Network Management & Monitoring with Linux

Now you can run the mrtg program for the very first time. Simple execute:

 ./mrtg mrtg.cfg

If all goes well, it will contact your router, request some values, and generate some log files and several GIFs in the current directory. Don't worry about the complaints about the log and graphs not found, as this will happen only the first time. Remove the graphs and run the program again. The graph generated shows the traffic in the interval since you last ran the program. It also generates HTML pages for each interface.

Now it's time to instruct MRTG to run properly in your system. First, create a directory under the Document Root of your web server (assuming you run a web server on the same system) to accommodate the pages and graphs MRTG will generate each time it runs. Add this directory to the top of your configuration file with the directive WorkDir: /usr/local/web/mrtg (assuming that your Document Root is located in /usr/local/web). The next time MRTG runs, it will create the logs and graphs in this directory, allowing you to access them via http://your_host.domain/mrtg.

Figure 3. Interface Main Page

Now, you would like to build a main page for all the interfaces like the one shown in Figure 3. This can't be accomplished with the indexmaker tool. Run:

indexmaker mrtg.cfg <router-name regexp>  >
        /usr/local/web/mrtg/index.html

It will generate an HTML page with the daily graphs of interfaces whose router name matches the previous regular expression and links to their single detail pages.

As you can imagine the MRTG program must be run on a regular basis to collect the data for each interval and generate the graphs periodically, in order to maintain the illusion of real-time monitoring. This is done through the following line in the crontab (assuming /usr/local/mrtg-bin as the mrtg program final destination):

0,5,10,15,20,25,30,35,40,45,50,55 * * * *  \
        /usr/local/mrtg-bin/mrtg \
        /usr/local/mrtg-bin/mrtg.cfg  > \
        /dev/null 2>&1

In a Red Hat distribution, the correct line to append to the /etc/crontab file would be:

0,5,10,15,20,25,30,35,40,45,50,55 * * * *  root \
       /usr/local/mrtg-bin/mrtg \
       /usr/local/mrtg-bin/mrtg.cfg  >\
       /dev/null 2>&$

Another enhancement you can include in your configuration file is the WriteExpire directive, which forces MRTG to create .meta files for each GIF and HTML page, eliminating unnecessary caching time by proxy servers and browsers. For this to work, you must also configure your Apache server (assuming you run the Apache web server) to read these .meta files and send the correct “Expire” headers with the MetaDir directive in the XXXX file.

You can look for additional directives in the example configuration from the distribution; it's very well documented. It's possible to alter all the layout of the images and pages generated by MRTG.

I hope you enjoy this program. If you do, send the authors a postcard; you can find their address on the MRTG home page.

There is a similar program called Router-Stats, written by Iain Lea, the author of the well-known tin news reader. Router-Stats updates its graphics once a day and shows very interesting stats about hourly usage and other aspects. One problem with Router-Stats is it uses a lot of external programs to do its work (CMU-SNMP for SNMP tasks, GNUPLOT to draw the graphics, NetPBM to make some graphic conversions, and GIFTOOL to convert them to the final GIFs). You can check the URL for Router-Stats in the references sidebar.

There is another category of software that goes one step beyond in network management tasks and offers a complete solution for both monitoring and maintaining the distinct configuration of a whole network. This kind of solution permits us to draw a complex graphic representation of our network and browse through the nodes, checking specific items of the configuration and other interesting features.

At this level, we can talk about two commercial solutions broadly used: HP-OpenView from Hewlett-Packard and SunNet Manager from Sun. They provide a complete platform for managing all the resources of the network from great graphical interfaces. They also come with network discovery tools to find all the network's elements that have running SNMP agents and databases to store all the data gathered from the network for statistical purposes. One important feature of these environments is their ability to be integrated with other vendors' more specific products, like Cisco's CiscoWorks, that allows a network manager to maintain a database with all its router configuration and even monitor graphically the back panels of their routers and all their connections.

There are two drawbacks to these products: they are commercial and they have no ports to Linux. Of course, there are also public domain solutions for these tasks. One of the best packages I've found for this is Scotty. Scotty is a TCL-based package that allows you to implement site-specific network management software using high-level, string-based APIs. Its companion product, Tkined, is a network editor that provides extensions to build a complete framework, integrating some tools designed to discover IP networks, support the network layout process or troubleshoot IP networks using SNMP in combination with other standard tools (e.g., traceroute). Scotty also includes a graphical MIB browser to allow you to explore MIB information.

You can check the references listing for both commercial and public domain network management software pointers.