i'm setting up monitoring system on smokeping basis.
It uses programm fping to ping many hosts. It has parameter -i which sets delay between pings.
If i ping multiple hosts (switches) in our LAN, it works good.
If i ping hosts behind Astaro (internet or switches behind Astaro-VPN tunnel) i get timeouts.
Example pinging google,yahoo,heise,microsoft:
root@unknown:~# /usr/bin/fping -C 1 -s -i10 173.194.69.94 72.30.38.140 193.99.144.80 80.150.142.83
173.194.69.94 : [0], 92 bytes, 18.4 ms (18.4 avg, 0% loss)
72.30.38.140 : [0], 96 bytes, 175 ms (175 avg, 0% loss)
173.194.69.94 : 18.47
72.30.38.140 : 175.60
193.99.144.80 : -
80.150.142.83 : -
4 targets
2 alive
2 unreachable
0 unknown addresses
same example with i=40
root@unknown:~# /usr/bin/fping -C 1 -s -i40 173.194.69.94 72.30.38.140 193.99.144.80 80.150.142.83
173.194.69.94 : [0], 92 bytes, 17.4 ms (17.4 avg, 0% loss)
80.150.142.83 : [0], 96 bytes, 13.4 ms (13.4 avg, 0% loss)
72.30.38.140 : [0], 96 bytes, 252 ms (252 avg, 0% loss)
173.194.69.94 : 17.43
72.30.38.140 : 252.03
193.99.144.80 : -
80.150.142.83 : 13.43
4 targets
3 alive
1 unreachable
0 unknown addresses
Results are always the same, i mean this pattern (2 available 1 off 1 available in 2nd example) persists over many tests.
I already tried with -C50, some hosts are 100% available, some 100% down.
But this pattern depends from setted -i parameter.
I switched off "Firewall forwards Pings" in firewall settings and made a rule #1 "allow pings, logged".
in Live Log i see successful pings, but not any drops.
I think, Astaro blocks too frequently pings somehow. IPS is off. Any idea what can it be? Some hidden default setting somewhere?
Can somebody please make similar tests?
Thanks in advance
Vod
This thread was automatically locked due to age.
