[afnog] Feedback on Network Administration Software

Ruchi Rajpal rrajpal at gmail.com
Wed May 13 13:39:59 UTC 2009 

Hello all,

I have joined forum to grasp the exact requirements from network operators.
We are developing an easy to install and highly useful application pmGraph
assisting in network administration.
pmGraph is in the early stages of development, and work is in progress to
make it a more flexible and powerful tool, with advanced user-friendly
graphing capabilities.
The purpose of pmGraph is to work with pmacct, a network monitoring and
auditing tool. pmacct runs on a firewall, router or bridge, collects
information from multiple routers, and stores the information in a database.
The database permits powerful analysis, but is difficult to use. pmGraph
helps by providing a simple graphical overview of the network data recorded
by pmacct.

*How to Use It*

The simplest way to monitor your network is to take control of the point
where network connects to another network, such as your Internet Service
Provider, at a single point (a router or bridge). This allows you to monitor
traffic entering or leaving your domain of control (your own network).

To do this, what is needed is:

   * A server running a Linux or Unix operating system,
   * mysql database,
   * pmacct network traffic logger,
   * tomcat web server,
   * Optionally, a Cisco or Juniper router that supports Netflow or sFlow.

Understanding these components is useful, but not necessary, to install and
use pmGraph.

pmacct, the software which does the actual network logging, provides four
options for monitoring the meeting point between the networks:

Passive Sniffer
   You can use your server to monitor passing network traffic in promiscuous
mode. Most Unix servers can do this. However, unless you connect the server
to a hub or a monitoring port on a switch, your server will not see packets
generated by other computers, and this will limit your monitoring ability.

Unix Router
   You can use your server as a router between two networks. The server will
need two network cards, one connected to each network. The server's
operating system must support routing, but almost all do. You will also need
to know how to configure routing and packet forwarding on your server. You
may want or need to use NAT between the networks (for example, if you
replace an existing router that already does NAT for you). If you already
have a Unix server or firewall performing this role, then you might find
this setup easiest, as you may not need to change your network structure at
all.

Unix Bridge
   You can use your server as a bridge between two networks. The server will
need two network cards, one connected to each network. The server then acts
like a network switch with two ports, copying packets between the networks
without modifying them, and recording them at the same time. The server's
operating system must support bridging (e.g. Linux and FreeBSD). You will
also need to know how to configure bridging on your server.

Netflow or sFlow
   You can use a Cisco or Juniper router to send Netflow or sFlow network
accounting records to your Unix server. This removes the need to connect the
Unix server directly to the point where the networks meet, as long as the
router is already there.

A software package is also being worked on to make process of installing
pmGraph along with tomcat server and pmacct easier. User manual & supporting
doc is also being added.
I would really appreciate any feedback on usage for this.

Regards,
Ruchi Rajpal
Contact No: 07544667957
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://afnog.org/pipermail/afnog/attachments/20090513/c6b88c25/attachment.html>

More information about the afnog mailing list