| Region | Reachable | Agreeing | Disagreeing | Unreachable |
|---|---|---|---|---|
| Region | Reachable | Agreeing | Disagreeing | Errored |
| {{.Reachable}} / {{.Resolvers}} | {{.Agreeing}} | {{if .Disagreeing}}{{.Disagreeing}}{{else}}0{{end}} | -{{if .Unreachable}}{{.Unreachable}}{{else}}0{{end}} | +{{if .Errored}}{{.Errored}}{{else}}0{{end}} | {{.Region}} | {{.Transport}} | -{{if .Reachable}}{{.AvgMs}}{{else}}unreachable{{end}} | +{{if .Reachable}}{{.AvgMs}}{{else}}unreachable{{end}} |
{{range .Probes}}
diff --git a/checker/rules.go b/checker/rules.go
index 6c7d822..9ef20bf 100644
--- a/checker/rules.go
+++ b/checker/rules.go
@@ -57,7 +57,3 @@ func warnState(code, subject, message string) sdk.CheckState {
func critState(code, subject, message string) sdk.CheckState {
return sdk.CheckState{Status: sdk.StatusCrit, Message: message, Code: code, Subject: subject}
}
-
-func unknownState(code, subject, message string) sdk.CheckState {
- return sdk.CheckState{Status: sdk.StatusUnknown, Message: message, Code: code, Subject: subject}
-}
diff --git a/checker/rules_consensus.go b/checker/rules_consensus.go
index 3f7ff96..eb45834 100644
--- a/checker/rules_consensus.go
+++ b/checker/rules_consensus.go
@@ -91,8 +91,8 @@ func (r *authoritativeMatchRule) Evaluate(ctx context.Context, obs sdk.Observati
anyExpected = true
switch {
case v.ConsensusSig == "":
- states = append(states, unknownState("resolver_propagation.matches_authoritative.no_consensus", key,
- fmt.Sprintf("no public resolver returned a usable answer for %s (authoritative answer is known); resolvers unreachable from the checker", key)))
+ states = append(states, critState("resolver_propagation.matches_authoritative.no_consensus", key,
+ fmt.Sprintf("no public resolver returned a usable answer for %s (authoritative answer is known)", key)))
case !v.MatchesExpected:
states = append(states, critState(CodeAnswerDrift, key,
fmt.Sprintf("consensus of public resolvers for %s differs from the authoritative answer, wait for TTL expiry or force a flush", key)))
diff --git a/checker/rules_resolvers.go b/checker/rules_resolvers.go
index 995140d..8fa8b17 100644
--- a/checker/rules_resolvers.go
+++ b/checker/rules_resolvers.go
@@ -71,7 +71,7 @@ func (r *resolverLatencyRule) Evaluate(ctx context.Context, obs sdk.ObservationG
var states []sdk.CheckState
for _, rv := range data.Resolvers {
if !rv.Reachable {
- states = append(states, unknownState(CodeResolverUnreachable, rv.ID,
+ states = append(states, warnState(CodeResolverUnreachable, rv.ID,
fmt.Sprintf("resolver %s (%s, %s) did not answer any query", rv.Name, rv.IP, rv.Transport)))
continue
}
diff --git a/checker/rules_test.go b/checker/rules_test.go
index 1007fc7..e14d999 100644
--- a/checker/rules_test.go
+++ b/checker/rules_test.go
@@ -326,11 +326,8 @@ func TestResolverLatencyRule(t *testing.T) {
if _, ok := codes[CodeResolverHighLatency]; !ok {
t.Errorf("want high latency for 'slow', got %+v", st)
}
- unreach, ok := codes[CodeResolverUnreachable]
- if !ok {
+ if _, ok := codes[CodeResolverUnreachable]; !ok {
t.Errorf("want unreachable for 'absent', got %+v", st)
- } else if unreach[0].Status != sdk.StatusUnknown {
- t.Errorf("unreachable should be unknown (not a warning), got status %v", unreach[0].Status)
}
}
diff --git a/checker/zone.go b/checker/zone.go
deleted file mode 100644
index 1e3e853..0000000
--- a/checker/zone.go
+++ /dev/null
@@ -1,188 +0,0 @@
-package checker
-
-import (
- "encoding/json"
- "sort"
- "strings"
-
- "github.com/miekg/dns"
-
- sdk "git.happydns.org/checker-sdk-go/checker"
-)
-
-// rawZone is the minimal slice of happyDomain's Zone JSON we consume to
-// derive the RR types actually present at each owner. It mirrors the
-// shape used by sibling checkers (see checker-legacy-records).
-type rawZone struct {
- DomainName string `json:"domain_name,omitempty"`
- Services map[string][]rawService `json:"services"`
-}
-
-type rawService struct {
- Type string `json:"_svctype"`
- Domain string `json:"_domain"`
- Service json.RawMessage `json:"Service"`
-}
-
-// fallbackQTypes is the legacy default applied when no zone is available
-// and the user did not set recordTypes explicitly.
-var fallbackQTypes = []uint16{
- dns.TypeSOA, dns.TypeNS, dns.TypeA, dns.TypeAAAA,
- dns.TypeMX, dns.TypeTXT, dns.TypeCAA,
-}
-
-// resolveQTypes returns the RR types to probe at each owner name plus the
-// union across all owners (for reporting/metrics).
-//
-// Precedence:
-// 1. Explicit "recordTypes" option → apply that list to every owner.
-// 2. Auto-filled "zone" option → derive per-owner types from the zone's
-// services. The apex always carries SOA+NS even if the zone payload
-// omits them. Owners with no derivable types fall back to A,AAAA so
-// the probe still surfaces NXDOMAIN drift for user-requested
-// subdomains that are not present in the zone.
-// 3. Neither → use the legacy default at every owner.
-func resolveQTypes(opts sdk.CheckerOptions, recordTypesOpt, apex string, names []string) (map[string][]uint16, []uint16, error) {
- if recordTypesOpt != "" {
- qts := parseQTypes(recordTypesOpt)
- if len(qts) == 0 {
- return nil, nil, &invalidTypesError{raw: recordTypesOpt}
- }
- return uniformOwnerQTypes(names, qts), qts, nil
- }
-
- zone, _ := readWorkingZone(opts)
- if zone == nil {
- return uniformOwnerQTypes(names, fallbackQTypes), append([]uint16(nil), fallbackQTypes...), nil
- }
-
- owner := map[string]map[uint16]bool{}
- for _, n := range names {
- owner[n] = map[uint16]bool{}
- }
-
- for sub, services := range zone.Services {
- full := joinSubdomain(sub, apex)
- set, ok := owner[full]
- if !ok {
- continue
- }
- for _, svc := range services {
- for _, qt := range typesFromService(svc) {
- set[qt] = true
- }
- }
- }
-
- // SOA + NS at apex are foundational; the rules depend on them.
- apexLower := strings.ToLower(dns.Fqdn(apex))
- if set, ok := owner[apexLower]; ok {
- set[dns.TypeSOA] = true
- set[dns.TypeNS] = true
- }
-
- out := make(map[string][]uint16, len(names))
- unionSet := map[uint16]bool{}
- for _, n := range names {
- set := owner[n]
- if len(set) == 0 {
- // Owner present in the probe list but unknown to the zone:
- // keep a minimal probe so a missing-record finding can fire.
- set = map[uint16]bool{dns.TypeA: true, dns.TypeAAAA: true}
- }
- qts := sortedTypes(set)
- out[n] = qts
- for _, qt := range qts {
- unionSet[qt] = true
- }
- }
- return out, sortedTypes(unionSet), nil
-}
-
-func uniformOwnerQTypes(names []string, qts []uint16) map[string][]uint16 {
- out := make(map[string][]uint16, len(names))
- for _, n := range names {
- out[n] = qts
- }
- return out
-}
-
-func sortedTypes(set map[uint16]bool) []uint16 {
- out := make([]uint16, 0, len(set))
- for q := range set {
- out = append(out, q)
- }
- sort.Slice(out, func(i, j int) bool { return out[i] < out[j] })
- return out
-}
-
-// readWorkingZone parses the "zone" auto-fill option. The host may pass
-// the value either as a native struct (in-process plugin) or as a JSON
-// object (HTTP path); we round-trip through JSON in both cases for a
-// single decoding path. A missing zone is not an error — standalone /
-// HTTP callers may simply not provide one.
-func readWorkingZone(opts sdk.CheckerOptions) (*rawZone, error) {
- v, ok := opts["zone"]
- if !ok || v == nil {
- return nil, nil
- }
- raw, err := json.Marshal(v)
- if err != nil {
- return nil, err
- }
- z := &rawZone{}
- if err := json.Unmarshal(raw, z); err != nil {
- return nil, err
- }
- return z, nil
-}
-
-// typesFromService extracts every RR type referenced by a service body.
-// happyDomain service envelopes are opaque to us (the registry is in the
-// host), so we scan the JSON for any nested "Rrtype": |