DNS Server Check Basics

Uptime.com offers Domain Name System (DNS) checks as one of the primary website monitoring tools that are available to your site’s infrastructure.

The following information demonstrates how to use DNS checks, and assumes you are logged into Uptime.com.

Adding Your First DNS Check

To add a DNS Check, first click Monitoring followed by Checks, and then Add New.  Select DNS from the Check Type dropdown menu.

A website relies on multiple authoritative DNS servers to manage various services for a domain. Customers would notice if your domain name was suddenly not resolving, but DNS hijacking and routine maintenance can cause unintended failures. DNS failures can also cause some errors that seem like other errors, such as improper forwarding (which can cause symptoms similar to a firewall configuration error).

With Uptime.com DNS checks, you have a tested and reliable method for tracking such failures and responding to them. You will be able to tell which servers are failing to resolve, and get more data on the precise problem.  

Use Case - Monitor Local DNS Servers with Uptime.com

Local DNS servers are responsible for handling all of the major requests associated with your domain, such as connecting properly to a database or handling payment gateways. If one server goes down, there are typically backups in place that can carry some of the load. If multiple servers go down, or if that server doesn’t respond, it can cause caching issues that contribute to problems elsewhere. Think of traffic in a two-lane highway, except construction down the road forces everyone to merge into a single lane. The effects are felt for miles.   

To prevent this, we’ll add a DNS a check designed to alert us when key infrastructure fails to resolve. Take a moment to familiarize yourself with our Field Explanation support article for greater detail on each facet of this tool before we begin.

You will also note that the DNS tool can automatically pull some data for you, such as the name servers associated with a domain. You can freely override this data with your own entries, but we will rely on the automated functionality for this use case.

Thus, our DNS check is very easy to configure. Enter the domain name you wish to track, select the specific DNS records you want to monitor, then Uptime.com will locate your DNS server and associated data.

Let’s take a look at some sample DNS records for Uptime.com to provide some context

Sample DNS Records for Uptime.com:

# uptime.com:

# Uptime.com website over IPv4

A    18.220.104.248

A    18.188.151.40

# Uptime.com website over IPv6

AAAA 2600:1f16:142:a801:4e2:cba4:4e61:e892

AAAA 2600:1f16:142:a800:3925:811d:39dc:5f29

# These say that email sent to anyone@uptime.com is handled by these google mail servers

MX   preference = 1, mail exchanger = aspmx.l.google.com

MX   preference = 5, mail exchanger = alt1.aspmx.l.google.com

MX   preference = 5, mail exchanger = alt2.aspmx.l.google.com

MX   preference = 10, mail exchanger = alt3.aspmx.l.google.com

MX   preference = 10, mail exchanger = alt4.aspmx.l.google.com

 

# This specifies which domains are allowed to send email from anyone@uptime.com

TXT "v=spf1 a mx include:_spf.google.com include:sendgrid.net include:spf.braintreegateway.com include:mail.zendesk.com ~all"

 

# Authoritative name servers for uptime.com

NS   ns-1522.awsdns-62.org

NS   ns-1918.awsdns-47.co.uk

NS   ns-331.awsdns-41.com

NS   ns-650.awsdns-17.net

 

SOA

    primary name server = ns-1918.awsdns-47.co.uk

    responsible mail addr = awsdns-hostmaster.amazon.com

    serial  = 1

    refresh = 7200 (2 hours)

    retry   = 900 (15 mins)

    expire  = 1209600 (14 days)

    default TTL = 86400 (1 day)

# uptimemonitoring.com:

# This says uptimemonitoring.com is an alias of uptime.com

CNAME   uptime.com

Here is a rundown of the parameters for a DNS Check:

  • Domain or IP
  • Record Type - Choices include:
    • A Record: Translates the domain to an IPV4 address. Usually this points to the server that provides the domain’s website.
    • AAAA Record: Translates the domain to an IPV6 address. Usually this points to the server that provides the domain’s website.
    • MX Record: Indicates the domain names of each server responsible for receiving email sent to the domain. It’s common for multiple servers arranged in priority order to handle mail requests. In the above example, you will notice Google’s servers handle email for Uptime.com.
    • CNAME (aka ‘Alias’): Canonical Name, specifies the alias of a given domain name (Google.com/Calendar = Calendar.Google.com).
    • NS (‘Name Server’/Domain Servers): Utilized to determine which name server is seen as the authoritative one holding the “master” records.
    • PTR (Reverse Pointer Lookup): PTR is not a real record type, but it’s critical to translate an IP address back into a domain name using the A or AAAA records.
    • SOA (Start of Authority) Record: Controls domain settings like how often DNS servers need to refresh domain records from the authoritative servers.
    • TXT Record: Used to store arbitrary textual information for the domain. In practice, TXT records are usually used for SPF information (see example above). SPF records identify which domain names are allowed to send email as anyone@mydomain.com without it being marked as spam. (For example, a lot of email sent by Uptime.com is actually sent from the mail provider SendGrid.com)

 

  • DNS Server
  • String to expect

For our use case, there are a few records that may prove useful to us. A and AAAA will provide the most up-to-date information about how our domain is resolving, but we should monitor NS, PTR, and even SOA for a more accurate picture. This way, if any server fails along the way, Uptime.com can provide us some advance notice that something is wrong.

Now, the question becomes whether to create an individual check for each record type. If we select All DNS Records we are unable to distinguish one error from another so an alert will issue if any server fails. If our intention is to catch hackers, it might be best to configure individual checks for particular record types we think are most vulnerable. We can also utilize a combination of All DNS Records and individual DNS Check Types, escalating certain checks as needed with relevant data.

DNS-1.png

Your Uptime.com account dashboard gives you instant access to any of your established DNS server checks. When a DNS Server Check fails, contacts will be notified via email, SMS, phone call, and/or other integration.

Your DNS Check report contains information related to each DNS server being monitored, in addition to how long each server was inactive or not responding as expected. You can see the results of a failed check for all record types below.

DNS-1.png

Finalizing Your Check

Before saving your check be sure that you have included all of the required information for the following parameters.

  • Name of Check
  • Check Interval
  • Contacts
  • Locations
  • Check Type
  • Domain or IP
  • Record Type
  • DNS Server
  • String to Expect

Data captured can also be used throughout your company as Key Performance Indicators (KPIs) related to your DNS servers. For a detailed breakdown of these terms, please refer to the Field Explanation support article.