NS1 monitors collect health and performance data from a specified device or endpoint and then send the data back to the NS1 platform. You can connect a monitor to one or more answers within DNS records to automatically update the corresponding answer as conditions change. If configured, the record's Filter Chain configuration will reference certain answer metadata fields to make traffic routing decisions.
For example, you can attach a monitor to the Up/Down metadata field within the corresponding DNS answers, and then create a Filter Chain that uses the "Up" filter, ensuring only available endpoints are returned to requesting clients. The attached monitor ensures automatic failover to available endpoints since the answer's metadata is always updated based on the latest data collected.
There are four different types of monitoring probes you can configure on the NS1 platform: DNS, HTTP/S, PING (ICMP), and TCP. This article explains the configuration process for a DNS monitoring job, including how to connect the monitor to a corresponding DNS answer.
Server or device DNS monitoring tracks the availability and response time of a DNS record available from a DNS name server or resolver. This can be used to check, for example, whether or not an external public resolver is serving the correct record data back to your end users.
Follow the instructions below to create a new DNS monitoring job (also referred to as a probe) in the NS1 portal.
-
In the NS1 portal, navigate to the Monitors page.
-
Click the "add" icon (+) to create a new DNS monitoring job (probe).
-
Click the drop-down in the upper left corner and select DNS from the list.
-
Enter a name for the DNS monitor.
-
(Optional) If desired, toggle the switch next to Monitor paused to deactivate the monitor. By default, this option is disabled, meaning the monitor will be active once the monitoring job is saved.
-
(Optional) If desired, toggle the switch next to Notifications on to disable notifications for this monitoring job. By default, this option is enabled, meaning notifications will be active once the monitoring job is saved. Note that notifications are sent according to the attached notifier lists which you can configure after creating this monitoring job.
-
Under Monitoring regions, select one or more locations from which monitoring will be executed.
-
Under Policy, select the policy to use to determine whether the monitored endpoint is "down" (as in, unavailable). Choose one of the following:
-
Quorum - If tests conducted from a majority of monitoring regions do not meet the "up" conditions, then the monitored host is marked as down.
-
All - If tests from all monitoring regions do not meet the "up" conditions, then the monitored host is marked as down. In other words, only tests from one of the monitoring regions must meet the "up" conditions in order for the host to be marked as up.
-
One - If a test from one of the monitoring regions does not meet the "up" conditions, then the monitored host is marked as down. In other words, tests from all of the monitoring regions must meet the "up" conditions for the host to be marked as up.
-
-
Under Frequency, enter the amount of time in seconds between each monitoring test conducted in each region. The minimum setting is 60 (as in, 60 seconds).
-
Under Up conditions, click Add condition to define the condition(s) the monitored host must meet in order to be considered "up."
Click the first drop-down and select the metric to validate during the test:
-
Number of records - Number of records in the ANSWER section of the DNS response
-
Record RDATA - RDATA of records in the DNS response
-
Response time - Average response time (in milliseconds) of DNS responses
Then, click the second drop-down and select the comparison operator (less than, greater than, etc.).
Next, complete the "up" condition by entering the value by which to compare test results.
Once complete, click Add.
Note
You can add multiple "up" conditions, just note that all conditions must be met in order for a test run to consider the host "up."
-
-
(Optional) Select the checkbox next to Rapid recheck to automatically conduct a second verification test before changing the status of a host. Enabling this option can help prevent false positives.
-
Under DNS Settings, enter a Response timeout value to indicate the maximum amount of time (in milliseconds) to wait for output after connecting. The default value is 2000 (as in, 2000 milliseconds or 2 seconds).
-
Under Query domain, enter the domain name for this monitoring job to query.
-
Under Nameserver IP or hostname, enter the IP address (IPv4 or IPv6) or fully qualified domain name (FQDN) of the DNS server from which to request the query domain.
-
Optionally, select the checkbox next to Connect over IPv6 to connect to the server specified in the Nameserver IP or hostname via IPv6. If left disabled, the probe will use IPv4.
-
Under Query type, specify the record type to request within the queried domain. The default record type is A (as in, A record).
-
Under DNS port, specify the port from which to perform the DNS query. The default value is 53 (as in, port 53).
-
Once complete, click Save probe. The new DNS monitor appears in your list of monitors used.
After creating a new monitoring job, you can connect it to the corresponding DNS answer(s) via each answer's up/down metadata field. This connection ensures the answer metadata is always updated with the latest health status of the monitored endpoint.
Note
After connecting a monitor to each answer in the DNS record, you can configure a Filter Chain that includes the "Up" filter. With each incoming query, the Up filter references the Up/Down metadata field for each answer and eliminates any "down" answers from the list of available answers that will be returned to the requesting client. You can use the Up filter in conjunction with others to define custom traffic steering policies. Most Filter Chains should include the Up filter as the first filter in the chain, meaning NS1 will eliminate "down" answers before passing the list to the next filter for processing.
For example, you can use the Up filter followed by the Select First N filter to configure automatic failover in which the NS1 platform will eliminate "down" answers, and then return only the first answer in the list. You can add a geographic filter in between the two filters to rearrange the list based on geographic proximity to the requester before passing to the Select first N filter.
Follow the instructions below to connect a monitor to an answer's metadata within a DNS record.
-
Under DNS > Zones, navigate to the record upon which you want to attach the monitor. Then click into the record to view associated answers.
-
In the NS1 portal, navigate to DNS > Zones.
-
Click the name of the zone containing the relevant DNS record, and then click the name of the record to drill into record details.
-
Click the menu icon next to the relevant DNS answer and select Edit answer metadata.
-
In the Answer metadata & feeds modal, click select the Up/down setting. By default, you are presented with a manual option to change the status of the endpoint, but you can ignore this.
-
Click the "Feed" icon
next to the Up/down setting to view a list of available monitors and third-party data feeds that can be connected to this answer.
-
Select the desired monitor from the list.
-
Click Ok. Now, a label appears under the relevant answer indicating the "up" setting is now connected to the DNS answer.
-
Click Save record to save these changes.
Repeat this process to connect monitors or data sources to all DNS answers in the record. Then, you can Create a Filter Chain that includes the Up filter so that unavailable answers are eliminated from the answer pool before NS1 responds to the requesting client.