+ Post New Thread
Results 1 to 9 of 9
*nix Thread, Checking DHCP Services With Nagios in Technical; I'm reconfiguring my Nagios box as I move it over to a VM. I want to add DHCP monitoring but ...
  1. #1

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,592
    Thank Post
    109
    Thanked 769 Times in 598 Posts
    Rep Power
    181

    Checking DHCP Services With Nagios

    I'm reconfiguring my Nagios box as I move it over to a VM. I want to add DHCP monitoring but I can't quite get my head around it.

    I have 1 DHCP server (a Server 2003 box). I also have a WDS server - WDS makes this act as a DHCP proxy.

    What I'm trying to figure out is this.... should I always receive my DHCP offer from the WDS box (as it appears from manually running check_dhcp) or will I sometimes get a lease from the DHCP server? Also, how should I set up the dependencies?

    It's far too early to be thinking about this stuff!

  2. #2

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    One should only have one DHCP server per Ethernet segment, unless your doing fancy fail over/redundancy stuff.

    So therefore you need two DHCP checks, one for the segment where your WDS proxy lives and one for the segment where your 2k3 server is.

    As you only have one nagios box, you'll need to use the remote checks (e.g. a remote Linux box running NRPE) to check the non-local Ethernet segment.

  3. #3

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,592
    Thank Post
    109
    Thanked 769 Times in 598 Posts
    Rep Power
    181
    @Geoff: The WDS box is not a DHCP server... it appears as a DHCP proxy and, from what I can see, the client machines believe that their request is fullfilled by this box.

    See the following debug data:
    Code:
    monitoring:/usr/local/nagios/libexec# ./check_dhcp -m 00110abba1f8 -r 192.168.1.100 -v -s 192.168.0.11
    Requested server address: 192.168.0.11
    DHCP socket: 3
    DHCPDISCOVER to 255.255.255.255 port 67
    DHCPDISCOVER XID: 837531199 (0x31EBB63F)
    DHCDISCOVER ciaddr:  0.0.0.0
    DHCDISCOVER yiaddr:  0.0.0.0
    DHCDISCOVER siaddr:  0.0.0.0
    DHCDISCOVER giaddr:  0.0.0.0
    send_dhcp_packet result: 548
    
    
    
    
    recv_result_1: 300
    recv_result_2: 300
    receive_dhcp_packet() result: 300
    receive_dhcp_packet() source: 192.168.0.3
    Result=OK
    DHCPOFFER from IP address 192.168.0.11 via 192.168.0.3
    DHCPOFFER XID: 837531199 (0x31EBB63F)
    DHCPOFFER chaddr: 00110ABBA1F8
    DHCPOFFER ciaddr: 0.0.0.0
    DHCPOFFER yiaddr: 192.168.1.100
    DHCPOFFER siaddr: 192.168.0.11
    DHCPOFFER giaddr: 0.0.0.0
    Option: 53 (0x01)
    Option: 1 (0x04)
    Option: 58 (0x04)
    Option: 59 (0x04)
    Lease Time: 0 seconds
    Renewal Time: 345600 seconds
    Rebinding Time: 604800 seconds
    Added offer from server @ 192.168.0.11 of IP address 192.168.1.100
    
    
    No (more) data received (nfound: 0)
    Result=ERROR
    Total responses seen on the wire: 1
    Valid responses for this machine: 1
    DHCP Server Match: Offerer=192.168.0.11 Requested=192.168.0.11
    OK: Received 1 DHCPOFFER(s), 1 of 1 requested servers responded, requested address (192.168.1.100) was offered, max lease time = 0 sec.
    That probably doesn't make things very much clearer but it kind of shows how I don't have 2 DHCP servers.

  4. #4

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    Ok fair enough. The WDS server is your DHCP source. Configure Nagios as appropirate.

    Don't forget you can still do event log and service status checks on the other machine though if you want 'more' detail of your DHCP service status. e.g. to work out which box broke.

  5. #5

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,592
    Thank Post
    109
    Thanked 769 Times in 598 Posts
    Rep Power
    181
    @Geoff: I could monitor the event logs, etc. but that doesn't show that clients are getting DHCP leases from the correct place... I need to configure both to cover all bases. I have reservations that I know the leases for so can check I don't have a 'rogue' DHCP server (assuming some clever should hasn't worked out my reservations of course but what are the chances?).

  6. #6

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    Indeed you should really do both to 'cover' every possible failure situation. Otherwise you will end up with Nagios lying to you about what's going on. Mis-information is worse than no information at all!

    With check_dhcp you can ask it to make sure the DHCP OFFER is coming from the correct IP address. So you can use that to check for rogue DHCP servers.

    Code:
    root@praxis:/usr/local/nagios/libexec# ./check_dhcp -h
    check_dhcp v2018 (nagios-plugins 1.4.13)
    Copyright (c) 2001-2004 Ethan Galstad (nagios@nagios.org)
    Copyright (c) 2001-2007 Nagios Plugin Development Team
            <nagiosplug-devel@lists.sourceforge.net>
    
    This plugin tests the availability of DHCP servers on a network.
    
    
    Usage: check_dhcp [-v] [-u] [-s serverip] [-r requestedip] [-t timeout]
                      [-i interface] [-m mac]
    
    Options:
     -h, --help
        Print detailed help screen
     -V, --version
        Print version information
     -v, --verbose
        Show details for command-line debugging (Nagios may truncate output)
     -s, --serverip=IPADDRESS
        IP address of DHCP server that we must hear from
     -r, --requestedip=IPADDRESS
        IP address that should be offered by at least one DHCP server
     -t, --timeout=INTEGER
        Seconds to wait for DHCPOFFER before timeout occurs
     -i, --interface=STRING
        Interface to to use for listening (i.e. eth0)
     -m, --mac=STRING
        MAC address to use in the DHCP request
     -u, --unicast
        Unicast testing: mimic a DHCP relay, requires -s
    
    Send email to nagios-users@lists.sourceforge.net if you have questions
    regarding use of this software. To submit patches or suggest improvements,
    send email to nagiosplug-devel@lists.sourceforge.net

  7. #7

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,592
    Thank Post
    109
    Thanked 769 Times in 598 Posts
    Rep Power
    181
    Quote Originally Posted by Geoff View Post
    With check_dhcp you can ask it to make sure the DHCP OFFER is coming from the correct IP address. So you can use that to check for rogue DHCP servers.
    This is what led to my question though. Nobody I have spoken to can seem to give a definitive answer whether the DHCP lease should always appear to come from the DHCP proxy or if it may also come from the DHCP server.

  8. #8

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    That depends on your setup. As I tried to explain normally you'd use a DHCP relay on a router, that can see the 'extra' subnet(s) that the DHCP server can't (because broadcasts don't propagate over layer 3).

    Your setup isn't normal. It's some weird windowism. Therefore your out on your own. What I would suggest to diagnose the situation is to sniff the network while requesting a DHCP lease and see what replies. Basically if all else fails, go and test it for real.

  9. #9
    petectid's Avatar
    Join Date
    Jun 2005
    Posts
    298
    Thank Post
    2
    Thanked 15 Times in 13 Posts
    Rep Power
    20
    If your workstations can see your 2003 DHCP server ie. it can receive their requests on the network for an address then the process will complete without going through the DHCP Proxy. Is that what you are asking Ric. In the past I've split the scope between servers and the only way of knowing which DHCP server has issued the address is by looking at which part of the scope it was from and knowing that that came from server A and not server B. Therefore if your DHCP server responds before your proxy the address comes from there albeit from the same scope, makes a proxy a bit redundant don't you think. You could use Wireshark to view whats going on when a lease is requested you will soon find out which machine is quickest to respond, one of my servers was much faster and its address pool would often expire before the second smaller pool was used.

SHARE:
+ Post New Thread

Similar Threads

  1. checking my other pc
    By mikeymike in forum General Chat
    Replies: 5
    Last Post: 4th August 2008, 01:30 AM
  2. Replies: 8
    Last Post: 23rd April 2008, 10:33 PM
  3. PC Checking
    By Gatt in forum How do you do....it?
    Replies: 16
    Last Post: 23rd February 2007, 12:13 PM
  4. Stock Checking
    By faza in forum Wireless Networks
    Replies: 4
    Last Post: 19th February 2007, 01:39 PM
  5. Checking USers
    By Grommit in forum Windows
    Replies: 1
    Last Post: 2nd January 2007, 01:57 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •