I've tried but doesn't have more info than I posted before :S
Subject: |
RE: Core 4.2.5 zenping not working correctly |
Author: |
Jane Curry |
Posted: |
2017-08-03 07:55 |
Sounds like maybe something major changed in your network? New firewall configs?
Been working with someone else recently who has zenping reporting some devices as down. Suggestions for diagnosing are:
1) Increase the log level on the zenping daemon. You can do this on the running daemon with "zenping debug". It's a toggle switch so another "zenping debug" switches logging back to the standard info level.
2) Look at $ZENHOME/log/zenping.log. You should find that pings are actually sent using the nmap protocol so lines like:
2017-08-03 11:12:39,374 DEBUG zen.NmapPingTask: executing nmap -iL /tmp/zenping_nmap_9mWI8l -sn -PE -n --privileged --send-ip -T5 --min-rtt-timeout 1.5s --max-rtt-timeout 1.5s --max-retries 1 --min-rate 1 -oX -
zenping actually constructs a temporary file; for the above line it is /tmp/zenping_nmap_9mWI8l , which has a list of all devices to be pinged. This file get recreated each ping cycle time so actually catching a file is tricky - shouldn't need it though. In the zenping.log file, you should see lines like:
2017-08-03 11:12:45,585 DEBUG zen.NmapPingTask: 172.16.223.1 is up!
3) By default, Zenoss builds its own internal map of the network by adding a --traceroute parameter to the nmap command for every 5th poll. I have seen instances where the normal nmap ping test works but the traceroute version does not. It hangs and then normal polls get queued up behind it and the device appears down. To prevent this, edit $ZENHOME/etc/zenping.conf and change traceroute-interval from the default of 5 to 0 - that should prevent the traceroute polls. Stop and start the zenping daemon with:
zenping stop
zenping start
Note this will have turned off the debug flag. If you want to keep it on while you continue to debug, change the logseverity parameter in zenping.conf from 20 to 10, but don't leave it like this permanently. Recheck the log file.
4) If you want to manually run an nmap command against a specific device, copy the nmap command from your logfile. Omit the " -iL /tmp/zenping_nmap_9mWI8l" bit and put the DNS name or IP address on the end of the command. I would also change the output format from XML (-oX) to normal (-oN). So, to test the host zenny.skills-1st.co.uk , use:
nmap -sn -PE -n --privileged --send-ip -T5 --min-rtt-timeout 1.5s --max-rtt-timeout 1.5s --max-retries 1 --min-rate 1 -oN - zenny.skills-1st.co.uk
... to get output like:
# Nmap 5.51.4 scan initiated Thu Aug 3 11:36:31 2017 as: nmap -sn -PE -n --privileged --send-ip -T5 --min-rtt-timeout 1.5s --max-rtt-timeout 1.5s --max-retries 1 --min-rate 1 -oN - zenny.skills-1st.co.uk
Nmap scan report for zenny.skills-1st.co.uk (192.168.10.1)
Host is up (0.00033s latency).
MAC Address: 00:50:56:C0:00:08 (VMware)
You could also add the --traceroute command back in:
nmap -sn -PE -n --privileged --send-ip -T5 --min-rtt-timeout 1.5s --max-rtt-timeout 1.5s --max-retries 1 --min-rate 1 --traceroute -oN - zenny.skills-1st.co.uk
Hope that helps someone!
Cheers,
Jane
------------------------------
Jane Curry
Skills 1st United Kingdom
jane.curry@skills-1st.co.uk
------------------------------