Zabbix Agent: Check Remote UDP Port Availability
Learn how a Zabbix agent on 192.168.1.2 monitors UDP ports on remote hosts like 192.168.1.3 without installing an agent. Use net.udp.service for NTP, custom scripts for any port, and troubleshoot UDP pitfalls for reliable monitoring.
How can a Zabbix agent check the availability of a UDP port on a remote host where installing the agent is not possible? For example, the agent is running on 192.168.1.2, but needs to monitor a UDP service on 192.168.1.3.
A Zabbix agent on 192.168.1.2 can monitor UDP port availability on a remote host like 192.168.1.3 using the net.udp.service[ntp,192.168.1.3,port] key for NTP services or custom UserParameters with scripts such as nc or /dev/udp. Native checks work only for NTP on port 123, but you can extend this to any UDP port with lightweight scripts—no agent needed on the target. This approach keeps your Zabbix monitoring setup simple and agent-based, perfect when the remote host can’t run software.
Contents
- UDP Port Monitoring with Zabbix Agent
- Configuring the Zabbix Agent for Remote Checks
- Native net.udp.service: What Works and What Doesn’t
- Custom Scripts for Any UDP Port
- Alternatives Without Agent Modifications
- Troubleshooting Common UDP Pitfalls
- Triggers, Graphs, and Pro Tips
- Sources
- Conclusion
UDP Port Monitoring with Zabbix Agent
Ever needed to watch if a UDP service—like DNS on 53 or a game server on some odd port—is alive from afar? Zabbix agents excel at this, even when the target host (say, 192.168.1.3) won’t tolerate extra software. The agent on 192.168.1.2 acts as your scout, pinging the remote UDP port and reporting back to the server.
Why UDP specifically? It’s connectionless, so “availability” means sending a probe and hoping for a response—tricky compared to TCP’s clean handshakes. Zabbix handles this through agent items, focusing on service detection rather than raw packet loss. But heads up: native support is slim, mostly NTP. For everything else? Scripts to the rescue.
This method shines in mixed environments—Linux agents checking Windows boxes, or IoT devices. No SNMP, no proxy required upfront.
Configuring the Zabbix Agent for Remote Checks
Start simple. On your agent host (192.168.1.2), edit /etc/zabbix/zabbix_agentd.conf. Add a passive item key that targets the remote IP. Zabbix agents support remote parameters in keys like net.udp.service.
Here’s the flow:
- Restart the agent:
systemctl restart zabbix-agent2(orzabbix_agentdon older versions). - In Zabbix frontend, create an item on the host (192.168.1.2):
- Name: “UDP Port 123 on 192.168.1.3”
- Type: Zabbix agent
- Key:
net.udp.service[ntp,192.168.1.3,123] - Type of information: Numeric (unsigned)
- Update interval: 60s
The agent sends a SNTP request to the remote UDP port. Returns 0 (down) or 1 (up). Test it: zabbix_get -s 192.168.1.2 -k 'net.udp.service[ntp,192.168.1.3,123]'.
For non-NTP? Jump to custom scripts below. Firewalls matter—ensure outbound UDP from 192.168.1.2 isn’t blocked.
According to the Zabbix agent item documentation, this leverages the agent’s built-in capabilities for remote service checks.
Native net.udp.service: What Works and What Doesn’t
Zabbix’s net.udp.service is your first stop for UDP port monitoring. Syntax: net.udp.service[service,ip,port]. But service? Only “ntp” right now—port 123, per RFC 4330.
Example for our scenario:
net.udp.service[ntp,192.168.1.3,123]
- Sends SNTP query.
- Expects valid response.
- 1 = service detected; 0 = timeout/no response.
What if your UDP service isn’t NTP? Like syslog on 514? Native fails. The service check details page confirms: NTP-only for UDP, unlike TCP’s broader net.tcp.service.
| Parameter | Description | Example |
|---|---|---|
| service | ntp (only) | ntp |
| ip | Remote host | 192.168.1.3 |
| port | UDP port | 123 (default) or custom |
Pro: Zero config beyond the key. Con: Limited scope. A tutorial from TechExpert walks through NTP setup—perf counters included.
Custom Scripts for Any UDP Port
Need DNS (53) or custom UDP? UserParameters in zabbix_agentd.conf let the agent run scripts.
Add this:
UserParameter=udp.check[*],timeout 5 bash -c "</dev/udp/$2/$3 && echo 1 || echo 0"
EnableRemoteCommands=1
UnsafeUserParameters=1
Key: udp.check[192.168.1.3,514]
How it works: Bash cats data to /dev/udp/ip/port. Success? Port responds or accepts (1). Fail? 0.
Linux alternatives:
nc:UserParameter=udp.nc[*],timeout 3 nc -u -w1 $1 $2 >/dev/null 2>&1 && echo 1 || echo 0nping(from nmap): Probes without response dependency.
Make executable: chmod +x /etc/zabbix/scripts/udp_check.sh, reference in UserParameter.
Restart agent, test: zabbix_get -s 192.168.1.2 -k 'udp.check[192.168.1.3,53]'.
Zabbix forums note UDP’s flakiness—no guarantee of response even if open, so tune timeouts to 3-5s.
Alternatives Without Agent Modifications
Hate editing agent conf? Use simple checks from the Zabbix server/proxy—no agent involvement on 192.168.1.2.
Key: net.udp.service[ntp,192.168.1.3,123] (server-side).
Or deploy a Zabbix proxy near the target for fan-out monitoring.
| Method | Pros | Cons |
|---|---|---|
| Simple checks | Agentless entirely | Server/proxy load |
| Proxy | Scales, centralizes | Extra component |
Zabbix simple checks docs detail remote IP support.
Troubleshooting Common UDP Pitfalls
UDP checks failing? Check these:
- Firewall:
ufw allow out 53/udpor iptables equivalents. Test:nc -u 192.168.1.3 53. - Timeouts: UDP drops silently—set 3-10s, not default 1s.
- No response: Open ≠ responsive. Forums like this Zabbix thread suggest response validation over connectivity.
- Logs: Agent debug:
zabbix_agentd -f -R log_level=4. - Versions: Agent2 (newer) handles scripts better.
A feature request pushes for generic UDP—vote if needed.
Symptoms? Constant 0s? Ping the host first.
Triggers, Graphs, and Pro Tips
Tie it together: Item → Trigger → Action.
Trigger expression: {host:udp.check[192.168.1.3,53].last()}=0
Graph it: Add to dashboard for trends.
Tips:
- Low-traffic ports? Poll every 5min.
- Multi-port? LLD discovery.
- Security: Restrict UserParameters.
- Scale: Proxies for 100s of remotes.
You’ll spot outages fast—like that DNS hiccup at 3 AM.
Sources
- Zabbix Agent Items — Documentation on agent-based remote service checks: https://www.zabbix.com/documentation/current/en/manual/config/items/itemtypes/zabbix_agent
- Service Check Details — Specifics on net.udp.service parameters and NTP support: https://www.zabbix.com/documentation/current/en/manual/appendix/items/service_check_details
- Simple Checks — Agentless alternatives using server/proxy for UDP monitoring: https://www.zabbix.com/documentation/current/en/manual/config/items/itemtypes/simple_checks
- Zabbix Monitor UDP Port — Step-by-step tutorial for NTP UDP item configuration: https://techexpert.tips/zabbix/zabbix-monitor-udp-port/
- Zabbix Forum: Monitoring UDP Ports — Community discussion on UDP challenges and script workarounds: https://www.zabbix.com/forum/zabbix-troubleshooting-and-problems/5824-monitoring-udp-ports
- ZBXNEXT-6501 — Feature request for generic UDP port monitoring: https://support.zabbix.com/browse/ZBXNEXT-6501
Conclusion
Zabbix agents make remote UDP port monitoring straightforward—native for NTP, scripts for the rest, alternatives if you skip the agent tweaks. Test on 192.168.1.2 targeting 192.168.1.3, tweak timeouts, and you’ll catch service blips reliably. Dive in, monitor smarter—what UDP port are you checking first?