X Services Plug-in

Introduction

GENEOS X-SERVICES Plug-in checks the network path to a specified target node, the availability of the node and if the node has processes that listen on the ports specified. It sends TCP packets to the target host on a number of ports and measures the time it takes to reply and if there is a process listening on those ports. If no reply is received after a defined time interval, the target node is assumed to be down or unreachable. The target host does not need to run any special software to provide the replies.

This plug-in can only monitor ports from a remote machine. If the target machine is localhost, the test traffic will flow through the loopback interface and not through the requests Network card.

Views

View

The X-SERVICES Plug-in produces a single view as follows:

x-svcs0

Headline Legend

Name Description
targetNode The name of the host that the ping requests are sent to
targetAddress The IP address of the target host

Table Legend

Name Description
serviceName Shows the service name if configured, otherwise will show the port number.
servicePort Shows the service port number used.
turnaroundTime Time in ms that a packet takes to travel to the target host and back.
Status
REACHABLE if a reply is received within a timeout period (default 5 seconds), but has no process listening on the port.
LISTENING if the node has a process listening on that port.
Otherwise UNREACHABLE.

Plug-in Configuration

The following parameters can be configured for this plug-in:

var-recvInterfaces

Specifies a comma-separated list of network interface names to be used.

On UNIX machines, interface names can be found using the command "ifconfig -a". Example names are "eth0" or "ce0".

On Windows machines, interface names can be listed by running Netprobe using the "-ifconfig" command-line option. A Windows interface name will look similar to the following:

\Device\NPF_{BDFE3EAC-0275-440A-923C-C9C4CE3B37F2}

Mandatory: Yes

sendInterface

The name of the network interface to be used to send packets (e.g. hme0). Usually the same as recvInterface parameter, but can be set to a different value in certain network configurations.

Mandatory: Yes

targetNode

The name or IP address of the monitored remote node. This must not be the node that the NetProbe is running on.

Mandatory: Yes

services

A list of services that the packets are sent to.

This can have just the number of the port the packets are sent to or the name of the service and the port number.

If the name of service is provided, it will be displayed in the view. Otherwise the port number will be shown.

Mandatory: Yes

services > service > var-name

Name of service.

Mandatory: No

services > service > var-port

Port number for the service.

Mandatory: Yes

var-sourceIP

The Source IP address to be used in the outbound test packets.

Mandatory: No
Default: Defaults to the default IP address on the card.

var-timeout

Timeout is the period within which we expect a reply to a packet that was sent out. If a reply is not received within this period then the packet is considered lost.

Packets are only fired on sample. This means that if a packet is considered lost, then the next packet fire would occur at the next sample. (i.e. packets will not be re-fired as soon as the timeout has been reached.)

Based on the 'allowablePacketLoss' setting, multiple such packets may be lost before the plug-in reports that the particular target is unreachable.

See Example for timeout and allowablePacketLoss.

Mandatory: No
Default: 5 seconds

var-allowablePacketLoss

This is the maximum number of consecutive packets that can be lost without setting the status to 'UNREACHABLE'.

For example, if the allowable packet loss is 3, then the plug-in will ignore up to 3 consecutive packets being lost. If the fourth is lost, then it will report 'UNREACHABLE'.

See Example for timeout and allowablePacketLoss.

Mandatory: No
Default: 3

Example for timeout and allowablePacketLoss

Sample period: 4 seconds.
Timeout period: 2 seconds.
allowablePacketLoss: 3 (default)
0 sec [sample] Fire packet.
 1 sec
 2 sec Timeout has occurred. Packet is considered lost. (Total lost: 1)
 3 sec
 4 sec [sample] Re-fire packet.
 5 sec
 6 sec Timeout has occurred. Packet is considered lost. (Total lost: 2)
 7 sec
 8 sec [sample] Re-fire packet.
 9 sec
10 sec Timeout has occurred. Packet is considered lost. (Total lost: 3)
11 sec
12 sec [sample] Re-fire packet.
13 sec
14 sec Timeout has occurred. Packet is considered lost. (Total lost: 4)
15 sec
16 sec [sample] Re-fire packet. (report 'UNREACHABLE')

var-recvPort

This value will override the default port used by the plug-in to receive packets.

Mandatory: No
Default: 65535

behindFirewall

This option when checked will consider RST+ACK reply from the target server as UNREACHABLE, otherwise any reply received from the target server is considered REACHABLE.

Mandatory: No
Default: false

checkTargetHostHasChangedIp

Forces X-Route to detect if the underlying IP address of a host name has +changed. This will restart the packet capture engine so X-Route will +continue to check the correct host. In between restarts there is a +potential for losing packets.

Note: Restarting the packet capture engine will affect all X-Set plug-ins as they too might miss packets

Mandatory: No
Default: False.

Permissions

The plug-in requires the netprobe to be run with root permissions (on Unix operating systems), as it needs to open network devices.

On Linux kernel versions 2.6.24 and up, an alternative to running the netprobe as root is available: Set the CAP_NET_RAW and CAP_NET_ADMIN Linux capability on the netprobe binary with the command "setcap cap_net_raw,cap_net_admin+eip <netprobe binary>" replacing <netprobe binary> with the appropriate netprobe binary file such as 'netprobe.linux_64'.

When running the netprobe with set capabilities, the lib64 folder in the netprobe directory should be put in the ld.so trusted paths. Otherwise, the runtime libraries will not be loaded properly. Information on how to do this is found in this section of the Netprobe User Guide.

Third Party Libraries

Windows: The Winpcap packet capture library http://www.winpcap.org/install/default.htm needs to be installed on the host. Version 4.0.2 is required for Windows Vista/Server 2003 support.

Unix: The shared library libpcap.so (version 1.0.0 or later is recommended) needs to be in the netprobe lib64 directory.

Note: As the netprobe needs to be run as root the LD_LIBRARY_PATH is ignored for security reasons.