check_icmp/check_ping trigger values

Cook, Garry GWCOOK at mactec.com
Thu Feb 17 16:48:00 CET 2005


nagios-users-admin at lists.sourceforge.net wrote:
> We are using Nagios 1.2 and are evaluating check_icmp as a check_ping
> replacement. Nagios is currently monitoring 21 branchoffices with
> Cisco 
> switches and routers using 2mBit connections to each site.
> 
> The reason for replacing check_ping is that it produces
> critical errors sporadicly. It is pertinent to mention that
> the critical errors only occurs during the first checks and
> therefore does not send notifications. My mission is to
> drasticly lower the amount of errors occuring to an absolute minimum.
> 
> What are the most sensible trigger values to use with
> check_icmp or check_ping?
> The original Nagios configuration (the same I am using) are:
> check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 1 -t 20

Sensible trigger values really depend on the reliability and latency of YOUR network. With that said, the values that you are using above appear to be the default for check_ping when used to check Host UP/DOWN status, not for a standard ICMP service check.

 
> My definition of sensible in this case is using a value that
> is producing as few errors as possible, when there are no
> real problems. Not sure if this is a attainable goal or not
> since I know that some equipment drops ICMP packets if they
> are to busy.

I think you may need to answer a few different quesitons here.

Q1) Do I want to use check_ping or check_icmp?
A1) Search the list for information on check_icmp, Andreas (author) has posted many times as to why check_icmp might be considered a better replacement for check_ping.

Q2) Am I using the correct values for my service checks?
A2) No matter which one of the plugins you decide to use, I believe that you will want to send more than one packet, and possibly alert on lower thresholds than what you have defined above.

> Any views or comments are appreciated.


I'm using check_icmp. For Service checks I send the default amount of packets (5 or maybe 10, can't recall), and Warn on 300ms RTT and/or 40% packet loss. Critical is defined as any check that reports 500ms RTT and/or 60% packet loss. In some cases where I have known high latency/unreliable links, I've defined a new check called SLOW_PING that reports WARNING/CRITICAL on 600ms/900ms.
For my host checks, I use exactly what you have defined above.

HTH

Garry W. Cook, CCNA
Network Infrastructure Manager
MACTEC, Inc. - http://www.mactec.com/
303.273.5050 (Office) - 720.220.1862 (Mobile)
 
> Best regards,
> Sebastian Bergstroem
> 
> ----------------------------------------------
> Sebastian Bergstroem
> Technical coordinator
> Kunskapsskolan i Sverige AB
> sebastian.bergstroem at kunskapsskolan.se
> -----------------------------------------------



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list