2

I have a WAN and I'm trying to use Nagios to check that a DHCP server in a subnet not directly visible to the Nagios box is up and handing out IP addresses, and I've been unable to make this work.

I have 3 places I can monitor DHCP from, but none seem to be working. The ideal would be to have Nagios monitor DHCP directly, failing which I would like to ssh to the DHCP server and check it from that box, failing which check its working from a core router with an interface on the DHCP server.

The DHCP server is used exclusively to dynamically assign static IP addresses to servers.

The DHCP server is on 192.168.254.1, and is running ISC DHCPD.

My dhcpd.conf file (currently) reads as follows:

# Long Lease times - 1 month, 1 year !
default-lease-time 2678400;
max-lease-time     31622400;
authorative;

subnet 192.168.224.0 netmask 255.255.224.0
{
    range 192.168.225.1 192.168.225.2;

    option domain-name-servers 192.168.200.254, 192.168.100.254, 8.8.8.8;
    option routers 192.168.254.254;
    range   192.168.253.0 192.168.253.0;

    host web.mydomain.co.nz
    {
            hardware ethernet 52:54:00:F3:80:32;
            fixed-address 192.168.242.2;
    }

    host nagiostest.mydomain.co.nz
    {
            hardware ethernet 52:54:00:00:00:01;
            fixed-address 192.168.254.250;
    }
}

web.mydomain.co.nz is working fine - ie DHCP is correctly assigning it an IP address.

When I run (from the DHCP server) any of the following commands I get a "no answer" reply -

dhcping -v -h 52:54:00:00:00:01 dhcping -v -s 192.168.254.1  -h 52:54:00:00:00:01 
dhcping -v -c 192.168.254.250  -h 52:54:00:00:00:01 
dhcping -v -c 192.168.254.250 -s 192.168.254.1 -h 52:54:00:00:00:01

When, from the server, I do a tcpdump -n -i eth0 port 68 I don't get any kind of response.

When I do something similar from a machine on another part of the network (located 2 hops away at 10.10.10.11) or when I try similar commands from the gateway I see the request coming in to the router, but no response - TCPDump running on the DHCP server shows - 

   tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
08:53:28.103926 IP 192.168.254.254.bootpc > 192.168.254.1.bootps: BOOTP/DHCP, Request from 52:54:00:00:00:01, length 250

This happens even when I drop the firewall on the DHCP server altogether.

Using the check_dhcp plugin for nagios fairs no better.

How can I check to see the DHCP server is up and handing out leases ?

davidgo
  • 5,964
  • 2
  • 21
  • 38

1 Answers1

1

I would use nrpe to execute the dhcp lookup on a server that has direct access to nrpe.

http://xmodulo.com/nagios-remote-plugin-executor-nrpe-linux.html

Then write a local script on the host to check the status.

chrisw9808
  • 309
  • 1
  • 5
  • Thanks for your answer, but I don't understand how this can help me - when I try and do DHCP lookups FROM THE DHCP SERVER they don't appear to be working. IE this does not appear to be an issue with Nagios or plugins, rather its a question of "how do I query the DHCP server". – davidgo Jun 23 '15 at 21:35
  • Ah I am not familiar with dhcp as we mostly use static with our servers, and do I do not have an environment to test in front of me. Do computers get dhcp if you try to connect to the network? Try "dhcpdump -i eth0" or the iface that has the dhcp server running on it. – chrisw9808 Jun 23 '15 at 21:51
  • Thanks for the tip of dhcpdump - I've played arround some more and realised I am missing something with respect of the protocol. If I use DHCPING with the same details - and from a device with the same mac address as I specify on the command line it works, otherwise it doesn't. – davidgo Jun 23 '15 at 22:24
  • FWIW, ISC dhcpd will not serve requests to the host that it's running on. It's a safety mechanism. – Keith Jul 06 '15 at 21:31