Forwarding through intermediate nodes?

Roman Fiedler roman.fiedler at telbiomed.at
Mon Mar 30 18:43:05 CEST 2009

Previous message: Forwarding through intermediate nodes?
Next message: Internet speed
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andreas Ericsson wrote:
> I think I'd solve this using a small custom script that runs all the checks
> you want against the nodes (I suppose all nodes require more or less identical
> checks) and sends the results back to the Nagios server as passive checks.
>
> If the head nodes aren't allowed to talk to Nagios, they could publish the
> checkresults (along with a timestamp) through some other means, like http,
> ftp or even just a simple netcat session where a polling script on the
> Nagios server can fetch them later. Make sure to include a timestamp in the
> results-file if you do that, so you can verify that the checks are actually
> being run.
>
> Interesting problem. I'd take it kindly if you keep us posted :)

I'm using stunnel to forward the messages via intermediate nodes and I'm 
quite happy with it: Each intermediate node does a namespace 
transformation for the hostname (most of them just prepending the zone 
name), so that I can use the same minimal monitoring script on all 
leaf-nodes (which are sending the same "node name" for redundant and 
nearly identical nodes)

Since name space transformation happens on the stunnel side closer to 
nagios+apache server, no node can send an invalid nagios service 
identifier to fake  messages for other nodes and each connection is 
secured with own client/server key pair to fight message injection.

The tunnel will also do an additional input validation for the forwarded 
messages and output of "invalid" messages (for services/hosts just new 
to the tree) can be used to create nagios configuration automatically.

------------------------------------------------------------------------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: Forwarding through intermediate nodes?
Next message: Internet speed
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list