pmGraph
pmGraph is a software application for network monitoring, an important part of bandwidth management. The aim is to help network administrators, especially at universities, to better monitor and manage their networks. It was developed by Tom Sharp as part of our BMO Tools project, and is the first software release from that project.
Introduction
The purpose of pmGraph is to work with pmacct, a network monitoring and auditing tool. pmacct runs on a firewall, router or bridge, or collects information from multiple routers, and stores the information in a database. The database permits powerful analysis, but is difficult to use. pmGraph helps by providing a simple graphical overview of the network data recorded by pmacct.
Project Status
pmGraph is in the early stages of development, and work is in progress to make it a more flexible and powerful tool, with advanced user-friendly graphing capabilities. Collaborators on the project are both welcome and important for further development. Please contact us if you'd like to get involved. The project source code and downloadable installation file are freely available on sourceforge, and licensed under the GPL.
How to Use It
You will need to decide how you want to monitor your network. Chapter 3 of the Bandwidth Management Book explains network monitoring in more detail. The principle is that your network connects to another network, such as your Internet Service Provider, at a single point (a router or bridge). The simplest way to monitor your network is to take control of that point. This allows you to monitor traffic entering or leaving your domain of control (your own network).
To do this, you will need:
- A server running a Linux or Unix operating system,
- mysql database,
- pmacct network traffic logger,
- tomcat web server,
- Optionally, a Cisco or Juniper router that supports Netflow or sFlow.
Understanding these components is useful, but not necessary, to install and use pmGraph, and much more important to participate in pmGraph development.
pmacct, the software which does the actual network logging, provides four options for monitoring the meeting point between the networks:
- Passive Sniffer
- You can use your server to monitor passing network traffic in promiscuous mode. Most Unix servers can do this. However, unless you connect the server to a hub or a monitoring port on a switch, your server will not see packets generated by other computers, and this will limit your monitoring ability.
- Unix Router
- You can use your server as a router between two networks. The server will need two network cards, one connected to each network. The server's operating system must support routing, but almost all do. You will also need to know how to configure routing and packet forwarding on your server. You may want or need to use NAT between the networks (for example, if you replace an existing router that already does NAT for you). If you already have a Unix server or firewall performing this role, then you might find this setup easiest, as you may not need to change your network structure at all.
- Unix Bridge
- You can use your server as a bridge between two networks. The server will need two network cards, one connected to each network. The server then acts like a network switch with two ports, copying packets between the networks without modifying them, and recording them at the same time. The server's operating system must support bridging (e.g. Linux and FreeBSD). You will also need to know how to configure bridging on your server.
- Netflow or sFlow
- You can use a Cisco or Juniper router to send Netflow or sFlow network accounting records to your Unix server. This removes the need to connect the Unix server directly to the point where the networks meet, as long as the router is already there.
Installation
These instructions are also under development. If you need help getting pmGraph working, please contact us.
You will need to download and install pmacct first. You don't need to create a configuration file, as one is supplied with pmGraph. Also download and install tomcat.
pmGraph can be downloaded here. Unpack the archive and copy pmgraph.war into your Tomcat web apps directory.
Edit the file at {tomcatroot}/webapps/pmgraph/WEB-INF/src/database.properties so that the LocalSubnet variable is set to the subnet you will be monitoring. You will also need to set the address for your MySQL database here if it is not installed locally.
Configure MySQL to receive data from pmacct by running the script in the config folder with the command:
mysql pmacct -u root -p < config/pmacct-create-db_v6.mysql
Run pmacct with:
sudo pmacctd < config/pmaccd.conf
The pmGraph page should now be available at:
http://{yourbridgemachine}:{yourtomcatport}/pmgraph
Development
You can get the latest source code from Subversion here:
https://pmgraph.svn.sourceforge.net/svnroot/pmgraph
We recommend that you use the following tools:
- Sun Java JDK 5.0 or higher (other JDKs such as GCJ cause problems with Tomcat)
- Apache Tomcat 5.0 or later
- Eclipse (if in doubt, get the Java Developer edition)
- Sysdeo Tomcat plugin
- Subclipse
Steps to get developing in Eclipse:
- Install Tomcat but don't start it yet
- Install Eclipse and the plugins
- Configure the Tomcat Plugin in Eclipse (Window > Preferences > Tomcat)
- Switch to the SVN Repository Exploring perspective (Window > Open Perspective > SVN Repository Exploring)
- Right-click in the left pane and add a new repository
- Enter the URL: https://pmgraph.svn.sourceforge.net/svnroot/pmgraph
- Expand the newly-created repository
- Right-click on the pmgraph folder within, and choose Checkout
- Switch back to the Java perspective
- Right-click on the pmGraph project in your workspace and choose Tomcat > Update Context Definition
- Expand the project, and the web/WEB-INF/src folder, and edit database.properties
- Enter the details of your MySQL server in this file
- Start Tomcat within Eclipse (Tomcat > Start Tomcat)
- Browse to http://localhost:8080/pmgraph and check that the page and graph display properly
If you need more help, please contact us.