ntop is a network traffic tools that shows network usage in a real time. One of the good things about this tool is that you can use a web browser to manage and navigate through ntop traffic information to better understand network status.

Also Ntop monitors and reports hosts traffic and supports these protocols:

• TCP/UDP/ICMP
• (R)ARP
• IPX
• DLC
• Decnet
• AppleTalk
• Netbios
• TCP/UDP

In this tutorial we’ll install ntop 3.2 in Redhat Enterprise Linux 5

Prerequisites

Ntop 3.2
LIBPCAP
GDBM

Links

http://dag.wieers.com/rpm/packages/ntop

for LIBPCAP & GDBM packages check installation media of RHEL 5.

Installation

Installing ntop:

rpm -ivh ntop-3.2-2.el5.rf.i386.rpm

Running ntop

1- Initialize ntop:

ntop

That will initialize ntop and it will ask you to enter your username and password.

The default username: admin

Password: younewpassword

2- Start ntop service:

service ntop start

Log In To The Web Interface

ntop can be managed through a web interface. You can enter your server address in your web browser:

http://ServerIP:3000

https://ServerIP:3001

Now you can monitor your hosts and manage your ntop configuration.

Thanks

Ravi

Introduction

MRTG is wonderful tool. You can use it to monitor traffic on your router or leased server located at remote IDC. Since it is written in Perl and some code in C language, it is portable and high performance tool.

What is MRTG?

As explained in official mrtg(1) man page “The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic load on network-links. MRTG generates HTML pages containing GIF images which provide a LIVE visual representation of this traffic. Please note following discussion based upon Red Hat Linux Enterprise version 4.

What is SNMP and why should I care?

SNMP is Simple Network Management Protocol. It is use to manage IP network devices such as servers, routers, switches etc. Administrator can find or manage network performance, solve problem or even optimize it further. For more information on official UNIX/Linux SNMP please see UCD-SNMP/NET-SNMP Tutorials and an excellent resource at Snmplink.org

Assumptions

These installation instructions assume you have:

• Linux distribution
• You would like to perform MRTG and snmp binary installation using rpm. If you are looking for source installation then visit author’s web site here. This page has an excellent information (systematically) to install it from source.
• Required RPMs
  • mrtg
  • snmp
  • snmp-utils
• Installations were tested on Red Hat Enterprise Linux version 4 & 5.

Configuration

Make sure snmp server is working. Without proper working snmp server, mrtg will not work. Therefore, first step is make sure snmp up and running. Following steps will take you gradually to configure it.

Configure SNMP

(1) Edit file /etc/snmp/snmpd.conf using text editor:

# vi /etc/snmp/snmpd.conf

Change/Modify line(s) as follows:

Find following Line:

com2sec notConfigUser  default       public

Replace with (make sure you replace 192.168.0.0/24 replace with your network IPs) following lines:

com2sec local     localhost           public

com2sec mynetwork 192.168.0.0/24      public

Scroll down bit and change:

Find Lines:

group   notConfigGroup v1           notConfigUser

group   notConfigGroup v2c           notConfigUser

Replace with:

group MyRWGroup v1         local

group MyRWGroup v2c        local

group MyRWGroup usm        local

group MyROGroup v1         mynetwork

group MyROGroup v2c        mynetwork

group MyROGroup usm        mynetwork

Again scroll down bit and locate following line:

Find line:

view    systemview     included      system

Replace with:

view all    included  .1                               80

Again scroll down bit and change:

Find line:

access  notConfigGroup ""      any       noauth    exact  systemview none none

Replace with:

access MyROGroup ""      any       noauth    exact  all    none   none

access MyRWGroup ""      any       noauth    exact  all    all    none

Scroll down bit and change:

Find lines:

syslocation Unknown (edit /etc/snmp/snmpd.conf)

syscontact Root  (configure /etc/snmp/snmp.local.conf)

Replace with (make sure you supply appropriate values):

syslocation Linux (RH4_UP4), Ravi’s Linux Router.

syscontact Ravi Bhure <ravi@indianGNU.org>

Start your snmp server and test it:

(a) Make sure when linux comes up snmpd always starts:

 # chkconfig snmpd on

(b) Make sure service start whenever Linux comes up (after reboot):

 # service snmpd start

(c) Finally test your snmp server:

# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex

Install mrtg if not installed

Mrtg software may install during initial installation; you can verify if MRTG installed or not with following RPM command:

rpm -qa | grep mrtg

Use rpmfind.net to find MRTG rpm or up2date command to install MRTG software:

# up2date -v -i mrtg

Fedora Linux user can use yum command as follows to install MRTG:

# yum install mrtg

Commands to Configure mrtg

(a) Create document root to store mrtg graphs/html pages:

# mkdir -p /var/www/html/mymrtg/

(b) Run any one of the following cfgmaker command to create mrtg configuration file:

#cfgmaker --global 'WorkDir: /var/www/html/mymrtg' --output /etc/mrtg/mymrtg.cfg public@localhost

OR (make sure your FQDN resolves, in following example i’m using example.com which is my router FQDN address)

# cfgmaker --global 'WorkDir: /var/www/html/mymrtg' --output /etc/mrtg/mymrtg1.cfg public@example.com

(c) Create default index page for your MRTG configuration:

# indexmaker --output=/var/www/html/mymrtg/index.html /etc/mrtg/mymrtg1.cfg

(d) Copy all tiny png files to your mrtg path:

# cp -av /var/www/mrtg/*.png /var/www/html/mymrtg/

(e) Create /etc/httpd/conf.d/mymrtg.conf and write just one line

Alias /mymrtg /var/www/mymrtg

Save and exit.

First test run of mrtg

(a) Run mrtg command from command line with your configuration file:

# mrtg /etc/mrtg/mymrtg1.cfg

Note: You may get few warning message for first time; ignore them.

(b) Fire your favorite web browser (like FireFox ) and type url http://www.your.com/mymrtg/ or http://your-ip/mymrtg/

Create crontab entry so that mrtg graph / images get generated every 5 minutes

(a) Login as a root user or login as a mrtg user and type following command:

# crontab -e

(b) Add mrtg cron job entry to configuration file (append following line to it):

*/5 * * * * /usr/bin/mrtg /etc/mrtg/mymrtg1.cfg --logging /var/log/mrtg.log

Save file and you are done with MRTG config issues

NOw NJoy MRTG.

Thanks

Ravi

CUPS (Common Unix Printing) system is one of the open source printer server. CUPS provides a portable printing layer for UNIX-based operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces.

CUPS uses the Internet Printing Protocol (IPP) as the basis for managing print jobs and queues. The Line Printer Daemon (LPD) Server Message Block (SMB), and AppSocket (JetDirect) protocols are also supported with reduced functionality. CUPS adds network printer browsing and PostScript Printer Description (PPD) based printing options to support real-world printing under UNIX.

1] Why CUPS Printer Server ? -

CUPS is designed to eliminate the printing problem. One common printing system can be used by all UNIX variants to support the printing needs of users. Printer vendors can use its modular filter interface to develop a single driver program that supports a wide range of file formats with little or no effort. Since CUPS provides both the System V and Berkeley printing commands, users (and applications) can reap the benefits of this new technology with no changes. CUPS is based upon an emerging Internet standard called the Internet Printing Protocol (IPP), which a standard protocol for printing as well as managing print jobs and printer options like media size, resolution etc. Like all IP-based protocols, IPP can be used locally or over the Internet to printers hundreds or thousands of miles away. Unlike other protocols, however, IPP also supports access control, authentication, and encryption, making it a much more capable and secure printing solution than older ones.

Backends - Backends perform the most important task of all they send the filtered print data to the printer. CUPS provides backends for printing over parallel, serial, and USB ports, and over the network via the IPP, JetDirect (AppSocket), and Line Printer Daemon (LPD) protocols. Additional backends are available in network service packages such as the SMB backend included with the popular SAMBA software. backends are also used to determine the available devices. On startup each backend is asked for a list of devices it supports.

— printer installation, configuration, quota managment, page log and accounting etc.. will be updated soon

Thank you,

Arun Bagul

Overview

We have three Internet connection from three different ISP.

Due to hardware limitation we have connected two ISP line connected to one PC.
Details regarding to Interface is-
etho -192.168.0.X
eth1- A.B.C.D

ppp0- W.X.Y.Z

Why Load Balancing ?

The main purpose of load balancing is to share multiple Internet connection from different service provider for maximum utilization of bandwidth. We try to achieve this goal by two method

A) Load Balancing by using EQL interface-

EQL is serial line load balancer which is kernel module. by which we can enslave or tie multiple serial line from different or same provider. But the condition is that this line should be connected through modem. Which is not suitable for us.

B) Load Balancing by IP tables and Routing-

There are many places where a Linux based router/masquerading device can assist in managing multiple Internet connections. We’ll outline here some of the more common setups involving multiple Internet connections and how to manage them with iptables and routing. One of the first distinctions you can make when planning how to use multiple Internet connections is what inbound services you expect to host and how you want to split traffic over the multiple links.

Step by step implementation

When we are using single connection from one ISP in such case our default route will me in ‘main’ routing table of kernel. Now in our case we have connected two connection to proxy server out of that one line is from ‘pacenet’ and other is from ‘sify’. As we have not implemented load balancing the default router in ‘main’ table of kernel will be either fro sify or pacenet.

[1] How it works

Lets us check our ‘main’ routing table ….

magnet@proxy:~$ ip route show table main
25.X.X.X dev ppp0 proto kernel scope link src W.X.Y.Z
192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X
10.X.X.X/24 dev eth1 proto kernel scope link src A.B.C.D
default dev ppp0 scope link
magnet@proxy:~$

root@proxy:~# ip route show table main
25.X.X.X dev ppp0 proto kernel scope link src W.X.Y.Z
192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X
10.X.X.X/24 dev eth1 proto kernel scope link src A.B.C.D
default via 10.X.X.X dev eth1
root@proxy:~#

To use both the line effectively we need to create to two new routing table. So that we can provide default gateway in each routing table separately.

Step [1]

First step in load balancing is to create separate routing table for each connection. Lets create table.

root@proxy:~# tail /etc/iproute2/rt_tables
253 sify3
252 sify192
251 pacenet
root@proxy:~#

Whenever we want to create new routing table we need to add entries in above file.

step [2]

Now we will add routing details in this table

root@proxy:~# ip route add 25.X.X.X dev ppp0 src W.X.Y.Z proto kernel scope link table pacenet
root@proxy:~# ip route add default via 25.X.X.X table pacenet
root@proxy:~# ip route show table pacenet
25.X.X.X dev ppp0 proto kernel scope link src W.X.Y.Z
default via 25.X.X.X dev ppp0
root@proxy:~#

As shown above we have created separate routing table ‘pacenet’ for pacenet connection. With default gateway 25.X.X.X and interface ppp0.
Similarly we have created separate routing table ‘sify3′ for sify connection. with defalut gateway 10.X.X.X and interface eth1.

root@proxy:~# ip route add 10.X.X.X/24 dev eth1 src A.B.C.D proto kernel scope link table sify3
root@proxy:~# ip route add default via 10.X.X.X table sify3

root@proxy:~# ip route show table sify3
10.X.X.X/24 dev eth1 proto kernel scope link src A.B.C.D
default via 10.X.X.X dev eth1
root@proxy:~#

step [3]

One more thing we left here is that we have to add entries for local network in both table. This is basic setup for separating routing decision for both provider.

root@proxy:~# ip route add 192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X table sify3
root@proxy:~# ip route add 192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X table pacenet

Finally we will check entries in each routing table

root@proxy:~# ip route show table sify3
192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X
10.X.X.X/24 dev eth1 proto kernel scope link src A.B.C.D
default via 10.X.X.X dev eth1

root@proxy:~# ip route show table pacenet
25.X.X.X dev ppp0 proto kernel scope link src W.X.Y.Z
192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X
default via 25.X.X.X dev ppp0
root@proxy:~#

step [4]

Next, we will set up the routing rules. These actually choose what routing table to route with. You want to make sure that you route out a given interface if you already have the corresponding source address:

root@proxy:~# ip rule add from W.X.Y.Z table pacenet
root@proxy:~# ip rule add from A.B.C.D table sify3

Here W.X.Y.Z is the static IP assign to ppp0 interface. The first rule tells to kernel that use table ‘pacenet’ to route all the pkts going out of interface ppp0 similarly for sify connection.

Step [5]  Now delete default route in ‘main’ table.

root@proxy:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
25.X.X.X 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.0.X 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.X.X.X 0.0.0.0 255.255.255.0 U 0 0 0 eth1
0.0.0.0 10.X.X.1 0.0.0.0 UG 0 0 0 eth1
root@proxy:~# route del default
root@proxy:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
25.1.1.2 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.10.127.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
root@proxy:~# ip route show
25.1.1.2 dev ppp0 proto kernel scope link src 203.115.69.16
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.3
10.10.127.0/24 dev eth1 proto kernel scope link src 10.10.127.222

Step [6]

Now the question is how to balance traffic going out over the two providers. This is actually not hard if you already have set up split access as above. Instead of choosing one of the two providers as your default route,We will set up the default route to be a multipath route. In the default kernel this will balance routes over the two providers. It is done as follows (once more building on the example in the section on split-access):

root@proxy:~# ip route add default nexthop via 10.X.X.1 dev eth1 weight 1 nexthop via W.X.Y.Z dev ppp0 weight 1

root@proxy:~# ip route show
25.X.X.X dev ppp0 proto kernel scope link src W.X.Y.Z
192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X
10.X.X.X/24 dev eth1 proto kernel scope link src A.B.C.D
default
nexthop via A.B.C.D dev eth1 weight 1
nexthop via W.X.Y.Z dev ppp0 weight 1
root@proxy:~#

This will balance the routes over both providers. The weight parameters can be tweaked to favor one provider over the other.
Note that balancing will not be perfect, as it is route based, and routes are cached. This means that routes to often-used sites will always be over the same provider.
Thank you

Arun Bagul

Reference URL:–

http://linux-ip.net/html/index.html

http://linux-ip.net/html/ch-advanced-routing.html

http://lartc.org/howto/lartc.rpdb.html

http://lartc.org/howto/lartc.rpdb.multiple-links.html

http://www.shorewall.net/