bashubuntuscriptingarpnmap

Nmap - RTTVAR has grown to over 2.3 seconds, decreasing to 2.0


I have a script that I'm using to build a config for icinga2. The network is large, multiple /13's large. When I run the script I keep getting the RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 error. I've tried raising my gc_thresh and breaking up the subnets. I've dived through the little info from google and can't seem to find a fix. If anyone has any ideas, I'd really appreciate it. I'm on Ubuntu 16.04

My script:

# Find devices and create IP list
i=72
while [ $i -lt 255 ]
    do
    echo "$(date) - Scanning xx.$i.0.0/16" >> files/scan.log
    nmap -sn --host-timeout 5 xx.$i.0.0/16 -oG - | awk '/Up$/{print $2}' >> files/ip-list
    let i=i+1
    done

My /etc/sysctl.conf

# Force gc to clean-up quickly
net.ipv4.neigh.default.gc_interval = 3600

# Set ARP cache entry timeout
net.ipv4.neigh.default.gc_stale_time = 3600

# Setup DNS threshold for arp 
net.ipv4.neigh.default.gc_thresh3 = 8192
net.ipv4.neigh.default.gc_thresh2 = 4096
net.ipv4.neigh.default.gc_thresh1 = 2048

Edit: added host-timeout 5 removed -n


Solution

  • I suggest that you use ping scan. If you want an "overall sight" of your network you can use

    nmap -sP -n
    

    It decreases the time a little bit compared to nmap -sn, you can check it with small examples.

    As I said in a comment, use --host-timeout and --max-retries and that will improve your performance.