Applies To:

Show Versions Show Versions

Archived Manual Chapter: 3-DNS Administrator Guide v3.0: Administration and Monitoring
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

This article has been archived, and is no longer maintained.



6

Administration and Monitoring



Monitoring and administration utilities provided on the 3-DNS Controller

The 3-DNS Controller provides utilities for monitoring and administration. You can perform configuration tasks, and monitor system statistics for all components of the 3-DNS Controller.

The 3-DNS Controller provides the following configuration, monitoring, and administration utilities:

  • Configuration utility
    The Configuration utility is a browser-based application you can use to configure and monitor the 3-DNS Controller. The Configuration utility supports Netscape Navigator, version 4.5 or later, and Internet Explorer, version 4.02 or later.
  • 3-DNS Maintenance menu
    The 3-DNS Maintenance menu is a command line utility you can use to manually configure the 3-DNS Controller. Use the 3-DNS Maintenance menu to simplify certain tasks such as starting the big3d agent and editing the wideip.conf file.
  • 3-DNS Console
    The 3-DNS Console is a secure shell tool that you can use, from the Configuration utility, to view the command line utility from a web browser.
  • Network Map
    The Network Map is an interactive screen, in the Configuration utility, where you can view your physical and logical configurations simultaneously.
  • Statistics screens
    Using the Statistics screens in the Configuration utility, you can view a myriad of performance and metrics details about the 3-DNS Controller, the servers and the virtual servers it manages, and the load balancing it performs.

Working with the 3-DNS Maintenance menu

You can use the 3-DNS Maintenance menu to manually configure and monitor the 3-DNS Controller. However, if you work with either the browser-based Configuration utility or the NameSurfer application, you cannot use the 3-DNS Maintenance menu.

You can use the 3-DNS Maintenance menu to perform the following types of manual configuration tasks:

  • Configure wide IPs
  • View statistics
  • Work with the big3d agent
  • Manage synchronized files
  • Work with security issues
  • Configure the 3-DNS web server
  • Work with syncd
  • Configure NTP
  • Configure NameSurfer

    Figure 6.1 shows the main screen of the 3-DNS Maintenance menu:.

    Figure 6.1 3-DNS Maintenance menu main screen

      3 D N S(®)  Maintenance Menu     

    Configure secure communication between all 3-DNS and BIG-IP systems
    Generate and Copy iQuery Encryption Key
    Check versions of named, BIG-IP kernel and needed big3d
    Edit big3d matrix
    Install and Start big3d
    Edit BIND Configuration
    Edit 3-DNS Configuration
    Backup the 3-DNS Controller
    Restore a 3-DNS Controller from a backup
    Synchronize Metrics Data
    Check big3d
    Restart big3d
    Reconfigure 3-DNS Web Administration
    Restart 3-DNS Administration
    Change/Add Users for 3-DNS Web Administration
    Dump and List named Database
    Stop syncd
    Restart syncd
    Configure connection to NTP time server
    Configure NameSurfer(TM)
    Enter 'q' to Quit

    To use the 3-DNS Maintenance menu

    1. Type the following command to open the menu:

      3dnsmaint

    2. From the menu, select the command to you wish to execute, and press the Enter key.

    Each command is described in the following sections.

    Configuring wide IPs

    We recommend that you use NameSurfer to handle BIND configuration, and that you use the Configuration utility to configure wide IPs. However, if you choose to manually edit BIND and the 3-DNS Controller configuration files, use the following commands.

    Edit BIND Configuration

    The Edit BIND Configuration command opens the named.conf file for editing.

    Warning: Use this command only if you are performing all configuration tasks manually. It is important that you do not use this command if you are using the Configuration utility or NameSurfer.

    Edit 3-DNS Configuration

    The Edit 3-DNS Configuration command runs the edit_wideip script, which performs the following tasks:

    • Opens the wideip.conf file for editing
    • Copies the wideip.conf file to all other 3-DNS Controllers in the local 3-DNS Controller's sync group
    • Restarts named

    Viewing statistics

    Use the following command to view various 3-DNS Controller statistics:

    Dump and List named Database

    The Dump and List named Database command corresponds to the 3dprint script, which lets you view these statistics screens on the command line:

    • 3-DNS
      This object displays statistics about each 3-DNS Controller in your network. The statistics include such things as whether the controller is enabled or disabled, the number of packets per second traveling in and out of the 3-DNS Controller during the last sample period, the name of the sync group to which each 3-DNS Controller belongs, and so on.
    • BIG-IP
      This object displays statistics about all BIG-IP Controllers known to the 3-DNS Controller. The statistics include such things as the number of virtual servers each BIG-IP Controller manages, the number of times the 3-DNS Controller resolves requests to those virtual servers, and more.
    • EDGE
      This object displays statistics about all EDGE-FX Caches known to the 3-DNS Controller. The statistics include such things as the number of virtual servers each EDGE-FX Cache manages, the number of times the 3-DNS Controller resolves requests to those virtual servers, and more.
    • Hosts
      This object displays statistics about all hosts known to the 3-DNS Controller, such as the number of times the 3-DNS Controller resolves requests to the host, and the number of virtual servers that the hosts manage.
    • Virtual Servers
      This object displays statistics about BIG-IP Controller, EDGE-FX Cache, and host virtual servers; the statistics include such things as the server state, and the number of times it has received resolution requests.
    • Paths
      This object displays path statistics such as round trip time, packet completion rate, the remaining time to live (TTL) before a path's metric data needs to be refreshed, and so on.
    • Local DNS
      This object displays statistics collected for LDNS servers: the number of resolution requests received from a given server, the current protocol used to probe the server, and more.
    • Wide IPs
      This object displays statistics about each wide IP defined on the 3-DNS Controller. The statistics include such things as load balancing information, the remaining time to live (TTL) before the wide IP's metrics data needs to be refreshed, and so on.
    • Globals
      This object displays statistics about the globals sub-statements. The statistics include such things as the current and default values for each of the globals sub-statements, and whether you have to restart named when you make changes to the parameters.
    • Summary
      This object displays summary statistics such as the 3-DNS Controller version, the total number of resolved requests, and the load balancing methods used to resolve requests.
    • Data Centers
      This object displays statistics about the data centers and their servers in your network. The statistics include such things as the names of the data centers, the name or IP address of the servers in the data center, and whether the data center is enabled or disabled.
    • Sync Groups
      This object displays statistics about each sync group in your network. The statistics include such things as the name of the sync group, whether named is running on each 3-DNS Controller, whether the big3d agent is running on each 3-DNS Controller, the name and IP address of the 3-DNS Controller, and whether the 3-DNS Controller is a principal or receiver.

    To view more statistics information, expand the Statistics item on the navigation pane in the Configuration utility.

    Working with the big3d agent

    You can use the following commands to work with the big3d agent, which collects information about paths between a data center and a specific LDNS server.

    Check versions of named, BIG-IP kernel and needed big3d

    The Check versions of named, BIG-IP kernel and needed big3d command runs the big3d_version script. This script displays version numbers for all BIG-IP Controllers known to the 3-DNS Controller, and the version numbers of the big3d agent and named utility running on each BIG-IP Controller.

    Edit big3d matrix

    The Edit big3d matrix command opens an editable file that lists version numbers for all BIG-IP Controllers known to the 3-DNS Controller, and the version numbers of the big3d agent and named utility running on each BIG-IP Controller.

    You do not need to edit this file unless a new BIG-IP kernel or a named version creates a conflict. If this happens, you need to place a new version of the big3d agent on all BIG-IP Controllers.

    The Install and Start big3d command uses the matrix file to determine which version of the big3d agent to transfer.

    Install and Start big3d

    The Install and Start big3d command runs the big3d_install script, which installs and starts the appropriate version of the big3d agent on each BIG-IP Controller in the network.

    Check big3d

    The Check big3d command runs the big3d_check script, which verifies that each BIG-IP Controller is running the big3d agent.

    Restart big3d

    The Restart big3d command runs the big3d_restart script, which stops and restarts the big3d agent on each BIG-IP Controller.

    Managing synchronized files

    You can use the following commands to copy matrix data to a new 3-DNS Controller, to archive synchronized files, or to retrieve an archive.

    Synchronize Metrics Data

    The Synchronize Metrics Data command runs the 3dns_sync_metrics script, which prompts you to copy metrics data from a remote 3-DNS Controller to the local 3-DNS Controller.

    You should use this command only when you are configuring a new 3-DNS Controller.

    Working with security issues

    You can use the following commands to address security issues for your network setup.

    Configure secure communication between all 3-DNS and BIG-IP systems

    The Configure secure communication between all 3-DNS and BIG-IP systems command runs the 3dns_auth script, which configures secure shell access to any new 3-DNS Controller, BIG-IP Controller, or EDGE-FX Cache that is added to a network.

    The 3dns_auth script generates a password authentication by setting the RSA Authentication parameter to yes in /etc/sshd_config.conf and copying the ssh key to each 3-DNS Controller, BIG-IP Controller, and EDGE-FX Cache. When prompted for an RSA password, press the Enter key instead of typing a password.

    For more information, see Chapter 9, Scripts, and Chapter 12, Utilities, in the 3-DNS Controller Reference Guide.

    Generate and Copy Encryption iQuery Key

    The Generate and Copy Encryption iQuery key command runs the install_key script, which then runs the F5makekey script. F5makekey generates a seed key for encrypting communications between the 3-DNS Controller and BIG-IP Controller.

    For more information, see Chapter 9, Scripts, and Chapter 12, Utilities, in the 3-DNS Controller Reference Guide.

    Note: This command is not available in the non-crypto version of the 3-DNS Controller.

    Using the 3-DNS web server

    You can use the following commands to configure the 3-DNS web server.

    Reconfigure 3-DNS Web Administration

    The Reconfigure 3-DNS Web Administration command runs the 3dns_web_config script, which lets you make configuration changes to the 3-DNS web server.

    Restart 3-DNS Administration

    The Restart 3-DNS Administration command runs the 3dns_admin_start script, which restarts the 3-DNS web server.

    Change/Add Users for 3-DNS Web Administration

    The Change/Add Users for 3-DNS Web Administration command runs the 3dns_web_passwd script, which lets you provide restricted or administrative access to the 3-DNS web server for selected users only, and assigns passwords for those users. Users with restricted access have access to the statistics area and can view configuration, but cannot commit any changes. Users with administrative access have access to all areas of the 3-DNS web server.

    Note: The 3dns_web_passwd script is run by the First-Time Boot utility.

    Working with syncd

    You can use the following commands to work with syncd, the synchronization daemon that runs on all 3-DNS Controllers. The function of syncd is to update and synchronize all 3-DNS Controller configuration files.

    Stop syncd

    The Stop syncd command runs the syncd_stop script, which stops the syncd daemon, if it is running.

    Restart syncd

    The Restart syncd command runs the syncd_start script, which restarts the syncd daemon if it is already running, or starts it if it is not.

    Configuring NTP

    The 3-DNS Controllers in a network must have their time synchronized to within a few seconds of each other. If you do not synchronize the controllers, it is done by default through iQuery messages exchanged between 3-DNS Controllers. However, the following command allows much more precise time synchronization between the 3-DNS Controllers.

    Configure Connection to NTP Time Server

    The Configure Connection to NTP Time Server command allows the 3-DNS Controller to synchronize its time to a public NTP (Network Time Protocol) server on the Internet. To simplify the task of the choosing the best time server, this command has a list of regional time servers built into it. A 3-DNS Controller is not required to have NTP configured; depending on the network configuration, it may not be possible to configure NTP (for example, if the 3-DNS Controller is behind a firewall and the firewall does not pass NTP packets).

    Configuring NameSurfer

    You can use the following command to have NameSurfer handle DNS zone file management on the 3-DNS Controller.

    Configure NameSurfer

    The Configure NameSurfer command makes NameSurfer the master on the 3-DNS Controller, and NameSurfer then handles the zone file management, dealing with all changes and updates to the zone files. You can access the NameSurfer application in the Configuration utility by clicking NameSurfer on the navigation pane.

    Warning: If you do not set NameSurfer to be the master for your wide IP zones, you cannot use the Configuration utility. Instead, you must manually configure all 3-DNS Controller settings.

    Changing passwords for the 3-DNS Controller

    The First-Time Boot utility prompts you to define a password that allows remote access to the 3-DNS Controller, and also prompts you to define a password for the 3-DNS web server. You can change these passwords at any time.

    To change the root user password for command line access

    1. At the 3-DNS Controller command line prompt, log in as root and use the passwd command.
    2. At the password prompt, type the password you want to use for the 3-DNS Controller and press Enter.
    3. To confirm the password, retype it and press Enter.

    Changing passwords and adding new user IDs for the
    3-DNS web server

    You can create new users for the 3-DNS web server, change a password for an existing user, or recreate the password file altogether, without actually going through the 3-DNS web server configuration process.

    To add a new user ID using the Configuration utility

    1. In the navigation pane, click User Admin.
      The User Administration screen opens.
    2. Add the user administration settings. For help on configuring the settings, click Help on the toolbar.

    To change or add user information using the 3-DNS Maintenance menu

    1. At the command prompt, type 3dnsmaint to open the 3-DNS Maintenance menu.
    2. On the 3-DNS Maintenance menu, select the Change/Add Users for 3-DNS Web Administration command.

    To create new users and change passwords for existing users using the command line utility

    The following command creates a new user ID, or changes the password for an existing user ID. In place of the <username> parameter, type the user ID for which you want to create a password:

    /var/f5/httpd/bin/htpasswd /var/f5/httpd/basicauth/users \ <username>

    Once you enter the command, you are prompted to type the new password for the named user.

    To manually create a new password file

    The following command recreates the 3-DNS web server password file, and defines one new user ID and password. In place of the <username> parameter, type the user ID that you want to create:

    /var/f5/httpd/bin/htpasswd -c /var/f5/httpd/basicauth/users \ <username>

    Once you enter the command, you are prompted to type the new password for the new user.

    Using the 3-DNS Console

    The 3-DNS Console allows you to open an SSH session for the 3-DNS Controller from the Configuration utility. The crypto 3-DNS Controller uses the MindTerm SSH client to enable secure command line administration with the 3-DNS Console. You can perform any of the command line tasks in a popup console screen.

    Warning: The MindTerm SSH client requires a Java virtual machine to operate. If you are unable to run the MindTerm SSH client, make sure that you have a Java virtual machine installed and that your browser has Java enabled in the Preferences, or Options, section. For more information on Java virtual machines and download options, visit your web browser manufacturer's web site.

    To use the 3-DNS Console from the Configuration utility

    1. In the navigation pane, click 3-DNS Console.
      A popup console opens.
    2. When you see the command prompt, press Enter.
    3. Log in to the controller as you normally would.

      Note: You can only administer the local 3-DNS Controller using the 3-DNS Console. If you wish to use the command line utility to administer remote controllers, you do so using an SSH, Telnet, or other secure session.

    Using the Network Map

    The Network Map is a dynamic, illustrative map of the physical and logical components of your network. The Network Map lets you see how the data centers, servers, and virtual servers you configured are mapped to the wide IPs and pools you configured. You can also make changes to your configuration from the Network Map, using the following options:

    • You can double-click any object name on the Network Map to expand the object.
    • You can right-click any object name to view a popup menu of configuration options for that object.

    To view the Network Map using the Configuration utility

    1. In the navigation pane, click Network Map.
      The Network Map screen opens.
    2. To see the relationships between the components, double-click the component. The tree expands and the component is highlighted (in blue).
    3. To modify a component, right-click the component to view a popup menu, then select the item you want to change.
    4. You can also click the name of the component in the status bar in the lower portion of the screen to edit the component's configuration.

    For more information on the features of the Network Map, click Help on the toolbar.

    Warning: The Network Map SSH client requires a Java virtual machine to operate. If you are unable to run the Network Map SSH client, make sure that you have a Java virtual machine installed and that your browser has Java enabled in the Preferences, or Options, section. For more information on Java virtual machines and download options, visit your web browser manufacturer's web site.

    Viewing system statistics

    Using the Configuration utility, you can view current statistics about the following objects in the configuration:

    Configuration utility Statistics screens
    Statistics Item Description
    Summary This statistics screen provides information about the 3-DNS Controller itself.
    Globals This statistics screen provides information on the global settings for the 3-DNS Controller.
    Disabled objects This statistics screen provides information on the servers and virtual servers that you have disabled.
    Metrics This statistics screen provides performance information for the servers and virtual servers you have configured.
    Dynamic persistence requests This statistics screen provides information on the virtual connections between local DNS servers and virtual servers for given wide IPs in the network.
    Data centers This statistics screen provides information on the data centers in your network.
    Sync groups This statistics screen provides information on the 3-DNS Controllers that are in the same sync group as the controller you are looking at.
    Wide IPs This statistics screen provides information on the wide IPs and pools you configured.
    ECV This statistics screen provides performance information for any ECV health monitors you have configured.
    3-DNS Controllers This statistics screen provides information on the 3-DNS Controllers you have configured.
    BIG-IP Controllers This statistics screen provides information on the BIG-IP Controllers you have configured.
    EDGE-FX Caches This statistics screen provides information on the EDGE-FX Caches you have configured.
    Probers This statistics screen provides information on the probers you have configured.
    Hosts This statistics screen provides information on the hosts you have configured.
    Virtual servers This statistics screen provides information on the virtual servers you have configured.
    Paths This statistics screen provides information on the paths created by the 3-DNS Controller when paths are required to fulfill name resolution requests.
    Local DNS servers This statistics screen provides information on the local DNS servers in the 3-DNS Controller's database.

    To view system statistics

    1. In the navigation pane, expand the Statistics item.
    2. From the list, select the item representing the statistics you wish to view.
    3. For details about the information displayed on a specific statistics screen, click Help on the toolbar.
  • Table of Contents   |   << Previous Chapter   |   Next Chapter >>

    Was this resource helpful in solving your issue?




    NOTE: Please do not provide personal information.



    Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

    Additional Comments (optional)