The work done by a truly qualified network administrator should not be limited only after a network fault occurs. Although it is not too late, the loss is inevitable. So, how can we effectively monitor the network status, identify network faults in the first time, prevent problems in the network, and rationally divide bandwidth resources? Monitoring Network Traffic can effectively solve the above problems. Now I want to introduce MRTG, an expert in the network traffic monitoring field.
In this article, I will introduce how to monitor routers or layer-3 switches through MRTG. MRTG uses the SNMP protocol (Simple Network Management Protocol) to monitor and manage the traffic of each port through routing and switching devices. Of course, I will also instruct you to install MRTG and enable the SNMP protocol on the device to support MRTG.
Multi Router Traffic Grapher is a free tool that helps monitor networks. It is a free software released based on GNU General Public License. At a critical moment or when debugging a pressing network problem, MRTG allows us to immediately view the traffic modes of many networks and quickly determine whether there are any locations that are encountering abnormal traffic loads. Fact-based display of network history is the key. In practice, it is difficult to determine whether the network is running properly by distinguishing the real-time bandwidth and the number of packets per second. If a Mbps link is used to transmit Mbps of traffic, is it normal for a high load or is it under attack? By viewing historical network data, we can find sudden changes that may cause operation problems. Denial-of-service attacks that try to exhaust the available bandwidth of the network are almost always caused by sudden and sustained increases in traffic. Attackers cannot achieve the attack through a period of slow increase. If it is not an urgent issue, MRTG is also useful for studying the changing trend of network traffic. It helps us understand how traffic is distributed to the network and what capacity planning should be like in the future. Download: http://down.51cto.com/data/101392 More security tools> go to topics More network management software> Special Topics |
Knowledge-based traffic monitoring
We all know that data packets form data streams, just like water streams. Therefore, we use the term "traffic" to define bandwidth. A timely understanding of network traffic can play a major role in troubleshooting network faults. Many companies have routing and switching devices. These devices are responsible for implementing the company's network connection. Therefore, it is very important to understand the traffic of each port through routing and switching equipment, only traffic monitoring can effectively manage network bandwidth and improve the efficiency of enterprise networks.
MRTG Archive
Software size: 1558 KB
Software type: Free Software
Running platform: Window 98/NT/2000/XP/2003
: Http://www2.pcdog.com/down4/mrtg-2.10.0pre7.zip
Install MRTG
Regardless of the device we want to monitor, we need to find A computer with the operating system Windows 2000 (computer A) and install MRTG for it to receive data traffic. Installing MRTG on Windows requires Perl support, so we need to install the Perl plug-in first. In addition, because the data traffic will be reflected in the form of web pages, you need to install the IIS service on computer A (due to space restrictions, IIS installation will not be introduced ).
Step 1: Perl installation is relatively simple, the current use of Active Perl for Windows, we can go to the http://downloads.activestate.com/ActivePerl/Windows/5.8/ActivePerl-5.8.0.80 5-MSWin32-x86.msi download.
Step 2: skip this step if you encounter "use PPM3 to send personal information to ASPN" during installation. After installation, restart the computer to make Perl take effect.
Step 3: Install the MRTG program. As MRTG is a program written in Perl, you do not need to install it. After downloading it, decompress it directly. Decompress the package to the "C: \ mrtg" directory. Now we have finished the installation.
Knowledge Perl
Like many programs written in JAVA, JDK needs to be installed. MRTG requires support for Perl programs. Therefore, you must install Perl on computer A before using MRTG. Perl is also a language like JAVA, but Perl is mainly used in Linux and UNIX systems. In this example, MRTG is installed in Windows, by default, the Perl component is not installed in the Windows operating system. Therefore, we need to install the corresponding Perl language library for computer A, just as we sometimes need to install the VB language library when running the vbprogram.
Monitoring Cisco devices
Although we have installed MRTG on computer A, the monitored device has not enabled the SNMP Protocol and is not configured with the target address for receiving SNMP, therefore, we need to configure the device to be monitored. Now let's take A look at how to use computer A to monitor traffic through the ports of the Cisco 6509 switch so that data can take immediate protection when exceptions occur.
The Cisco high-end product 6509 vswitch is used as the monitored device and the port IP address is 10.91.30.1. Select the computer on which MRTG is installed (computer A) as the monitoring device. The IP address is 10.91.30.45.
Small knowledge SNMP
SNMP is also called the Simple Network Management Protocol. It is used to record network traffic information. Both network management software and traffic monitoring software require support of the SNMP protocol. In this example, You need to monitor the traffic through the routing and switching ports. Therefore, you need to enable the SNMP protocol on the routing and switching devices and specify the destination address for receiving SNMP records. With these settings, the routing and switching devices can record the data through the port and send it to the specified destination.
1. configuration on Cisco 6509
Next we need to enter 6509 to start the SNMP protocol and specify the data receiving destination.
Step 1: Enter the Command Prompt window of computer A and enter "telnet 10.91.30.1" to log on to the 6509 device.
Step 2: enter the correct password, enter the 6509 configuration mode, and then enter the following command.
Snmp-server community softer RO
\ Set the group name of SNMP to softer.
Snmp-server trap-source FastEthernet0/1
\ Uses port Fa0/1 as the monitoring source. If this line is not entered, the device's own router id will be used as the monitoring source.
Snmp-server contact softer@163.com
\ Sets the Administrator's email address.
Snmp-server host 10.91.30.45 softer
\ Set the IP address of the Administrator to 10.91.30.45 (the IP address of computer A) and set the group name (softer ).
Snmp-server enable traps
\ Start monitoring.
Step 3: Save the settings and exit to complete all configurations on the 6509 device.