite a bit. You can grab my version here: Cacti-Bind (4054 downloads) .
Install Steps
You can follow the Template steps, but I’ve got some tweaks specific for my Centos CactiEZ install.
Install SNMP on your DNS server
1 | yum install net-snmp net-snmp-utils net-snmp-devel |
Edit snmpd.conf [/etc/snmp/snmp.conf]
# Set new community string
1 | com2sec notConfigUser default NewString |
Allow your new string to view more of the snmp tree.
1 | view systemview included .1.3.6.1 |
Add DNS query extend
1 2 | # DNS query extend .1.3.6.1.4.1.18689.0.1 dnscache-stats /root/bin/runstats.sh |
Restart snmp service
1 | service snmpd restart |
Be sure to set the SNMPD service to start on boot.
Edit your linux firewall to allow your cacti machine to access UDP port 161 on the DNS server.
Create the folder /var/cache/bind and make it writable.
Edit /etc/named.conf
Set “statistics-file “/var/named/data/named_stats.txt”;” to statistics-file “/var/cache/bind/named.stats”;
Reload your named service
1 | service named restart |
From the CLI issue “rndc stats”.
1 | rndc stats |
Ensure that the stats file is generated in /var/cache/bind. If it produces an RNDC warning[WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)] you will need to:
Copy the dnsstats.pl and runstats.sh files to the /root/bin folder and ensure they are executable.
On Cacti Server
Add the modified bind-stats.sh file(ensure it is executable) to the scripts folder.
Import your cacti xml file.
Live long and prosper.
Dear Greg,
That was a BINGO for me!
I’m in a great need for monitoring DNS’s, and also to find a way generating stats. What I was thinking for the stats that how can we have stats on hits per domain/IP? if possible..
Kind regards,
Bob-