Solved

Cacti template for IP Aliases

Posted on 2010-09-02
6
1,124 Views
Last Modified: 2013-12-15
I have a RHEL 5 server with Cacti installed. Since this server has multiple IP addresses using IP Aliasing, I need to setup a Cacti template that can monitor each of the IPs for inbound and outbound traffic. I tried using the example document I found here (http://www.roth.lu/cacti-snmp-tut.htm), but it seems to be lacking as it is not clearly written.

Has anyone else tried this type of monitoring? If so, how did you configure Cacti to monitor per IP Alias interface?
0
Comment
Question by:Michael W
  • 3
  • 3
6 Comments
 
LVL 3

Expert Comment

by:gremwell
ID: 33594250
The page you refer to describes how to configure iptables to count number of incoming and outgoing packets per IP alias. Then the author makes this information available via SNMP. Next it use Cacti to fetch the data from SNMP.

Please specify what part you are having difficulties with.
0
 
LVL 29

Author Comment

by:Michael W
ID: 33595870
The iptables porition isn't showing anything. It keeps showing the amount of data being '0'.

Plus, the section labeled "3B. Graph Template" is confusing in its wording. What actually needs to be modified and in what order, etc?

0
 
LVL 3

Accepted Solution

by:
gremwell earned 500 total points
ID: 33596009
The IP tables part seems to work fine for me. I have attached the scripts (iptables_traffic_rules_gen.sh is slightly modified to take care of chain creation).

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_rules_gen.sh

abb@d820:/usr/local/sbin/snmp_ips$ ./iptables_traffic_iplist.sh -g
192.168.1.103
127.0.0.1
172.16.202.1
172.16.180.1
172.16.190.1
172.16.57.1
172.16.58.1
192.168.122.1

abb@d820:/usr/local/sbin/snmp_ips$ ./iptables_traffic_iplist.sh -i
1
2
3
4
5
6
7
8

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_eval.sh in
13772
0
0
0
0
0
0
0

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_eval.sh out
21070
0
0
0
0
0
0
0

And, after ping localhost:

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_eval.sh  in
16582
672
0
0
0
0
0
0

Hope it helps a bit. Can't help you with graph templates though, I don't use cacti myself.
iptables-traffic.zip
0
Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

 
LVL 29

Author Comment

by:Michael W
ID: 33596244
First I did the following:

iptables -N traffic_in
iptables -N traffic_out
iptables -I INPUT 1 -j traffic_in
iptables -I OUTPUT 1 -j traffic_out

Then I tried your scripts. The "iptables_traffic_eval.sh" in nor out doesn't display anything.

Below is the output when I just do 'iptables -vxnL'.


Chain INPUT (policy ACCEPT 1350998 packets, 1824050953 bytes)

    pkts      bytes target     prot opt in     out     source               destination

     244    19151 traffic_in  all  --  *      *       0.0.0.0/0            0.0.0.0/0



Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

    pkts      bytes target     prot opt in     out     source               destination



Chain OUTPUT (policy ACCEPT 967645 packets, 65040517 bytes)

    pkts      bytes target     prot opt in     out     source               destination

     185    30288 traffic_out  all  --  *      *       0.0.0.0/0            0.0.0.0/0



Chain traffic_in (1 references)

    pkts      bytes target     prot opt in     out     source               destination



Chain traffic_out (1 references)

    pkts      bytes target     prot opt in     out     source               destination

Open in new window

0
 
LVL 3

Expert Comment

by:gremwell
ID: 33600027
I'm not sure why chain traffic_in and traffic_out chains are empty in your case. Normally they should be populated by iptables_traffic_rules_gen.sh. Are you sure you have executed it? For me the end of the output you have quoted looks like following:
-------------
Chain traffic_in (1 references)
    pkts      bytes target     prot opt in     out     source               destination        
       0        0            all  --  *      !lo     0.0.0.0/0            169.254.6.228      
       0        0            all  --  *      !lo     0.0.0.0/0            127.0.0.1          
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.202.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.180.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.190.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.57.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.58.1        
       0        0            all  --  *      !lo     0.0.0.0/0            192.168.122.1      
      17     2000            all  --  *      !lo     0.0.0.0/0            192.168.1.103      

Chain traffic_out (1 references)
    pkts      bytes target     prot opt in     out     source               destination        
       0        0            all  --  !lo    *       169.254.6.228        0.0.0.0/0          
       0        0            all  --  !lo    *       127.0.0.1            0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.202.1         0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.180.1         0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.190.1         0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.57.1          0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.58.1          0.0.0.0/0          
       0        0            all  --  !lo    *       192.168.122.1        0.0.0.0/0          
      23     1686            all  --  !lo    *       192.168.1.103        0.0.0.0/0          
-------------

Maybe the output of the following commands will give us some clue:

sh -x ./iptables_traffic_iplist.sh -g
sh -x ./iptables_traffic_iplist.sh -i
sudo sh -x ./iptables_traffic_rules_gen.sh
0
 
LVL 29

Author Closing Comment

by:Michael W
ID: 33601709
The modified scripts helped out a lot. It seems I didn't run the initial iptables_traffic_rules_gen.sh script correctly, thus nothing was being produced.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Oracle 12c patching 1 60
i can not do linux commands in cygwin windows 10 6 60
Hacked File Timestamps 4 49
Setting up static IP - Ubuntu server 16.04 12 23
If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now