Standard Nagios Plugins 1.4.9 and IPv6 problem?

Frost, Mark {PBG} mark.frost1 at pepsi.com
Fri Sep 21 17:20:53 CEST 2007



Actually, what seems to happen is this, assuming the plugin is trying to
run a check on foo.bar.com (note that we have multiple search domains
configured):

- the plugins sees that the box has definitions for IPv6 so it opens
that socket type and has the resolver query (generates requests for AAAA
record types).
- because that first request fails, it sends another request now trying
with a search domain combination, say "foo.bar.com.biz.pvt" (usually
just stupidly appending a domain to an already FQDN).  That fails, so it
continues on down the search domain list until it's exhaused.  They all
fail of course.  So with 4 search domains, that's 5 queries of AAAA
records.
- now the system fails back to IPv4 and does a A record query and
magically, gets an answer the first try.

As has been suggested, we were already trying to get a caching DNS
server on this box (yes, it seems nuts to me to not be running one there
to begin with but that's a long story).  That should at least alleviate
the network traffic issue.   I don't know for sure how that part would
work, but I'd assume that perhaps the IPv6 DNS queries would be local
(unix domain socket?) and would be less of a bother although it would
still be unnecessary.

Thanks.

Mark

-----Original Message-----
From: Ton Voon [mailto:ton.voon at altinity.com] 
Sent: Friday, September 21, 2007 10:29 AM
To: Frost, Mark {PBG}
Cc: Nagios Users mailinglist
Subject: Re: [Nagios-users] Standard Nagios Plugins 1.4.9 and IPv6
problem?


On 20 Sep 2007, at 19:36, Frost, Mark {PBG} wrote:

> We're looking to changes the modules file for this box to prevent any
> component of IPv6 being loaded, but I'm still not convinced that will
> dissuade the plugins from going on their merry way.

Sorry to jump in late on this thread.

In the plugins code, the is_hostname routine tries to verify if the  
hostname is valid and I think this is through the resolver libraries,  
so will use DNS (regardless of OS caching). I think more recent  
resolver libraries will try ipv6 resolution before ipv4, which is  
beyond the scope of the plugins.

As some people have already pointed out, checking the validity of the  
hostname is redundant. The better approach is to just make the call  
with the hostname specified on the command line and catch any errors.

I believe this is why your DNS servers see multiple calls for the  
same hostname from a single plugin invocation.

While removing the is_hostname calls is not too difficult, making  
sure that an appropriate error is propagated into the plugin output  
could be quite time-consuming.

Ton

http://www.altinity.com
T: +44 (0)870 787 9243
F: +44 (0)845 280 1725
Skype: tonvoon


-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list