net.tcp.service(tcp,<IP>,<port>) simple check does not work for most of the ports from GUI Zabbix 6.0 - only for selected ports
I am trying to add MSSQL template and getting error MSSQL: Service is unavailable. Checking deeper - this error caused by simple check net.tcp.service[tcp,{HOST.CONN},{$MSSQL.PORT}] where the port is specified by macro as 1433
Next step was to create simple check standalone in gui and test. It indeed does not work (returns 0). I also run tcpdump and do not see any packets sent.
To test it further I played with the port net.tcp.service[tcp,{HOST.CONN},<port>]. I see packet sent if I set port to 21, 80, 443 or 10050 but NOT SENT to 22, 1433 (MSSQL) or 3389 (rdp windows). If the packet is sent and the service is up I am getting 1 (correct behavior). If packet is not sent (as for port 1433 or 3389) I always getting 0.
Interestingly the field "host address" in test item window does not mater - it could be any bogus address, the result is the same.
Then I tested the same key from the server console using zabbix_get
./zabbix_get -s 127.0.0.1 -k "net.tcp.service[tcp,10.2.2.101,<port>]" (10.2.2.101 is my client)
In this case I can check ALL PORTS (22, 1433, 3389 etc) and get the correct result. For example for 1433 and 3389 I got 1 because those ports are opened on my client.
I also see tcp packets sent in tcpdump.
More interesting - when I run ./zabbix_get -s 10.2.2.101 -k "net.tcp.service[tcp,10.2.2.101,<port>]" and the zabbix agent is installed I am getting correct response but do not see packet sent. It seems that zabbix_get uses -s (server) as a server that is opening tcp session. If first communicates with the agent and the agent starts tcp.
I saw some posts about the problem but do not see the solution.
But I do not see solution
Note that the firewall has the ports opened but it should not matter (console works as expected, just GUI does not)
It is very important to be able to check tcp.service on some specific ports (1443, 3389 or some custom ports) even the agent is not installed
I am using the latest zabbix 6
Benny
I am trying to add MSSQL template and getting error MSSQL: Service is unavailable. Checking deeper - this error caused by simple check net.tcp.service[tcp,{HOST.CONN},{$MSSQL.PORT}] where the port is specified by macro as 1433
Next step was to create simple check standalone in gui and test. It indeed does not work (returns 0). I also run tcpdump and do not see any packets sent.
To test it further I played with the port net.tcp.service[tcp,{HOST.CONN},<port>]. I see packet sent if I set port to 21, 80, 443 or 10050 but NOT SENT to 22, 1433 (MSSQL) or 3389 (rdp windows). If the packet is sent and the service is up I am getting 1 (correct behavior). If packet is not sent (as for port 1433 or 3389) I always getting 0.
Interestingly the field "host address" in test item window does not mater - it could be any bogus address, the result is the same.
Then I tested the same key from the server console using zabbix_get
./zabbix_get -s 127.0.0.1 -k "net.tcp.service[tcp,10.2.2.101,<port>]" (10.2.2.101 is my client)
In this case I can check ALL PORTS (22, 1433, 3389 etc) and get the correct result. For example for 1433 and 3389 I got 1 because those ports are opened on my client.
I also see tcp packets sent in tcpdump.
More interesting - when I run ./zabbix_get -s 10.2.2.101 -k "net.tcp.service[tcp,10.2.2.101,<port>]" and the zabbix agent is installed I am getting correct response but do not see packet sent. It seems that zabbix_get uses -s (server) as a server that is opening tcp session. If first communicates with the agent and the agent starts tcp.
I saw some posts about the problem but do not see the solution.
But I do not see solution
Note that the firewall has the ports opened but it should not matter (console works as expected, just GUI does not)
It is very important to be able to check tcp.service on some specific ports (1443, 3389 or some custom ports) even the agent is not installed
I am using the latest zabbix 6
Benny
Comment