Apricot 2008 Network Management Workshop
MRTG / RRD Tool / NFSen Lab Documents
MRTG
In 12 Steps
1. Install MRTG
# apt-get install mrtg
2. Create the /etc/mrtg directory
$ sudo mkdir /etc/mrtg
3. Find out the SNMP Community String - apric0t08
4. Find the IP / name of the Device
- gw.mgmt.conference.apricot.net
- or one of the other routers and switches (169.223.2.51, .52, .53, .54, 158 and
.222)
5. Run cfgmaker (all command in same line, or paste with \ included)
#
/usr/bin/cfgmaker --output=/etc/mrtg/router.mrtg --global 'workdir:
/var/www/mrtg' \
--global 'options[_]: growright,bits'
apric0t08@gw.mgmt.conference.apricot.net
Make the workdir if necessary:
# mkdir -p /var/www/mrtg/
6. View the mrtg configuration file created by cfgmaker, you can make changes and see the results, if you want (/etc/mrtg/router.mrtg)
7. Use indexmaker to create HTML files
# /usr/bin/indexmaker --output=/var/www/mrtg/device.html /etc/mrtg/router.mrtg
8. Run MRTG command (ignore the error and run 3 times)
# /usr/bin/mrtg /etc/mrtg/router.mrtg
9. put the above command in a script
# echo '/usr/bin/mrtg /etc/mrtg/router.mrtg' > /etc/mrtg/mrtgscript
# chmod +x /etc/mrtg/mrtgscript
NOTE: on systems with UTF-8 as the default locale, this will cause problems – you need to explicitly specify: 'env LANG=C /usr/bin/mrtg /etc/mrtg/router.mrtg' when running the script.
10. Edit the crontab and insert the command to be run every 5 minutes
# crontab -e
0-59/5 * * * * /etc/mrtg/mrtgscript
11. Load the browser through webserver
http://localhost/mrtg/
12. Go for Tea / come back and see if your graph is moving.
RRDTool
# apt-get install rrdtool
# apt-get install librrdp-perl
# apt-get install librrds-perl
Add in your MRTG Configuration file
# vi /etc/mrtg/router.mrtg
; add below Workdir
LogFormat: rrdtool
[ go to /var/www/mrtg/ and see how the .rrd files have been created]
NFdump
[Nfdump is the flow collector]
0. Basic Debian packages for compilation
# apt-get install build-essential
# apt-get install flex
# apt-get install bison
1. Now install nfdump
# apt-get install nfdump
---
Installed tools are :
nfcapd nfdump nfreplay nfexpire nftest nfgen
---
NFSen
1. Now get nfsen
$ wget http://superb-west.dl.sourceforge.net/sourceforge/nfsen/nfsen-1.2.4.tar.gz
2. Setting up NfSen
$ tar -xzf nfsen-1.2.4.tar.gz
$ cd nfsen-1.2.4
$ cd etc
Edit the nfsen-dist.conf:
set the basedir variable
$BASEDIR = "/var/nfsen";
set the users:
$USER = "netflow"
$WWWUSER = 'www-data'
$WWWGROUP = 'www-data'
add sources:
%sources = (
'apricot10nm' => { 'port' => '2005', 'col' => '#0000ff' },
);
//// 'ident' => { 'port' => '<portnum>', 'col' => '<colour>' }
set the path for the PREFIX where to find the nfdump tools:
# nfdump tools path
$PREFIX = '/usr/bin';
set the buffer size to something small, so we see data quickly
# Receive buffer size for nfcapd - see man page nfcapd(1)
$BUFFLEN = 2000;
save and exit
3. Create a netflow user on the system.
# useradd -d /var/netflow -G www-data -m -s /bin/false netflow
4. Initiating nfsen
#cp nfsen-dist.conf nfsen.conf
#cd ..
# perl install.pl etc/nfsen.conf
[press 'yes' to the perl promt' ]
5. Starting Nfsen
# cd /var/nfsen/bin
# ./nfsen.rc start
(You can add the nfsen.rc startup script to /etc/init.d/rc.local or somewhere similar to start it at bootup.)
Watch your browser at http://localhost/nfsen/nfsen.php
Thank you.