Bind DNS Graph in Cacti

In My Previous tutorial, Menampilkan hasil DNS query pada cacti I tried to graph my bind dns server in cacti. At the moment, I usedBind version 4.3. By the time, ISC (Consorcium that create bind) always update this software. Usually, they update because of found bug, improve perfomance, hardware support, and other.

Until now, Bind version is 10. but currently, I still use bind 9.8. it seems that, after bind 9.4, ISC change mayor update in thebind version. because of this, my tutorial for bind 9.3.4 did not compatible anymore for latest bind. I have tried to search in internet,googling, find the forum, but still not successfull. 

And fortunately, 5 days ago, I tried to access cacti forum. found the new way to graph new bind version in cacti. for the forum, you can see at this link : http://forums.cacti.net/viewtopic.php?f=12&t=45926&start=0

Because of my couriousity, I tried to make graph my bind. Oh ya, I run my dns server in Linux (RHEL 5.5) I think ou can run this step in other linux distros, as long as your bind is 9.7 or newer than that. Here is the step :

1. download the script, and bind template in here :
• for the source (include template and scripts) :
• http://docs.cacti.net/usertemplate:host:bind9.7
2.  unzip the file (bind97.zip) and it will extract 4 files :
• bind-stats.sh
• cacti_host_template_bind9_7.xml
• dnsstats.pl
• runstats.sh
3. This 4 files, will separate in two system. two file to your cacti monitoring, and others three will be put in your dns server. i will explain how to install them all.
4. First we will configure in our DNS Server. before that :

·         Make sure your selinux is disable 

# more /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: #       enforcing - SELinux security policy is enforced. #       permissive - SELinux prints warnings instead of enforcing. #       disabled - SELinux is fully disabled. SELINUX=disabled # SELINUXTYPE= type of policy in use. Possible values are: #       targeted - Only targeted network daemons are protected. #       strict - Full SELinux protection. SELINUXTYPE=targeted

·         Make sure where is your zone statistics located. You can check it in you named.conf

options {  directory "/var/named"; ...         statistics-file "/var/named/named.stats"; };

·         OK, now all pre-requist already fullfill.  Now we will configure snmp in our dns. Cacti will try to find oid base on this snmp.  Put this line in your snmpd.conf :

# more /etc/snmp/snmpd.conf ... extend  .1.3.6.1.4.1.18689.0.1 dnscache-stats /bin/runstats.sh

Contains of runstats.sh

more /bin/runstats.sh #!/bin/sh rm -rf /var/named/named.stats rndc stats cat /var/named/named.stats | /bin/dnsstats.pl

Assosiate your runstats.sh.  the idea in runstats.sh is :

o   If exist, delete previous named.stats. if you bind statistics file not match with runstats.sh , you can replace it and assosiate your statistic file

o   After that, create named.stats using rndc command

o   View the named.stats file, and get the value using dnsstats.pl

·         After finish snmpd.conf, make your runstats.sh is executable and after that copy 2 files : runstats.sh and dnsstats.pl to /bin directory.

1.        Make executable : Chmod +x runstats.sh

2.       Copy to files in /bin directory # cp /root/runstats.sh /bin #cp  /root/dnsstats.pl /bin

·         Finish copying two file, we need to restart snmpd daemon 

/etc/init.d/snmpd restart

·         Next step, we need to know, whether  our snmp able to get information of our bind:

snmpget -v1 –c your_community_name IP_ADDRESS_OF_YOUR_DNS_SERVER .1.3.6.1.4.1.18689.0.1.4.1.2.14.100.110.115.99.97.99.104.101.45.115.116.97.116.115.1 SNMPv2-SMI::enterprises.18689.0.1.4.1.2.14.100.110.115.99.97.99.104.101.45.115.116.97.116.115.1 = STRING: "a:846 a6:0 aaaa:412 any:344 cname:13 mx:1079 naptr:8358 ns:536 ptr:331 soa:307 spf:0 srv:488 txt:179 rsnx:194 rsfail:154 rserr:33 rsipv4qs:2894 rsipv4rr:1609 rsmismatch:97 rsqr:199 rsqt:133 rsrtt10:137 rsrtt100500:288 rsrtt10100:106 rsrtt1600:583 rsrtt500800:118 rsrtt8001600:245 sockopen:296 sockclosed:296 sockbf:800 consest:2888 recverr:115"

If you can see those result, then we can continue to configure our cacti. Otherwise,please check your snmp configuration, or your other system.

Bind use new OID :

.1.3.6.1.4.1.18689.0.1.4.1.2.14.100.110.115.99.97.99.104.101.45.115.116.97.116.115.1

 

       ·         OK, now we will configure our cacti. We will put 2 files inour cacti. Those files are :

o   cacti_host_template_bind9_7.xml

o   bind-stats.sh

·         First, we should import the template in your cacti. Open your cacti, and get import template :

·         After that copy bind-stats.sh in your cacti scripts directory.

Cp /root/bind97/bind-stats.sh /your/cacti/directory/scripts/

·         Finish with that, now we will create the graph. Choose your DNS in your cacti 

·         Add the graph then activate it:

 

·         Wait for 10 minutes. For good result, I suggest wait for 1 day. Here is the result in my cacti :