Linux in Enterprise Network Management

Kemira is a chemical company which employs approximately 10,000 people and has plants in Europe, the U.S. and Asia. Kemira got into IP-networking early by building KemNet, an IP-based Intranet out of Cisco routers, in 1989.

Mission-critical information systems, such as process automation computers, are located on-site in many of Kemira's plants. IT professionals run and manage these systems and they rely on KemNet to do their job efficiently. These IT professionals are the primary internal customers for my unit, and we support them by determining answers to the following questions:

The challenge for our department is to provide our IT professionals with enough information so they can handle most network management tasks on-site. This allows us to keep our organization small (currently two employees each working half-time) and costs down.

Since the people using network management services are located on three continents, we decided to use e-mail and web technology to create a “self-service network management center” in Kemira's Intranet.

Many methods can be used to extract information from an IP router network. One nice feature of Cisco routers is their ability to log all types of network incidents using a syslogd daemon. These syslog messages can then be further processed with Perl scripts to create web pages or send e-mail messages. These messages are a great help in finding problems in routers and links or even in measuring usage of dial-in links.

Another popular method of getting network information is by using SNMP (Simple Network Management Protocol), the standard for managing IP networks. Many open-source tools for gathering and processing SNMP data are available. One tool we found useful and easy to set up is MRTG (Multi Router Traffic Grapher), which gathers traffic load information from router interfaces. (See Figure 1.)

Figure 1. MRTG Screenshot

A third tool for getting performance information is good old ping. By periodically measuring ping round-trip times, you can find the times when your network is most congested. Then, by checking the actual traffic volume using mrtg, you can see if the telecom operator is delivering what he has promised.

Most international data communication lines are delivered using frame-relay technology. Frame-relay services are priced using a committed information rate (CIR) for all conditions and access speeds. Measuring sometimes gives interesting results and may save your company money in the next frame-relay agreement.

With a 100MHz Pentium Linux server, a couple of Perl scripts, Apache and a few open-source tools, we turned these three network information sources into an automated, web-based, network information center. Our customers can now troubleshoot those problems they believe to be KemNet-related much faster, saving working hours and downtime.

Another application for Linux is work-flow automation. Our trouble-ticket volume is so small that it did not justify buying a full-blown trouble-ticket system. Instead, we use Hypernews, a web-based news group collaboration tool.

Maintainability is always a question when using open-source products. For us, the question is easy because our network management services would not exist without open-source tools. We tried to deliver “self-service network management” using a well-known and expensive commercial product. We soon found that even keeping this tool running required frequent visits from a vendor's consultant with a fee of over $1000/day. Using it to make the network information available on the Web would have been extremely expensive to set up and maintain.

All our self-built software consists of short (a maximum of 20 lines) Perl scripts run from cron or CGI. Anyone with minimal Perl experience will be able to maintain these scripts. We don't use compiled languages and keep our scripts as simple as possible to ease maintenance.

Security is another issue that needs constant attention. In security audits, I have noticed consultants give extra attention to each Linux box found in the corporate Intranet. Fast-developing Linux software may introduce new security problems, and the powerful features of Linux give both the cracker and the administrator the potential to generate security holes.