Embed Size (px)
Citation preview
2
• November 15th 2016 • An overview of the Domain Name System, resources,
records, name resolution and name servers.
DNS Webinar Series
• January 17th 2017 • An in-depth view on how to monitor and alert on DNS
availability, response time and record mappings.
Intro to DNS
Monitoring DNS Records and Servers
• December 13th 2016 • Tips and examples covering DNS hijacking and DDoS
attacks on DNS infrastructure. DNS Security
3
About ThousandEyes ThousandEyes delivers visibility into every network your organization relies on.
Founded by network experts; strong
investor backing
Relied on for "critical operations by leading enterprises
Recognized as "an innovative "
new approach
31 Fortune 500
5 top 5 SaaS Companies 4 top 6 US Banks
4
DNS Records Record Type Purpose Addresses A Maps a fully qualified domain name (FQDN) to an IPv4 address AAAA Maps a FQDN to an IPv6 address Aliases CNAME Maps a FQDN to another FQDN DNAME Maps all subdomains of a FQDN to another FQDN Servers NS Maps a subdomain to a FQDN of a name server MX Maps an email domain to a FQDN of a mail server Read more: https://blog.thousandeyes.com/guide-to-dns-record-types
5
DNS Resolution
Client Recursive server"(ISP, company,
public DNS)
Root server a.root-servers.net
TLD server a.gtld-servers.net
Authoritative server ns2.google.com
6
DNS Trace Test
Enterprise or Cloud Agent
Root server a.root-servers.net
TLD server a.gtld-servers.net
Authoritative server ns2.google.com
7
DNS Server Test Authoritative Server
Root server a.root-servers.net
TLD server a.gtld-servers.net
Authoritative server ns2.google.com
Enterprise or Cloud Agent
8
Enterprise or Cloud Agent
DNS Server Test Caching Resolver – Non-Recursive Queries
Local caching resolver
Root server a.root-servers.net
TLD server a.gtld-servers.net
Authoritative server ns2.google.com
9
DNS Server Test Caching Resolver - Recursive Queries
Local caching resolver
Root server a.root-servers.net
TLD server a.gtld-servers.net
Authoritative server ns2.google.com
Enterprise or Cloud Agent
10
DNS Trace vs. DNS Server Tests DNS Trace DNS Server
dig +trace dig @ns.domain.com With network, routing tests
Tests the entire DNS hierarchy Tests a pre-determined set of name servers (usually authoritative) or local caching resolvers
Shows whether record mappings are correct and available; also final query time
Shows record mappings as well as server, network and routing data
Understand the availability and accuracy of record mappings
Understand the performance of your DNS infrastructure (internally or externally managed)
11
• ns • @ • +trace • +dnssec • +norec
ThousandEyes Approach to DNS Monitoring
• Authoritative and caching server network
• Routing metrics
DIG-like Features And Correlation • Store, save,
share, baseline, alert, report
With Analysis
Enterprise
Vendor
12
Alerting for DNS Server Performance Test Type Threshold
DNS Server DNS Trace
Error is present Mapping not in _____
DNS Server Resolution Time ≥ _____ms
Network End-to-End (Server)
Packet Loss, Latency, Jitter, Error, Available Bandwidth, Capacity
BGP Reachability, Path Changes, Origin ASN, Next Hop ASN, Prefix, Covered Prefix
Read more: https://blog.thousandeyes.com/tips-instrumenting-dns-alerts/
13
q Set up DNS Trace tests for major domains and subdomains q Alert on record mappings and
availability q Ensure DNS hierarchy is working as
expected q Check for hijacks
Best Practices for DNS Tests q Set up DNS Server tests to critical
DNS infrastructure q Alert on record mappings, availability,
resolution time, network performance q Use Path Viz to see network
connectivity, GSLB and Anycast q Troubleshoot local caching servers
with DNS Server tests q Recursive Queries option
14
Demo
15
Choose DNS test type
Domain and record
Views included in the test
Auto-lookup authoritative
servers
Add a New DNS Test
16
DNS Domain Trace Monitoring
Record availability,
average queries and query time
Detailed traces
Performance over 30 days
17
DNS Detailed Traces
Unsuccessful trace
Successful trace d-root à pac1.nipr.mil à
ns02.army.mil
18
DNS Server Monitoring
Availability and resolution time
By authoritative
servers
Performance over 30 days
Save or share data
19
DNS Record Details
See mappings and resolution time for Tokyo
Select a specific agent
(Tokyo)
20
Correlation Across Layers
Continuing server availability issues
Correlated with loss in many upstream ISPs
Root cause is instability due to route flapping
21
DNS Alerting
Alert on resolution time, mappings, error details
Alert to email or API
22
See what you’re missing.
Watch the webinar:
https://www.thousandeyes.com/resources/monitoring-dns-records-servers-webinar
![RecursivesintheWild: EngineeringAuthoritativeDNSServers · 2017-10-25 · (name server) records specify the hosts that act as authoritative servers [17]. To use the DNS, a user’s](https://img.pdfslide.net/doc/110x75/5f50e08b8ea3e44f1576d78c/recursivesinthewild-engineeringauthoritativednsservers-2017-10-25-name-server.jpg)
