May be this question is like a dumb but I need help.
Is there any way to ping an IP from a Cisco device specially a router that is monitored through SNMP by zabbix? Have root/admin access to both router and zabbix. I need to ping the WAN Gateway of the router, currently I am checking ICMP from zabbix but if there is any disruption between zabbix and router it triggers but I need to get trigger actually if there is any disruption from the router to it's gateway. Interface down trigger does not help.
Is there any way to check ICMP from Cisco router and send the data to zabbix and log it?
Or any other way to get continuous ping data from router that is reportable by daily, weekely and day wise.
No, because you would need an external script for that, and it would fail if there is any disruption between Zabbix Server and router. You can't overcome that, but you can put a Zabbix Proxy "near" the router to mitigate it, if the issue is that there are many hops between Zabbix Server and router.
https://www.zabbix.com/documentation/current/manual/config/items/itemtypes/external
Related
in some cluster environments, there are pair servers that are HA 2 by 2. for example i have server1 with IP 22.1.1.1 and server2 with IP 22.1.1.2.
server1 is giving service and server2 is standby. there is this virtual IP 22.1.1.3 that other servers connect to it to get services from server1 and server2.
now i need to monitor this virtual IP to see if it is up and other servers outside its VLAN can connect to it. how i can do this in zabbix?
i don't have an actual physical server to create in zabbix according to this question. i tried to create one but i got errors. also this question is asked 3 years ago. is there any new features i can use to solve this problem?
You can create a host with agent ip 22.1.1.3 and monitor it in agentless mode.
You can ping it (icmpping), connect to a tcp port that you know it's open (net.tcp.service) or, in case of a web service, do a http call with the http agent and react accordingly.
Just create the correct items/templates according to the simple check and http agent documentation.
You do not need a physical server to create a host.
You can create a host with the target IP address and use various items against it - based on your question, you do not need agent items, but some other (remote) type.
Scenario:
I need to have access to a socket server from internet. This server is on a machine that can have a dynamic IP and can be behind router NAT etc and I don't want to configure "port forwarding" dynamic DNS for going out.
My idea is to run socket in a server that client (app) and machine with dynamic IP can connect and the server create data channel from client and master.
Master ----- Socket Mirror with DNS ---- Client (can be more than one)
what is the best way to do this? Backend service like google cloud services? or other ?
The thing you are discussing is about to implement a TCP tunnel, since the question is more general I can't answer with code; I recommend services like ngrok, where it establishes a tunnel between remote server & dynamic IP server, the software is opensource.
NOTE: if you need answer specific to languages search with TCP tunnel.
For example, when you make an ssh connection, you are connected to port 22. What happens then? On a very high level brief overview, I know that if port 22 is open on the other end and if you can authenticate to it as a certain user, then you get a shell on that machine.
But I don't understand how ports tie into this model of services and connections to different services from remote machines? Why is there a need for so many specific ports running specific services? And what exactly happens when you try to connect to a port?
I hope this question isn't too confusing due to my naive understanding. Thanks.
Imagine your server as a house with 65536 doors. If you want to visit family "HTTP", you go to door 80. If you were to visit family "SMTP", you would visit door no. 25.
Technically, a port is just one of multiple possible endpoints for outgoing/incomming connections. Many of the port numbers are assigned to certain services by convention.
Opening/establishing a connection means (when the transport protocol is TCP, which are most of the “classical” services like HTTP, SMTP, etc.) that you are performing a TCP handshake. With UDP (used for things like streaming and VoIP), there's no handshake.
Unless you want to understand the deeper voodoo of IP networks, you could just say, that's about it. Nothing overly special.
TCP-IP ports on your machine are essentially a mechanism to get messages to the right endpoints.
Each of the possible 65536 ports (16 total bits) fall under certain categories as designated by the Internet Assigned Numbers Authority (IANA).
But I don't understand how ports tie into this model of services and
connections to different services from remote machines? Why is there a
need for so many specific ports running specific services?
...
And what exactly happens when you try to connect to a port?
Think of it this way: How many applications on your computer communicate with other machines? Web browser, e-mail client, SSH client, online games, etc. Not to mention all of the stuff running under the hood.
Now think: how many physical ports do you have on your machine? Most desktop machines have one. Occasionally two or three. If a single application had to take complete control over your network interface nothing else would be able to use it! So TCP ports are a way of turning 1 connection into 65536 connections.
For example, when you make an ssh connection, you are connected to
port 22. What happens then?
Think of it like sending a package. Your SSH client in front of you needs to send information to a process running on the other machine. So you supply the destination address in the form of "user#[ip or hostname]" (so that it knows which machine on the network to send it to), and "port 22" (so it gets to the right application running on the machine). Your application then packs up a TCP parcel and stamps a destination and a return address and sends it to the network.
The network finds the destination computer and delivers the package. So now it's at the right machine, but it still needs to get to the right application. What do you think would happen if your SSH packet got delivered to an e-mail client? That's what the port number is for. It effectively tells your computer's local TCP mailman where to make the final delivery. Then the application does whatever it needs to with the data (such as verify authentication) and sends a response packet using your machine's return address. The back and forth continues as long as the connection is active.
Hope that helps. :)
The port is meant to allow applications on TCP/IP to exchange data. Each machine on the internet has one single address which is its IP. The port allows different applications on one machine to send and receive data with multiple servers on the network/internet. Common application like ftp and http servers communicate on default ports like 21 and 80 unless network administrators change those default ports for security reasons
Problem statement:
Suppose a parent server is hosted on a machine IP: 1.1.1.1 and that server some time communicates with three different servers say A (1.1.1.2), B (1.1.1.3), C (1.1.1.4). Those servers may be database servers or any other servers.
Now from your browser you can send a http request to 1.1.1.1/somePage.htm, as a result some TCP packet will go to the server 1.1.1.1, and 1.1.1.1 can send and receive some TCP packets from A,B,C as well.
Aim is to get the information of all TCP packets from the browser machine, without installing any agent software in any servers.
One solution is we can write a code at the 1.1.1.1 server machine that will filter all the TCP packets with respect to respective IPs. But I don’t want that solution.
Is there any way to solve this issue? Is it possible to introduce new protocol for this? But server codes can’t be modified.
Does "any agent software" includes something like Wireshark? Usually the way to look at all datagrams received is by using a sniffer like Wireshark or you can use tcpdump in Linux servers.
You can also use Netfilter to handle received packets in the server an take certain actions on them.
If all the above is included in what you don't want to do the only alternative I see is to add another server in the middle between the browser and the web server (or between the server and a load balancer if you have a load balancer) that acts only as a router or bridge. In that machine you can inspect and filter TCP segments with all the available tools.
I have a web server running out of my home. I have assigned it an address such as 192.168.1.123 on port 80.
I understand that this is running on my local network. If I go to another computer on my network and type in the server's ip address, I can see the server.
Is there a way to access this server from outside my LAN?
Yes, you need to set your router to forward connections to port 80 to your internal IP address (192.168.1.123). Look for Port Forwarding on your router admin screen which I would imagine you access by going to http://192.168.1.1
Keep in mind that your ISP may block port 80 completely in which case you can run your web server on a different port (for example por 8180) and have your router forward connections to port 8180 to your internal IP.
To access your server from outside, you just need to point your browser to your external IP address which you can find out by going to http://www.ipchicken.com
Assuming you have a connection to the internet:
https://github.com/progrium/localtunnel
is a quick way to access your local server from the internet. There might be similar implementations in other languages/platforms. This is just the one I know about.
Remember that security issues need to be carefully considered when opening your local network to the world.
If you use a PHP Webserver you can set it this way:
php -S <YourIPAdresse>:<SomePortNumber> <StartPHPpage>
Example: „php -S 192.168.1.123:9000 index.php"