Jump to content
DarrenWhite99

DNS Forwarder Monitoring

Recommended Posts

This monitor is designed to check the health of your DNS Server Forwarders.

Copy "DNSForwarderCheck.vbs" to your LTShare\Transfer\Monitors\ folder. Import the SQL file in Control Center -> Tools -> Import -> SQL File.

This will create a group monitor on the "Windows DNS Servers" group under "Service Plans\Windows Servers\Server Roles\Windows Servers Core Services". The monitor action will be "Default - Raise Alert".

Here are a couple of examples of Servers with underperforming DNS Forwarders.

DNSForwarderMonitor-1.png.2ed14b5aebd417a5427320d8ac2dc623.pngDNSForwarderMonitor-2.png.a7ea9a5efe0dad4d3b3f5a873de6ca84.png

20180119 - Updated DNSForwarderCheck.vbs to support additional delimiters and corrected additional date handling issues for better International support
20180213 - Updated to perform all lookups in PARALLEL. Intermittent WAN issues should affect the lookups equally. Removed dependency on dnscmd.exe
to learn Forwarder IP's, now works with foreign language installations of Windows Server.

Once you identify issues, use a tool like GRC DNS Benchmark to identify what your best server choices are. https://www.grc.com/dns/benchmark.htm

The attachment has been moved. See https://www.labtechgeek.com/files/file/21-dns-forwarder-check/

 

  • Thanks 10

Share this post


Link to post
Share on other sites

I got some fantastic intelligent out of this Darren, thank you. If you're reading this and wondering whether you should implement this you absolutely should. I found two clients where the primary DNS forwarder was failing, fixing this sped up their internet considerably.

  • Like 2
  • Thanks 1

Share this post


Link to post
Share on other sites

This monitor immediately picked up issues across a lot of customers who don't even know they have problems. It'll also allow us to enforce in an automated fashion what DNS Forwarders we use as a standard. This is amazing.

  • Thanks 1

Share this post


Link to post
Share on other sites

So great! We had no good way of monitoring this... and there were problems out there. Eight of our clients are now experiencing better internet performance while browsing Facebook and kitten videos. Thanks, Darren!

  • Haha 2

Share this post


Link to post
Share on other sites

Hello,

 

i have this error on Automate 12:

 

C:\Windows\LTSvc\DNSForwarderCheck.vbs(148, 5) Microsoft VBScript runtime error: Type mismatch: 'CDate'

 

Maybe it is not compatible with 12?

 

 

Share this post


Link to post
Share on other sites

UPDATE: Cancel that... Windows Server 2003 :$

I am seeing the following error on one agent. All the rest are working perfectly. Thank you Darren!

C:\WINDOWS\LTSvc\DNSForwarderCheck.vbs(6, 1) WshShell.Exec: The system cannot find the file specified.

 

Edited by nedgeworth
Further info

Share this post


Link to post
Share on other sites

I’m not looking at the script, but I believe it requires dnscmd.exe. I would suspect that either it is an optional component in 2003 and isn’t installed, or it is not being found in the system %PATH% variable. Once it discovers the forwarders I believe it uses nslookup.exe, so that will need to be in the path as well. 

Share this post


Link to post
Share on other sites

I have updated the attachment in the topic post for better support of International date/time formats. If you have no problems now you won't miss the change, but if you support any systems outside of the US you should grab the updated file.

Thank You to @limp15000 for reporting his issue and helping test this update.

Share this post


Link to post
Share on other sites

Yes, this works great, just last week found 2 DNS forwarders that were a few years out of date.  Need to add that check to my onboarding.

Share this post


Link to post
Share on other sites

I just posted an update. It now performs all lookups in PARALLEL so intermittent machine or WAN issues should affect all the lookups equally. I also removed the dependency on dnscmd.exe to learn Forwarder IP's, so it now also works with foreign language installations of Windows Server.

  • Thanks 1

Share this post


Link to post
Share on other sites

Yo, we started using this monitor today.  We used it to correct our DNS Forwarders.  The monitor now shows a status of success but it doesn't update the Monitor Status Information.

Any suggestions?

Share this post


Link to post
Share on other sites
On 9/1/2018 at 1:45 PM, marley0ne said:

Can this be used to update all DNS Forwarders as well?  Or separate script for that?

No, you would need to make a script to assign forwarders on DNS servers.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×