Friday, March 16, 2012

  SNMP and MRTG on Sarge quick start

There appear to be no uncomplicated introductions to the subject of traffic monitoring on the internet anywhere. So here is one. The objective is to get traffic graphs for the primary interface on your server, workstation or firewall quickly and efficiently.
The system is fairly simple and consists of these parts:
  1. The SNMP server. This allows access via the SNMP protocol to the system's network interface statistics and other data.
  2. The MRTG (Multi router traffic grapher). This is a large Perl script which polls the SNMP server and accumulates information about network usage. This runs periodically from cron and generates graphs at defined intervals
Please note that you can collect and graph anything with these - they are not limited to network statistics. Not only that, you can manage many aspects of your server with SNMP.
Please make sure you have apache or apache2 installed for this to work.
SNMP server configuration
Firstly, you need an SNMP server to provide network interface statstics on demand:
# apt-get install snmpd
You need to edit the configuration for this as it does not allow any connections by default. With your favourite editor, edit:
Comment out the following (prefix with #):
com2sec paranoid default public
Insert the following underneath the commented out section:
com2sec readonly default public
That gives anyone with access to the SNMP server read-only access to the public community. This is the one that contains the interface statistics.
To apply the changes, restart snmpd:
/etc/init.d/snmpd restart
Make sure you firewall off any SNMP related ports so that you don't get any unwanted visitors (check netstat and /etc/services for port information).
Installation of MRTG
MRTG is the main collection and graphing component of the traffic monitoring solution I am presenting here. Firstly, install MRTG:
# apt-get install mrtg
You can manually or automatically generate the configuration file for mrtg. I would recommend doing it automatically as it is a lot easier. Issue the following command:
# cfgmaker --global 'WorkDir: /var/www/mrtg' \
    --output /etc/mrtg.cfg public@
This will generate the configuration file. You then need to make an index file which contains a list of all of your interfaces. Issue the following command:
# indexmaker /etc/mrtg.cfg --columns=1 \
    --output /var/www/mrtg/index.html
You will now need to execute mrtg manually 3 times to create the required database files. Issue the following command 3 times sequentially. On the third run, you should see no errors being reported:
# mrtg
This is executed every 5 minutes by cron. The cron job was added by dpkg for you so you do not have to configure it.
Finally, inspect your results! You will not see any reasonable graphs for quite some time so sit back end relax for a bit!