Static route for Nag XI server

[wesleyc]

I'm setting up a Nag XI server and I cant reach other hosts from different subnets. I feel that some static routes need to be installed to tell the Nag server where to go. We have other servers in the environment that can reach any of our other servers (Cisco ISE/Prime, ESX, AD...etc)in any of our 3 data centers. I was able to hit all the devices that are local to the 10.10.254.xxx subnet and they are set for monitoring. I listed some of the output from the Nag server below.

[root@localhost network-scripts]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group def
ault qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state U
P group default qlen 1000
link/ether 00:50:56:a8:ec:17 brd ff:ff:ff:ff:ff:ff
inet 10.10.254.83/8 brd 10.255.255.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fea8:ec17/64 scope link
valid_lft forever preferred_lft forever

[root@localhost ~]# ip route list
default via 10.10.254.6 dev ens33 proto static metric 100
10.0.0.0/8 dev ens33 proto kernel scope link src 10.10.254.83 metric 100

Nag server subnet
10.10.254.83/24 DFGW 10.10.254.6

cant reach hosts on subnets 10.100.xxx.xxx or 10.150.xxx.xxx.

When I ping from the server:
[root@localhost ~]# ping 10.10.254.6 <---Default GW for the subnet
PING 10.10.254.6 (10.10.254.6) 56(84) bytes of data.
64 bytes from 10.10.254.6: icmp_seq=1 ttl=255 time=2.53 ms
64 bytes from 10.10.254.6: icmp_seq=2 ttl=255 time=2.38 ms
64 bytes from 10.10.254.6: icmp_seq=3 ttl=255 time=1.69 ms

[root@localhost ~]# ping 10.100.254.6 <---Default GW for the subnet
PING 10.100.254.6 (10.100.254.6) 56(84) bytes of data.
From 10.10.254.83 icmp_seq=1 Destination Host Unreachable
From 10.10.254.83 icmp_seq=2 Destination Host Unreachable
From 10.10.254.83 icmp_seq=3 Destination Host Unreachable
From 10.10.254.83 icmp_seq=4 Destination Host Unreachable
....
[root@localhost ~]# ping 10.150.254.6 <---Default GW for the subnet
PING 10.150.254.6 (10.150.254.6) 56(84) bytes of data.
From 10.10.254.83 icmp_seq=1 Destination Host Unreachable
From 10.10.254.83 icmp_seq=2 Destination Host Unreachable
From 10.10.254.83 icmp_seq=3 Destination Host Unreachable
From 10.10.254.83 icmp_seq=4 Destination Host Unreachable

routing tables from intersite routers.
O 10.10.254.0/24 [110/2] via 10.255.10.241, 7w0d, Port-channel10.901
C 10.10.254.5/32 is directly connected, Loopback2
....
B 10.100.0.0/16 [20/0] via 10.249.0.100, 4d08h
B 10.100.252.0/24 [20/2] via 10.249.0.100, 4d08h
B 10.100.253.240/28 [20/101] via 10.249.0.100, 4d08h
B 10.100.254.0/24 [20/2] via 10.249.0.100, 4d08h
....
B 10.150.0.0/16 [20/0] via 10.249.0.150, 4d08h
B 10.150.254.0/24 [20/101] via 10.249.0.150, 4d08h

[cdienger]

Try setting the IP of the XI server to 10.10.254.83/16. With the /8 subnet it don't think it would be able to recognize the other subnets as being on different networks and that it would need to direct the packets to the default gw.

[wesleyc]

Ok. I'm not an avid bash scripter. What would be the command line syntax to make that change on the Nag server?

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group defau
lt qlen 1000
link/ether 00:50:56:a8:ec:17 brd ff:ff:ff:ff:ff:ff
inet 10.10.254.83/8 brd 10.255.255.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fea8:ec17/64 scope link
valid_lft forever preferred_lft forever
printf "\033]0;%s@%s:%s\007" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/~}"

[scottwilkerson]

This all varies by OS but something like this

Code: Select all

route add default gw <default_gateway_ip>

Keep in mind that this changes are only temporary. To change default gateway permanently you need to edit the file /etc/sysconfig/network and change to:

Code: Select all

GATEWAY=<new_default_gateway_ip>

[wesleyc]

Here is the output of cat /etc/*release.

which files do I need to edit to make the changes correctly ?

[root@localhost ~]# cat /etc/*release
cat /etc/*release
CentOS Linux release 7.5.1804 (Core)
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"

CentOS Linux release 7.5.1804 (Core)
CentOS Linux release 7.5.1804 (Core)
printf "\033]0;%s@%s:%s\007" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/~}"

[scottwilkerson]

The above would be proper for setting a default gateway on CentOS 7

[wesleyc]

So you are saying all I have to do is add

GATEWAY=<new_default_gateway_ip>
in
/etc/sysconfig/network
and everything should work?"

Where would I change the subnet mask from /8 to a /16?

[scottwilkerson]

So you are saying all I have to do is add

GATEWAY=<new_default_gateway_ip>
in
/etc/sysconfig/network
and everything should work?"

Where would I change the subnet mask from /8 to a /16?

If your default gateway knows how to route the traffic this should fix it.

As for changing the subnet it all depends on how you added the other route.

It is difficult from here to know what your network topology is and what your Network administrators expect your servers to have as far as routing.

[wesleyc]

All set!!

with the help from the Nagios support team (thanks Aaron) these are the steps I followed.

-To add default gateway on the nag server.
no default gateway to reach other subnets (10.100.254.xxx or 10.150.254.xxx) in the other data centers

Before the change. You notice the server IP has a /8 subnet mask. This prevented the Nag server from reaching the other management IP's in the other data centers.

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group defau
lt qlen 1000
link/ether 00:50:56:a8:ec:17 brd ff:ff:ff:ff:ff:ff
inet 10.10.254.83/8 brd 10.255.255.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fea8:ec17/64 scope link
valid_lft forever preferred_lft forever
printf "\033]0;%s@%s:%s\007" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/~}"


Commands used to change the subnet mask.

1.type command below at the cli to open the editor:

"nano /etc/sysconfig/network"

2.in the editor type below:

"GATEWAY=<new_default_gateway_ip>" - add IP address.

hit crtl x to get out of editor and it will save.

3.need to restart the networking service on the machine. type commands below.

"systemctl status network.service"- gets status of networking service.

output from command

systemctl status network.service
● network.service - LSB: Bring up/down networking
Loaded: loaded (/etc/rc.d/init.d/network; bad; vendor preset: disabled)
Active: active (exited) since Mon 2018-11-05 15:33:49 EST; 14min ago
Docs: man:systemd-sysv-generator(8)
Process: 18239 ExecStop=/etc/rc.d/init.d/network stop (code=exited, status=0/SUCCESS)
Process: 18452 ExecStart=/etc/rc.d/init.d/network start (code=exited, status=0/SUCCESS)

Nov 05 15:33:48 localhost.localdomain network[18452]: /etc/sysconfig/network: line 1: ...'
Nov 05 15:33:48 localhost.localdomain network[18452]: /etc/sysconfig/network: line 1: ...'
Nov 05 15:33:48 localhost.localdomain network[18452]: [ OK ]
Nov 05 15:33:48 localhost.localdomain network[18452]: Bringing up interface ens33: .....'
Nov 05 15:33:48 localhost.localdomain network[18452]: ../network: line 1: `GATEWAY=<10...'
Nov 05 15:33:49 localhost.localdomain network[18452]: Connection successfully activate...)
Nov 05 15:33:49 localhost.localdomain network[18452]: [ OK ]
Nov 05 15:33:49 localhost.localdomain systemd[1]: Started LSB: Bring up/down networking.
Nov 05 15:33:49 localhost.localdomain network[18452]: /etc/sysconfig/network: line 1: ...'
Nov 05 15:33:49 localhost.localdomain network[18452]: /etc/sysconfig/network: line 1: ...'
Hint: Some lines were ellipsized, use -l to show in full.
printf "\033]0;%s@%s:%s\007" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/~}

"systemctl restart network.service" - restarts the networking service

4. type "echo$?"

Output once changes have take effect. Subnet mask has changed to a /24
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group defau
lt qlen 1000
link/ether 00:50:56:a8:ec:17 brd ff:ff:ff:ff:ff:ff
inet 10.10.254.83/24 brd 10.10.254.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fea8:ec17/64 scope link
valid_lft forever preferred_lft forever
printf "\033]0;%s@%s:%s\007" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/~}"

[scottwilkerson]

Glad it is resolved!!!

Locking thread