The NS1 monitoring solution allows you to create monitors that track the health and performance of a specified device or endpoint. NS1 users can create three types of monitors: HTTP/HTTPS, PING, or TCP. HTTP/S monitoring is used to check website availability. The monitoring system connects via HTTP/S to a server and waits for a response. Then, the monitor assesses the connection health based on the specified criteria—including the HTTP headers and body in the response. This article explains the process for setting up an HTTP or HTTPS monitor and applying the associated data feed in the answer metadata which is utilized by the Filter Chain.
NS1 is in the process of rolling out advanced functionality around HTTPS monitors. This functionality is now available in Enterprise DDI only, but will soon be available to Managed DNS users as well.
Step 1: Create an HTTP or HTTPS monitor.
In the NS1 portal, navigate to the Monitors tab.
Click Add a Monitor.
Select HTTP from the drop-down menu in the upper-left corner.
Under Configuration, adjust the monitor settings as needed.
- Name (required)
Enter a name for the monitor.
Use the toggle to activate or deactivate the monitor. By default, this option is disabled (i.e. the monitor is active).
Use the toggle to enable or disable notifications related to this monitor. By default, this option is enabled (i.e. notifications are active).
Select the checkbox next to the monitoring regions. These are the locations from which monitoring is executed.
Select one of the following policy types from the drop-down menu. NS1 recommends selecting either "All" or "Quorum" to prevent false alerts.
The host is marked “down” if tests conducted from a majority of the monitoring regions do not pass the “up” conditions.’
The host is marked “down” if tests conducted from all of the monitoring regions do not pass the “up” conditions.
The host is marked “down” if tests conducted from a single monitoring region do not pass the “up” conditions.
- Frequency (required)
Enter the amount of time (in seconds) between each monitoring test conducted in each region. For most accounts, the minimum frequency will be 60 (seconds). If necessary, contact NS1 customer support to request a lower interval between tests.
Click this button to define the conditions that the hostname must meet in order to be considered “up.” First, choose the metric to validate during the test: HTTP Response Body or HTTP Status Code. Note the response body is case-sensitive. Then, choose the comparison operator (=, <, >, etc), and the value to compare. You can add multiple conditions, just note that all conditions must be met in order for a test run to consider the host “up.” Note that if you select “HTTP Response Body,” the only comparison option is “contains.”
Select the checkbox to automate a second verification test before changing the status of a host. This can help prevent false positives.
- Name (required)
Under HTTP Settings, adjust the HTTP monitor settings as needed.
- URL (required)
Enter the URL to monitor.Note: To test using HTTPS, start the URL with HTTPS:// As the default is HTTP. The hostname in the URL is used to determine the IP address of the host to test. If you want to test against a specific virtual hosting server, specify that hostname in the URL. For example, if testing a server hosted on AWS, use something like myserver.us-east-1.elb.amazonaws.com/healthcheck.php
- Virtual host (DDI only*)
This string is set as the HOST request header as part of the HTTP transaction. For example, if Virtual host = www.example.com, then Host:www.example.com will be included in the HTTP request header. The virtual host is also used to support testing hosts that utilize server name indication (SNI). The monitor adds the virtual host to the TLS handshake process so that it receives the correct SSL certificate, enabling the rest of the TLS handshake to proceed as normal.
- HTTP method
Enter the desired HTTP method. Default is GET.
- User Agent
The user agent strings contain pertinent information about a user’s web browser, as needed, as part of the validation process. Default is "NS1 HTTP Monitoring Job."
- Authorization Header.
This string is set as the authorization request header during the HTTP transaction.
- Follow HTTP redirects when enabled.
If the checkbox is selected: If the monitor attempts to connect to the URL and the website responds with an HTTP redirect (e.g., 30x response code), then the monitor will try to connect to the new URL to which it is redirected and the monitor status reflects that of the new URL. If the checkbox is not selected: The monitor will not follow the redirect and the monitor status will always reflect the original URL configured.
- Connection Timeout
The amount of time (in seconds) that the server will wait for a monitor connection to occur. Default is 5 (seconds).
- Idle Timeout
The time (in seconds) after connecting to wait for a response. Default is 3 (seconds).
- Skip TLS Verify (DDI only*)
Select or deselect the checkbox to indicate whether or not this monitor should skip TLS verification. NS1 recommends enabling this option if the monitor is failing due to a certificate error, such as an expired certificate, and you don’t want this to be used as a failure condition.
- Connect over IPv6
If selected, make sure you entered a fully qualified domain name or IPv6 address in the URL field.
If you select this option, the monitor will connect exclusively over IPv6.
- URL (required)
Once complete, click Save Changes.
Step 2: Connect the monitor to an answer using the NS1 Filter Chain.
To complete the setup process, you must connect the monitor to an answer in order to automatically change the “up” metadata to reflect the status of the monitor. That is, when the tested host meets the up conditions, it will change the metadata to up=true. If the tested host does not meet the up conditions, the metadata is automatically changed to up=false.
- Under Zones, navigate to the record upon which you want to attach the monitor. Then, click into the record to view associated answers.
- Click Create Filter Chain.
- Select or drag-and-drop the Up filter option (and any other desired filters) to the list of active filters.
- Click Save Filter Chain. Now, you can see the Filter Chain configuration to the left of the answer list.
- On the left-hand sidebar showing the Filter Chain configuration, click the UP filter to expand that box and reveal filter-specific metadata options.
- Click the up: unset metadata label beneath the answer to view the Answer Metadata configuration screen.
- Click the “feed” icon next to the up/down filter setting to reveal a list of available data feeds—including the monitor you created earlier.
- Select the HTTP/HTTPS monitor you created earlier, and click Ok.
- Click Save Record to save your changes.
Now, when the HTTP monitor detects a failed endpoint, it automatically adjusts the answer metadata to indicate that the endpoint is “down.” As a result, DNS traffic is steered to better-performing endpoints.