|
|
|
|
MRTG and SNMP Overview
By Scott Seong
1. What is MRTG?
MRTG is a traffic monitoring tool that generates HTML pages containing PNG images of inbound and outbound traffic patterns. MRTG makes use of the SNMP (Simple Network Management Protocol) to do the necessary work, so it is critical that an administrator have a basic understanding of SNMP protocol in order to properly setup MRTG.
Even with explosive growth in Internet and advancement in computing technology, network bandwidth is still very expensive resource today. As a system and network administrator, maintaining highly-available network resources such as routers, hubs and servers in the network environment is very overwhelming tasks. By monitoring traffic , network managers can easily pinpoint bottlenecks, understand bandwidth utilization on various traffic points, detect network and denial-of-service attacks, and discover security problems. Monitoring an expensive WAN (Wide Area Network) connection to an ISP that connects corporate network to the Internet is worthwhile in terms of understanding bandwidth utilization and to determine appropriate time for upgrade and downgrade. MRTG is a FREE tool that can be used to monitor network traffic on Linux and Windows platforms.
2. What is SNMP?
SNMP (Simple Network Management Protocol) is an application layer protocol on TCP/IP network that facilitates the exchange of management information between network devices. SNMP allows management of network devices with a simple design that causes very little stress on the network. SNMP is operating in client/server architecture where agent acts as the server and manager acts as the client.
The SNMP manager is the software that runs in a workstation that polls the information stored in the SNMP agents, and present the data in human readable format. The SNMP agent is the server software that runs on the managed nodes (or hardware devices), that collects and stores information about the managed device in a data structure called MIB (Management Information Base). Nearly all network manufacturers implement versions (v2 or v3) of SNMP agent in their devices. MRTG (SNMP manager) polls information from a Router or a server running SNMP agent. A SNMP manager can perform two different type of operations on an agent: read data from the MIB (get-request), or write data to the MIB (set-request).
3. What are SNMP Communities?
SNMP is a very simple protocol, and hence supports only two type of authentication schemes: public and private. The public allows SNMP managers to request the value of MIB variables, and the private allows mangers to set the value of MIB variables. These two types of authentication (passwords) schemes are called SNMP Communities. Network devices (SNMP agents) that connects to SNMP managed network must have these two communities defined in order to communicate with SNMP managers. MRTG only performs get-request to collect data stored in the SNMP agent, and convert them into pretty graphics that can be displayed on the web.
4. What is the MIB?
MIB (Management Information Base) is a data structure used to store SNMP data. The MIB data is structured in a tree form, and there is a unique path to reach each object. Each MIB object (or variable) must be declared in an ISO formal language called ASN.1 that makes each MIB object globally unambiguous.
SNMP software may refer an object by its name or an id (OID), and uses absolute and relative tree hierarchy. To identify an object by absolute path, the name or id hierarchy must start with the dot. For example the tcp node in the mib-2 tree may be referred by:
.iso.org.dod.internet.mgmt.mib-2.tcp
or, it may be referred by its numerical format:
.1.3.6.1.2.1.6 |
User Comments:
|
|
|
|
|
Current Users : 60 (Member 0)
