Monitor specific DNS servers for resolution accuracy, response time, TTL consistency, and availability. Cloudmon queries each configured DNS server at regular intervals and alerts your team when a server fails to respond or returns unexpected results.
DNS Server monitoring in Cloudmon verifies that a specified DNS server correctly resolves a domain name. At every polling interval, a Cloudmon probe sends a DNS query to the configured server and records the response code, resolved IP address, resolution time, and TTL value. This gives you a continuous record of how each DNS server is performing and whether it is returning the expected responses.
Unlike DNS Trace which follows the full delegation chain, DNS Server monitoring targets a single specific server. This makes it the right tool for verifying that your internal resolvers, authoritative nameservers, or specific public DNS servers such as 8.8.8.8 are responding correctly for the domains you care about. Navigate to Synthetic → DNS → DNS Servers to view all configured monitors.
Navigate to Synthetic → DNS → DNS Servers and click the + Add button. Fill in the fields as follows:
| Field | Description |
| Probe | The probe that will perform DNS queries. Choose a probe in the same network segment as the target DNS server for internal servers, or a probe with internet access for external servers. |
| Name | A display name for this monitor, such as "Internal DNS - Primary" or "Google 8.8.8.8". |
| Domain | The domain name to resolve during each check, for example google.com or your internal application domain. |
| DNS Server | The IP address or hostname of the DNS server to query, for example 8.8.8.8 or ns4.google.com. Use the lookup icon to search for the server. |
| Port | The port used for DNS communication. Default is 53. |
| Class Type | DNS class of the query. IN (Internet) is standard for most use cases. CH (Chaos) is used for querying server metadata such as version.bind. |
| Record Type | The DNS record type to query. Common options include A (IPv4 address), AAAA (IPv6), MX (mail server), CNAME (canonical name), and TXT (text records). |
| Send Recursive Queries | When enabled, the DNS server is asked to resolve the query recursively on behalf of the probe. Enable this for resolvers; disable for authoritative servers that do not support recursion. |
| Validate DNSSEC | Enables DNSSEC validation on the query response, verifying the authenticity and integrity of the DNS answer returned by this server. |
| Protocol | Transport protocol for the DNS query. UDP is the default and is faster. TCP is used for large responses or zone transfers. |
| Interval | How frequently the DNS check runs, for example every 5 minutes. |
| Alert Rule | A pre-configured alert rule to trigger notifications when the monitor detects an issue. |
| Depends On | Link to another monitor. If the dependency is down, alerts for this monitor are suppressed to prevent cascading noise. |
| Groups and Tags | Assign to logical groups and add custom labels for organised filtering and management. |
Click Save to add the monitor. Cloudmon begins polling the DNS server at the configured interval immediately.
The DNS Servers dashboard displays a summary row of status tiles and a table of all configured monitors. Each row shows the DNS server being queried, the domain being resolved, the record type, current state (Clear or Down), and the last polled timestamp.
Clicking into any monitor opens its detail page with the following information. The Summary Panel shows the monitor's configuration including groups, alert rule, DNS server address, domain, record type, first seen, last polled, and current state. The Metrics Panel shows Availability as the percentage of intervals in which the server successfully resolved the domain, Downtime as the total duration the monitor was in a Down state, Resolution Performance as the most recent resolution time in milliseconds and the DNS response code such as NOERROR, Alarms for any active alarms on this monitor, and DNS Response showing the resolved IP address returned by the server.
Two time-series charts are also available: TTL (s) showing how the TTL value has changed over the selected time range, and Resolution Time (ms) showing resolution latency trends and any spikes. The Log Report tab provides a per-poll history of response code, resolved IP, resolution time, TTL, and timestamp for each interval. The Outages tab lists all recorded downtime periods including start time, end time, and duration.
Cloudmon can alert your team when a DNS server fails to respond, returns an unexpected response code, or exceeds a resolution time threshold. Each alarm is built around a simple IF/THEN model, where you select a metric, set a threshold, and define what happens when it is breached. Learn more.
| Issue | What to check |
| Monitor shows Down immediately after being added | Confirm the probe can reach the DNS server on port 53 via UDP. If the server is internal, verify the probe is in a network segment that can communicate with it. If firewall rules block outbound UDP 53 from the probe, switch to TCP in the monitor settings. |
| Monitor returns SERVFAIL or REFUSED response code | SERVFAIL means the server could not complete the query. REFUSED means the server declined to answer from this source. For authoritative servers, disable Send Recursive Queries. For resolvers, verify the server allows recursive queries from the probe IP and that the domain is correctly configured. |
| Resolution time is spiking intermittently | Review the Resolution Time chart in the monitor detail page to identify when spikes occur. Cross-reference with TTL changes, as a TTL expiry that forces a full recursive lookup is a common cause of temporary latency increases. If spikes align with specific times, investigate DNS server load or upstream resolver performance. |
| Monitor resolves to an unexpected IP address | The DNS Response field in the Overview shows the resolved IP at each poll. An unexpected IP may indicate a DNS hijack, a recent record change that was not communicated to the team, or a split-horizon DNS environment returning different answers to different sources. Review the Log Report tab to see when the IP changed. |