Config DNS Prometheus/Blackbox_Exporter

[Vincent Romero]

Helo everyone

what is the difference between http_2xx and dns module configuration

I have this example y my config

blackbox.yml

modules:
  http_2xx:
    prober: http
    http:
      preferred_ip_protocol: "ip4"
  http_post_2xx:
    prober: http
    http:
      method: POST
  www.google.com:
    prober: dns
    timeout: 1s
    dns:
      transport_protocol: "udp"
      preferred_ip_protocol: "ip4"
      query_name: "www.google.com"
      query_type: "A"
      valid_rcodes:
        - NOERROR

prometheus.yml

  - job_name: 'blackbox'
    metrics_path: /probe
    params:
      module: [http_2xx]
    static_configs:
      - targets:
        - https://www.google.com
    relabel_configs:
      - source_labels: [__address__]
        target_label: __param_target
      - source_labels: [__param_target]
        target_label: instance
      - target_label: __address__
        replacement: localhost:9115

  - job_name: 'blackbox-dns-monitor'
    scrape_interval: 1s
    metrics_path: /probe
      #params:
      #module: [mindfree.cl]
    relabel_configs:
    # Populate domain label with domain portion of __address__
    - source_labels: [__address__]
      regex: (.*):.*$
      replacement: $1
      target_label: domain
    # Populate instance label with dns server IP portion of __address__
    - source_labels: [__address__]
      regex: .*:(.*)$
      replacement: $1
      target_label: instance
    # Populate module URL parameter with domain portion of __address__
    # This is a parameter passed to the blackbox exporter
    - source_labels: [domain]
      target_label: __param_module
    # Populate target URL parameter with dns server IP
    - source_labels: [instance]
      target_label: __param_target
    # Populate __address__ with the address of the blackbox exporter to hit
    - target_label: __address__
      replacement: localhost:9115

    static_configs:
      - targets:
        - www.google.com:1.1.1.1 #australia cloudflare

         - www.google.com:8.8.8.8 #example other nameserver

So, i will try config a simple DNS resolution for any domain

If i want add other nameserver i need to add other line with the same domain

Why whe i used module http_2xx need simple add the target

Thanks

[Brian Candler]

You're correct that currently the qname is statically configured in the prober config.

A patch was submitted to allow what you want, but hasn't been merged:

https://github.com/prometheus/blackbox_exporter/pull/1105

You can build blackbox_exporter yourself with this patch applied though.

[Vincent Romero]

i will try make build, with this change

[Vincent Romero]

Hello, this worked

With the new feature with simple domain works, but considered whether the label required adding N domains?

Y try add other domain in the same labels

  - job_name: 'blackbox-dns-monitor'
    scrape_interval: 5s
    metrics_path: /probe
    params:
      module: [dns_probe]
    static_configs:
      - targets:
        - 1.1.1.1 #australia cloudflare
        - 185.228.168.9 #ireland
        labels:
          queryname: www.google.com, www.microsoft.com NOT WORK

          queryname: www.microsoft.com NOT WORK (add line)

[Brian Candler]

One exporter scrape = one probe test and I think that should remain. You can get what you want by expanding the targets (which is a *list* of targets+labels):

  static_configs:
    - targets:
        - 1.1.1.1

        - 185.228.168.9

      labels:

        queryname: www.google.com

    - targets:
        - 1.1.1.1
        - 185.228.168.9

      labels:

        queryname: www.microsoft.com

[Conall O'Brien]

On Wed, 10 Apr 2024 at 06:47, 'Brian Candler' via Prometheus Users <promethe...@googlegroups.com> wrote:

One exporter scrape = one probe test and I think that should remain. You can get what you want by expanding the targets (which is a *list* of targets+labels):

  static_configs:
    - targets:
        - 1.1.1.1
        - 185.228.168.9

      labels:

        queryname: www.google.com

    - targets:
        - 1.1.1.1
        - 185.228.168.9

      labels:

        queryname: www.microsoft.com

Given the targets, I would strongly suggest using DNS names over raw IP addresses for every scrape. Large providers use geo-aware DNS systems, so the IP numbers change over time for a number of reasons (e.g maintenance, capacity turnup/turndown, etc). Probing raw IPs will not reflect the actual state of the service.

 

--
You received this message because you are subscribed to the Google Groups "Prometheus Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to prometheus-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/74285578-2c0c-48e1-ac85-4ca80cd9bcffn%40googlegroups.com.

--

Conall O'Brien

[Brian Candler]

It's not really related to blackbox_exporter itself, but I don't entirely agree with that comment.

There are two different things at play here: the address you send the query to ("target"), and the name that you are looking up ("queryname").

- For caching resolvers: large providers use anycast with fixed IP addresses, since that's what you have to configure in your client (8.8.8.8, 1.1.1.1 etc). Those target addresses will *never* change.  I think 185.228.168.9 falls into this category too: although you could get to it by resolving "security-filter-dns.cleanbrowsing.org", for a filtered DNS service you'd always be using the IP address directly.

- For authoritative servers: using the nameserver's DNS name (e.g. ns.example.com) more closely reflects what the DNS does during resolution, but makes it harder to work out what's going wrong if it fails. The IP addresses that NS records resolve to can change, but very rarely do (and since it's your own authoritative nameservers, you'll know if you renumber them). Furthermore, in my experience, NS names are never geo-aware: they always return static IPs (although these may point to anycast addresses).

- Geo-aware DNS generally takes place for the user-visible query names (like "www.google.com") and generally are affected by the *source* address where the query is coming from.

[Vincent Romero]

Hello every i change the relabel

y try this

- job_name: '208.67.222.220-opendns' ##REBUILD new blackbox_expoerter

scrape_interval: 5s

metrics_path: /probe

params:

module: [dns_probe]

static_configs:

- targets:

- www.google.com

- www.mindfree.cl

labels:

dns: 208.67.220.220 #australia cloudflare

relabel_configs:

- source_labels: [__address__]

#target_label: __param_target

target_label: __param_hostname

# Populate target URL parameter with dns server IP

- source_labels: [__param_hostname]

target_label: instance

#QUERY

- source_labels: [dns]

#target_label: __param_hostname

target_label: __param_target

# Populate __address__ with the address of the blackbox exporter to hit

- target_label: __address__

replacement: localhost:9115

- job_name: '198.55.49.149-canada' ##REBUILD new blackbox_expoerter

scrape_interval: 5s

metrics_path: /probe

params:

module: [dns_probe]

static_configs:

- targets:

- www.google.com

- www.microsoft.com

labels:

dns: 198.55.49.149 #canada

relabel_configs:

- source_labels: [__address__]

#target_label: __param_target

target_label: __param_hostname

# Populate target URL parameter with dns server IP

- source_labels: [__param_hostname]

target_label: instance

#QUERY

- source_labels: [dns]

#target_label: __param_hostname

target_label: __param_target

# Populate __address__ with the address of the blackbox exporter to hit

- target_label: __address__

replacement: localhost:9115

with this i can used in target any domain to resolve with labels dns

in the log in blackbox i have this

looking good no? 

[Vincent Romero]

log blackbox_exporter sorry

[Brian Candler]

You don't need a separate job for each DNS server. You can have a single job with multiple target blocks.

  - job_name: 'dns'

    scrape_interval: 5s
    metrics_path: /probe
    params:
      module: [dns_probe]
    static_configs:
      - targets:
        - www.google.com
        - www.mindfree.cl
        labels:
          dns: 208.67.220.220 #australia cloudflare

      - targets:
        - www.google.com
        - www.microsoft.com
        labels:
          dns: 198.55.49.149 #canada

    relabel_configs:
    - source_labels: [__address__]
      #target_label: __param_target
      target_label: __param_hostname
    # Populate target URL parameter with dns server IP
    - source_labels: [__param_hostname]
      target_label: instance
    #QUERY
    - source_labels: [dns]
      #target_label: __param_hostname
      target_label: __param_target
    # Populate __address__ with the address of the blackbox exporter to hit
    - target_label: __address__
      replacement: localhost:9115

(Although personally, I would use file_sd_configs for this, so I can edit the targets without having to re-read the prometheus config file).