People have been complaining that not enough bandwidth is available on the lab network for performing testing. To get management to spend some extra money on a faster connection, we needed proof that in fact there is not enough bandwidth.
The lab network consists of a cable modem connection to the Internet. The cable modem connects through a firewall to an internal switch. From the switch multiple internal networks are connected. We needed to find a solution with the capability to easily track network statistics.
Within a short time a solution was theorized consisting of an old Dell laptop, Linux Mint 4.0 Live CD, and ntop. Using these tools, we were able to setup an awesome monitoring station.
By now you are asking what the heck is ntop, well check it out, ntop is a network traffic probe that shows network usage. ntop is based on libpcap and written to virtually run on every Unix platform and Win32. Users use a a web browser to navigate through ntop (that acts as a web server) traffic information and get a dump of the network status and statistics. That sounds awesome right - well it is.
We used Linux Mint because, why not, somebody in the office had just downloaded it and wanted to try it out. Linux Mint is known to have excellent hardware support which is a good thing when using old hardware. Plugged the laptop into an empty switch port and turned on port mirroring in order to capture all the traffic on the network.
Install process:
- Boot machine with the Linux Mint CD
- Use Synaptic Package Manager to install ntop version 3.2, the current version in the Debian tree
- Part of the installation uses an init script to get the groundwork completed
- start ntop; ntop needs to be run as root from the command line. (sudo ntop -w 54321)
54321 denotes the port to run the the web server on that displays. As a side note, you can also use -W to create an https server ifsecurity is more of an issue.
ntop gives all sorts of stats like total bytes/packets sent and received, list all hosts that have sent packets, organizes traffic by application and protocol, and a whole host of other stats. Using the Round Robin Database plugin, you can keep detailed, long term statistics, and can print out nice fancy graphs. Hopefully with our new data statistics from ntop we will be upgrading the Internet connection.
0 comments:
Post a Comment