check_nrpe : No route to host

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
donnyforbes
Posts: 357
Joined: Tue Jun 13, 2017 2:17 pm

Re: check_nrpe : No route to host

Post by donnyforbes »

So I ran the following command on my RHEL remote host sever and saw the following.

[root@huey xinetd.d]# firewalld-cmd --zone=public --list-all
-bash: firewalld-cmd: command not found
[root@huey xinetd.d]# firewall-cmd --zone=public --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eno1
sources:
services: dhcpv6-client ssh
ports: 2301/tcp 80/tcp 9102/tcp 10033/tcp 10032/tcp 10023/tcp 10022/tcp 10030/tcp 2381/tcp 10031/tcp
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:

I don't see port 5666/tcp listed there however when I run the command:
[root@huey xinetd.d]# firewall-cmd --zone=public --add-port=5666/tcp
success
[root@huey xinetd.d]#

Now I see this here
[root@huey xinetd.d]# firewall-cmd --zone=public --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eno1
sources:
services: dhcpv6-client ssh
ports: 5666/tcp 2301/tcp 80/tcp 9102/tcp 10033/tcp 10032/tcp 10030/tcp 10022/tcp 10023/tcp 2381/tcp 10031/tcp
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:

From the Nag server I am now getting this. What does this mean?
[root@nag ~]# /usr/local/nagios/libexec/check_nrpe -H 192.168.1.42
CHECK_NRPE: Error - Could not connect to 192.168.1.42: Connection reset by peer

This is a different error message.
donnyforbes
Posts: 357
Joined: Tue Jun 13, 2017 2:17 pm

Re: check_nrpe : No route to host

Post by donnyforbes »

Remote host:

[root@huey xinetd.d]# netstat -at | egrep "nrpe|5666"
tcp 0 0 0.0.0.0:nrpe 0.0.0.0:* LISTEN
tcp6 0 0 [::]:nrpe [::]:* LISTEN

[root@huey xinetd.d]# ps -ef |grep nrpe
nagios 10247 1 0 13:06 ? 00:00:00 /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -f
root 10800 21113 0 13:07 pts/1 00:00:00 grep --color=auto nrpe
[root@huey xinetd.d]#

From Nag Server
[root@nag ~]# /usr/local/nagios/libexec/check_nrpe -H 192.168.1.42
CHECK_NRPE: Error - Could not connect to 192.168.1.42: Connection reset by peer
[root@nag ~]#

Config /etc/xinetd.d/nrpe
"disable = no"

systemctl restart xinetd.service
systemctl restart nrpe

now I see a different message. Also, I have verified that the /etc/hosts.allow has the IP address of the Nagios server from the Remote Hosts.
[root@nag ~]# /usr/local/nagios/libexec/check_nrpe -H 192.168.1.42
CHECK_NRPE: Error - Could not connect to 192.168.1.42: Connection reset by peer
donnyforbes
Posts: 357
Joined: Tue Jun 13, 2017 2:17 pm

Re: check_nrpe : No route to host

Post by donnyforbes »

when running the following command from the nagios server:
/usr/local/nagios/libexec/check_nrpe -H 192.168.1.42

I am seeing the following in the /var/log/messages
Jun 19 08:08:02 nag check_nrpe: Error: Could not complete SSL handshake with 192.168.1.42: rc=-1 SSL-error=5

Here is my /etc/xinetd.d/nrpe

[root@huey ~]# cat /etc/xinetd.d/nrpe
# default: off
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
disable = no
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
only_from = 192.168.1.186
log_on_success =
}

Here is my out put on remote host for nrpe port 5666

[root@huey ~]# netstat -at | egrep "nrpe|5666"
tcp 0 0 0.0.0.0:nrpe 0.0.0.0:* LISTEN
tcp6 0 0 [::]:nrpe [::]:* LISTEN

Here is a traceroute from nagios server to host
traceroute to 192.168.1.42 (192.168.1.42), 30 hops max, 60 byte packets
1 huey.sg1.allamericanasphalt.com (192.168.1.42) 2.597 ms !X 2.560 ms !X 2.540 ms !X

Here is a traceroute from host to nagios server
traceroute 192.168.1.186
traceroute to 192.168.1.186 (192.168.1.186), 30 hops max, 60 byte packets
1 nag.sg1.allameircanasphalt.com (192.168.1.186) 0.366 ms !X 0.353 ms !X 0.337 ms !X

I am not sure what I am missing here any help or ideas would be great. Thank you so much.
User avatar
tgriep
Madmin
Posts: 9177
Joined: Thu Oct 30, 2014 9:02 am

Re: check_nrpe : No route to host

Post by tgriep »

I think the issue now is that you are running the NRPE Agent as a daemon and also out of xinetd and that is causing a conflict.
If you want to run the Agent from xinetd, stop the service from running.
Then restart xinetd by running

Code: Select all

service xinetd retart
Then, if you run the following command as root on the remote server,

Code: Select all

netstat -anp |grep 5666
It should show you that it being started by xinetd like the example below.

Code: Select all

tcp        0      0 :::5666                     :::*                        LISTEN      3405/xinetd
Next, run the following on the Nagios server to test if it can connect to the Remote system

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H 192.168.1.42
/usr/local/nagios/libexec/check_nrpe -H 192.168.1.42 -n
If either of the command work, you should be able to monitor the remote system.
If they both fail, post the output.

You should take a look at this guide for possible fixes when using the NRPE Agent and you cannot connect to the remote host.
https://assets.nagios.com/downloads/nag ... utions.pdf
Be sure to check out our Knowledgebase for helpful articles and solutions!
donnyforbes
Posts: 357
Joined: Tue Jun 13, 2017 2:17 pm

Re: check_nrpe : No route to host

Post by donnyforbes »

Actually I got this to work I have installed it now on 4 of my RHEL machines, I am now putting it on CentOS release 6.6 (Final) running into some issue I will post about it.

Thanks
scottwilkerson
DevOps Engineer
Posts: 19396
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises
Contact:

Re: check_nrpe : No route to host

Post by scottwilkerson »

Thanks for letting us know. Please open a new thread if you have any other issues
Former Nagios employee
Creator:
ahumandesign.com
enneagrams.com
Locked