1 Network Monitoring Tools for Monitoring MPLS Links using PRTG Network Monitor Tool S Suruthi Department of Banking Technology Pondicherry University Pondicherry Project Guide: Dr. N.P. Dhavale DGM, INFINET Department Institute of Development and Research in Banking Technology (IDRBT) Road No. 1, Castle Hills, Masab Tank, Hyderabad
2 CERTIFICATE This is to certify that project report titled Open Source Networking Tools for Monitoring the MPLS Nodes submitted by S Suruthi of 2 nd year MBA(BT), Department of Banking Technology, Pondicherry University, is record of a bonafide work carried out by her under my guidance during the period 10 th May 2012 to 6 th July 2012 at Institute of Development and Research in Banking Technology (IDRBT), Hyderabad. The project work is a research study, which has been successfully completed as per the set objectives. Dr. N.P. Dhavale DGM, Infinet office IDRBT,Hyderabad
3 CONTENTS Sl. No. 1. Project Objective 2. Project Carried Out An overview 3. Introduction 4. Phase I of Project 5. Index What is Network Monitoring? Why Network Monitoring is required? Indian FInancial NETwork (INFINET) MPLS Architecture Categories of Links Tools for the Study Phase II of Project Network monitoring with PRTG Network Monitor Tool System Requirements for the Tool Hardware Requirements Software requirements Installation Procedure Network Monitoring with PRTG Network Monitor Key Features What is special in PRTG About the tool Major sensors used in the course of the study PRTG Graphs 6. Pros and Cons of PRTG 7. Phase III Comparison of all tools studied. 8. Conclusion 9. References
4 ABBREVIATIONS CAT1 Category 1 CAT2 Category 2 CPE Customer Premise Equipment CRC Cyclic Redundancy Check ICMP Internet Control Message Protocol IMAP Internet Message Access Protocol INFINET INdian FInancial NETwork MPLS Multi Protocol Label Switching PRTG Paessler Router Traffic Grapher SNMP Simple Network Management Protocol VPN Virtual Private Network WMI Windows Management Instrumentation
5 Project Objective To monitor the MPLS links and devices using the various network monitoring tools based on certain characteristics such as Link Utilization, Interface status and utilization Device resources like CPU, Memory, etc., Bandwidth Utilization, Link Performance (Latency, Packet Drops, CRC errors etc.), Protocol Status, Monitoring Configuration Changes, Alerts and Alarms on real time basis. Study and summarize the pros and cons of each and every tool used and finally select the tools of best usage for implementation in the real time network server. network. Install the network monitoring tool softwares in the server and work out on the
6 Project Carried Out An Overview The project is a group work consisting of 9 members and the work carried out given was classified into three phases such as: Phase I Study the Network, Identify the various network monitoring tools available in both open source as well as the licensed tools, know the network monitoring parameters. Phase II Install the identified tools to study the working of various tools chosen and monitor the network devices added, and measure the various network monitoring parameters such as Device Availability, Link Status, CPU Utilization, Memory Utilization, Bandwidth Utilization, Protocol Status, Link Performance (Latency, Packet Drops, CRC errors etc.), Monitoring Configuration Changes, Alerts and Alarms on real time basis. Phase III Comparing the various tools studied and summarize which choosing the best suited tools for network monitoring.
7 Introduction What is Network Monitoring? The term network monitoring describes the use of a system that constantly monitors a computer network for slow or failing components and that notifies the network administrator (via , SMS or other alarms) in case of outages. It normally measures the processor (CPU) utilization of hosts, the network bandwidth utilization of links, and other aspects of operation. It will often send messages (sometimes called watchdog messages) over the network to each host to verify it is responsive to requests. When failures, unacceptably slow response, or other unexpected behaviour is detected, these systems send additional messages called alerts to designated locations (such as a management server, an address, or a phone number) to notify system administrators. Network monitoring is usually performed through the use of software applications and tools. At the most basic level, ping is a type of network monitoring tool. Other commercial software packages may include a network monitoring system that is designed to monitor an entire business or enterprise network. Some applications are used to monitor traffic on the network, such as VoIP monitoring, video stream monitoring, mail server (POP3 server) monitoring, and others. Why is Network Monitoring required? Today, most businesses rely on a computer and network infrastructure for internet, internal management, telephone and . A complex set of servers and network equipment is required to ensure that business data flows seamlessly between employees, offices, and customers. The economical success of an organization is tightly connected with the flow of data. The computer network's reliability, speed, and efficiency are crucial for businesses to be successful. But, like all other technical objects, network devices may fail from time to timepotentially causing trouble and loss of sales, no matter what migration efforts have been made up-front.
8 Network administrators need to take three key steps to maintain network uptime, reliability and speed: 1. Set up a well-planned network with reliable components. 2. Create recovery plans for the event of device failure. 3. Monitor their network to know about failures as they build up or actually happen. Benefits of Network Monitoring Network monitoring offers the following main benefits: Reduced inefficiency & downtime: no more undetected system failures Improved customer satisfaction through a quicker and more reliable system Peace of mind: As long as nothing is heard from the monitoring tool it means the systems are running perfectly Phase I of Project
9 The phase I of the project includes the study of the network in IDRBT including the MPLS links, categories of banks based on links (CAT1, CAT2), etc., and identifying the various network monitoring tools available. INdian FInancial NETwork (INFINET) The INdian FInancial NETwork [INFINET] is the communication backbone for the Indian Banking and Financial Sector. All banks in the public sector, private sector, cooperative, etc., and the premier financial institutions in the country are eligible to become members of the INFINET. The INFINET is a Closed User Group Network for the exclusive use of member banks and financial institutions and is the communication backbone for the National Payments System, which caters mainly to inter-bank applications like RTGS, Delivery Vs Payment, Government Transactions, Automatic Clearing House, etc. MPLS Architecture The INFINET MPLS Architecture is uniquely designed to provide high-level redundancy. Its salient features are full meshed communications at all locations (backbone); two service providers to enable high speed fault tolerance; a VPN between two locations could be across service providers; all VPNs between CPEs will be encrypted; and availability of Quality of Service and Traffic Engineering on the last mile as well. The INFINET MPLS network provides the performance characteristics of layer-2 networks and the connectivity and network services of layer-3 networks, improved scalability
10 and easy upgradation of bandwidth through a configuration change at the provider-end and the time involved in upgrading the link is less. The INFINET MPLS network provides for low latency since it involves minimal processing time at the router. The present SLA is for latency of not over 100ms. The architecture changes are underway to bring it to below 50 ms and even better for latency sensitive payment system applications as per user requirements. The INFINET MPLS improves the possibilities for Traffic Engineering and supports the delivery of services with Quality of Service (QoS) guarantees. Categories of Links The links used by the banks of the INFINET are provided by Sify and Reliance and hence they are categorized as: i. CAT1 There are 2 links wherein 1 link is ideal and the other consists of two boxes with auto-failure i.e. whenever either of the link provided to the bank is down the traffic is routed through the other link automatically. ii. CAT2 Here also 2 links are available provided by 2 ISP s but the bank has to decide to set the auto-failure on which link. Tools identified A broad division of 14 networking tools both under open source as well as licensed version as below where taken for the study. Open Source Tools: Zabbix Argus Nagios Cacti NetDisco Zenoss
11 Spiceworks Open QRM Open NMS Frame Flow Licensed Tools: OpManager PRTG NetFlow Analyser Spice works Phase II of Project The Phase II of the project involves the in-depth study about the tool. The tool which I deal with is PRTG Network Monitor. The study is based on the network monitoring parameters with a threshold value for each and every parameter. System Requirements Hardware Requirements CPU An average PC built in 2007 can easily monitor 1,000 sensors. PRTG supports native x86 architectures. RAM Memory Minimum requirement: 1024 MB RAM. About 150 KB of RAM per sensor is required. Hard Disk Drive About 200 KB of disk space per sensor per day (for sensors with 60 second interval) is required. Internet connection An internet connection is required for license activation (via HTTP or ). Software Requirements of the tool
12 In order to install and work with PRTG Network Monitor the following are the software requirements: A PC server or virtual machine with roughly the CPU performance of an average PC built in the year 2007 or later and minimum 1024 RAM memory. For cluster installations, use systems with similar performance. Operating system such as Microsoft Windows XP, Windows 2003 SP1 or later, Windows 2008 R2, or Windows 7 (32-bit or 64-bit). Windows Vista or 2008 R1 can also be used, but usage of these systems are not recommended, as there are known performance issues related to them. Web browser to access the web interface (Google Chrome is recommended; Firefox 4 or later, and Internet Explorer 9 were also tested). Installation Procedure The installation of PRTG Network Monitor Tool is quite simple with the help of the installation wizard. The steps are as below: 1) Select the language to use during the insallation 2) Start up of the installation wizard
13 3) Agree to the license agreement. 4) Enter the address to which any the PRTG network monitor tool s server would send any important mail alerts. 5) Enter the name and license key in order ensure authentication. While the trial version of the tool is used the name to be mentioned is prtgtrial and the license key is K6KFM- 8FFJWD-NVZXRH-87EMEA-68DCJW-T6RJHQ-UFTGAN-MQJJDB-VAK91V.
14 6) Select a location in which the tool has to be installed. 7) Installation progress 8) Finish the installation. Network monitoring with PRTG Network Monitoring Tool PRTG (Paessler Router Traffic Grapher) Network Monitor is a useful network monitoring application for Windows-based systems. It is suitable for small, medium, and large networks and capable of LAN, WAN, WLAN and VPN monitoring. Real or Virtual web, mail, and file servers, Linux systems, Windows clients, routers, and many more can be monitored with this tool. It monitors network availability and bandwidth usage as well as various other network parameters such as Quality of Service (QoS), Memory Load and CPU Usages. It provides system administrators with live readings and periodical usage trends to optimize the efficiency, layout and setup of leased lines, routers, firewalls, servers and other network components.
15 The software is easy to set up and use and monitors a network using Simple Network Management Protocol (SNMP), Windows Management Instrumentation (WMI), packet sniffer, Cisco NetFlow (as well as sflow and jflow) and many other industry standard protocols. It runs on a Windows-based machine in the network for 24-hours every day. PRTG Network Monitor constantly records the network usage parameters and the availability of network systems. The recorded data is stored in an internal database for later analysis. Key Features The key features of the tool are as follows: i. Monitor and alert for uptimes/downtimes or slow servers. ii. Monitor and account bandwidth and network device usage. iii. Monitor system usage (CPU loads, free memory, free disk space etc.). iv. Classify network traffic by source/destination and content. v. Discover unusual, suspicious or malicious activity with devices or users. vi. Measure QoS and VoIP parameters and control service level agreements (SLA). vii. Discover and assess network devices. viii. Monitor fail-safe using a failover cluster setup. What is special in PRTG? PRTG have a speciality such that the tool monitors the devices added to it through sensors. The tool supports about 1000 s of sensors and 130 different type of sensors. For each and every parameter to be monitored are added with a help of a sensor. Eg. To check the availability of the device the pingsensor is added To check the bandwidth utilization of the device the bandwidthsensor and snmptrafficsensor is used. To check the CPU Utilization of the device the cpuloadsensor is used. Another speciality of the tool is that the ToDo menu (i.e.) whenever any auto-discovery is enabled to identify device / sensor, at the end of task, the tool shows the user what has been done and tells the user to acknowledge it. About the Tool Adding Devices to the Tool Adding devices to the tool and configuring them for the sensors of required parameters is simple with the help of the Add Device option in the menu and once the
16 device is added the sensors to be added could be chosen from the set sensors as shown in Figure 1. The tool lets the user to add devices either through auto-discovery which just asks the user for the IP addres of the device and also adds the required sensors (on demand). Even the user can manually add devices to the tool. Figure 1: Shows the Add Device option in the Device menu to add any new devices to the network. Figure 2: Shows the Add Sensor option to add new sensors for various network monitoring parameters. The list of sensors also have a brief of what the sensor does which helps the user
17 to identify the appropriate sensor to be added. This page even contains the radio buttons which lets the user to see what all the sensors provided in overall and also allows the user to narrow down the user to search the sensor for the parameter to be monitored. Eg. When the user clicks the radio button Bandwidth Traffic under the topic Monitor What helps the user to see what all sensors are available to monitor the bandwidth utilization of the device in the network. Dashboard The tool has a powerful dashboard facility where in the user is capable of viewing the devices in the network, log entries, warnings and alarms if any. The tool also shows the number of sensors added, well functioning sensors in green colour, warnings in yellow colour, alarms in red colour, unusual occurrences in orange colour, log entries number in the top right of the tool. Figure 3: Shows the dashboard of the tool showing the devices connected along with the various sensors connected to the devices in the network.
18 Major Sensors used in the course of Study Ping sensor (Availability) The Ping sensor sends an Internet Control Message Protocol (ICMP) echo request ("Ping") from the computer running the probe to the device it is created on, in order to monitor the availability of a device. When using more than one Ping per interval, it also measures minimum and maximum Ping time as well as packet loss in percent. Ping Jitter (Jitter value monitor) The Ping Jitter sensor sends a series of Pings to the given URI to determine the statistical jitter. The Real Time Jitter value is updated every time a packet is received using the formula described in RFC 1889: Jitter = Jitter + ( abs( ElapsedTime OldElapsedTime ) Jitter ) / 16 The Statistical Jitter value is calculated on the first x packets received using the statistical variance formula: Jitter Statistical = SquareRootOf( SumOf( ( ElapsedTime[i] Average) ^ 2 ) / ( ReceivedPacketCount 1 ) ) WMI CPUload sensor (CPU Utilization) The WMI CPU Load sensor monitors the CPU load on a computer via Windows Management Instrumentation (WMI). It shows the CPU usage in percent. WMI Memory sensor (Memory Utilization) The WMI Memory sensor monitors available system memory systems using Windows Management Instrumentation (WMI). For this sensor type, Windows credentials must be defined for the device to which the sensor to be used. SNMP Traffic sensor (bandwidth Utilization) The SNMP Traffic sensor monitors traffic on a device using Simple Network Management Protocol (SNMP). It can be created on a device which provides traffic data. Though this sensor is capable of monitoring the bandwidth utilization of the device, the Netflow sensor gives detailed information.
19 Netflow sensor (Bandwidth utilization) The Netflow sensor help in monitoring bandwidth utilization of the device. The NetFlow V5 sensor receives traffic data from a NetFlow V5 compatible device and shows the traffic by type. Packet Sniffer and xflow, Netflow sensor types can not only measure the total bandwidth usage, they can also break down the traffic by IP address, port, protocol, and other parameters. The results are shown in so-called Toplists. This way PRTG is able to tell which IP address, connection, or protocol uses the most bandwidth. PRTG looks at all network packets (or streams) and collects the bandwidth information for all IPs, ports, and protocols. At the end of the toplist period, PRTG stores only the top entries of each list in its database. IMAP sensor The IMAP sensor monitors a mail server using Internet Message Access Protocol (IMAP) and shows the server's response time. Similar to the IMAP sensor while, monitoring the mail server, the HTTP sensor, DNS sensor, SMTP sensor are used.
20 PRTG Graphs The picture below shows the graph generated for about a year s data showing the alarms, response time index, CPU load index, Traffic index. The picture below is graph generated for a switch for 2 days data.
21 Pros and Cons of the PRTG Easy to use and point-and-click device addition with the help of Add device option and Add sensor helps to add the sensors for the parameters to be monitored. Excellent user friendly facilities such as dashboard facility, alarms and alerts, notification as s, graphical representation on the data of the network. Generate the report as per the user s requirements, and can even be saved in the form of PDF files for future usage. Reports can be generated even for LIVE data, last 2 days, 30 days and 365 days. This is done by the powerful database used by the tool which saves the log data for the last 365 days. Does not support for monitoring parameters such as latency, CRC errors. Tool is a licensed version and the tool is charged based on the number of sensors utilized such as 100, 500, 1000 sensors
22 Phase III Comparison of all tools studied The various tools studied by each and every member were compared to summarize the best suitable tool. The comparison was based on the given parameters and the threshold values for the given parameters. The comparison sheet made for the study is as under: Difficulty of Installation Usability o/s Hardware reqiurements Open Source dash-board graphs facality Alerts Argus Complicated Not Good Ubuntu nothing special Y N Y Y Zabbix simple friendly Ubuntu nothing special Y Y Y Y opennms Complicated Friendly Ubuntu nothing special Y Y Y Y Nagios Conplicated Friendly Ubuntu nothing special Y Y N Y Cacti Simple friendly windows/linux nothing special Y Y Y Y NetDisco Complicated not good Ubuntu nothing special Y Y N N 2.4 Ghz Dual Core Processo r,2 GB RAM,250 GB Hard Disk Space Netflow Analyser simple friendly Windows XP & above/linux N Y Y Y PRTG Simple User Friendly Windows XP minimum or later 1024 MB RAM N memory Y Y Y opmanagersimple user friendly Windows 2 GHz processor,4 GB Nmemory, 20GB Y hard disk Y space Y SpiceworksSimple Friendly Windows/Ubuntu N Y N Y Zenoss Simple Friendly Ubuntu nothing special Y Y Y Y Frame FlowSimple Friendly windows nothing special Y Y Y Y OpenQRMSimple Friendly Ubuntu/linux nothing special Y Y Y Y
23 notifications Ping Test Packet LossCRC Error RTT Latency Jitter Memory Utilization CPU Utilization Argus Y Y N N N Y N N N Zabbix Y Y Y Y Y Y N Y Y opennmsy Y N N N N N N N Nagios Y Y Y Y Y N N Cacti Y Y N N N N N Y Y NetDiscoN N N N N N N N N Netflow YAnalyser N Y N Y Y Y Y Y PRTG Y Y N N N N Y Y Y opmanager Y N Y N N Y Y Y Y Spiceworks Y Y N N N N N N N Zenoss Y Y N N N N N Y Y Frame Flow Y Y Y N N N N Y Y OpenQRMY Y Y Y Y Y Y Y From the above comparison the tools Nagios, Open NMS, Open QRM, Zabbix are almost flexible for the parameters and is easy to use. Thus the above four tools are chosen to implementation and to be integrated.
24 Conclusion PRTG Network Monitor is user friendly, flexible and easy to use. Though the tool has many functions and provide better results in network monitoring the tool is not capable of monitoring the devices based on certain parameters such as CRC errors and latency can be monitored only with the Windows Management Instrumentation (WMI) technology based sensors. Also, since the tool is of a licensed version, only proper authentication enables the users to enjoy the complete functionalities of the tool for network monitoring. All the tools are installed in a real time server to monitor the efficiency the network through all the tools and finally integrate the tools Zabbix, Open NMS, Open QRM and Nagios to bring in the various functionalities of the tools in a single page. References
Managed Workplace 2012 Setup Guide On Premise See All. Manage All. Service All. www.levelplatforms.com TABLE OF CONTENTS Welcome... vii About this Document... viii Where To Get More Help... viii Contact
One Stop Data & Networking Solutions PREVENT DATA LOSS WITH REMOTE ONLINE BACKUP SERVICE Prevent Data Loss with Remote Online Backup Service The U.S. National Archives & Records Administration states that
E-mail Filter SurfControl E-mail Filter 5.0 for SMTP Getting Started Guide www.surfcontrol.com The World s #1 Web & E-mail Filtering Company CONTENTS CONTENTS INTRODUCTION About This Document...2 Product
Best Practices Guide McAfee epolicy Orchestrator for use with epolicy Orchestrator versions 4.5.0 and 4.0.0 COPYRIGHT Copyright 2011 McAfee, Inc. All Rights Reserved. No part of this publication may be
Copyright 2015 SolarWinds Worldwide, LLC. All rights reserved worldwide. No part of this document may be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole
Faculty of Computer Science Computer Architecture Group Diploma Thesis Monitoring of large-scale Cluster Computers Stefan Worm firstname.lastname@example.org February 12, 2007 Supervisor: Prof. Dr.-Ing.
MASARYK UNIVERSITY FACULTY OF INFORMATICS Best Practices in Scalable Web Development MASTER THESIS Martin Novák May, 2014 Brno, Czech Republic Declaration Hereby I declare that this paper is my original
TOTAL VIEW ONE Technical FAQ System Overview What kind of data does TVO provide and how is it effectively delivered? TVO mirrors and records the state of every connection to deliver actionable real-time
Getting Started with Zeus Web Server 4.3 Zeus Technology Limited - COPYRIGHT NOTICE Zeus Technology Limited 2004. Copyright in this documentation belongs to Zeus Technology Limited. All rights are reserved.
Google Apps as an Alternative to Microsoft Office in a Multinational Company The GAPS Project Thesis presented in order to obtain the Bachelor s degree HES by: Luc BOURQUIN Supervisor: Thierry CEILLIER,
Best Practices for Deploying and Managing Linux with Red Hat Network Abstract This technical whitepaper provides a best practices overview for companies deploying and managing their open source environment
A Fresh Graduate s Guide to Software Development Tools and Technologies Chapter 1 Cloud Computing CHAPTER AUTHORS Wong Tsz Lai Hoang Trancong Steven Goh PREVIOUS CONTRIBUTORS: Boa Ho Man; Goh Hao Yu Gerald;
M86 MailMarshal Exchange USER GUIDE Software Version: 7.1 M86 MAILMARSHAL EXCHANGE USER GUIDE 2011 M86 Security All rights reserved. Published November 2011 for software release 7.1 No part of this Documentation
NVR 3.0 System Administrator s Manual For V3.0.02 Version 2013/03/21 About This Manual Target Audience This manual is intended for System Administrators who are responsible for installing and setting up
Firewall Strategies June 2003 (Updated May 2009) 1 Table of Content Executive Summary...4 Brief survey of firewall concepts...4 What is the problem?...4 What is a firewall?...4 What skills are necessary
High Availability and Scalability with Domino Clustering and Partitioning on AIX Marcelo R. Barrios, Ole Conradsen, Charles Haramoto, Didac Marin International Technical Support Organization http://www.redbooks.ibm.com
HP Performance Engineering Best Practices Series for Performance Engineers and Managers Performance Monitoring Best Practices Document Release Date: May 2009 Software Release Date: May 2009 Legal Notices