that are part of the Nagios plug-ins package:
check_tcp and check_udp are used to check open ports on network hosts check_ping is used to check network host availability
check_nrpe is used to execute arbitrary plug-ins in other devices
Each console server is preconfigured with two checks that are specific to Black Box: check_serial_signals is used to monitor the handshaking lines on the serial ports check_port_log is used to monitor the data logged for a serial port.
10.4.3 Additional plug-ins
Additional Nagios plug-ins (listed below) are available for Advanced Console Servers (LES1208A, LES1216A, LES1248A:
check_apt check_by_ssh check_clamd check_dig
check_dns check_dummy check_fping check_ftp
check_game check_hpjd check_http check_imap
check_jabber check_ldap check_load check_mrtg
check_mrtgtraf check_nagios check_nntp check_nntps
check_nt check_ntp check_nwstat check_overcr
check_ping check_pop check_procs check_real
check_simap check_smtp check_snmp check_spop
check_ssh check_ssmtp check_swap check_tcp
check_time check_udp check_ups check_user
You can download these plug-ins from the Nagios plug-ins package from www.blackbox.com. You can also download and run bash scripts (primarily check_log.sh).
To configure additional checks, save the downloaded plug-in program in the tftp addins directory on the USB flash and save the downloaded text plug-in file in /etc/config
To enable these new additional checks, select Seria l& Network: Network Port, then Edit the Network Host you want to monitor, and select New Checks. The additional check option is included in the updated Nagios Checks list, and you can again customize the arguments.
10.4.4 Number of supported devices
Ultimately the number of devices that by any particular console server can support depends upon the number of checks made, and how often they are performed. Access method will also play a part. The table below shows the performance of three of the console servers:
Remote Console Manager
_____________________________________________________________________
724-746-5500 | blackbox.com
145
Time No encryption 3DES SSH tunnelNSCA for single check ~ ½ second ~ ½ second ~ ½ second
NSCA for 100 sequential checks 100 seconds 100 seconds 100 seconds NSCA for 10 sequential checks, batched upload 1 ½ seconds 2 seconds 1 second NSCA for 100 sequential checks, batched
upload
7 seconds 11 seconds 6 seconds
No encryption SSL no encryption -
tunneled over existing SSH
session NRPE time to service 1 check 1/10th second 1/3rd second 1/8th second NRPE time to service 10
simultaneous checks
1 second 3 seconds 1 ¼ seconds Maximum number of simultaneous
checks before timeouts
30 20 (1,2 and 8) or
25 (16 and 48 port)
25 (8 port), 35 (16 and 48 port)
The results were from running tests 5 times in succession with no timeouts on any runs. There are a number of ways to increase the number of checks you can do.
Usually when using NRPE checks, an individual request will need to set up and tear down an SSL connection. This overhead can be avoided by setting up an SSH session to the console server and tunneling the NRPE port. This allows the NRPE daemon to run securely without SSL encryption, because SSH will provide the security.
When the console server submits NSCA results, it staggers them over a certain time period (for example, 20 checks over 10 minutes will result in two check results every minute). Staggering the results like this means that if the power fails or other incident causes multiple problems, the individual freshness checks will be staggered too.
NSCA checks are also batched. In the previous example, the two checks per minute are sent through in a single transaction.
10.4.5 Distributed Monitoring Usage Scenarios
Below are a number of distributed monitoring Nagios scenarios:
I. Local office
In this scenario, the console server is set up to monitor each managed device’s console. Configure it to make a number of checks, either actively at the Nagios server's request, or passively at preset intervals, and submit the results to the Nagios server in a batch.
You can augment the console server at the local office site by one or more Intelligent Power Distribution Units (IPDUs) to remotely control the power supply to the managed devices.
146
724-746-5500 l www.blackbox.com
II. Remote site
In this scenario, configure the console server NRPE server or NSCA client to actively check configured services and upload the checks to the Nagios server that’s waiting passively. You can also configure it to service NRPE
commands to perform checks on demand.
In this situation, the console server will perform checks based on both serial and network access.
Remote site with restrictive firewall
In this scenario, the role of the console server will vary. One aspect may be to upload check results through NSCA. Another may be to provide an SSH tunnel to allow the Nagios server to run NRPE commands.
Remote Console Manager
_____________________________________________________________________
724-746-5500 | blackbox.com
147
Remote site with no network access
In this scenario the console server allows dial-in access for the Nagios server. Periodically, the Nagios server will establish a connection to the console server and execute any NRPE commands, before dropping the connection.