[Nagiosplug-devel] Checking for unknown NIS servers?

Andreas Ericsson ae at op5.se
Mon Feb 13 11:56:07 CET 2006


C. Bensend wrote:
>>And this is where the trouble lies. How long should we wait for any
>>other server to respond, and how many broadcasts should we send?
> 
> 
> Yes, I think _I_ would make these configurable parameters.

Naturally. It could still mean you're getting invalid results if the 
network is bogged though, and since that would be a false negative 
(mostly everything else would return false positives in a too-highly 
loaded network), you wouldn't know if it happened.

>  On my
> network, I wouldn't have to wait that long.  On other networks,
> NIS servers might be overwhelmed, or other factors, that would
> necessitate a different timeout and number-of-broadcasts values.
> 
> 
>>A much better way is to set up a daemon which listens to broadcasts and
>>shouts out loud if it hears one from the wrong server. You still have to
>>implement the NIS protocol (partially) but you can get rid of the
>>problem of having plugins run with elevated privileges and determining
>>how long to wait.
> 
> 
> Well, the _clients_ broadcast, but I don't think the servers
> do?
> 

Ah. My bad. I'd still implement this as a daemon though, possibly with 
unicast packets forwarded to a single host from the switch. That way 
you'd see both queries and responses.


> Hmmmm, elevated privs - do you need root privs to broadcast?  I've
> never touched that sort of thing myself.
> 

Not necessarily, but unless you're broadcasting ICMP requests on a 
patched Linux kernel I think you'll need a raw socket to see the replies.

-- 
Andreas Ericsson                   andreas.ericsson at op5.se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231




More information about the Devel mailing list