DNS Root Prefix Withdrawal
Public DNS Root servers, which includes those assigned by IANA and provided by OpenDNS and Google, are necessary for normal router operation to participate in public internet routing. This alarm monitors a set of prefixes (netblocks) to which the DNS server address belongs. It alerts the user if any prefix in the set is withdrawn.
 Note |
This alarm differs from the Prefix Withdrawal alarm because these prefixes do not add to the total amount of prefixes consumed by the user in their subscription, and the withdrawal is from a peer linked to the alarm rule. |
Possible Problem Detected
This alarm detects if the well known DNS Root Server prefix is withdrawn from a monitored peer’s routing table. This alarm can help identify a misconfiguration of the internet router resulting in withdrawal of DNS Root Servers.
Relevant Alarm Rule Configurations
The following options must be configured when adding this alarm rule to a Peer policy configuration (External Routing Analysis > Configure > Policies > Add Policy > Peer Policy > Add Rule > DNS Root Prefix Withdrawal):
-
Monitored DNS Root Servers
Example
You create a Peer Policy with the DNS Root Prefix Withdrawal alarm rule and is linked to peer RTR1. You select to be alerted for prefixes 198.41.0.0/24 (A root server) and 2001:7fd::/48 (K root server). The alarm activates if either of these prefixes is withdrawn by RTR1 and clears when both are advertised.
Feedback