For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

DNS Monitor Using NS Lookup

Problem this snippet solves:

This monitor uses nslookup to verify an expected response from load balanced DNS servers. It accepts 2 command-line arguments: the name to be looked up, and a string found in the expected response.

NOTE: Use external monitors only when a built-in monitor won't do the trick. This example is intended to demonstrate the basic use of nslookup in an external monitor to test UDP-based name services.

How to use this snippet:

Implementation

  1. Create a new file containing the code below on the LTM filesystem. Recommended location is /config/eav. Permissions on the file must be 700 or better, giving root rwx access to the file. 2. Create a monitor profile of type "External" with the following values:

    • External Program: . . the name of the script file created in step 1
    • Arguments:
    • * "" ""
    • 3. Adjust the interval and timeout as appropriate for your application

Code :

#!/bin/sh
# (c) Copyright 1996-2007 F5 Networks, Inc.
#
# This software is confidential and may contain trade secrets that are the
# property of F5 Networks, Inc.  No part of the software may be disclosed
# to other parties without the express written consent of F5 Networks, Inc.
# It is against the law to copy the software.  No part of the software may
# be reproduced, transmitted, or distributed in any form or by any means,
# electronic or mechanical, including photocopying, recording, or information
# storage and retrieval systems, for any purpose without the express written
# permission of F5 Networks, Inc.  Our services are only available for legal
# users of the program, for instance in the event that we extend our services
# by offering the updating of files via the Internet.
#
#
# these arguments supplied automatically for all external monitors:
# $1 = IP (nnn.nnn.nnn.nnn notation or hostname)
# $2 = port (decimal, host byte order) -- not used in this monitor, assumes default port 53
# $3 = name to be looked up
# $4 = string in expected response

node_ip=`echo $1 | sed 's/::ffff://'`

pidfile="/var/run/`basename $0`.$node_ip..$2.pid"
if [ -f $pidfile ]
then
   kill -9 `cat $pidfile` > /dev/null 2>&1
fi
echo "$$" > $pidfile

nslookup ${3} $node_ip 2>/dev/null | grep -qi "${4}"

status=$?
if [ $status -eq 0 ]
then
    # Need to complete any cleanup activity before sending anything to STDOUT as the script is stopped then.
    rm -f $pidfile
    echo "UP"
else
   rm -f $pidfile
fi
Published Mar 12, 2015
Version 1.0
monitor
No CommentsBe the first to comment