nagios core 4.x: how to configure a router an switch

[berhan30]

monitoring the networks equipment and server : I have two problem
the first: how to configure a router contains more IP address (path).
the 2nd: how to configure a switch without level 2 IP address

[jdalrymple]

monitoring the networks equipment and server : I have two problem
the first: how to configure a router contains more IP address (path).

Typically you monitor interfaces, not IP addresses. If you snmpwalk the machine you'll notice that there are entries in the interface table for all interfaces on your equipment. Just monitor the different table OIDs as needed.

the 2nd: how to configure a switch without level 2 IP address

You mean without layer 2 (physical) addresses? I'm not sure I follow that. Or maybe you mean layer 3 (IP/logical) addresses? You will need a switch with an IP typically to monitor it. That is unless you have a serial connection or some other such to suck data out of it. That could certainly get complicated. Please be more descriptive about "without level 2 IP address" so we can try to answer more clearly.

[berhan30]

the switch using the ARP protocol type switch is Alcatel os 6450-u24 .

[jdalrymple]

This appears to be a standard layer 2 switch to me. It *should* respond to the standard IF-MIB snmp queries and *should* be monitorable just the same as any other layer 2 switch.

https://exchange.nagios.org/directory/P ... -Bandwidth

[berhan30]

* please give me an example of a router contains more the IP address/ as followings: 0/1 10.1.1.3 eth, eth0/2 192.168.2.4
* an example of a switch level 2 without ip adress

[jdalrymple]

Giving you a full working example of a router configuration is a bit more involved than it needs to be. The requests here are quite ironic, you want to see the monitoring of a device with more than 1 IP and also the monitoring of a device with less than 1 IP.

With more than 1 IP the monitoring is trivial. Here is a layer 3 switch with 2 IP addresses:

Code: Select all

[jdalrymple@localhost ~]$ snmpwalk -v 2c -c <community> <ip-addr> ipAdEntAddr
IP-MIB::ipAdEntAddr.172.16.100.4 = IpAddress: 172.16.100.4
IP-MIB::ipAdEntAddr.192.168.0.4 = IpAddress: 192.168.0.4
[jdalrymple@localhost ~]$ snmpwalk -v 2c -c <community> <ip-addr> ifHCInOctets
IF-MIB::ifHCInOctets.1 = Counter64: 170402759
IF-MIB::ifHCInOctets.200 = Counter64: 12142126
IF-MIB::ifHCInOctets.301 = Counter64: 38959485
IF-MIB::ifHCInOctets.5001 = Counter64: 182855543845
IF-MIB::ifHCInOctets.5002 = Counter64: 1565942246227
IF-MIB::ifHCInOctets.5003 = Counter64: 281975231688
IF-MIB::ifHCInOctets.5004 = Counter64: 416051246286
IF-MIB::ifHCInOctets.10101 = Counter64: 3501616798324
IF-MIB::ifHCInOctets.10102 = Counter64: 0
IF-MIB::ifHCInOctets.10103 = Counter64: 864240
IF-MIB::ifHCInOctets.10104 = Counter64: 414986204
IF-MIB::ifHCInOctets.10105 = Counter64: 696392
IF-MIB::ifHCInOctets.10106 = Counter64: 101276968
IF-MIB::ifHCInOctets.10107 = Counter64: 47592741355
IF-MIB::ifHCInOctets.10108 = Counter64: 33100934
IF-MIB::ifHCInOctets.10109 = Counter64: 46990079848
IF-MIB::ifHCInOctets.10110 = Counter64: 0
IF-MIB::ifHCInOctets.10111 = Counter64: 71901691996
IF-MIB::ifHCInOctets.10112 = Counter64: 344149572503
IF-MIB::ifHCInOctets.10113 = Counter64: 847025330692
IF-MIB::ifHCInOctets.10114 = Counter64: 718916922708
IF-MIB::ifHCInOctets.10115 = Counter64: 150025228865
IF-MIB::ifHCInOctets.10116 = Counter64: 62134140688
IF-MIB::ifHCInOctets.10117 = Counter64: 598837164772
IF-MIB::ifHCInOctets.10118 = Counter64: 197816472991
IF-MIB::ifHCInOctets.10119 = Counter64: 317441822940
IF-MIB::ifHCInOctets.10120 = Counter64: 17631616
IF-MIB::ifHCInOctets.10121 = Counter64: 0
IF-MIB::ifHCInOctets.10122 = Counter64: 0
IF-MIB::ifHCInOctets.10123 = Counter64: 43479903134
IF-MIB::ifHCInOctets.10124 = Counter64: 139375641095
IF-MIB::ifHCInOctets.10125 = Counter64: 0
IF-MIB::ifHCInOctets.10126 = Counter64: 0
IF-MIB::ifHCInOctets.10127 = Counter64: 0
IF-MIB::ifHCInOctets.10128 = Counter64: 0

No problem with this. As for

* an example of a switch level 2 without ip adress

how do you currently manage your layer 2 device if you don't have an IP address on it? Does it have a custom management piece of software? If so does that software offer a way to extract switch data?

[berhan30]

this is the project image : this is the link http://www.mediafire.com/view/ywf6ropmw ... roject.jpg
please give me an example of configure and how to define host?
thank you

[jdalrymple]

As I mentioned - monitoring a host with more than 1 IP address is trivial:

Code: Select all

define host {
       host_name                                firewall
       address                                  172.x.x.x
       check_command                            check_ping
       parents                                  switch
       ....
}

There is nothing special about a host with multiple IPs, you just have to choose one to connect to. A host with NO IPs is not trivial. You need to answer the question:

how do you currently manage your layer 2 device

ARP only on your drawing doesn't sit well in my mind. ARP is not any sort of protocal that i'm familiar with for managing a network device. If it is how you manage, I suspect that Alcatel must also have some proprietary monitoring magic built in. At the end of the day - Nagios communicates with hosts over IP. It can perform checks of an arbitrary nature, so if you can somehow leverage ARP to return data from your switch a script can probably be written to leverage that data in a useful manner by Nagios. Mostly though, you've just lost me...

One thing that would make this all moot would be to simply give your switch an IP. Is there a reason you can't?

Chapter 27: http://enterprise.alcatel-lucent.com/as ... _revD1.pdf

[berhan30]

This is another image of the project: here is the link http://www.mediafire.com/view/jhdf2o99b ... oject2.jpg
* how to configure the host router: eth0/1: 10.x.x.x and eth0/2: 192.x.x.x
* how to configure the host firewall for outside eth0/0:10.x.x.1 , inside eth0/1: 172.x.x.x
* switch use the ARP table (are there a configuration for the switch or no ?)
* other hosts defined in the picture is correct or not ?
router
define host {
host_name router-cisco
address 10.x.x.2
}

firewall
define host {
host_name firewall
address 172.x.x.x
parents router-cisco
}

server web

define host {
host_name server-web
address 172.x.x.1
parents firewall
}

* for the router and firewall can I use the snmp protocole to put address ip or no?if no help me
thank you

[jdalrymple]

* how to configure the host router: eth0/1: 10.x.x.x and eth0/2: 192.x.x.x
* how to configure the host firewall for outside eth0/0:10.x.x.1 , inside eth0/1: 172.x.x.x

Monitoring interfaces on a host would be a service. You can do a couple of things:

1) Monitor the interface traffic/status. This type of monitoring doesn't care about your IP addresses - they simply don't matter
2) Simple ping check to the IP address to make sure layer 3 is working, for this you would use check_icmp

For monitoring the actual bits of the host you only need to know 1 IP address to which you can connect from your Nagios server. Typically there is a management IP you use, and it's typically the one you ssh or telnet to when making adjustments to the router. The IP addresses on the other interfaces simply DO NOT matter in the context of simple monitoring of a host.

* switch use the ARP table (are there a configuration for the switch or no ?)

I think I'm going to give up and say that Nagios cannot do this. You cannot monitor what you cannot speak with. Nagios uses TCP/IP proper to communicate with its monitored hosts, and by proxy sometimes it can monitor using other protocols such as modbus, rs-232, etc. Since I'm absolutely clueless as to how you would bolt monitoring onto the ARP protocol I'm going to say it's outside of the scope of what Nagios is capable of and leave it at that. My suggestion - add an IP address to the switch. If you can't, it tells me your environment is too secure to be monitored

Code: Select all

define host {
host_name router-cisco
address 10.x.x.2
}

firewall
define host {
host_name firewall
address 172.x.x.x
parents router-cisco
}

server web

define host {
host_name server-web
address 172.x.x.1
parents firewall
}

These look OK other than the parents. In your picture, router-cisco's parent is firewall, firewall's parent is switch (which it sounds like you won't be monitoring, in which case there is no parent) and the server web also has no parent.

* for the router and firewall can I use the snmp protocole to put address ip or no?if no help me

What you can do with the SNMP protocol is at the discretion of the vendor of your router and firewall, but typically almost anything can be monitored. I'm not sure what exactly you're trying to do, "to put address ip or no" is not something I'm able to understand. Can you rephrase just what it is you want to accomplish?