Host name validation
The check validate that each configured host name resolves to the correct value stored in the configuration database.
When a domain first is configured the configuration engine will resolve the following items that by default will continuously be monitored and validated by the system:
- All host records (A/AAAA) derived from the NS resource record set.
- The host record or records (A/AAAA) with the lowest preference derived from the MX resource record set.
The customer can in addition to the default host name integrity checks add integrity checks for every preferred host name inside the domain on the Manage/Domain page. The Host name integrity check for these custom host names will validate each name from each monitoring location on every authoritative server every 5 minutes. Currently supported query types are A, AAAA and CNAME.
A failed validation of any host name will automatically trigger minimum an ERROR event.
Event severities and messages
The message output from this check can get a bit messy depending on the number of IP addresses each host have and the number of DNS servers to query. This is especially true if the check encounter multiple errors on more than one server since each error message is appended after the last.
ERROR
The name {host name} does not exist on {name server}, {IP}.
The name does not exist on the authoritative name server.
{name server}, {IP} is missing the alias/IP address for {host name}.
On one or more name servers the query returned an unexpected response. The IP or CNAME (alias) in the message may have been removed.
{name server}, {IP} has the additional alias/IP address {alias/IP} for {host name}.
On one or more name servers the query returned an unexpected response. The IP or CNAME (alias) in the message may have been altered.
UNKNOWN
{name server}, {IP address}, timed out
The monitoring node failed to receive a query response from the name server. This could be caused by a temporary network error.
{name server}, {IP} responded with {rcode}
{name server}, {IP} responded with {rcode}
Failed to locate authoritative name servers for {host name}.
Something went wrong when the check resolved the name servers authoritative for the host name. This could be aa temporary glitch but if the message keep appearing please report the problem through the regular support channel.
Solutions, tips & tricks
Make sure you monitor the host names that are important to your organisation.
Minimise the number of people with administrative access to your domains and who are authorised to change host names.
Use MFA (Multi Factor Authentication) on all accounts allowed to make changes to your domains if possible. This is especially vital if you use a third party vendor (DNS service provider and such). Also make sure that you are not using the same password on multiple accounts across the Internet.