Solved

Cacti template for IP Aliases

Posted on 2010-09-02
6
1,143 Views
Last Modified: 2013-12-15
I have a RHEL 5 server with Cacti installed. Since this server has multiple IP addresses using IP Aliasing, I need to setup a Cacti template that can monitor each of the IPs for inbound and outbound traffic. I tried using the example document I found here (http://www.roth.lu/cacti-snmp-tut.htm), but it seems to be lacking as it is not clearly written.

Has anyone else tried this type of monitoring? If so, how did you configure Cacti to monitor per IP Alias interface?
0
Comment
Question by:Michael Worsham
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 3

Expert Comment

by:gremwell
ID: 33594250
The page you refer to describes how to configure iptables to count number of incoming and outgoing packets per IP alias. Then the author makes this information available via SNMP. Next it use Cacti to fetch the data from SNMP.

Please specify what part you are having difficulties with.
0
 
LVL 29

Author Comment

by:Michael Worsham
ID: 33595870
The iptables porition isn't showing anything. It keeps showing the amount of data being '0'.

Plus, the section labeled "3B. Graph Template" is confusing in its wording. What actually needs to be modified and in what order, etc?

0
 
LVL 3

Accepted Solution

by:
gremwell earned 500 total points
ID: 33596009
The IP tables part seems to work fine for me. I have attached the scripts (iptables_traffic_rules_gen.sh is slightly modified to take care of chain creation).

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_rules_gen.sh

abb@d820:/usr/local/sbin/snmp_ips$ ./iptables_traffic_iplist.sh -g
192.168.1.103
127.0.0.1
172.16.202.1
172.16.180.1
172.16.190.1
172.16.57.1
172.16.58.1
192.168.122.1

abb@d820:/usr/local/sbin/snmp_ips$ ./iptables_traffic_iplist.sh -i
1
2
3
4
5
6
7
8

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_eval.sh in
13772
0
0
0
0
0
0
0

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_eval.sh out
21070
0
0
0
0
0
0
0

And, after ping localhost:

abb@d820:/usr/local/sbin/snmp_ips$ sudo ./iptables_traffic_eval.sh  in
16582
672
0
0
0
0
0
0

Hope it helps a bit. Can't help you with graph templates though, I don't use cacti myself.
iptables-traffic.zip
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 29

Author Comment

by:Michael Worsham
ID: 33596244
First I did the following:

iptables -N traffic_in
iptables -N traffic_out
iptables -I INPUT 1 -j traffic_in
iptables -I OUTPUT 1 -j traffic_out

Then I tried your scripts. The "iptables_traffic_eval.sh" in nor out doesn't display anything.

Below is the output when I just do 'iptables -vxnL'.


Chain INPUT (policy ACCEPT 1350998 packets, 1824050953 bytes)
    pkts      bytes target     prot opt in     out     source               destination
     244    19151 traffic_in  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
    pkts      bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 967645 packets, 65040517 bytes)
    pkts      bytes target     prot opt in     out     source               destination
     185    30288 traffic_out  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain traffic_in (1 references)
    pkts      bytes target     prot opt in     out     source               destination

Chain traffic_out (1 references)
    pkts      bytes target     prot opt in     out     source               destination

Open in new window

0
 
LVL 3

Expert Comment

by:gremwell
ID: 33600027
I'm not sure why chain traffic_in and traffic_out chains are empty in your case. Normally they should be populated by iptables_traffic_rules_gen.sh. Are you sure you have executed it? For me the end of the output you have quoted looks like following:
-------------
Chain traffic_in (1 references)
    pkts      bytes target     prot opt in     out     source               destination        
       0        0            all  --  *      !lo     0.0.0.0/0            169.254.6.228      
       0        0            all  --  *      !lo     0.0.0.0/0            127.0.0.1          
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.202.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.180.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.190.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.57.1        
       0        0            all  --  *      !lo     0.0.0.0/0            172.16.58.1        
       0        0            all  --  *      !lo     0.0.0.0/0            192.168.122.1      
      17     2000            all  --  *      !lo     0.0.0.0/0            192.168.1.103      

Chain traffic_out (1 references)
    pkts      bytes target     prot opt in     out     source               destination        
       0        0            all  --  !lo    *       169.254.6.228        0.0.0.0/0          
       0        0            all  --  !lo    *       127.0.0.1            0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.202.1         0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.180.1         0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.190.1         0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.57.1          0.0.0.0/0          
       0        0            all  --  !lo    *       172.16.58.1          0.0.0.0/0          
       0        0            all  --  !lo    *       192.168.122.1        0.0.0.0/0          
      23     1686            all  --  !lo    *       192.168.1.103        0.0.0.0/0          
-------------

Maybe the output of the following commands will give us some clue:

sh -x ./iptables_traffic_iplist.sh -g
sh -x ./iptables_traffic_iplist.sh -i
sudo sh -x ./iptables_traffic_rules_gen.sh
0
 
LVL 29

Author Closing Comment

by:Michael Worsham
ID: 33601709
The modified scripts helped out a lot. It seems I didn't run the initial iptables_traffic_rules_gen.sh script correctly, thus nothing was being produced.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
regular expression help for sed command 5 64
NFS v4 7 76
Krita v3 Linux Mint/Ubuntu 16.04 9 76
http response code 3 39
I am a long time windows user and for me it is normal to have spaces in directory and file names. Changing to Linux I found myself frustrated when I moved my windows data over to my new Linux computer. The problem occurs when at the command line.…
If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question