Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Cacti template for IP Aliases

Posted on 2010-09-02
6
Medium Priority
?
1,157 Views
Last Modified: 2013-12-15
I have a RHEL 5 server with Cacti installed. Since this server has multiple IP addresses using IP Aliasing, I need to setup a Cacti template that can monitor each of the IPs for inbound and outbound traffic. I tried using the example document I found here (http://www.roth.lu/cacti-snmp-tut.htm), but it seems to be lacking as it is not clearly written.

Has anyone else tried this type of monitoring? If so, how did you configure Cacti to monitor per IP Alias interface?
0
Comment
Question by:Michael Worsham
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 3

Expert Comment

by:gremwell
ID: 33594250
The page you refer to describes how to configure iptables to count number of incoming and outgoing packets per IP alias. Then the author makes this information available via SNMP. Next it use Cacti to fetch the data from SNMP.

Please specify what part you are having difficulties with.
0
 
LVL 29

Author Comment

by:Michael Worsham
ID: 33595870
The iptables porition isn't showing anything. It keeps showing the amount of data being '0'.

Plus, the section labeled "3B. Graph Template" is confusing in its wording. What actually needs to be modified and in what order, etc?

0
 
LVL 3

Accepted Solution

by:
gremwell earned 2000 total points
ID: 33596009
The IP tables part seems to work fine for me. I have attached the scripts (iptables_traffic_rules_gen.sh is slightly modified to take care of chain creation).

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_rules_gen.sh

abb@d820:/usr/local/sbin/snmp_ips$ ./iptables_traffic_iplist.sh -g
192.168.1.103
127.0.0.1
172.16.202.1
172.16.180.1
172.16.190.1
172.16.57.1
172.16.58.1
192.168.122.1

abb@d820:/usr/local/sbin/snmp_ips$ ./iptables_traffic_iplist.sh -i
1
2
3
4
5
6
7
8

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_eval.sh in
13772
0
0
0
0
0
0
0

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_eval.sh out
21070
0
0
0
0
0
0
0

And, after ping localhost:

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_eval.sh  in
16582
672
0
0
0
0
0
0

Hope it helps a bit. Can't help you with graph templates though, I don't use cacti myself.
iptables-traffic.zip
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 29

Author Comment

by:Michael Worsham
ID: 33596244
First I did the following:

iptables -N traffic_in
iptables -N traffic_out
iptables -I INPUT 1 -j traffic_in
iptables -I OUTPUT 1 -j traffic_out

Then I tried your scripts. The "iptables_traffic_eval.sh" in nor out doesn't display anything.

Below is the output when I just do 'iptables -vxnL'.


Chain INPUT (policy ACCEPT 1350998 packets, 1824050953 bytes)
    pkts      bytes target     prot opt in     out     source               destination
     244    19151 traffic_in  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
    pkts      bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 967645 packets, 65040517 bytes)
    pkts      bytes target     prot opt in     out     source               destination
     185    30288 traffic_out  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain traffic_in (1 references)
    pkts      bytes target     prot opt in     out     source               destination

Chain traffic_out (1 references)
    pkts      bytes target     prot opt in     out     source               destination

Open in new window

0
 
LVL 3

Expert Comment

by:gremwell
ID: 33600027
I'm not sure why chain traffic_in and traffic_out chains are empty in your case. Normally they should be populated by iptables_traffic_rules_gen.sh. Are you sure you have executed it? For me the end of the output you have quoted looks like following:
-------------
Chain traffic_in (1 references)
    pkts      bytes target     prot opt in     out     source               destination        
       0        0            all  --  *      !lo     0.0.0.0/0            169.254.6.228      
       0        0            all  --  *      !lo     0.0.0.0/0            127.0.0.1          
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.202.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.180.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.190.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.57.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.58.1        
       0        0            all  --  *      !lo     0.0.0.0/0            192.168.122.1      
      17     2000            all  --  *      !lo     0.0.0.0/0            192.168.1.103      

Chain traffic_out (1 references)
    pkts      bytes target     prot opt in     out     source               destination        
       0        0            all  --  !lo    *       169.254.6.228        0.0.0.0/0          
       0        0            all  --  !lo    *       127.0.0.1            0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.202.1         0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.180.1         0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.190.1         0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.57.1          0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.58.1          0.0.0.0/0          
       0        0            all  --  !lo    *       192.168.122.1        0.0.0.0/0          
      23     1686            all  --  !lo    *       192.168.1.103        0.0.0.0/0          
-------------

Maybe the output of the following commands will give us some clue:

sh -x ./iptables_traffic_iplist.sh -g
sh -x ./iptables_traffic_iplist.sh -i
sudo sh -x ./iptables_traffic_rules_gen.sh
0
 
LVL 29

Author Closing Comment

by:Michael Worsham
ID: 33601709
The modified scripts helped out a lot. It seems I didn't run the initial iptables_traffic_rules_gen.sh script correctly, thus nothing was being produced.
0

Featured Post

Python: Series & Data Frames With Pandas

Learn the basics of Python’s pandas library of series & data frames and how we can use these tools for data manipulation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question