OverSize status message and network tests
On Wed, Aug 1, 2012 at 1:47 AM, Joseph Acquisto <joea at j4computers.com>wrote:
Recently moved to xymon 4.3.7 from hobbit 4.2
All seems reasonable except for two things.
- Due to firewall issues, some net tests do not work.
Which net tests work and which don't work? Do the working tests also come from the default IP address?
I can see tcpdump tell me the source is still the original for the new server. ??
Try running the xymonnet command from the command-line with the "--no-update" switch, perhaps specifying a stripped-down hosts.cfg with only one host and test that is failing. For example:
sudo -u xymon xymoncmd
echo "10.1.1.1 name-of-host # ssh" $HOSTSCFG > /tmp/hosts.cfg
HOSTSCFG=/tmp/hosts.cfg xymonnet --report --noping
--no-update --source-ip=10.2.2.2
See how you go. If this works, then perhaps there's something wrong with how it's configured in tasks.cfg.
If it doesn't work, use strace (Linux) or truss (Solaris) and look for the "bind" system call:
HOSTSCFG=/tmp/hosts.cfg strace -f xymonnet --report --noping
--no-update --source-ip=10.2.2.2 2>&1 | grep bind
Output looks like: bind(3, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("10.2.2.2")}, 16) = 0
Jeremy Laidman <jlaidman at rebel-it.com.au> 07/31/12 8:38 PM >>> On Wed, Aug 1, 2012 at 1:47 AM, Joseph Acquisto <joea at j4computers.com>wrote:
Recently moved to xymon 4.3.7 from hobbit 4.2
All seems reasonable except for two things.
- Due to firewall issues, some net tests do not work.
Which net tests work and which don't work? Do the working tests also come from the default IP address?
The only ones that work are those which already have firewall holes established.
I can see tcpdump tell me the source is still the original for the new server. ??
Try running the xymonnet command from the command-line with the "--no-update" switch, perhaps specifying a stripped-down hosts.cfg with only one host and test that is failing. For example:
sudo -u xymon xymoncmd echo "10.1.1.1 name-of-host # ssh" $HOSTSCFG > /tmp/hosts.cfg HOSTSCFG=/tmp/hosts.cfg xymonnet --report --noping
--no-update --source-ip=10.2.2.2
Never saw this before. Interesting. I presume the first ip should be that of the xymon host?
The sudo part did not work for me. Used su.
See how you go. If this works, then perhaps there's something wrong with how it's configured in tasks.cfg.
It did not produce a result seen via tcpdump.
If it doesn't work, use strace (Linux) or truss (Solaris) and look for the "bind" system call:
HOSTSCFG=/tmp/hosts.cfg strace -f xymonnet --report --noping
--no-update --source-ip=10.2.2.2 2>&1 | grep bind
Output looks like: bind(3, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("10.2.2.2")}, 16) = 0
No "bind". Did find that xymonnet was not found, had to specify the full path to it. Still, no bind. But, lots of open "errors". File not found at /home/xymon/server/tmp/
Sigh.
joe a.
"Joseph Acquisto" <joea at j4computers.com> 08/01/12 9:33 AM >>>
Jeremy Laidman <jlaidman at rebel-it.com.au> 07/31/12 8:38 PM >>> On Wed, Aug 1, 2012 at 1:47 AM, Joseph Acquisto <joea at j4computers.com>wrote:
Recently moved to xymon 4.3.7 from hobbit 4.2
All seems reasonable except for two things.
- Due to firewall issues, some net tests do not work.
Which net tests work and which don't work? Do the working tests also come from the default IP address?
The only ones that work are those which already have firewall holes established.
I lied. Apparently only ping and conn test are being sent with the wrong IP.
fping path is set to /home/xymon/server/bin/xymonping
Which works from command line with the option --source=desired_ip
All as seen via tcpdump.
SMTP test appear in tcpdump with the option IP.
joe a.
I lied again. ping and "ports" test appear to be not working. Sorry, feeling a bit off my game today.
joe a.
"Joseph Acquisto" <joea at j4computers.com> 08/01/12 2:03 PM >>> "Joseph Acquisto" <joea at j4computers.com> 08/01/12 9:33 AM >>>
Jeremy Laidman <jlaidman at rebel-it.com.au> 07/31/12 8:38 PM >>> On Wed, Aug 1, 2012 at 1:47 AM, Joseph Acquisto <joea at j4computers.com>wrote:
Recently moved to xymon 4.3.7 from hobbit 4.2
All seems reasonable except for two things.
- Due to firewall issues, some net tests do not work.
Which net tests work and which don't work? Do the working tests also come from the default IP address?
The only ones that work are those which already have firewall holes established.
I lied. Apparently only ping and conn test are being sent with the wrong IP.
fping path is set to /home/xymon/server/bin/xymonping
Which works from command line with the option --source=desired_ip
All as seen via tcpdump.
SMTP test appear in tcpdump with the option IP.
joe a.
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
On 01-08-2012 20:01, Joseph Acquisto wrote:
"Joseph Acquisto" <joea at j4computers.com> 08/01/12 9:33 AM >>>
Jeremy Laidman <jlaidman at rebel-it.com.au> 07/31/12 8:38 PM >>> On Wed, Aug 1, 2012 at 1:47 AM, Joseph Acquisto <joea at j4computers.com>wrote:
Recently moved to xymon 4.3.7 from hobbit 4.2
All seems reasonable except for two things.
- Due to firewall issues, some net tests do not work.
Which net tests work and which don't work? Do the working tests also come from the default IP address?
The only ones that work are those which already have firewall holes established.
I lied. Apparently only ping and conn test are being sent with the wrong IP.
fping path is set to /home/xymon/server/bin/xymonping
Which works from command line with the option --source=desired_ip
I'm not sure if xymonnet actually passes the source-ip on to xymonping or fping. You could change the FPING setting in xymonserver.cfg to include that --source option.
Regards, Henrik
Henrik Størner<henrik at hswn.dk> 08/01/12 4:28 PM >>> On 01-08-2012 20:01, Joseph Acquisto wrote: "Joseph Acquisto" <joea at j4computers.com> 08/01/12 9:33 AM >>>
Jeremy Laidman <jlaidman at rebel-it.com.au> 07/31/12 8:38 PM >>> On Wed, Aug 1, 2012 at 1:47 AM, Joseph Acquisto <joea at j4computers.com>wrote:
Recently moved to xymon 4.3.7 from hobbit 4.2
All seems reasonable except for two things.
- Due to firewall issues, some net tests do not work.
Which net tests work and which don't work? Do the working tests also come from the default IP address?
The only ones that work are those which already have firewall holes established.
I lied. Apparently only ping and conn test are being sent with the wrong IP.
fping path is set to /home/xymon/server/bin/xymonping
Which works from command line with the option --source=desired_ip
I'm not sure if xymonnet actually passes the source-ip on to xymonping or fping. You could change the FPING setting in xymonserver.cfg to include that --source option.
Regards, Henrik
putting the --source=ipaddress after the command string, with the quotes, did the trick.
Thanks.
joe a
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
On 1 August 2012 23:30, Joseph Acquisto <joea at j4computers.com> wrote:
I can see tcpdump tell me the source is still the original for the new server. ??
Try running the xymonnet command from the command-line with the "--no-update" switch, perhaps specifying a stripped-down hosts.cfg with only one host and test that is failing. For example:
sudo -u xymon xymoncmd echo "10.1.1.1 name-of-host # ssh" $HOSTSCFG > /tmp/hosts.cfg HOSTSCFG=/tmp/hosts.cfg xymonnet --report --noping
--no-update --source-ip=10.2.2.2Never saw this before. Interesting. I presume the first ip should be that of the xymon host?
No, the target host.
The sudo part did not work for me. Used su.
OK
No "bind". Did find that xymonnet was not found, had to specify the full
path to it. Still, no bind. But, lots of open "errors". File not found at /home/xymon/server/tmp/
Perhaps after doing "su" to the xymon user, you need to run "xymoncmd" before running the commands. That's why xymonnet wasn't found.
J
participants (3)
-
henrik@hswn.dk
-
jlaidman@rebel-it.com.au
-
joea@j4computers.com