monit-general
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [monit] monitoring remote host udp


From: Martin Pala
Subject: Re: [monit] monitoring remote host udp
Date: Tue, 18 Nov 2008 20:40:05 +0100


On Nov 18, 2008, at 9:58 AM, Emil Natan wrote:

Hello,

1. I'm trying to monitor name service on remote host via udp/tcp (53).
This is authoritative only server (that's why I do not use the dns
check) so the check looks like:

check host ns.example.org with address 192.168.0.1
   if failed port 53 type udp then alert
      alert address@hidden
   if failed port 53 type tcp then alert
      alert address@hidden

The tcp check works as expected. The udp check works only when the
reason for the failure is on the monitoring host (when I block udp 53
out of the box in iptables). If the reason for the failure is on the
monitored host (or in the middle) I do not get any alerts. Using sniffer
I see the packets sent every specified interval. I understand how udp
works and that it is hard/impossible to monitor it, but I hope I'm
missing something and I do not need to use the workaround using external scripts to monitor the service and monit monitoring the output of these
scripts.

The generic UDP connection check without protocol specification sends the datagram to the server and checks that no ICMP error is returned. Without the knowledge of application protocol it's impossible to conduct more specific test with connection-less UDP protocol. The generic TCP connection check is much better since the result of TCP handshake is reliable indication.

The UDP tests work thus much better when you specify the particular protocol since monit then knows what the server should response even though there is no connection established between the client and server.

For example in case of DNS this works well (if the DNS server is able to provide the NS record of DNS root servers):

  if failed port 53 type udp protocol dns then alert




2. I'm I right that  the monitoring host starts the above check with
sending ICMP packet(s) although it was not specified and if yes, how can
I change this behavior.



Monit doesn't send any ICMP packets if it wasn't specified.




Martin








reply via email to

[Prev in Thread] Current Thread [Next in Thread]