Open Source Tools for Monitoring MPLS Nodes

PROJECT REPORT Open Source Tools For Monitoring MPLS Nodes

BHAVESH SHARMA 10412EN008 Mathematics and Computing

PROJECT GUIDE Dr. N.P. DHAVALE Deputy General Manager Institute for Development and Research in Banking Technology, (Established By Reserve Bank of India)

CERTIFICATE

This is to certify that project report titled Open Source Networking Tools for monitoring the MPLS nodes submitted by Bhavesh Sharma, a 2nd year UG of Mathematics and Computing, MTech. Integrated from IIT BHU, is record of a bonafide work carried out by him under my guidance during the period 17th May 2012 to 20th July 2012 at Institute of Development and Research in Banking Technology, Hyderabad.

The project work is a research study, which has been successfully completed as per the set objectives. In this project assigned to Mr. Bhavesh Sharma, he has done excellent work. We wish him all the best for the near endeavors.

Dr. N.P. Dhavale DGM, Infinet office IDRBT,Hyderabad

Institute for Development And Research in Banking Technology 1

ABSTRACT

There are a large number of RBI locations and an even large number of member banks in India. As the number of member banks registered with the RBI is very high, the monitoring of the network would be very challenging. There is a high need to constantly monitor the network for slow or failing components and notify the network administrator in case of outages.

A detailed study of free open source tools including zabbix, netdisco, opennms and many more is to be performed and the best tools is to be selected for final integration.

Institute for Development And Research in Banking Technology 2

ACKNOWLEDGEMENT

I would like to express my sincere gratitude to the Institute for Development and Research in Banking Technology (IDRBT) and particularly Dr.N.P. Dhavale,(DGM , INFINET and Services) who was my guide in this project. This opportunity of learning all about banking architecture and a SLA (Service level Agreement) system application of the country was a boon to me as one rarely gets such exposure. I would not hesitate to add that this short stint in IDRBT has added a different facet to my life as this is a unique organization being a combination of academics, research, technology, communication services, crucial applications, etc., and at the same time performing roles as an arm of regulation, spread of technology, facilitator for implementing technology in banking and non-banking systems, playing a role of an NGO (without being one) and many more varied activities.

I am extremely grateful to Dr.N.P.Dhavale for his advice, innovative suggestions and supervision. I thank him for introducing me to an excellent banking application and giving me the opportunity to approach diverse sections of people starting from bankers to general public.

I am thankful to the staff of INFINET department at IDRBT for helping me to get familiar with the application. They gave me a chance to study the application and its impact from different perspectives. I am thankful to my college, IIT BHU for giving me this golden opportunity to work in a high-end research institute like IDRBT. I am thankful for IDRBT for providing such an amazing platform for students to work in real application oriented research. Finally, I thank one and all who made this project successful either directly or indirectly.

I am very thankful to Ms. Anuraddha Madam and Shri Shrihari Sir with whom I worked throughout my stint at IDRBT and the project was possible only with their cooperation.

Bhavesh Sharma Project Trainee Department of INFINET IDRBT, Hyderabad

Institute for Development And Research in Banking Technology 3

Contents:

1.0 INTRODUCTION……………………………………………………………………………………………………………………1 1.1 KNOWING THE NETWORK……………………………………………………………………………………….2 1.2 WHAT TO MONITOR AND WHY?...... 3 1.3 WHAT TO LOOK IN A NETWORK MONITORING APPLICATION………………………………….4 1.4 IDRBT NETWORK……………………………………………………………………………………………………..5 1.5 MPLS……………………………………………………………………………………………………………………….5 1.6 IDRBT MPLS ARCHITECHTURE …………………………………………………………………………………6 1.7 THE PROBLEM………………………………………………………………………………………………………….7 1.8 THE APPROACH……………………………………………………………………………………………………….7 2.0 NETDISCO……………………………………………………………………………………………………………………………10 2.1 INSTALLATION………………………………………………………………………………………………………..10 2.2 SOME BASIC OPERATION FOR NETDISCO………………………………………………………………..14 3.0 FRAMEFLOW……………………………………………………………………………………………………………………….17 3.1 INSTALLATION………………………………………………………………………………………………………..17 3.2 USAGE…………………………………………………………………………………………………………………….17 4.0 OPENQRM…………………………………………………………………………………………………………………………..23 4.1 SYSTEM REQUIREMENTS………………………………………………………………………………………...23 4.2 INSTALLATION…………………………………………………………………………………………………………23 4.3 CONFIGURATION…………………………………………………………………………………………………….24 4.4 USAGE…………………………………………………………………………………………………………………....24

CONCLUSION………………………………………………………………………………………………………………………………31

FUTURE WORK……………………………………………………………………………………………………………………………32

APPENDICES………………………………………………………………………………………………………………………………..32

REFERENCES ……………………………………………………………………………………………………………………………...32

1.0 INTRODUCTION

Networking as we see today has constantly evolved from merely just two computers connected through a wire to a broader platform of Internet which acclaims to connect one part of the world to the other. As a result modern computer networks tend to be large heterogeneous collections of computers, switches, routers and a large assortment of other devices. To a large degree, the growth of such networks is ad-hoc and based on the current and perceived future needs of the users. As networks get larger and faster, the job of monitoring and managing them gets more complex. However, the job of managing computer networks becomes increasingly more important as society becomes more dependent on computers and the Internet for everyday business tasks. Network downtime now costs significant amounts of money so it is important that network and system managers are aware of everything that is happening on the networks for which they are responsible. As a result a solitary network consultant monitoring network activity is required based on the Open Systems Interconnect (OSI) reference model proposed by International Telecommunications Union (ITU).This task is accomplished by using some form of tool to gather, analyze and represent information about a computer network therefore, in general, network monitoring involves a set of tools to aid people to monitor and maintain computer networks.

With a resource this valuable, ensuring its availability is essential. It’s also challenging because of threats such as hackers, denial of service attacks, viruses, and information theft, all of which can lead to downtime, loss of data, and overall decreasing credibility and profitability. Additionally, the network is evolving drastically, with new technologies, devices, and strategies, such as virtualization and service-oriented architectures. That’s why network management is such an important function and capability for businesses of all sizes. If our business depends on our network, then network management is critical.

Network management is a broad functional area incorporating device monitoring, application management, security, ongoing maintenance, service levels, troubleshooting, planning, and other tasks – ideally all coordinated and overseen by an experienced and reliable network administrator. Yet even the most knowledgeable and capable network administrator is only as good as the network information that is visible, and that he or she can manage and act on. Administrators need to know what’s happening on their networks at all times, including real- time and historical information on usage, performance, and status of every device, application, and all data on the network.

This is the domain of network monitoring, the most critical function of network management. The only way to know if everything on our network is operating as it should is to monitor it continuously.

Institute for Development And Research in Banking Technology 1

1.1 KNOWING THE NETWORK

Today’s networks can be astounding in their complexity. Routers, switches, and hubs link the multitude of workstations to critical applications on myriad servers and to the Internet. In addition, there are numerous security and communications utilities and applications installed, including firewalls, virtual private networks (VPNs), and spam and virus filters. These technologies span all verticals and companies of all sizes. Network management, therefore, is not confined to only certain industries or solely to large, public companies.

Understanding the composition and complexity of our network, and having the capacity to be informed of how all the individual elements are performing at any given time, is a key success factor in maintaining the performance and integrity of the network – and often of the business – as a whole. There are potentially thousands of data points to monitor on a network, and it is critical to be able to access meaningful, accurate, and current information at any given time. Network administrators need to feel confident that they know what’s happening on their network from end to end at any given point in time. It is critical to “know our network” at all times.

A network is no longer a monolithic structure. It includes the Internet, local area networks (LANs) , wide area networks (WANs), virtual LANS (VLANS), wireless networks, and all of the devices, servers, and applications that run on them. Whatever enables users to access and share information, utilize applications, and communicate with each other and with the outside world – either through voice, data, or images – is, in essence, our network. A network typically has both internal and external users, including employees, customers, partners, and other stakeholders. Suboptimal network performance affects companies in different ways, depending on the type of user. For example, if employees can’t access the applications and information they need to do their jobs, it means lost productivity and missed deadlines. When customers can’t complete transactions online, it means lost revenues and damaged reputation. And when strategic partners can’t collaborate or communicate with the company, it harms the relationship and affects their bottom line. Even stakeholders such as investors and analysts who can’t get the information they need when they need it will also look unfavorably at our company, leading to loour stock prices and loss of shareholder value.

The fact is, though, that networks are so complex that something will go wrong. Every component in the network represents a potential point of failure. That’s why it’s essential to implement redundancy and/or a failover strategy in order to minimize downtime. This way, if a server or router fails, another one waiting idly until needed can automatically come online to mitigate the impact of the failed equipment.

Of course, not every problem can be addressed quite so proactively before any warning signs are apparent. However, if we can monitor network performance proactively in real time, we can identify problems before they become emergencies. An overloaded server, for example, can be replaced before it crashes – but only if we know that its utilization rate is increasing to

Institute for Development And Research in Banking Technology 2

such an extent that a crash is all but imminent. With network monitoring, we should know the status of everything on our network without having to watch it personally, and be able to take the timely action needed to minimize and, when necessary, quickly correct problems.

1.2 WHAT TO MONITOR AND WHY ?

For something as mission-critical as our network, it’s important to have the right information at the right time. Of primary importance is to capture status information about current network devices (e.g., routers and switches) and critical network servers. A network administrator also needs to know that essential services (e.g., email, website, and file transfer services) are consistently available. The following table contains a representative list of some of the key types of network status information we need to know every minute of every day – and why ?

What to monitor? Why to monitor? Availability of network devices (such as The plumbing of a network keeps the network switches, routers, servers, etc.). running Availability of all critical services on our The whole network doesn’t have to be down to network. have a negative impact; loss of email, HTTP, or FTP server availability for even just one hour can shut a business down. Amount of disk space in use on our key Applications require disk capacity. It’s also servers important to be aware of any anomalous behavior in disk capacity, which can indicate a problem with a specific application or system Percentage of our routers’ maximum If we anticipate when we need to upgrade throughput utilized on average. before we feel the pain of needing to upgrade, we’ll minimize disruption to our business Average memory and processor utilization of If we wait until memory is used up, users will our key CPUs/servers. never let we forget it Function of firewalls, antivirus protection, There’s a difference between having security, update servers, and spyware/malware and having security that’s working. defenses. Availability of all network devices. Most networks are a combination of heterogeneous devices; we need to be able to monitor Windows, Linux, UNIX, and other types of servers, workstations, and printers.

When there are issues, we should be alerted immediately, either through audio alerts, on- screen displays, or emails automatically generated by the network monitoring solution. The sooner we know what is going on – and the more complete the information included with the

Institute for Development And Research in Banking Technology 3

alert – the sooner we can take corrective action. Alerts should announce not only when a problem has occurred (or a threshold is being approached), but also whenever a new application or piece of equipment is brought online. They should contain information about the device, the issue, and the event that triggered the notification.

At the same time, it’s important to generate only meaningful alerts and to minimize the number of alerts stemming from the same problem or event on the network. For example, we want the flexibility to configure the monitoring solution so that it doesn’t alert when scheduled maintenance downtime is initiated. And if availability to many devices is constrained because of a problem with a router or switch, eliminating dependent alerts enables the administrator to more effectively and efficiently diagnose the actual problem. Suppressing these dependencies decreases the information we have to assimilate and increases overall confidence in the alerts we do receive.

1.3 WHAT TO LOOK IN A NETWORK MONITORING APPLICATION

To really know our network, we need a network monitoring solution that can tell we what we need to know – in real time and from anywhere, anytime.

For businesses of all sizes, we also need a solution that’s easy to use, quick to deploy, and offers low total cost of ownership – yet also delivers all the features we need. We need a solution with comprehensive capabilities and the same reliability we expect from our network. If we want our network running at high availability, we need a proven solution that we can depend on as well.

Remember, we’re monitoring a lot of network components and we’re collecting a lot of information. In order to see things clearly and quickly, we need a solution that displays this data – including a network map, report data, alerts, historical information, problem areas, and other useful information – as a network operating center (NOC) dashboard.

As discussed earlier, alerts are important. However, they are like alarm clocks – we want them to go off when we need them to, not when we don’t. For example, just as we don’t want our alarm to go off on Saturday morning, we don’t want our network monitoring solution to alert we during planned service periods. We want to be able to program our weekly maintenance schedule into the system so it can distinguish between planned and unplanned downtime. In other words, no false alarms.

Networks have to run 24/7 regardless of what hours our employees work. And while our network generally stays in one location, our employees sometimes travel. Regardless, we need to be able to access our network monitoring solution anywhere, anytime. For that matter, different people will need to access the system for different reasons, and not everyone should be able to access the same level of information. We need a solution that affords role-based

Institute for Development And Research in Banking Technology 4

views, that assigns levels of permissions based on the user’s function in the organization. This not only makes the user more productive, it also adds an important layer of security around the information.

Finally, we should look for a solution that supports multiple methods of monitoring devices. SNMP (Simple Network Management Protocol) is a flexible technology that lets we manage and monitor network performance devices, troubleshoot problems, and better prepare for future network growth. Many network devices support SNMP, making it easy to monitor them using a solution that supports SNMP.

1.4 IDRBT NETWORK

IDRBT(Institute for Development and Research in Banking Technology) started INFINET( Indian Financial Network) . INFINET is the communication backbone for the Indian Banking and Financial Sector. It is a Closed User Group Network for the exclusive use of member banks and financial institutions and is the communication backbone for the National Payments System, which caters mainly to inter-bank applications like RTGS, Delivery Vs Payment , Government Transactions, Automatic Clearing House, etc.

The network is a hybrid one of terrestrial leased lines and VSATs(Very Small Aperture Terminal) was the main communication backbone for inter-bank requirements. Over the years, with the decline in prices of leased lines, the reliance on VSATs for running applications declined. The VSAT technology also matured over the years with the increase in the size of the market and the number of private VSAT operators. The terrestrial leased line market also underwent significant change with the introduction of MPLS / VPN service being offered by many service providers. Further, as the technology had matured, the need for IDRBT to play a role of intermediary between the banks and the commercial VSAT operators also diminished.

With the availability of better and more reliable technology in the form of Multi-Protocol Label Switching (MPLS), IDRBT decided to migrate the INFINET backbone to MPLS. The IP VPN MPLS network is an improvement over the Leased Line Network. The Leased Line Network is less scalable and since it is a partial mesh network, adding a new site to the network is difficult. Upgradation of bandwidth too is a time consuming and cumbersome process. Packet switching is sloour compared to MPLS and the quality of service for applications too is not of a high standard.

1.5 MPLS(Multi Protocol Label Switching)

The MPLS is a combination of packet forwarding and label switching through a network. It is an integration of high speed layer-2 switching with layer-3 routing using label switching. It improves efficient use of resources and enhances performance of the network. MPLS also enables easy to implement Quality of Service and Class of Service based on application needs. Moreover, implementation of IPSec tunnels (secure tunnels between which data is encrypted)

Institute for Development And Research in Banking Technology 5

between CPE (Customer Premises Equipment i.e. router) to CPE is easy. When an unlabeled packet enters the ingress router and needs to be passed on to an MPLS tunnel, the router first determines the forwarding equivalence class (FEC) the packet should be in, and then inserts one or more labels in the packet's newly-created MPLS header. The packet is then passed on to the next hop router for this tunnel.

 Google images Fig. MPLS uses a combination of packet as well as circuit switching

1.6 IDRBT MPLS Architecture

The INFINET MPLS Architecture is uniquely designed to provide high-level redundancy. Its salient features are full meshed communications at all locations (backbone); two service providers to enable high speed fault tolerance; a VPN between two locations could be across service providers; all VPNs between CPEs will be encrypted; and availability of Quality of Service and Traffic Engineering on the last mile as well.

The INFINET MPLS network provides the performance characteristics of layer-2 networks and the connectivity and network services of layer-3 networks, improved scalability and easy upgradation of bandwidth through a configuration change at the provider-end and the time involved in upgrading the link is less.

The INFINET MPLS network provides for low latency since it involves minimal processing time at

Institute for Development And Research in Banking Technology 6

the router. The present SLA is for latency of not over 100ms. The architecture changes are underway to bring it to below 50 ms and even better for latency sensitive payment system applications as per user requirements. The INFINET MPLS improves the possibilities for Traffic Engineering and supports the delivery of services with Quality of Service (QoS) guarantees.

Fig. Basic operation of MPLS network at IDRBT

1.7 The problem- IDRBT while hosting the INFINET has to take care of the communication backbone of the inter bank transfer and other activities. As a result they need to constantly need to monitor over the entire RBI locations all across the country and if for any link going down ,need to report the network administrator about it and take necessary actions . This calls for the use of a network monitoring tool quite robust and stable which can counter over these problems and comes with the worthwhile result. 1.8 The Approach

Network monitoring tool can be broadly categorized into two main segments-Open Source and Licensed version . Our project had been a group project under the common heading of “ Open source Networking Tools for monitoring the Mpls nodes” which saw the broad division of 13

Institute for Development And Research in Banking Technology 7

networking tools both under open source as well as licensed version namely as described in the next page.

Open Source Networking Tool

 Zabbix  Argus  Nagios  Cacti  NetDisco  Zenoss  Spiceworks  Open QRM  Open NMS  Frame Flow

Licensed Networking Tool

 OpManager  PRTG  NetFlow Analyser

My Part

I was given to work on the tool Netdisco,OpenQRM,FrameFlow. The whole tool right from the installation, configuration, and implementation was under my responsibility. Meanwhile, we also co-ordinated with each other in helping out whenever there is any difficulty in any of the other tool. The next page shows the parameters which our tool should monitor and then is the detailed study of my tools.

Institute for Development And Research in Banking Technology 8

Report Format for Monitoring MPLS Network using Key Parameters

Sno Parameter Description 1 Device Availability ( MPLS CPE and Crypto Server ) Threshold Value Periodicity a Devices that is not reachable for more than 5 minutes Executive Report b CPU Utilization in % >70% “ c Memory Utilization in % >70% “ d Mean Time Between Failures One Month Monthly e Mean Time To Repair 4 hours “ 2 Interface Availability and Performance a Interface not reachable for more than 5 minutes. >5 Minutes Executive Report BGP Protocol Status >5 Minutes “ HSRP Protocol Status >5 Minutes “ Physical I/O Status >5 Minutes “ 3 Performance (Link, NNI Link and Crypto Server Link) a Link Availability <99.9% Executive Report Link Utilization >70% “ b Packet loss % >0.1% “ c CRC Errors >1% “ d Round Trip Time >100 msec “ e Latency >70 msec (Avg) “ f Jitter Sensitive “ g GET VPN Utilization >70% “ h GET VPN Status Monitoring Down “ i Site Availability (When Both links are down) Both Link/Boxes Down “ j Locations where Auto failover not happened “ 4 Crypto Server Monitoring a Crypto Session Status Down Executive Report b Auto Failover between Crypto Servers Auto Failover Not “ happened Any parameter deemed to be Key Performance “ 5 Application Wise (IP) and Port utilization. a Top 30 IPs Application wise utilization. 30 IPs Executive Report b Top 30 IPs Port wise utilization. 30 IPs “ 6 Report Summary a Calls Received from RBI and Member Banks Executive Report b List of RBI locations Managed by Primary SP and Secondary SP “ c RFOs Pending RFOs > 2 hrs “ d TT Raised with SIFY and Reliance Pending > 4hrs “ e Configuration Changes in MPLS network “ f Number of connectivity’s MPLS network like Monthly addition/deletion/shifting of the connections. g Inventory of MPLS network (Upgrade in Box/Link) Monthly 7 Backup for entire Remote NMC Configuration for IDRBT Monthly 8 Service Provider SLA Compliance Report including Remote NMC Monthly 9 Any Changes in Escalation Matrix for SIFY/Reliance/HCL In case of Changes

Institute for Development And Research in Banking Technology 9

2.0 NETDISCO - Network Management Tool

Netdisco is an Open Source web-based network management tool.Designed for moderate to large networks, configuration information and connection data for network devices are retrieved and set by SNMP. With Netdisco you can locate the switch port of an end-user system by IP or MAC address. Data is stored using a SQL database for scalability and speed.Cisco Discovery Protocol (CDP), Foundry Discovery Protocol (FDP), Link Layer Discovery Protocol (LLDP), and SynOptics Network Management Protocol (SONMP) optionally provide automatic discovery of the network topology.

The network is inventoried by both device model and operating system (like IOS). Netdisco uses router ARP tables and L2 switch MAC forwarding tables to locate nodes on physical ports and track them by their IP addresses.For each node, a time stamped history of the ports it has visited and the IP addresses it has used is maintained.

Netdisco gets all its data, including topology information, with SNMP polls and DNS queries. It does not use CLI access and has no need for privilege passwords. Security features include a wire-side Wireless Access Point (AP) locator.

2.1 INSTALLATION

1. Download the latest version of netdisco from www.netdisco.org

(i) Open Terminal in Linux and login as root. (ii) Browse to the netdisco download folder. (iii) Unarchive netdisco using command tar xzvf netdisco-x.xx_with_mibs.tar.gz

(iv) Create the netdisco home folder under /usr/local and move netdisco folder to /usr/local/netdisco using command -- mkdir -p /usr/local/netdisco mv netdisco-1.0/* /usr/local/netdisco 2. Add a new user netdisco – useradd –d /usr/local/netdisco netdisco

Give user permission to access netdisco folder --

Institute for Development And Research in Banking Technology 10

chown -R netdisco.netdisco /usr/local/netdisco

3. Installing Postgres (i) Download latest source package from www.postgresql.org/ftp/source/ of name something like postgresql-x.xx.tar.gz. (ii) Extract postgresql and then run the commands ./configure , make, make install separately. (iii) After running the above mention commands please make sure to run the following commands – export POSTGRES_INCLUDE=/usr/local/postgres/include export POSTGRES_LIB=/usr/local/postgres/lib You may also need to modify /etc/ld.so.conf to include POSTGRES_LIB directory. Run ldconf after modifying above file. (iv) Add netdisco user to postgres-- su - postgres psql template1 or psql -d template1 -U postgres template1=# should appear . And then run these commands : template1=# CREATE USER netdisco with PASSWORD ‘netdisco’; template1=# CREATE DATABSE netdisco; template1=# GRANT ALL PRIVILEGES ON DATABASE netdisco to netdisco; template1=# \q (to quit) (v) Edit netdisco.conf and add following: Database User : netdisco Database Name : netdisco Database Password : you choose it Edit netdisco.conf and netdisco_apache.conf to match this user name and password.

(vi) If you have just setup Postgres for the first time you may have to change the default permissions in $PG_DATA/pg_hba.conf. $PG_DATA might be in /usr/local/pgsql or in /var/db, depends on your OS. Check the postgres users' homedir files for the location of $PG_DATA.

For installation you must give the database user access to the template1 database. Add following line in the pg_hba.conf .

local template1 all ident Restart Postgres. If you have permission problems try the following line which opens up access to all users.

local template1 all all Next you must give the netdisco database user access to the netdisco database. The following line will give all database users access to a database that is the same name as them. This line must be put above all the rest of the uncommented lines in the pg_hba.conf file to take precedence.

Institute for Development And Research in Banking Technology 11

local sameuser all md5 For older 7.3 or 7.4 installs of Postgres you may have to swap md5 for crypt. Upgrade. Please. (vii) Finally restart postgres using command service postgresql restart

4. Now create database using commands : cd usr/local/netdisco ./pg --init

Now run ./pg and you should see the following : Welcome to psql 8.0.6, the PostgreSQL interactive terminal. Type: \copyright for distribution terms \h for help with SQL commands \? for help with psql commands \g or terminate with semicolon to execute query \q to quit netdisco=> netdisco=> \q 5. Installing net-SNMP: (i) Download the source package from http://net-snmp.sourceforge.net/ (ii) Extract the file and browse to the folder using terminal and run following commands:

./configure --with-perl-modules --enable-shared make make install (iii) Now browse to perl folder inside the present folder and run:

perl Makefile.PL make make install 6. Installing SNMP:info : (i) Download newest version from http://snmp-info.sourceforge.net (ii) Extract the package and run following commands from the terminal .

cd SNMP-Info-1.x perl Makefile.PL make install 7. INSTALLING Graphviz : (i) Get the newest version from http://www.graphviz.org/pub/graphviz. Unarchive and install with the usual commands ./configure, make, make install browsing to the folder from terminal. (ii) Make sure that neato or twopi is in your path, and in the path in netdisco.crontab running following commands.

which twopi which neato (iii) After the Perl Modules step below, make sure the Graphviz Perl module got installed running following commands.

perldoc GraphViz

Institute for Development And Research in Banking Technology 12

8. SETTING APACHE: (i) Get Apache from http://httpd.apache.org , Get mod_perl from http://perl.apache.org , Get mod_ssl from http://www.modssl.org . Unarchive all three to the same directory. (ii) Browse to apache folder and run ./configure . (iii) Now make sure openSSL library is installed on your server .Now run following commads ,but before that locate openssl location.

SSL_BASE=/path/to/openssl-0.x.x \ ./configure \--with-apache=../apache_x.x \--disable_rule=SSL_COMPAT

(iv) Now its time to install mod_perl. Just browse to mod_perl folder and run:

cd ../mod_perl-1.x /usr/local/bin/perl Makefile.PL \ APACHE_SRC=../apache_1.3.x/src \ EVERYTHING=1 \ DO_HTTPD=1 \ USE_APACI=1 \ PREP_HTTPD=1 \ PERL_SECTIONS=1 make

(v) Now again browse to apache folder and run following commands.

cd ../apache_x.x_* ./configure \ --prefix=/usr/local/apache \ --enable-module=most \ --enable-shared=max \ --activate-module=src/modules/perl/libperl.a \ --with-perl=/usr/local/bin/perl \ --enable-module=ssl make make certificate make install

(vi) Now again browse to mod_perl folder and install

cd ../mod_perl* make install (vii) Add the following lines in your httpd.conf. Your httpd.conf will live in /usr/local/apache/conf if you installed using the method above. For system installed packages, try /etc/httpd or /usr/local/etc/httpd. Add this line on the top:

Include /usr/local/netdisco/netdisco_apache.conf If you do not have virtual hosts setup and/or you have a main server, add this line right after the first include :

Include /usr/local/netdisco/netdisco_apache_dir.conf (viii) After the completion of the above commands run

mkdir /usr/local/netdisco/mason Institute for Development And Research in Banking Technology 13

chown nobody.netdisco /usr/local/netdisco/mason

9. INSTALLING PERL MODULES:

perl -MCPAN -e shell CPAN1> will be shown in the terminal window .Now run the following commands one by one.

install Digest::MD5 install Bundle::DBI install Apache::DBI install DBD::Pg install DB_File (for Apache::Session) install Apache::Session install HTML::Entities install HTML::Mason install MasonX::Request::WithApacheSession install Graph ( > 0.50 ) install GraphViz ( > 2.02 ) install Compress::Zlib (probably already have this one) install Parallel::ForkManager install Net::NBName (optional for NetBIOS lookup on devices) install Net::LDAP (optional for LDAP authentication) install Net::SSLeay (optional for encrypted LDAP authentication) install IO::Socket::SSL (optional for encrypted LDAP authentication) install Apache2::Request

10. NETDISCO CONFIGURATION: (i) Open netdisco_apache.conf to match database username and password you set in step 3-(v) . (ii) Add user for netdisco

/usr/local/netdisco/netdisco -u your_choosen_username 11. CONFIGURING NETDISCO DATABASE . (i) Browse to netdisco folder

cd /usr/local/netdisco ./netdisco –O (ii) From present directory run make oui to update database. (iii) Finally Restart Apache using /etc/init.d/apache2 restart. (iv) Now test the website using http://localhost/netdisco .

Now we have successfully installed netdisco .

2.2 SOME BASIC OPERATION FOR NETDISCO: 1. Restart /stop/start command can be executed using :

/usr/local/netdisco/bin/netdisco_daemon start/restart/stop

Institute for Development And Research in Banking Technology 14

2. Adding Device : For adding device use the command : cd /usr/local/netdisco ./netdisco -d devicename where device name is the ip or mac address. 3. CREATING NETWORK TOPOLOGY : If your network uses a supported topology discovery protocol (CDP/FDP/SONMP/LLDP) pick a device that you consider close to the center of the network and start an auto-discovery from there: cd /usr/local/netdisco ./netdisco -r myrouter

4. Using web interface:

5. Report Generation: Detailed Reports can be generated about port information.

Institute for Development And Research in Banking Technology 15

6. TOPOLOGY MAP: Network Topology map is a great feature. It helps creating map giving network map. For creating topology map just browse to the netdisco folder : cd /usr/local/netdisco ./netdisco –g

Given a sample topology map .

Institute for Development And Research in Banking Technology 16

3.0 FrameFlow is server monitoring software that helps you to make sure your critical systems are up and running. It includes various features including Email alerts, Report Generation. But a major Drawback of the tool is that if you need to pay for the plugins after 30-day trial .

3.1 INSTALLATION: Its Installation is not a hectic task and just take a couple of seconds .

1. Download frameflow from http://www.frameflow.com/ and just follow the steps. 2. After finishing installation a new window will pop up in the browser .If some error occurred opening browser ,try opening http://localhost:8080/index.asp

3.2 USAGE: Some of the basic operation to start with follows: 1. Adding Device: (i) Just Click add Network device option on the bottom left.

Institute for Development And Research in Banking Technology 17

(ii) Click on add Event Monitor option

Institute for Development And Research in Banking Technology 18

(iii) A window will occur for event monitor settings.

Institute for Development And Research in Banking Technology 19

Enter the community string 2. Front End Alert: (i) FrameFlow have a alerting Features including SMS and Email: (ii) For Setting Email Notification go to : Settings and Preferences->Notification Settings->Email Notification Settings on the left menu column. (iii) We need to add Outgoing mail server as shown in the next page.

Institute for Development And Research in Banking Technology 20

3. CREATING GRAPHS: (i) Just click on the device from the Network Devices tab on the left menu panel. (ii) Click on the graphs tab and you can make selections like type of graph ,Layout ,Data Range. Here this the screenshot for a better understanding.

Institute for Development And Research in Banking Technology 21

4. Adding Plugins: For monitoring more parameters add-ons are available but first you need to activate the installation .But these plugins are not free and you need to pay for each of the new plugin you add. (i) Click on the Activation and Add-Ons ->Activate This Installation to activate the installation. (ii) Click on Activation and Add-Ons-> Available Add-Ons to add new add-ons. (iii) Various plugins that can be added are Bandwidth Event Monitor, CPU Usage Monitor, Device Failure ,Logon Security, Performance, Process ,Registry, System Restart Event Monitor and many more. 5. Report Generation: It consists of various interesting report generation features and even it consists of Report Builder which can be used to get monthly, weekly ,hourly Report to your Emails.

Institute for Development And Research in Banking Technology 22

OpenQRM

4.0 OpenQRM : openQRM is the next generation, open-source Data-center management platform. Its fully pluggable architecture focuses on automatic, rapid- and appliance-based deployment, monitoring, high-availability, cloud computing and especially on supporting and conforming multiple virtualization technologies. openQRM is a single-management console for the complete IT-infra structure and provides a well defined API which can be used to integrate third-party tools as additional plugins. OpenQRM provides integrated environment for zabbix and Nagios. OpenQRM is completely free software and can be used as a fully automated Management-System for your business.

4.1 SYSTEM REQUIREMENTS: Software Requirements: OpenQRM runs on Linux-Distributions of nearly any kind. The following Distributions are supported:

 Debian GNU/Linux  Ubuntu Linux  CentOS  SuSE/SLES  Fedora 9

Hardware Requirements:

openQRM currently runs on the x86 architecture and also supports x86/64 platforms such as Intel EM64T and AMD Opteron which can currently address up to 1TB of physical memory, which is not really needed any more since the rewrite in V4.X. openQRM offloads all of the hardware support issues to the OS running the openQRM-Server. This approach provides compatibility with the majority of device hardware supported by Linux.

4.2 INSTALLATION: (i) From Pre-buit Binaries: Pre-built Packages are available for download from the SourceForge downloads page: https://sourceforge.net/project/showfiles.php?group_id=153504 Once you've downloaded the packages, you typically install them via the package-manager: # rpm -iv packagename # dpkg -i packagename (ii) Building and Installing from source:

Obtaining the Source Tarball

Institute for Development And Research in Banking Technology 23

Stable versions and daily snapshots of the openQRM source tree are available from the openQRM download page: https://sourceforge.net/project/showfiles.php?group_id=153504

After extracting browse to the folder and run the following commands: ./configure make make install Once successfully installing just run --- make start 4.3 CONFIGURATION: (i) Network Configuration: Default interface used by OpenQRM is eth0 .So if your server uses some other interface change openqrm-server.conf . (ii) Database Configuration: Default configuration can be changed editing openqrm- server.conf 4.4 USAGE: (i) Dashboard:

(ii) Enabling Plug-in : Plugin Managerzabbix -> enable . Plugin Manager Nagios -> enable . (iii) Open zabbix : plugin manager ->monitoring->zabbix.

OPENQRMZABBIX Adding a device:-

. Go to Configuration --> Host. Institute for Development And Research in Banking Technology 24

. On the right hand corner you will find Create Host. Click on it. You will get a window like this.

. You need to specify host name. Visible name is optional. . You need to specify which group it belongs to. You can create new group by leaving the host group blank and just writing its name in New host group box. . You need to specify which interface the device is working on. If it is SNMP device then specify it in the snmp. . Then click on the Template tab. (Just above the host name.) Select a template you want. For SNMP device select Template SNMP device.

But this contains very less items which has very less use. Instead I suggest you to download the template, import it and the add that. Here’s the link from where the templates can be download:-

http://www.zabbix.com/wiki/templates/start Download the template which depending on the device. I used the SNMPv1 device template and you can also use this template if you are not sure about which template to add.

. Click the Hosts tab. There you will find that your host is been added. (Here Avaya L3 switch)

Institute for Development And Research in Banking Technology 25

. Click on the items. You will get the list of all the items which it monitors. For each item you need to specify the port and the community string. For that, click on the check box right of Wizard. All the items on that page will be selected. Then from the bottom select Mass Update and click on GO.

There, update the community string and the port number and anything else you need to change.

. Just after doing this, the items will be monitored. . And you can view the data from Monitoring --> Latest Data.

Adding new item to a host.

Apart from the items that automatically come with the templates, you can add items of your own.

Institute for Development And Research in Banking Technology 26

. Go to Hosts. To add item to “Avaya L3 switch”, click on the items next to it. There on the right hand side, click on the create item tab. You will get a window like this.

. Give the name of the item. Select type and key. . For SNMP item you need to specify the SNMP OID of the the parameter which you need to monitor.A list of SNMP OID is given on the link here. http://www.zabbix.com/documentation/1.8/manual/advanced_snmp Here’s a list of some other useful items which can be added.

Description Item Type OID/ Description Ping Test Simple Check icmpping[] Response Time Simple Check icmppingsec[] Packet Loss Simple Check icmppingloss[] CPU utilization SNMPv1 agent 1.3.6.1.4.1.9.2.1.56.0/ IcpuPercentagebusy Memory Utilization SNMPv1 agent 1.3.6.1.4.1.9.2.1.8.0/ImemFreeMem Available Bandwidth SNMPv1 agent interfaces.ifTable.ifEntry.ifSpeed.1 (for interface 1**) Bandwidth Utilization Calculated Specify the formula as:- It is for interface1** (change("ifInOctets1") + change("ifOutOctets1"))/128 % Bandwidth utilized Calculated (Bandwidth Utilization/Available Bandwidth)*100 ** A router generally has many interfaces. For each interface you have to find these items separately. You can find number of interfaces by this OID:- IF-MIB::ifNumber.0

Creating a trigger.

Trigger is basically a condition on a specified value. It is set on any of the item for which we want that a action should be invoked if it differs from the threshold condition given.

Institute for Development And Research in Banking Technology 27

To Create a trigger:-

. Go to Hosts --> Select trigger for the host for which you want to add a trigger. . On right hand side, click on create trigger. You will get a window like this.

. Specify the name you want to give to trigger. . In the expression, click on Add tab. You will get a pop-up window as in the right side of the pic. . Select the item you want to set your trigger on, the function you need, the value of T and N. Time shift is periodicity of trigger. Click on insert. . As you do so, the expression will be added. You can give a description if you want. . Set severity of the trigger. And click on save. Your trigger is created!!

Creating a graph.

Zabbix plugin itself provides graphs for all the values which it monitors. These graphs are mapped w.r.t time. But what if we have to compare two or more values in the same graph or make a graph of item1 vs item2 or create a pie-chart to improve visibility. This is the place for this.

Again the construction is similar.

. Click on graphs for the host you want. Then create graph. . There set the parameters. This are self-explanatory and one can do them easily. . You can also preview your graph by clicking on the preview tab.

Institute for Development And Research in Banking Technology 28

Setting up the Auto-Discovery Rules.

This is not the discovery rule of the single host which you see on clicking the Hosts tab. This is a auto discovery process to find all the devices which are in the network automatically. This may be very useful if you a monitoring a LAN network. It will reduce you tedious manual work of adding every host individually.

You can just set an action on this discovery rule and your work will be done. Actions are explained later.

. Go to Configuration --> Discovery. . Click on create discovery rule on the right hand side.

. Here give the name. . Specify the IP range and the check type. . Click on Save.

The device discovered will be shown in Monitoring --> Discovery.

This is all what the software does. Though we have created users, user-groups, given our email- id’s, set the media and set the sender’s email address too but still we don’t know how we will get the notifications.

We have created triggers, but we have not yet specified how the tool will take the action.

That’s what we do now, Set the tool on Action….

Institute for Development And Research in Banking Technology 29

Graphical Feature

Zabbix has got great Graphs. Here are some of the graphs which I got:-

The trigger line is also shown in this graph.

Zabbix Monitoring Itself: Showing the network Traffic

Institute for Development And Research in Banking Technology 30

CONCLUSION

Netdisco can be used to:

 Locate a machine on the network by MAC or IP and show the switch port it lives at.  Turn Off a switch port while leaving an audit trail. Admins log why a port was shut down.  Inventory your network hardware by model, vendor, switch-card, firmware and operating system.  Report on IP address and switch port usage: historical and current.  Pretty pictures of your network drawing the Network Topology map.

FrameFlow can be used to monitor system health monitoring, SNMP uptime calculation, Ping test , Bandwidth Utilization ,but for adding further features to the tool Add-ons need to purchased.

OpenQRM is really an excellent tool which contains zabbix and nagios plugins and hence provides an integrated interface for the Networking monitoring but cannot be used without further integration .

Since our project was group project we came to conclusion the none of the tool was perfectly suitable for the given set of parameters. So the entire group sat together and discussed the pros and cons of each tool and came to the final result of integrating the three best networking tools over the servers of IDRBT

We have made a comparison chart for selecting best tools for integration .

Institute for Development And Research in Banking Technology 31

APPENDIX

Difficulty Usability Ope graph Alerts notifica Ping Packet CRC RTT Laten Memory CPU Protoc Link Link Configuratio of n s and tion Test Loss Erro cy Utilizatio Utilizatio ol Availabilit Utilizatio n Installation Sour alarm r n n Status y n Monitoring ce s Argus Complicate not good X X X X X X d Zabbix simple friendly X X X X X X X X X X X X X X X openNMS Complicate Friendly X X X X X X X X X d Nagios Conplicate Friendly X X X X X X X X d Cacti Simple friendly X X X X X X X X

NetDisco Complicate not good X d Netflow simple friendly X X X X X X X X X X X Analyser PRTG Simple User X X X X X X X X X Friendly OpManag Simple user X X X X X X X er friendly Spicework Simple Friendly X X X X X X s Zenoss Simple Friendly X X X X X X X

Frame Simple Friendly X X X X X X X X Flow OpenQRM Simple Friendly X X X X X X X X X X X X X X X

Based on this Comparision chart, the Selcted tools are:-

openNMS Spiceworks OpenQRM

All the tools are successfully installed in the INFINET servers and the real time monitoring of the network has started.

Further Scope openQRM is a very comprehensive and flexible Open Source Infrastracture Management Solution. Its fully pluggable architecture focuses on automatic, rapid- and appliance-based deployment, monitoring, high-availability, cloud computing and especially on supporting and conforming multiple virtualization technologies. openQRM is a single-management console for the complete IT-Infrastructure and provides a well defined API which can be used to integrate third-party tools as additional plugins. This provides companies with a highly scalable system that supports small companies as well as global businesses who have large server base, multi-os & high-availability requirements.

APPENDIX

 http://www.netdisco.org/install.html  http://www.netdisco.org/readme.html  http://www.openqrm.com/?q=node/40  http://www.openqrm-enterprise.com/fileadmin /DATA /Whitepapers/openQRM-documentation-24022010.pdf  http://www.frameflow.com/