OverSize status message and network tests
list Joe Acquisto
Recently moved to xymon 4.3.7 from hobbit 4.2 All seems reasonable except for two things. - Due to firewall issues, some net tests do not work. The firewall lets the "old" IP thru, but not the new servers IP. Go an answer to this some weeks back, which stated change ~server/etc/tasks.cfg to specify --source-ip=old.ip. This I took to go in [xymonnet] as an add on to the CMD line. retired old box and added IP to new box, as secondary IP, edited the file and restarted xymon server. No go. I can ping the destination successfully by telling ping to use the added IP as its source IP. I can see tcpdump tell me the source is still the original for the new server. ?? Th - While looking for clues, stumbled upon a oversize status message in xymond.log. It is oversize (!), but is being sent in the form (echo "status . . blah"; cat mymessage_file | blah formatting stuff | /home/xymon/client/bin/xymon my_server_name "@" -- Which someone on this list (Henrik ?) turned me on to a year or so ago. Anyway . . . Some assistance?
list Jeremy Laidman
▸
On Wed, Aug 1, 2012 at 1:47 AM, Joseph Acquisto <user-8f41a3273532@xymon.invalid>wrote:
Recently moved to xymon 4.3.7 from hobbit 4.2 All seems reasonable except for two things. - Due to firewall issues, some net tests do not work.
Which net tests work and which don't work? Do the working tests also come
from the default IP address?
▸
I can see tcpdump tell me the source is still the original for the new server. ??
Try running the xymonnet command from the command-line with the
"--no-update" switch, perhaps specifying a stripped-down hosts.cfg with
only one host and test that is failing. For example:
sudo -u xymon xymoncmd
echo "10.1.1.1 name-of-host # ssh" $HOSTSCFG > /tmp/hosts.cfg
HOSTSCFG=/tmp/hosts.cfg xymonnet --report --noping \
--no-update --source-ip=10.2.2.2
See how you go. If this works, then perhaps there's something wrong with
how it's configured in tasks.cfg.
If it doesn't work, use strace (Linux) or truss (Solaris) and look for the
"bind" system call:
HOSTSCFG=/tmp/hosts.cfg strace -f xymonnet --report --noping \
--no-update --source-ip=10.2.2.2 2>&1 | grep bind
Output looks like:
bind(3, {sa_family=AF_INET, sin_port=htons(0),
sin_addr=inet_addr("10.2.2.2")}, 16) = 0
list Joe Acquisto
Jeremy Laidman <user-71895fb2e44c@xymon.invalid> 07/31/12 8:38 PM >>>
▸
On Wed, Aug 1, 2012 at 1:47 AM, Joseph Acquisto <user-8f41a3273532@xymon.invalid>wrote:Recently moved to xymon 4.3.7 from hobbit 4.2 All seems reasonable except for two things. - Due to firewall issues, some net tests do not work.Which net tests work and which don't work? Do the working tests also come from the default IP address?
The only ones that work are those which already have firewall holes established.
▸
I can see tcpdump tell me the source is still the original for the new server. ??Try running the xymonnet command from the command-line with the "--no-update" switch, perhaps specifying a stripped-down hosts.cfg with only one host and test that is failing. For example: sudo -u xymon xymoncmd echo "10.1.1.1 name-of-host # ssh" $HOSTSCFG > /tmp/hosts.cfg HOSTSCFG=/tmp/hosts.cfg xymonnet --report --noping \ --no-update --source-ip=10.2.2.2
Never saw this before. Interesting. I presume the first ip should be that of the xymon host? The sudo part did not work for me. Used su.
▸
See how you go. If this works, then perhaps there's something wrong with how it's configured in tasks.cfg.
It did not produce a result seen via tcpdump.
▸
If it doesn't work, use strace (Linux) or truss (Solaris) and look for the "bind" system call:
HOSTSCFG=/tmp/hosts.cfg strace -f xymonnet --report --noping \ --no-update --source-ip=10.2.2.2 2>&1 | grep bind
Output looks like:
bind(3, {sa_family=AF_INET, sin_port=htons(0),
sin_addr=inet_addr("10.2.2.2")}, 16) = 0No "bind". Did find that xymonnet was not found, had to specify the full path to it. Still, no bind. But, lots of open "errors". File not found at /home/xymon/server/tmp/ Sigh. joe a.
list Joe Acquisto
"Joseph Acquisto" <user-8f41a3273532@xymon.invalid> 08/01/12 9:33 AM >>>
▸
Jeremy Laidman <user-71895fb2e44c@xymon.invalid> 07/31/12 8:38 PM >>>On Wed, Aug 1, 2012 at 1:47 AM, Joseph Acquisto <user-8f41a3273532@xymon.invalid>wrote:Recently moved to xymon 4.3.7 from hobbit 4.2 All seems reasonable except for two things. - Due to firewall issues, some net tests do not work.Which net tests work and which don't work? Do the working tests also come from the default IP address?
The only ones that work are those which already have firewall holes established.
I lied. Apparently only ping and conn test are being sent with the wrong IP. fping path is set to /home/xymon/server/bin/xymonping Which works from command line with the option --source=desired_ip All as seen via tcpdump. SMTP test appear in tcpdump with the option IP. joe a.
list Joe Acquisto
I lied again. ping and "ports" test appear to be not working. Sorry, feeling a bit off my game today. joe a.
"Joseph Acquisto" <user-8f41a3273532@xymon.invalid> 08/01/12 2:03 PM >>>
▸
"Joseph Acquisto" <user-8f41a3273532@xymon.invalid> 08/01/12 9:33 AM >>>Jeremy Laidman <user-71895fb2e44c@xymon.invalid> 07/31/12 8:38 PM >>>
▸
On Wed, Aug 1, 2012 at 1:47 AM, Joseph Acquisto <user-8f41a3273532@xymon.invalid>wrote:Recently moved to xymon 4.3.7 from hobbit 4.2 All seems reasonable except for two things. - Due to firewall issues, some net tests do not work.Which net tests work and which don't work? Do the working tests also come from the default IP address?
The only ones that work are those which already have firewall holes established.
I lied. Apparently only ping and conn test are being sent with the wrong IP. fping path is set to /home/xymon/server/bin/xymonping Which works from command line with the option --source=desired_ip All as seen via tcpdump. SMTP test appear in tcpdump with the option IP. joe a.
list Henrik Størner
▸
On 01-08-2012 20:01, Joseph Acquisto wrote:
"Joseph Acquisto" <user-8f41a3273532@xymon.invalid> 08/01/12 9:33 AM >>>Jeremy Laidman <user-71895fb2e44c@xymon.invalid> 07/31/12 8:38 PM >>>On Wed, Aug 1, 2012 at 1:47 AM, Joseph Acquisto <user-8f41a3273532@xymon.invalid>wrote:Recently moved to xymon 4.3.7 from hobbit 4.2 All seems reasonable except for two things. - Due to firewall issues, some net tests do not work.Which net tests work and which don't work? Do the working tests also come from the default IP address?The only ones that work are those which already have firewall holes established.I lied. Apparently only ping and conn test are being sent with the wrong IP. fping path is set to /home/xymon/server/bin/xymonping Which works from command line with the option --source=desired_ip
I'm not sure if xymonnet actually passes the source-ip on to xymonping or fping. You could change the FPING setting in xymonserver.cfg to include that --source option. Regards, Henrik
list Joe Acquisto
▸
On 7/31/2012 at 11:47 AM, "Joseph Acquisto" <user-8f41a3273532@xymon.invalid> wrote:Recently moved to xymon 4.3.7 from hobbit 4.2
. . .
- While looking for clues, stumbled upon a oversize status message in xymond.log. It is oversize (!), but is being sent in the form (echo "status . . blah"; cat mymessage_file | blah formatting stuff | /home/xymon/client/bin/xymon my_server_name "@" -- Which someone on this list (Henrik ?) turned me on to a year or so ago. Anyway . . .
. . .
Have not gotten far on this, but a visual scan sees nothing missing when comparing the status message sent to what is displayed on the web page. joe a.
list Joe Acquisto
▸
On 8/1/2012 at 4:26 PM, Henrik Størner<user-ce4a2c883f75@xymon.invalid> wrote:On 01-08-2012 20:01, Joseph Acquisto wrote:"Joseph Acquisto" <user-8f41a3273532@xymon.invalid> 08/01/12 9:33 AM >>>Jeremy Laidman <user-71895fb2e44c@xymon.invalid> 07/31/12 8:38 PM >>>On Wed, Aug 1, 2012 at 1:47 AM, Joseph Acquisto
<user-8f41a3273532@xymon.invalid>wrote:
Recently moved to xymon 4.3.7 from hobbit 4.2 All seems reasonable except for two things. - Due to firewall issues, some net tests do not work.Which net tests work and which don't work? Do the working tests also come from the default IP address?The only ones that work are those which already have firewall holes established.I lied. Apparently only ping and conn test are being sent with the wrongIP.fping path is set to /home/xymon/server/bin/xymonping Which works from command line with the option --source=desired_ipI'm not sure if xymonnet actually passes the source-ip on to xymonping or fping. You could change the FPING setting in xymonserver.cfg to include that --source option.
I was thinking that myself, but was not sure that would work, or how to add it. I'll tinker with it and post. Did notice that one uses --source-ip and the other --source. Also, found that "ports" is apparently a client provided status. (one is embarrassed to confess). joe a.
list Henrik Størner
▸
On 02-08-2012 01:14, Joseph Acquisto wrote:
On 7/31/2012 at 11:47 AM, "Joseph Acquisto" <user-8f41a3273532@xymon.invalid> wrote:Recently moved to xymon 4.3.7 from hobbit 4.2. . .- While looking for clues, stumbled upon a oversize status message in xymond.log. It is oversize (!), but is being sent in the form (echo "status . . blah"; cat mymessage_file | blah formatting stuff | /home/xymon/client/bin/xymon my_server_name "@" -- Which someone on this list (Henrik ?) turned me on to a year or so ago. Anyway . . .. . .Have not gotten far on this, but a visual scan sees nothing missing when comparing the status message sent to what is displayed on the web page.
The "oversize" message comes when the client tries to send a message that is larger than what we can transfer to the xymond_* modules processing the data. This is limited by the size of the memory pool shared between xymond and the xymond_* modules. You can increase it by setting the MAXMSG_STATUS value in xymonserver.cfg, the default is 256 KB - see the xymonserver.cfg man-page. Note that you'll have to restart Xymon on the server before this has any effect. Regards, Henrik
list Joe Acquisto
Henrik Størner<user-ce4a2c883f75@xymon.invalid> 08/02/12 2:12 AM >>>
▸
On 02-08-2012 01:14, Joseph Acquisto wrote:
On 7/31/2012 at 11:47 AM, "Joseph Acquisto" <user-8f41a3273532@xymon.invalid> wrote:Recently moved to xymon 4.3.7 from hobbit 4.2. . .- While looking for clues, stumbled upon a oversize status message in xymond.log. It is oversize (!), but is being sent in the form (echo
"status
. . blah"; cat mymessage_file | blah formatting stuff | /home/xymon/client/bin/xymon my_server_name "@" -- Which someone on this list (Henrik ?) turned me on to a year or so ago. Anyway . . .. . .Have not gotten far on this, but a visual scan sees nothing missing when comparing the status message sent to what is displayed on the web page.The "oversize" message comes when the client tries to send a message that is larger than what we can transfer to the xymond_* modules processing the data. This is limited by the size of the memory pool shared between xymond and the xymond_* modules. You can increase it by setting the MAXMSG_STATUS value in xymonserver.cfg, the default is 256 KB - see the xymonserver.cfg man-page. Note that you'll have to restart Xymon on the server before this has any effect. Regards, Henrik
MAXMSG_STATUS does not appear in my current xymonserver.cfg file. I had read that, but not finding it, thought it a typo, etc. I should have mentioned that, but. . . Anyway, today is a new day . I guess I will add that, somewhere in the file, with a larger value, restart and check the logs. joe a.
list Joe Acquisto
Henrik Størner<user-ce4a2c883f75@xymon.invalid> 08/01/12 4:28 PM >>>
▸
On 01-08-2012 20:01, Joseph Acquisto wrote:"Joseph Acquisto" <user-8f41a3273532@xymon.invalid> 08/01/12 9:33 AM >>>Jeremy Laidman <user-71895fb2e44c@xymon.invalid> 07/31/12 8:38 PM >>>On Wed, Aug 1, 2012 at 1:47 AM, Joseph Acquisto
<user-8f41a3273532@xymon.invalid>wrote:
Recently moved to xymon 4.3.7 from hobbit 4.2 All seems reasonable except for two things. - Due to firewall issues, some net tests do not work.Which net tests work and which don't work? Do the working tests also come from the default IP address?The only ones that work are those which already have firewall holes established.I lied. Apparently only ping and conn test are being sent with the wrong IP. fping path is set to /home/xymon/server/bin/xymonping Which works from command line with the option --source=desired_ip
I'm not sure if xymonnet actually passes the source-ip on to xymonping or fping. You could change the FPING setting in xymonserver.cfg to include that --source option. Regards, Henrik
putting the --source=ipaddress after the command string, with the quotes, did the trick. Thanks. joe a
list Jeremy Laidman
▸
On 1 August 2012 23:30, Joseph Acquisto <user-8f41a3273532@xymon.invalid> wrote:
I can see tcpdump tell me the source is still the original for the new server. ??Try running the xymonnet command from the command-line with the "--no-update" switch, perhaps specifying a stripped-down hosts.cfg with only one host and test that is failing. For example: sudo -u xymon xymoncmd echo "10.1.1.1 name-of-host # ssh" $HOSTSCFG > /tmp/hosts.cfg HOSTSCFG=/tmp/hosts.cfg xymonnet --report --noping \ --no-update --source-ip=10.2.2.2Never saw this before. Interesting. I presume the first ip should be that of the xymon host?
No, the target host.
The sudo part did not work for me. Used su.
OK
▸
No "bind". Did find that xymonnet was not found, had to specify the fullpath to it. Still, no bind. But, lots of open "errors". File not found at /home/xymon/server/tmp/
Perhaps after doing "su" to the xymon user, you need to run "xymoncmd" before running the commands. That's why xymonnet wasn't found. J