APRCIOT 2008 Network Management Workshop

Apricot 2008 Network Management Workshop

MRTG / RRD Tool / NFSen Lab Documents

MRTG

In 12 Steps

1. Install MRTG

# apt-get install mrtg

2. Create the /etc/mrtg directory

$ sudo mkdir /etc/mrtg

3. Find out the SNMP Community String - apric0t08

4. Find the IP / name of the Device

- gw.mgmt.conference.apricot.net

- or one of the other routers and switches (169.223.2.51, .52, .53, .54, 158 and

.222)

5. Run cfgmaker (all command in same line, or paste with \ included)

# /usr/bin/cfgmaker --output=/etc/mrtg/router.mrtg --global 'workdir: /var/www/mrtg' \
--global 'options[_]: growright,bits' apric0t08@gw.mgmt.conference.apricot.net

Make the workdir if necessary:

# mkdir -p /var/www/mrtg/

6. View the mrtg configuration file created by cfgmaker, you can make changes and see the results, if you want (/etc/mrtg/router.mrtg)

7. Use indexmaker to create HTML files

# /usr/bin/indexmaker --output=/var/www/mrtg/device.html /etc/mrtg/router.mrtg

8. Run MRTG command (ignore the error and run 3 times)

# /usr/bin/mrtg /etc/mrtg/router.mrtg

9. put the above command in a script

# echo '/usr/bin/mrtg /etc/mrtg/router.mrtg' > /etc/mrtg/mrtgscript

# chmod +x /etc/mrtg/mrtgscript

NOTE: on systems with UTF-8 as the default locale, this will cause problems – you need to explicitly specify: 'env LANG=C /usr/bin/mrtg /etc/mrtg/router.mrtg' when running the script.

10. Edit the crontab and insert the command to be run every 5 minutes

# crontab -e

0-59/5 * * * * /etc/mrtg/mrtgscript

11. Load the browser through webserver

http://localhost/mrtg/

12. Go for Tea / come back and see if your graph is moving.

RRDTool

# apt-get install rrdtool

# apt-get install librrdp-perl

# apt-get install librrds-perl

Add in your MRTG Configuration file

# vi /etc/mrtg/router.mrtg

; add below Workdir

LogFormat: rrdtool

[ go to /var/www/mrtg/ and see how the .rrd files have been created]

NFdump

[Nfdump is the flow collector]

0. Basic Debian packages for compilation

# apt-get install build-essential

# apt-get install flex

# apt-get install bison

1. Now install nfdump

# apt-get install nfdump

---

Installed tools are :

nfcapd nfdump nfreplay nfexpire nftest nfgen

---

NFSen

1. Now get nfsen

$ wget http://superb-west.dl.sourceforge.net/sourceforge/nfsen/nfsen-1.2.4.tar.gz

2. Setting up NfSen

$ tar -xzf nfsen-1.2.4.tar.gz

$ cd nfsen-1.2.4

$ cd etc

Edit the nfsen-dist.conf:

set the basedir variable

$BASEDIR = "/var/nfsen";

set the users:

$USER = "netflow"

$WWWUSER = 'www-data'

$WWWGROUP = 'www-data'

add sources:

%sources = (

'apricot10nm' => { 'port' => '2005', 'col' => '#0000ff' },

);

//// 'ident' => { 'port' => '<portnum>', 'col' => '<colour>' }

set the path for the PREFIX where to find the nfdump tools:

# nfdump tools path

$PREFIX = '/usr/bin';

set the buffer size to something small, so we see data quickly

# Receive buffer size for nfcapd - see man page nfcapd(1)

$BUFFLEN = 2000;

save and exit

3. Create a netflow user on the system.

# useradd -d /var/netflow -G www-data -m -s /bin/false netflow

4. Initiating nfsen

#cp nfsen-dist.conf nfsen.conf

#cd ..

# perl install.pl etc/nfsen.conf

[press 'yes' to the perl promt' ]

5. Starting Nfsen

# cd /var/nfsen/bin

# ./nfsen.rc start

(You can add the nfsen.rc startup script to /etc/init.d/rc.local or somewhere similar to start it at bootup.)

Watch your browser at http://localhost/nfsen/nfsen.php

Thank you.