NS1 monitors collect health and performance data from a specified device or endpoint and then send the data back to the NS1 platform. You can connect a monitor to one or more answers within DNS records to automatically update the corresponding answer as conditions change. If configured, the record's Filter Chain configuration will reference certain answer metadata fields to make traffic routing decisions.
For example, you can attach a monitor to the Up/Down metadata field within the corresponding DNS answers, and then create a Filter Chain that uses the "Up" filter, ensuring only available endpoints are returned to requesting clients. The attached monitor ensures automatic failover to available endpoints since the answer's metadata is always updated based on the latest data collected.
There are four different types of monitoring probes you can configure on the NS1 platform: DNS, HTTP/S, PING (ICMP), and TCP. This article explains setting up a TCP monitor and how to connect it to a DNS answer.
Server or device TCP monitoring tracks the availability and response time of a TCP server from a local network — for example if a TCP server is deployed within an intranet and is not accessible outside of it.
Follow the instructions below to create a new TCP monitoring job (also referred to as a probe) in the NS1 portal.
-
In the NS1 monitor, navigate to the Monitors page.
-
Click the "add" icon (+) to create a new PING monitoring job (probe).
-
Click the drop-down in the upper left corner and select TCP from the list.
-
Enter a name for the TCP monitor.
-
(Optional) If desired, toggle the switch next to Monitor paused to deactivate the monitor. By default, this option is disabled, meaning the monitor will be active once the monitoring job is saved.
-
(Optional) If desired, toggle the switch next to Notifications on to disable notifications for this monitoring job. By default, this option is enabled, meaning notifications will be active once the monitoring job is saved. Note that notifications are sent according to the attached notifier lists which you can configure after creating this monitoring job.
-
Under Monitoring regions, select one or more locations from which monitoring will be executed.
-
Under Policy, select the policy to use to determine whether the monitored endpoint is "down" (as in, unavailable). Choose one of the following:
-
Quorum - If tests conducted from a majority of monitoring regions do not meet the "up" conditions, then the monitored host is marked as down.
-
All - If tests from all monitoring regions do not meet the "up" conditions, then the monitored host is marked as down. In other words, only tests from one of the monitoring regions must meet the "up" conditions in order for the host to be marked as up.
-
One - If a test from one of the monitoring regions does not meet the "up" conditions, then the monitored host is marked as down. In other words, tests from all of the monitoring regions must meet the "up" conditions for the host to be marked as up.
-
-
Under Frequency, enter the amount of time in seconds between each monitoring test conducted in each region. The minimum setting is 60 (as in, 60 seconds).
-
Under Up conditions, click Add condition to define the condition(s) the monitored host must meet in order to be considered "up."
Click the first drop-down and select one of the following metrics to validate during the test:
-
Output - Output received from a connection if any.
-
Time to connect - The amount of time (in milliseconds) from the first attempt by the monitor to connect to the host until the time at which it connects successfully. This condition is only checked after a successful connection is made within the “connection timeout” (specified in the next step). Use the comparison operators (equal to, greater than, less than, etc.) to define the “up” condition. For example, if you set the condition to “less than 1000,” then the connection must have occurred in less than 1000 milliseconds in order for the host to be considered “up.”
Note
You can add multiple "up" conditions, just note that all conditions must be met in order for a test run to consider the host "up."
-
-
(Optional) Select the checkbox next to Rapid recheck to automatically conduct a second verification test before changing the status of a host. Enabling this option can help prevent false positives.
-
Under TCP settings, enter the Response timeout. This is the maximum amount of time (in milliseconds) allowed for a data transfer after the connection is established. The default is 1000 (as in 1000 milliseconds or 1 second).
-
(Optional) Select the checkbox next to Connect over IPv6 to ensure the monitor connects exclusively over IPv6. If selected, you must enter a fully qualified domain name (FQDN) or IPv6 address in the URL field.
-
Under String to send, enter a string to send to hosts upon connecting. Note that string escapes (e.g., /n) are not permitted.
-
Under Connect timeout, enter the amount of time (in milliseconds) the NS1 monitoring probe will spend trying to establish a connection with a host ("host:port"). If there is no response or if the host rejects the connection within this period of time, the monitoring job will be marked as "down" or unavailable. The default is 2000 (as in, 2000 milliseconds seconds or 2 seconds).
-
(Optional) Select the checkbox next to Connect with SSL.
-
Next to IP address or hostname, enter an IPv4 or IPv6 address or fully qualified domain name (FQDN) of the device you would like to monitor.
-
(Optional) Select the checkbox to Add TLS verify on this monitor to enforce TLS certification verification. NS1 recommends keeping this option disabled if the monitor is failing due to a certificate error, such as an expired certificate for which you do not want this to be used as a failure condition.
-
Once complete, click Save probe.
After creating a new monitoring job, you can connect it to the corresponding DNS answer(s) via each answer's up/down metadata field. This connection ensures the answer metadata is always updated with the latest health status of the monitored endpoint.
Note
After connecting a monitor to each answer in the DNS record, you can configure a Filter Chain that includes the "Up" filter. With each incoming query, the Up filter references the Up/Down metadata field for each answer and eliminates any "down" answers from the list of available answers that will be returned to the requesting client. You can use the Up filter in conjunction with others to define custom traffic steering policies. Most Filter Chains should include the Up filter as the first filter in the chain, meaning NS1 will eliminate "down" answers before passing the list to the next filter for processing.
For example, you can use the Up filter followed by the Select First N filter to configure automatic failover in which the NS1 platform will eliminate "down" answers, and then return only the first answer in the list. You can add a geographic filter in between the two filters to rearrange the list based on geographic proximity to the requester before passing to the Select first N filter.
Follow the instructions below to connect a monitor to an answer's metadata within a DNS record.
-
Under DNS > Zones, navigate to the record upon which you want to attach the monitor. Then click into the record to view associated answers.
-
In the NS1 portal, navigate to DNS > Zones.
-
Click the name of the zone containing the relevant DNS record, and then click the name of the record to drill into record details.
-
Click the menu icon next to the relevant DNS answer and select Edit answer metadata.
-
In the Answer metadata & feeds modal, click select the Up/down setting. By default, you are presented with a manual option to change the status of the endpoint, but you can ignore this.
-
Click the "Feed" icon
next to the Up/down setting to view a list of available monitors and third-party data feeds that can be connected to this answer.
-
Select the desired monitor from the list.
-
Click Ok. Now, a label appears under the relevant answer indicating the "up" setting is now connected to the DNS answer.
-
Click Save record to save these changes.
Repeat this process to connect monitors or data sources to all DNS answers in the record. Then, you can Create a Filter Chain that includes the Up filter so that unavailable answers are eliminated from the answer pool before NS1 responds to the requesting client.