All Products
Search

This Product

    Cloud Monitor:Use the site monitoring feature to monitor DNS resolution exceptions

    Document Center

    Cloud Monitor:Use the site monitoring feature to monitor DNS resolution exceptions

    Last Updated:May 09, 2024

    You can use the site monitoring feature to monitor the Domain Name System (DNS) resolution results when users access a domain name from different regions and different network environments. If a DNS resolution exception occurs, you can use the alert information to analyze the cause of the exception. You can also troubleshoot the issue based on the detection result. This topic describes how to use the site monitoring feature to monitor DNS resolution exceptions. This topic assumes that China Mobile, China Telecom, and China Unicom branches in each province within China detect a domain name.

    How DNS resolution works

    DNS resolution refers to the process of resolving domain names to IP addresses. Domain names are easy to remember and have brand identities, and therefore are generally used as network addresses to provide external services. The process of accessing a domain name is to obtain the real network IP address of the service through DNS resolution, and finally to access the corresponding IP address.

    image

    A domain name is resolved by using the recursive DNS server of a carrier. The recursive DNS server queries IP addresses from the root server to the authoritative server, and finally finds the IP address pointed to by DNS resolution (corresponding to steps 2, 3, and 4 in the figure). By default, the IP address of the DNS service obtained when you access the Internet from a PC is the IP address of the carrier's recursive DNS server. Recursive DNS is also called public DNS. Carriers generally establish recursive DNS services based on provinces. Therefore, if the recursive DNS service experiences a resolution exception, all users from the carrier networks in the corresponding provinces are affected.

    Scenarios

    After a user accesses a domain name, the resolved IP address is obtained from the carrier's recursive DNS server. However, in rare cases, the DNS resolution result may not be correct. The resolved IP address may be different from the IP address pointed to by DNS resolution, which is specified by the domain name registrant on the authoritative server. The possible causes are DNS resolution pollution, DNS resolution hijacking, and authoritative DNS service failure. As a result, the user may fail to access the service. Therefore, domain name registrants of important services on the Internet expect to monitor whether users can obtain correct DNS resolution results from the recursive DNS servers of carriers in all provinces within China and can properly access their services.

    Prerequisites

    Network Analysis and Monitoring is activated. For more information, see Activate Network Analysis and Monitoring.

    Step 1: Create a site monitoring task

    You can use the site monitoring feature to create a DNS monitoring task to monitor whether the DNS resolution results are correct when users of China Mobile, China Telecom, and China Unicom in each province access the monitored domain names.

    1. Log on to the CloudMonitor console.

    2. In the left-side navigation pane, choose Network Analysis and Monitoring > Site Monitoring.

    3. On the Monitoring Tasks tab, click Create Task.

    4. On the Create Task page, configure the DNS monitoring task.

      • Basic Information: Select DNS for Task Type, enter dns_task for Task Name, enter aliyun.com for Monitored Address, select The operator DNS corresponding to the detection point for DNS Server, and enter 192.168.XX.XX for Expected Resolution Result (the resolved IP address). Retain the default settings of other parameters.基本信息

      • Select Detection Points: Select all detection points of China Mobile, China Telecom, and China Unicom. Retain the default settings of other parameters.选择探测点

      • Configure Alert Rules: Use the default alert rule.

      • Select Alert Contact Groups: Select an alert contact group.

    5. Click Create.

    Step 2: View the site monitoring results

    After you create a DNS monitoring task, if you receive a resolution exception alert, you can analyze the cause of the alert based on the specific alert information and troubleshoot the issue based on the detection result.

    1. On the Monitoring Tasks tab, click the name of the site monitoring task.

    2. On the Overview tab, view the resolution exception alert and the details of the resolution exception result.

      Site monitoring generally uses error codes and error messages to determine the causes of alerts. The following list provides the common error messages:

      • ErrorCode 615 : not match: The DNS resolution result obtained by the monitoring task does not match the expected DNS resolution result. You can perform the Troubleshooting operation in the Actions column to initiate verification again.

      • ErrorCode 610 : read udp i/o timeout: The DNS resolution process failed due to timeout. The possible cause is a network error or query timeout on the DNS server. You can check whether the network connected to the DNS server is normal by performing the PING Detection and DNS Detection operations on the Instant Detections page. If multiple DNS detections still failed, contact the authoritative DNS provider to check whether the DNS service configuration is correct.

      • ErrorCode 613 : server misbehaving: indicates various exceptions on DNS resolution communication.

      • ErrorCode 616 : dns server answer empty: The DNS server returns an empty result.

        Note

        You can check the error messages only if you specified Expected Resolution Result when you created the site monitoring task. Otherwise, ErrorCdoe 0 is a normal resolution result.