Cacti Monitoring Cisco router network card traffic

Recently changed jobs, the company more than 40 people share a 20M bandwidth wireless network, the router for Cisco R2911. Boss, let me make a cacti to monitor Cisco routed network card traffic. The whole days can not get the SNMP data, finally to the routing permission to find that the last operation to the routing SNMP service off, leaving the document written in very detailed how he opened and configured the SNMP, heart 10,000 grass mud horse Pentium and past Ah. Fortunately there is a document, you can quickly get started to configure the router. Cacti monitoring is also very good configuration, but also very useful, for the monitoring of router traffic or hardware load, you can study.

Cacti is a service based on LAMP,SNMP, and RRDtool, which is implemented in PHP. Cacti obtains data through the SNMP service, stores and updates data through RRDtool, and RRDtool can also generate graphs for presentation to the front end. The data captured by SNMP is stored in the form of an. rrd file by RRDtool, the RRD file is a fixed-size archive file, and the number of data pens it can store is defined at the time of creation. The data stored in the MySQL database is the configuration data of the cacti service for invocation, such as account password, hostname, host IP,SNMP community name, port number, template information, etc.

The installation package is divided into cacti-spine and cacti master installation packages. Because of the large amount of data collected, cacti comes with the cmd.php of the poll will be unbearable, high-frequency data acquisition can not complete polling all machines. Cacti-spine is an officially recommended and efficient polling device.

Required installation Packages

Cacti

Cacti-spine

Net-snmp-devel

Mysql

Myql-devel

Openssl-devel

Apache

Php

Rddtool

Net-snmp

Cacti

Installation Detailed procedures

1. Installing Rddtool and SNMP

Yum Install Rddtool-y

Yum Install Net-snmp

Yum Install Net-snmp-utils

Start the SNMPD service and join the boot boot

Service SNMPD Start

Chkconfig snmpd on

2. Install lamp

Yum install httpd mysql-server php-mysql mysql-devel

Chkconfig Httpdon

Chkconfig mysqld on

/ETC/INIT.D/HTTPD start

/etc/init.d/mysqld start

The browser then accesses localhost to check if the Apache service is open properly

Installing the Cacti Service

wget:http://www.cacti.net/downloads/cacti-0.8.8g.tar.gz

Wget:http://www.cacti.net/downloads/spine/cacti-spine-0.8.8g.tar.gz

1. Create Cacti Users

Useradd-m cacti

passwd cacti

Password: cacti

2. Install Devel package required for compiling cacti-spine

Yum Install Net-snmp-devel-y

Yum Install Mysql-devel-y

Yum Install Openssl-devel-y

3. Installing GCC and Libtool

Yum Install Gcc-y

Yum Install Libtool-y

4, download cacti and unzip

Tar xvzf cacti-spine-0.8.8g.tar.gz

Compile and install:

CD cacti-spine-0.8.8g

Aclocal

Lobtoolize--force

Autoheader

Autoconf

Automake

./configure

Make && make install

5. Create and configure spine.conf

Cp/usr/local/spine/etc/spine.conf.dist/etc/spine.conf

Chown cacti.cacti/etc/spine.conf

Vim/etc/spine.conf

Db_host localhost

Db_database cacti

Db_user Cacti_user

Db_pass cacti

Db_port 3306

6. Create a MySQL user, create a DB, and grant permissions.

Use MYQL

Update user set Passwd=password (' 123 ') where user= ' root ';

Flush privileges;

Create database if not exists cacti default charset UTF8 collate utf8_general_ci;

Insert into User (Host,user,password) values (' localhost ', ' cacti ', password ("cacti"));

Grant all on cacti.* to cacti;

Flush privileges;

7. Import the default Cacti.sql

Tar xvzf cacti-0.8.8g.tar.gz

MV Cacti-0.8.8g.tar.gz/var/www/html/cacti

CD cacti

mysql-ucacti-pcacti-h127.0.0.1 Cacti </var/www/html/cacti/cacti.sql

8. Start Spine Test

/usr/local/spine/bin/spine

Show:

spine:using SPINE config file [/etc/spine.conf]

Spine:version 0.8.8g Starting

spine:time:2.0527 s, Threads:5, Hosts:2

If similar to the above information is configured correctly

9. Install Cacti Master Service

cd/var/www/html/

Edit Cacti configuration file

vim/var/www/html/cacti/include/config.php

$database _type = \ "Mysql\";

$database _default = \ "Cacti\";

$database _hostname = \ "Localhost\";

$database _username = \ "Cacti\";

$database _password = \ "Cacti\";

$database _port = \ "3306\";

$database _ssl = false;

Open Page http://127.0.0.1/cacti/index.php

Keep Next next to the login page

The default account password is admin, very simple to complete, it is not worthy of the map.

10, configuration cacti

On the page Select OH

Settings---->paths---->spine poller file path [/usr/local/spine/bin/spine] (change the poll to spine)

Settings---->poller---->poller type [spine]

Console---->settings---->poller---->maximum threads per process [5]

Save

11. Add a Scheduled task

#crontab-e

*/1 * * * * */usr/bin/php/var/www/html/cacti/poller.php >/dev/null 2>&1

Set to execute every 1 minutes

12. Configure Cisco Routers

Excerpt from the network:

－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－

One, configure the SNMP agent for Cisco devices:

#snmp-server Community Public ro Configure the read-only string for this router to public

#snmp-server Community public RW configures the read-write string for this router to be public

#snmp-server Enable traps allows routers to send all types of SNMP Traps

#snmp-server host ip-address traps trapbhodc specifies that the receiver of the router SNMP trap ip-address send a trap using trapbjodc as a string

#snmp-server trap-source loopback0 The IP address of the loopback interface as the sending source address of the SNMP trap

Second, configure the SNMP agent for the Cisco device:

enabled Snmp:

#snmp-server Community Public Rw/ro

#end

To enable traps :

#configure Terminal

#snmp-server Enable traps SNMP authentication

#end

Configuring SNMP

#conf T

#snmp-server Community Cisco RO(read-only) Configure read-only communication strings

#snmp-server Community Secret RW(read-write) configuration read-write communication string

#snmp-server Enable traps to Configure the Gateway SNMP TRAP

Configuring the Gateway Workstation address #snmp-server host 10.254.190.1 RW

If the user does not need SNMP, it is best to cancel; If you want to use SNMP, it is best to configure the Cisco router correctly. However, if you must use SNMP, you can protect it. First, there are two modes ofSNMP : Read-only mode (RO) and read-write mode (RW). If possible, use read-only mode, which maximizes control of the user's operations, even when the attacker discovers a string in the communication, and restricts its use of SNMP for reconnaissance purposes, and prevents an attacker from using it to modify the configuration. If you must use read-write mode, it is best to distinguish the read-only mode from the communication string used by the read-write mode. Finally, you can restrict the users who are using SNMP through an access control list.

－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－

13. Configure the Web page to get SNMP information and generate images

Tired.... To be Continued ... A few pictures.

Cacti Monitoring Cisco router network card traffic