Question

Debian 11 mail server monitoring problem [21.10]

  • 25 April 2022
  • 5 replies
  • 187 views
S
Badge +1

Hello everyone,

I am writing to you as a young IT student learning supervision with Centreon 21.10 (IT-100 license) and stuck with a problem I don't understand.
As part of my work, I have to supervise 3 Linux Debian 11 servers:
- An Apache 2 web server
- A MariaDB server
- A mail server with iRedMail

These 3 servers are installed by me.

I was able to add without problems the first two to Centreon with the help of the very well written documentation and the Linux-snmp plugin (and those intended for the various services).

However, the third one has a problem that I cannot explain. It adds itself well to Centreon, is detected as "available" but the ping is marked as "alert" with a loss of 20% while the other values of the linux-snmp plugin remain as "unknown".

Considering that this third server is configured exactly the same way as the 2 others, both at system and snmp service level. The ping is not disturbed when I test it directly via the RHEL terminal (which hosts my Centreon server).

I really don't understand what could be the source of the problem. I attach screenshots of the snmp service and host configuration on Centreon as well as the results and logs.

If someone has an idea to solve this problem, I'm interested 😁

Thanks in advance

 

config of the host in Centreon
logs
config snmp service in mail server
Status of host

 

5 replies

K
Userlevel 5
Badge +16

Hello @sullyanf 

Really happy to see a student here :) Welcome o/

I see a lot a different IP address here: you access to Centreon using 192.168.122.1, the mail server is configured on 192.168.21.3 and in SNMP community I see 192.168.1.111.

So my first question is: there is any kind of NAT on your lab ? Or maybe just a poller ?

If you have something like a quick table of which IP is who it could be interesting :)

S
Badge +1

 

Thanks for the welcome 😀

 

Indeed, I should have thought of putting the schema of my lab (running under Hyper-V) to make it easier for you. I attach it to the message.

 

To summarize, the RHEL 8 machine on which my Centreon server is installed has the IP address 192.168.1.111 on the local network.

 

However, something I don't know and that I had forgotten to specify, I noticed that a second network interface was created after the installation of Centreon with the IP address 192.168.122.1. I don't know why this interface was created and through which I can access Centreon. I can also access it via the interface 192.168.1.111

 

The servers to be supervised are located in a DMZ on the network 192.168.21.0/29 of which this famous mail server in 192.168.21.3 is part (fixed addressing)

 

The routing between the DMZ and the local network is done by pfSense. I have opened the traffic between 192.168.1.111 and 192.168.122.1 and the DMZ.

 

Should I remove the excess interface in your opinion?

 

(Sorry for the interface and the diagram in French, I am French 🇲🇫 😁)

 

K
Userlevel 5
Badge +16

Interesting and cool schema (y)

Could you return me the the result of the command:

snmpwalk -v 2c -c crieepoulgoazec 192.168.21.3 .1

 

S
Badge +1

Hmm... there's a big problem, it doesn't seem to be sending any snmp traffic. However, the snmp service seems to be enabled and the config is identical to the web server (192.168.21.2) which is communicating perfectly.

snmpwalk from RHEL to srvmail and srvweb

 

K
Userlevel 5
Badge +16

Maybe the local firewall is still enabled on the 192.168.21.3 ?

What give you on 192.168.21.3 the commands: 

 

iptables -L

ip a

Reply


Terms & ConditionsCookie settings