Manual Chapter : 3-DNS Administrator Guide v2.1: Monitoring and Administration

Applies To:

Show Versions Show Versions

3-DNS Controller versions 1.x - 4.x

  • 2.1 PTF-01, 2.1.2, 2.1.0
Manual Chapter


7

Monitoring and Administration



Monitoring and administration utilities provided on the 3-DNS Controller

The 3-DNS Controller provides utilities for monitoring and administration. You can perform configuration tasks, and monitor system statistics for all components of the 3-DNS Controller.

The 3-DNS Controller provides the following configuration, monitoring, and administration utilities:

  • Configuration utility
    The Configuration utility is a browser-based application you can use to configure and monitor the 3-DNS Controller. You may have used the Configuration utility to define your network setup. The Configuration utility supports Netscape Navigator, version 4.5 or later, and Internet Explorer, version 4.02 or later.
  • 3-DNS Maintenance menu
    The 3-DNS Maintenance menu is a command line utility you can use to manually configure the 3-DNS Controller. Use the 3-DNS Maintenance menu to simplify certain tasks such as starting the big3d agent and editing the wideip.conf file.

Working with the 3-DNS Maintenance menu

You can use the 3-DNS Maintenance menu to manually configure and monitor the 3-DNS Controller. However, if you work with either the browser-based Configuration utility or the NameSurfer application, you cannot use the 3-DNS Maintenance menu.

You can use the 3-DNS Maintenance menu to perform the following types of manual configuration tasks:

  • Configure wide IPs
  • View statistics
  • Work with the big3d agent
  • Manage synchronized files
  • Work with security issues
  • Configure the 3-DNS web server
  • Work with syncd
  • Configure NTP
  • Configure NameSurfer

    Figure 7.1 shows the 3-DNS Maintenance menu.

    Figure 7.1 3-DNS Maintenance menu

      3 D N S(®)  Maintenance Menu     

    Generate RSA Authentication
    Generate and Copy iQuery Encryption Key
    Check versions of named, BIG-IP kernel and needed big3d
    Edit big3d matrix
    Install and Start big3d
    Edit BIND Configuration
    Edit 3-DNS Configuration
    Synchronize Metrics Data
    Check big3d
    Restart big3d
    Reconfigure 3-DNS Web Administration
    Restart 3-DNS Administration
    Change/Add Users for 3-DNS Web Administration
    Dump and List named Database
    Stop syncd
    Restart syncd
    Checkpoint synced files
    Rollback checkpoint
    Configure connection to NTP time server
    Configure NameSurfer(TM)
    Enter 'q' to Quit

To use the 3-DNS Maintenance menu

  1. Type the following command to open the menu:
  3dnsmaint

  1. Select the command to execute, and press the Enter key.

    Each command is described in the following sections.

Configuring wide IPs

We recommend that you use NameSurfer to handle BIND Configuration, and that you use the Configuration utility to configure wide IPs. However, if you choose to manually edit BIND and the 3-DNS Controller configuration files, use the following commands.

Edit BIND Configuration

The Edit BIND Configuration command opens the named.conf file for editing.

Note: Use this command only if you are performing all configuration tasks manually. It is important that you do not use this command if you are using the Configuration utility or NameSurfer.

Edit 3-DNS Configuration

The Edit 3-DNS Configuration command runs the edit_wideip script, which performs the following tasks:

  • Opens the wideip.conf file for editing
  • Copies the wideip.conf file to all other 3-DNS Controllers in the local 3-DNS Controller's sync group
  • Restarts named

Viewing statistics

Use the following command to view various 3-DNS Controller statistics:

Dump and List named Database

The Dump and List named Database command corresponds to the 3dprint script, which lets you view these statistics screens on the command line:

  • 3-DNS
    Displays statistics about each 3-DNS Controller in your network. The statistics include such things as whether the controller is enabled or disabled, the number of packets per second traveling in and out of the 3-DNS Controller during the last sample period, the name of the sync group to which each 3-DNS Controller belongs, and so on.
  • BIG-IP
    Displays statistics about all BIG-IP Controllers known to the 3-DNS Controller. The statistics include such things as the number of virtual servers each BIG-IP Controller manages, the number of times the 3-DNS Controller resolves requests to those virtual servers, and more.
  • Hosts
    Displays statistics about all hosts known to the 3-DNS Controller such as the number of times the 3-DNS Controller resolves requests to the host, and the number of virtual servers that the hosts manage.
  • Virtual Servers
    Displays statistics about BIG-IP and host virtual servers; the statistics include such things as the server state, and the number of times it has received resolution requests.
  • Paths
    Displays path statistics such as round trip time, packet completion rate, the remaining time to live (TTL) before a path's metric data needs to be refreshed, and so on.
  • Local DNS
    Displays statistics collected for LDNS servers: the number of resolution requests received from a given server, the current protocol used to probe the server, and more.
  • Wide IPs
    Displays statistics about each wide IP defined on the 3-DNS Controller. The statistics include such things as load balancing information, the remaining time to live (TTL) before the wide IP's metrics data needs to be refreshed, and so on.
  • Globals
    Displays statistics about the globals sub-statements. The statistics include such things as the current and default values for each of the globals sub-statements, whether you have to restart named when you make changes to the parameters.
  • Summary
    Displays summary statistics such as the 3-DNS Controller version, the total number of resolved requests, and the load balancing methods used to resolve requests.
  • Data Centers
    Displays statistics about the data centers and their servers in your network. The statistics include such things as the names of the data centers, the name or IP address of the servers in the data center, and whether the data center is enabled or disabled.
  • Sync Groups
    Displays statistics about each sync group in your network. The statistics include such things as the name of the sync group, whether named is running on each 3-DNS Controller, whether the big3d agent is running on each 3-DNS Controller, the name and IP address of the 3-DNS Controller, and whether the 3-DNS Controller is a principal or receiver.

    To view more statistics information, click the Expand button (+) next to Statistics on the navigation pane in the Configuration utility.

Working with the big3d agent

You can use the following commands to work with the big3d agent, which collects information about paths between a data center and a specific LDNS server.

Check versions of named, BIG-IP kernel and needed big3d

The Check versions of named, BIG-IP kernel and needed big3d command runs the big3d_version script. This script displays version numbers for all BIG-IP Controllers known to the 3-DNS Controller, and the version numbers of the big3d agent and named utility running on each BIG-IP Controller.

Edit big3d matrix

The Edit big3d matrix command opens an editable file that lists version numbers for all BIG-IP Controllers known to the 3-DNS Controller, and the version numbers of the big3d agent and named utility running on each BIG-IP Controller.

You do not need to edit this file unless a new BIG-IP kernel or a named version creates a conflict. If this happens, you need to place a new version of the big3d agent on all BIG-IP Controllers.

The Install and Start big3d command uses the matrix file to determine which version of the big3d agent to transfer.

Install and Start big3d

The Install and Start big3d command runs the big3d_install script, which installs and starts the appropriate version of the big3d agent on each BIG-IP Controller in the network.

Check big3d

The Check big3d command runs the big3d_check script, which verifies that each BIG-IP Controller is running the big3d agent.

Restart big3d

The Restart big3d command runs the big3d_restart script, which stops and restarts the big3d agent on each BIG-IP Controller.

Managing synchronized files

You can use the following commands to copy metrics data to a new 3-DNS Controller, to archive synchronized files, or to retrieve an archive.

Synchronize Metrics Data

The Synchronize Metrics Data command runs the 3dns_sync_metrics script, which prompts you to copy metrics data from a remote 3-DNS Controller to the local 3-DNS Controller.

You should use this command only when you are configuring a new 3-DNS Controller.

Checkpoint synced files

The Checkpoint synced files command runs the syncd_checkpoint script, which creates a checkpoint file. A checkpoint file is a compressed tar file that contains an archive of the files that are synchronized.

For more information, see syncd_checkpoint, on page B-9 .

Rollback checkpoint

The Rollback checkpoint command runs the syncd_rollback script, which unrolls a checkpoint file. The checkpoint file contains the last saved copy of all files synchronized by syncd.

For more information, see syncd_rollback, on page B-10 .

Working with security issues

You can use the following commands to address security issues for your network setup.

Generate RSA Authentication

The Generate RSA Authentication command runs the 3dns_auth script, which configures ssh access to any new 3-DNS Controller or BIG-IP Controller that is added to a network.

The 3dns_auth script generates a password authentication by setting the RSA Authentication parameter to yes in /etc/sshd_config.conf and copying the ssh key to each 3-DNS Controller and BIG-IP Controller. When prompted for an RSA passphrase, press the Enter key instead of typing a password.

For more information, see 3dns_auth, on page B-3 .

Generate and Copy Encryption iQuery Key

The Generate and Copy Encryption iQuery key command runs the install_key script, which then runs the F5makekey script. F5makekey generates a seed key for encrypting communications between the 3-DNS Controller and BIG-IP Controller.

For more information, see install_key and F5makekey, on page B-9 .

Note: This command is not available in the non-crypto version of 3-DNS Controller.

Using the 3-DNS web server

You can use the following commands to configure the 3-DNS web server.

Reconfigure 3-DNS Web Administration

The Reconfigure 3-DNS Web Administration command runs the 3dns_web_config script, which lets you make configuration changes to the 3-DNS web server.

Restart 3-DNS Administration

The Restart 3-DNS Administration command runs the 3dns_admin_start script, which restarts the 3-DNS web server.

Change/Add Users for 3-DNS Web Administration

The Change/Add Users for 3-DNS Web Administration command runs the 3dns_web_passwd script, which lets you provide restricted or administrative access to the 3-DNS web server for selected users only, and assigns passwords for those users. Users with restricted access have access to the statistics area only. Users with administrative access have access to all areas of the 3-DNS web server.

Note: The 3dns_web_passwd script is run by the First-Time Boot utility.

Working with syncd

You can use the following commands to work with syncd, the synchronization daemon that runs on all 3-DNS Controllers. The function of syncd is to update and synchronize all 3-DNS Controller configuration files.

Stop syncd

The Stop syncd command runs the syncd_stop script, which stops the syncd daemon, if it is running.

Restart syncd

The Restart syncd command runs the syncd_start script, which restarts the syncd daemon if it is already running, or starts it if it is not.

Configuring NTP

The 3-DNS Controllers in a network must have their time synchronized to within a few seconds of each other. If you do not synchronize the controller, it is done by default through iQuery messages exchanged between 3-DNS Controllers. However, the following command allows much more precise time synchronization between the 3-DNS Controllers.

Configure Connection to NTP Time Server

The Configure Connection to NTP Time Server command allows the 3-DNS Controller to synchronize its time to a public NTP (Network Time Protocol) server on the Internet. To simplify the task of the choosing the best time server, this command has a list of regional time servers built into it. A 3-DNS Controller is not required to have NTP configured; depending on the network configuration, it may not be possible to configure NTP (for example, if the 3-DNS Controller is behind a firewall and the firewall does not pass NTP packets).

Configuring NameSurfer

You can use the following command to have NameSurfer handle DNS zone file management on the 3-DNS Controller.

Configure NameSurfer

The Configure NameSurfer command makes NameSurfer the master on the 3-DNS Controller, and NameSurfer then handles the zone file management, dealing with all changes and updates to the zone files. You can access the NameSurfer application in the Configuration utility by clicking NameSurfer on the navigation pane. (Note that if you do not set NameSurfer to be the master for your wide IP zones, you cannot use the Configuration utility. Instead, you must manually configure all 3-DNS Controller settings.)

Changing passwords for the 3-DNS Controller

The First-Time Boot utility prompts you to define a password that allows remote access to the 3-DNS Controller, and also prompts you to define a password for the 3-DNS Web server. You can change these passwords at any time.

To change the root user password for command line access

  1. At the 3-DNS Controller command line prompt, log in as root and use the passwd command.
  2. At the password prompt, type the password you want to use for the 3-DNS Controller and press Enter.
  3. To confirm the password, retype it and press Enter.

Changing passwords and adding new user IDs for the
3-DNS web server

You can create new users for the 3-DNS web server, change a password for an existing user, or recreate the password file altogether, without actually going through the 3-DNS web server configuration process.

To add a new user ID using the Configuration utility

  1. In the navigation pane, click User Admin.
    The User Administration screen opens.
  2. Add the user administration settings. For help on configuring the settings, click Help on the toolbar.

To change or add user information using the 3-DNS Maintenance menu

  1. At the command prompt, type 3dnsmaint to open the 3-DNS Maintenance menu.
  2. On the 3-DNS Maintenance menu, select the Change/Add Users for 3-DNS Web Administration command.

To create new users and change passwords for existing users manually

The following command creates a new user ID, or changes the password for an existing user ID. In place of the <username> parameter, type the user ID for which you want to create a password:

  /var/f5/httpd/bin/htpasswd /var/f5/httpd/basicauth/users \ 
<username>

Once you enter the command, you are prompted to type the new password for the named user.

To manually create a new password file

The following command recreates the 3-DNS web server password file, and defines one new user ID and password. In place of the <username> parameter, type the user ID that you want to create:

  /var/f5/httpd/bin/htpasswd -c /var/f5/httpd/basicauth/users \ 
<username>

Once you enter the command, you are prompted to type the new password for the named user.

Viewing system statistics

Using the Configuration utility, you can view current statistics about the following objects in the configuration:

  • Global settings
  • Disabled objects
  • Virtual connections between LDNS servers and virtual servers for given wide IPs
  • Data centers
  • Sync groups
  • Wide IPs
  • 3-DNS Controllers
  • BIG-IP Controllers
  • Probers
  • Other host machines
  • Virtual servers
  • Paths
  • Local DNS servers

To view system statistics

  1. In the navigation pane, click the Expand button (+) next to Statistics.
  2. From the list, select the item representing the statistics you wish to view.
  3. For details on what kind of information the various statistics pages are displaying, click Help on the toolbar of the specific statistics page you are viewing.