multiple xymon server IP
list Joe Acquisto
Built a new xymon server to replace an older box. We have a DMZ. To avoid doing the paperwork to create new firewall rules I was hoping there was a way to "multi home" the new box so that, once the current one is retired, it can assume that IP be happy, from a xymon perspective. Simply changing the new server to a single (old box) IP is not feasible for reasons I cannot get into. Thanks for any pointers.
list Joe Acquisto
This is what I had hoped to hear. Thanks much. joe a
On 7/3/2012 at 10:13 PM, Isaac W Traxler <user-4dfb0dbf036e@xymon.invalid> wrote:Hi, If the two addresses are in the same network, it should be trivial. Just create an ip-alias and go for it. Xymon will not care what interface the packets come in over. It will get annoyed if you have clients transmit every conditon to it twice (I have had that problem every now and then). I curently have a dual homed server. One interface is connected to a subnet inside of campus and the other interface goes directly outside of campus to a state network. My default route is across the external interface with routes defined for all campus address spaces to go over the campus interface. All of this works a lot better than expected. A few clients attempt to send reports to both interfaces and for the ones that firewalls do not block, I get double entries -- annoying. Someday I will get all the clients configured properly. Hopefully this info will help. -- Isaac Traxler AIX,Linux Admin Louisiana State University user-4dfb0dbf036e@xymon.invalid High Performance Computing XXX-XXX-XXXX LONI AIX Clusters AIX, Linux Support
▸
On Tue, 3 Jul 2012, Joseph Acquisto wrote:Date: Tue, 3 Jul 2012 15:29:45 +0000 From: Joseph Acquisto <user-8f41a3273532@xymon.invalid> To: xymon at xymon.com Subject: [Xymon] multiple xymon server IP Built a new xymon server to replace an older box. We have a DMZ. To avoid doing the paperwork to create new firewall rules I was hoping there was a way to "multi home" the new box so that, once the current one is retired, it can assume that IP be happy, from a xymon perspective. Simply changing the new server to a single (old box) IP is not feasible for reasons I cannot get into. Thanks for any pointers.
list Joe Acquisto
Oh, another thought. I would like the new xymon box to send out tests/ requests on the alias IP. (firewall issue again). If I change the host IP to the alias in the various xymon config files (once the old box is retired), and restart xymon, am I correct in assuming it would use the alias for outgoing xymon related stuff? joe a.
"Joseph Acquisto" <user-8f41a3273532@xymon.invalid> 07/04/12 6:48 AM >>>
▸
This is what I had hoped to hear. Thanks much. joe a
▸
On 7/3/2012 at 10:13 PM, Isaac W Traxler <user-4dfb0dbf036e@xymon.invalid> wrote:Hi, If the two addresses are in the same network, it should be trivial. Just create an ip-alias and go for it. Xymon will not care what interface the packets come in over. It will get annoyed if you have clients transmit every conditon to it twice (I have had that problem every now and then). I curently have a dual homed server. One interface is connected to a subnet inside of campus and the other interface goes directly outside of campus to a state network. My default route is across the external interface with routes defined for all campus address spaces to go over the campus interface. All of this works a lot better than expected. A few clients attempt to send reports to both interfaces and for the ones that firewalls do not block, I get double entries -- annoying. Someday I will get all the clients configured properly. Hopefully this info will help. -- Isaac Traxler AIX,Linux Admin Louisiana State University user-4dfb0dbf036e@xymon.invalid High Performance Computing XXX-XXX-XXXX LONI AIX Clusters AIX, Linux Support On Tue, 3 Jul 2012, Joseph Acquisto wrote:Date: Tue, 3 Jul 2012 15:29:45 +0000 From: Joseph Acquisto <user-8f41a3273532@xymon.invalid> To: xymon at xymon.com Subject: [Xymon] multiple xymon server IP Built a new xymon server to replace an older box. We have a DMZ. To avoid doing the paperwork to create new firewall rules I was hoping there was a way to "multi home" the new box so that, once the current one is retired, it can assume that IP be happy, from a xymon perspective. Simply changing the new server to a single (old box) IP is not feasible for reasons I cannot get into. Thanks for any pointers.
list Jeremy Laidman
Joseph, you can override the default source IP address for xymonnet by adding "--source-ip=ip.add.re.ss". You would make this change in tasks.cfg. Any tests that aren't handled by xymonnet (eg custom scripts such as devmon) would have to do the equivalent. J
▸
On Thu, Jul 5, 2012 at 11:20 PM, Joseph Acquisto <user-8f41a3273532@xymon.invalid>wrote:
Oh, another thought. I would like the new xymon box to send out tests/ requests on the alias IP. (firewall issue again). If I change the host IP to the alias in the various xymon config files (once the old box is retired), and restart xymon, am I correct in assuming it would use the alias for outgoing xymon related stuff? joe a."Joseph Acquisto" <user-8f41a3273532@xymon.invalid> 07/04/12 6:48 AM >>>This is what I had hoped to hear. Thanks much. joe aOn 7/3/2012 at 10:13 PM, Isaac W Traxler <user-4dfb0dbf036e@xymon.invalid> wrote:Hi, If the two addresses are in the same network, it should be trivial. Just create an ip-alias and go for it. Xymon will not care what interface the packets come in over. It will get annoyed if you have clients transmit every conditon to it twice (I have had that problem every now and then). I curently have a dual homed server. One interface is connected to a subnet inside of campus and the other interface goes directly outside of campus to a state network. My default route is across the external interface with routes defined for all campus address spaces to go over the campus interface. All of this works a lot better than expected. A few clients attempt to send reports to both interfaces and for the ones that firewalls do not block, I get double entries -- annoying. Someday I will get all the clients configured properly. Hopefully this info will help. -- Isaac Traxler AIX,Linux Admin Louisiana State University user-4dfb0dbf036e@xymon.invalid High Performance Computing XXX-XXX-XXXX LONI AIX Clusters AIX, Linux Support On Tue, 3 Jul 2012, Joseph Acquisto wrote:Date: Tue, 3 Jul 2012 15:29:45 +0000 From: Joseph Acquisto <user-8f41a3273532@xymon.invalid> To: xymon at xymon.com Subject: [Xymon] multiple xymon server IP Built a new xymon server to replace an older box. We have a DMZ. To avoid doing the paperwork to create new firewall rules I was hoping there was a way to "multi home" the new box so that, once the current one is retired, it can assume that IP be happy, from a xymon perspective. Simply changing the new server to a single (old box) IP is not feasible for reasons I cannot get into. Thanks for any pointers.
list Joe Acquisto
Thanks. I guess that goes in the [xymonnet] section as part of the CMD line ? joe a.
Jeremy Laidman <user-71895fb2e44c@xymon.invalid> 07/06/12 12:30 AM >>>
▸
Joseph, you can override the default source IP address for xymonnet by adding "--source-ip=ip.add.re.ss". You would make this change in tasks.cfg. Any tests that aren't handled by xymonnet (eg custom scripts such as devmon) would have to do the equivalent. J On Thu, Jul 5, 2012 at 11:20 PM, Joseph Acquisto <user-8f41a3273532@xymon.invalid>wrote:
Oh, another thought. I would like the new xymon box to send out tests/ requests on the alias IP. (firewall issue again). If I change the host IP to the alias in the various xymon config files (once the old box is retired), and restart xymon, am I correct in assuming it would use the alias for outgoing xymon related stuff? joe a."Joseph Acquisto" <user-8f41a3273532@xymon.invalid> 07/04/12 6:48 AM >>>This is what I had hoped to hear. Thanks much. joe aOn 7/3/2012 at 10:13 PM, Isaac W Traxler <user-4dfb0dbf036e@xymon.invalid> wrote:Hi, If the two addresses are in the same network, it should be trivial. Just create an ip-alias and go for it. Xymon will not care what interface the packets come in over. It will get annoyed if you have clients transmit every conditon to it twice (I have had that problem every now and then). I curently have a dual homed server. One interface is connected to a subnet inside of campus and the other interface goes directly outside of campus to a state network. My default route is across the external interface with routes defined for all campus address spaces to go over the campus interface. All of this works a lot better than expected. A few clients attempt to send reports to both interfaces and for the ones that firewalls do not block, I get double entries -- annoying. Someday I will get all the clients configured properly. Hopefully this info will help. -- Isaac Traxler AIX,Linux Admin Louisiana State University user-4dfb0dbf036e@xymon.invalid High Performance Computing XXX-XXX-XXXX LONI AIX Clusters AIX, Linux Support On Tue, 3 Jul 2012, Joseph Acquisto wrote:Date: Tue, 3 Jul 2012 15:29:45 +0000 From: Joseph Acquisto <user-8f41a3273532@xymon.invalid> To: xymon at xymon.com Subject: [Xymon] multiple xymon server IP Built a new xymon server to replace an older box. We have a DMZ. To avoid doing the paperwork to create new firewall rules I was hoping there was a way to "multi home" the new box so that, once the current one is retired, it can assume that IP be happy, from a xymon perspective. Simply changing the new server to a single (old box) IP is not feasible for reasons I cannot get into. Thanks for any pointers.
list Jeremy Laidman
▸
On Sat, Jul 7, 2012 at 1:34 AM, Joseph Acquisto <user-8f41a3273532@xymon.invalid>wrote:
Thanks. I guess that goes in the [xymonnet] section as part of the CMD line ?
Yup, good guess!