Multiple communities/hosts for same IP address (localhost)
Hello
I'm trying to setup a monitoring system for two networks that have several devices each (mostly switches) behind a NAT router; unfortunately I am limited on the ports, so had to use SSH tunnelling from the Observium machine to each of the networks in order to access all the devices. I followed the instructions from http://vfamilyserver.org/blog/2013/03/snmp-hell-part-1-proxy-to-multiple-dev... setup the SNMP proxying and it all works quite well, I can snmpwalk each of the devices behind one of the two NAT routers only by changing the community name (haven't yet setup the second one). However, I'm not sure how/if it's possible for Observium to see the different devices - I've added the NAT router with add_device.php (I used command line rather than web interface due to SNMP running over TCP) and was recorded as 127.0.0.1 (which does make sense, as it's the tunnelled from the local host); then, when I tried to run the command with one of the other community strings, it returned an "Already got device 127.0.0.1". Further, although I haven't yet set it up, I will probably have the same problem when adding the tunnelled NAT router on the second network.
Is there a configuration/workaround that would allow to differentiate between these multiple instances of what appears to be the same [local]host?
Best regards Bogdan
Bogdan Ghita wrote at 13-01-2014 15:06:
Hello
...
Is there a configuration/workaround that would allow to differentiate between these multiple instances of what appears to be the same [local]host?
Observium connects to unique hostnames, you could add some dummy names to your local DNS or hosts file all pointing towards 127.0.0.1 (or setup alias ips 127.0.0.2 127.0.0.3 etc to the loopback interface and abuse them).
On 01/13/2014 04:14 PM, Michiel Klaver wrote:
Bogdan Ghita wrote at 13-01-2014 15:06:
Hello
...
Is there a configuration/workaround that would allow to differentiate between these multiple instances of what appears to be the same [local]host?
Observium connects to unique hostnames, you could add some dummy names to your local DNS or hosts file all pointing towards 127.0.0.1 (or setup alias ips 127.0.0.2 127.0.0.3 etc to the loopback interface and abuse them).
Indeed, the hostname is the identifier for us, so we will not support this; adding dummy hostnames works. You can also specify the SNMP port per device if you just want to portforward UDP/161 instead of running community-based a proxy.
Tom
Thank you for your replies, it works great using the hosts file! I thought about using the hosts file when I saw Adam's reply, but wasn't sure whether they'll need different ports/tunnels for each NATed devices (they don't seem to need separate tunnels - I've got it working with one SSH tunnel for each network).
On 13 January 2014 15:57, Tom Laermans tom.laermans@powersource.cx wrote:
On 01/13/2014 04:14 PM, Michiel Klaver wrote:
Bogdan Ghita wrote at 13-01-2014 15:06:
Hello
...
Is there a configuration/workaround that would allow to differentiate between these multiple instances of what appears to be the same [local]host?
Observium connects to unique hostnames, you could add some dummy names
to your local DNS or hosts file all pointing towards 127.0.0.1 (or setup alias ips 127.0.0.2 127.0.0.3 etc to the loopback interface and abuse them).
Indeed, the hostname is the identifier for us, so we will not support
this; adding dummy hostnames works. You can also specify the SNMP port per device if you just want to portforward UDP/161 instead of running community-based a proxy.
Tom _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
Why not just create static NATs with unique internal IP addresses for each of the remote systems? Then, you'll have the added benefit of always being able to connect to each unique IP/system for loads of other tools and uses as well.
-Chris
On 1/13/14 9:06 AM, Bogdan Ghita wrote:
Hello
I'm trying to setup a monitoring system for two networks that have several devices each (mostly switches) behind a NAT router; unfortunately I am limited on the ports, so had to use SSH tunnelling from the Observium machine to each of the networks in order to access all the devices. I followed the instructions from http://vfamilyserver.org/blog/2013/03/snmp-hell-part-1-proxy-to-multiple-dev... to setup the SNMP proxying and it all works quite well, I can snmpwalk each of the devices behind one of the two NAT routers only by changing the community name (haven't yet setup the second one). However, I'm not sure how/if it's possible for Observium to see the different devices - I've added the NAT router with add_device.php (I used command line rather than web interface due to SNMP running over TCP) and was recorded as 127.0.0.1 (which does make sense, as it's the tunnelled from the local host); then, when I tried to run the command with one of the other community strings, it returned an "Already got device 127.0.0.1". Further, although I haven't yet set it up, I will probably have the same problem when adding the tunnelled NAT router on the second network.
Is there a configuration/workaround that would allow to differentiate between these multiple instances of what appears to be the same [local]host?
Best regards Bogdan
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
Hi Chris
The NATed devices do have static IP addresses, but I need to tunnel because the setup is rather restrictive. The network I monitor has only one public IP address and the network where the observium host is located has a pretty strict firewall (outbound 22, 80, 443 and that's about it).
Best regards Bogdan
On 13 Jan 2014, at 17:36, Chris Moody chris@node-nine.com wrote:
Why not just create static NATs with unique internal IP addresses for each of the remote systems? Then, you'll have the added benefit of always being able to connect to each unique IP/system for loads of other tools and uses as well.
-Chris
On 1/13/14 9:06 AM, Bogdan Ghita wrote: Hello
I'm trying to setup a monitoring system for two networks that have several devices each (mostly switches) behind a NAT router; unfortunately I am limited on the ports, so had to use SSH tunnelling from the Observium machine to each of the networks in order to access all the devices. I followed the instructions from http://vfamilyserver.org/blog/2013/03/snmp-hell-part-1-proxy-to-multiple-dev... to setup the SNMP proxying and it all works quite well, I can snmpwalk each of the devices behind one of the two NAT routers only by changing the community name (haven't yet setup the second one). However, I'm not sure how/if it's possible for Observium to see the different devices - I've added the NAT router with add_device.php (I used command line rather than web interface due to SNMP running over TCP) and was recorded as 127.0.0.1 (which does make sense, as it's the tunnelled from the local host); then, when I tried to run the command with one of the other community strings, it returned an "Already got device 127.0.0.1". Further, although I haven't yet set it up, I will probably have the same problem when adding the tunnelled NAT router on the second network.
Is there a configuration/workaround that would allow to differentiate between these multiple instances of what appears to be the same [local]host?
Best regards Bogdan
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
participants (4)
-
Bogdan Ghita -
Chris Moody -
Michiel Klaver -
Tom Laermans