Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Packet size

https://support.nagios.com/forum/viewtopic.php?t=22363

Page 1 of 1

Packet size

Posted: Thu Dec 05, 2013 8:19 pm
by justine
Hi! I plan to monitor Quintum VOIP but will only use ICMP service of Nagios to check it.
How will I know the size of the packet sent by Nagios to these Quintum and how long does it stay in there?
We worry about the possible traffic Nagios may cause.
Please advise. Thanks.

Re: Packet size

Posted: Fri Dec 06, 2013 10:01 am
by tmcdonald
Just a test between my two systems:

Code: Select all

root@localhost: ~
$ tcpdump -vvvv -s0 icmp
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
20:00:55.412097 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 96)
    192.168.1.128 > 192.168.1.129: ICMP echo request, id 47401, seq 0, length 76
20:00:55.412131 IP (tos 0x0, ttl 64, id 40233, offset 0, flags [none], proto ICMP (1), length 96)
    192.168.1.129 > 192.168.1.128: ICMP echo reply, id 47401, seq 0, length 76
20:00:55.412452 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 96)
    192.168.1.128 > 192.168.1.129: ICMP echo request, id 47401, seq 0, length 76
20:00:55.412463 IP (tos 0x0, ttl 64, id 40234, offset 0, flags [none], proto ICMP (1), length 96)
    192.168.1.129 > 192.168.1.128: ICMP echo reply, id 47401, seq 0, length 76
20:00:55.412573 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 96)
    192.168.1.128 > 192.168.1.129: ICMP echo request, id 47401, seq 0, length 76
20:00:55.412580 IP (tos 0x0, ttl 64, id 40235, offset 0, flags [none], proto ICMP (1), length 96)
    192.168.1.129 > 192.168.1.128: ICMP echo reply, id 47401, seq 0, length 76
20:00:55.412661 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 96)
    192.168.1.128 > 192.168.1.129: ICMP echo request, id 47401, seq 0, length 76
20:00:55.412667 IP (tos 0x0, ttl 64, id 40236, offset 0, flags [none], proto ICMP (1), length 96)
    192.168.1.129 > 192.168.1.128: ICMP echo reply, id 47401, seq 0, length 76
20:00:55.412798 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 96)
    192.168.1.128 > 192.168.1.129: ICMP echo request, id 47401, seq 0, length 76
20:00:55.412804 IP (tos 0x0, ttl 64, id 40237, offset 0, flags [none], proto ICMP (1), length 96)
    192.168.1.129 > 192.168.1.128: ICMP echo reply, id 47401, seq 0, length 76

Code: Select all

root@nagios: /usr/local/nagios/libexec
$ ./check_icmp 192.168.1.129
OK - 192.168.1.129: rta 0.268ms, lost 0%|rta=0.268ms;200.000;500.000;0; pl=0%;40;80;;
Unless I am reading tcpdump wrong, it looks like there are 5 ICMP requests sent per check_icmp run, each being 96 in length, and of course 5 replies as well at 76 bytes each. 480 sent, 380 back, 860 total.

Re: Packet size

Posted: Mon Dec 09, 2013 8:51 pm
by justine
Hi tmcdonald! To get the result, I will command tcpdump -vvvv -s0 icmp in the Nagios server?
Will this command display all my monitored servers with ping service?

Re: Packet size

Posted: Tue Dec 10, 2013 10:21 am
by tmcdonald
No. You had asked about the packet size of an ICMP check so I ran one between two servers and monitored the exchange. tcpdump showed the packet size. If you want to use ICMP to check a server, you need to need check_icmp as above:

Code: Select all

./check_icmp 192.168.1.129
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited