DNS lookup failure(s) for Juniper

Vendor

Juniper

Description

Indeni will alert if the DNS resolution is not working on the device.

Remediation Steps

Review the cause for the DNS resolution not working.

1. On the device command line interface execute the "show system name-server" command to review the DNS configuration.

2. Run the "show host host-name [host-ip-address]" command to check if DNS is working properly and is reachable.

3. Ensure that the UDP port 53 is allowed in the firewall rules.

4. Check the routes to DNS server address.

5. Review the following article on Juniper tech support site: Reaching a Domain Name System Server.

How does this work?

This script logs into the Juniper JUNOS-based device using SSH and attempts to ping www.indeni.com. In the process of that ping, it also forces the device to resolve "www.indeni.com" to an IP address. A failure to ping www.indeni.com indicates that the DNS server is not responding, or that connectivity to the Internet has been severed.

Why is this important?

This script logs into the Juniper JUNOS-based device using SSH and attempts to ping www.indeni.com. In the process of that ping, it also forces the device to resolve "www.indeni.com" to an IP address. A failure to ping www.indeni.com indicates that the DNS server is not responding, or that connectivity to the Internet has been severed.

Without Indeni how would you find this?

It is not possible to retrieve the status of the DNS connectivity through SNMP and so an administrator would need to write a script to poll their firewalls for the data (force a resolution of a hostname), or simply troubleshoot once an issue occurs.


View Source Code