Saturday, September 3, 2011

Mrtg on Linux

1. Introduction

MRTG (Multi Router Traffic Grapher) is an application that allows us to observe the traffic of a network. It generates html pages with graphs which are refreshed according to our network’s current state. Its source is written in Perl and C which means that it can be installed in every Operating System we like. We will also need SNMP daemon (Simple Network Management Protocol) which gives us information for a network. The following installation was accomplished under Linux and specifically Fedora Core 6. With some little changes it can be used and under other distros.

2. SNMP server

2.1 Installation
Initially we install the packets needed for SNMP. Yum makes this job a lot easier.
Next we make snmpd service to start automatically for the runlevels we want.
# yum install net-snmp-utils net-snmp  
And we start the server.
# chkconfig --level 345 snmpd
We can see that it is running in port 199.
# service snmpd start
# netstat -natv | grep ':199'
tcp        0      0     *                   LISTEN  

2.2  Configuration

We run ‘snmpwalk’ which creates a “tree” of information for our network.

If you see an output like this one you may proceed with the MRTG installation. Else you should make some configuration first.
# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex
ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex. = 1
ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex. = 2 

We keep a backup of snmpd.conf just in case anything goes wrong  
# cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.original 

We open it
# nano /etc/snmp/snmpd.conf
And do the follow changes:
  • we change this line
com2sec notConfigUser  default       public
with those
com2sec local          localhost        public
com2sec mynetwork      public 

where we put what our network is
  • we change those lines
group   notConfigGroup v1           notConfigUser group   notConfigGroup v2c          notConfigUser 

with those
group   MyRWGroup      v1          local
group   MyRWGroup      v2c         local
group   MyRWGroup      usm       local
group   MyROGroup      v1          mynetwork
group   MyROGroup      v2c         mynetwork
group   MyROGroup      usm       mynetwork  
  • we change those lines
view    systemview    included   . view    systemview    included   .  
with this one
view    all            included      .1              80
  • we change this line
access  notConfigGroup ""      any       noauth    exact  systemview none none
with those
access MyROGroup ""      any       noauth    exact  all    none   none
access MyRWGroup ""      any       noauth    exact  all    all    none   
  • and finally we change those lines
syslocation Unknown (edit /etc/snmp/snmpd.conf) syscontact Root  (configure /etc/snmp/snmp.local.conf) 

with something like this
syslocation Linux, Fedora Core 6
syscontact Root root@localhost   
  2.3 Check
We restart the server to take affect of the notices
# service snmpd restart

And we run again
# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex
Now we should see something like that
IP-MIB::ipAdEntIfIndex. = INTEGER: 2
IP-MIB::ipAdEntIfIndex. = INTEGER: 1 
Where is your ip address.

3.1 Installation

We again use yum
# yum install mrtg
3.2 Configuration
We create the folder in which our graphs and html pages will be kept
# mkdir /var/www/html/mrtg/

And we run ‘cfgmaker’ for the configuration file to be created.
# cfgmaker --global "workdir: /var/www/mrtg" -ifref=ip --output /etc/mrtg/mrtg.cfg --global 'options[_]: growright,bits' public@localhost
Here you should pay notice to --output /etc/mrtg/mrtg.cfg as long as to public@localhost. With this command we tell MRTG to create a configuration file with the name ‘mrtg.cfg’ for the traffic of our computer (localhost). Instead of localhost you may put the address of any computer you may monitor as long as it runs SNMP. 
Next we create our default index page
# indexmaker --output=/var/www/html/mrtg/index.html /etc/mrtg/mrtg.cfg

3.2.1 Apache configuration
Next we have to configure apache for MRTG to work correctly. MRTG creates a file ‘mrtg.cfg’ under /etc/httpd/conf.d we contains all the necessary for Apache. We change it to contain the ips we want to have access to our MRTG graphs. Here I have added all my network. 
Alias /mrtg /var/www/mrtg

   Order deny,allow 

   Deny from all
   Allow from
3.3 Check
We run the following command 
In case you get an error like this
# mrtg /etc/mrtg/mrtg.cfg
ERROR: Mrtg will most likely not work properly when the environment
      variable LANG is set to UTF-8. Please run mrtg in an environment
      where this is not the case. Try the following command to start:
       env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg  
you have to run the above command more than once till it runs without any error. This is normal.
# env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg 23-02-2007 17:28:53, Rateup WARNING: /usr/bin/rateup Can't remove localhost_2.old updating log file
# env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
Finally we open our browser and type

You should see something like this
And by clicking on it something like this
There are daily, weekly, monthly and yearly graphs which aren’t shown in the screenshot. By changing the .cfg file we can alter the information displayed to what we just want. 
4. Outroduction
With the same way it is possible to add as many computers as we want and therefore have a general overview of our network. Enjoy! ;)