TAG | Linux answers the age-old question, "Why is my network slow?" |
|
| by David M Williams | |
| Thursday, 24 July 2008 | |
|
Page 2 of 3 The problem with directing all your traffic through an intermediate box is that it requires you to rework your network and this may not always be desirable or achievable. This is particularly so in a corporate environment where you have a private network spanning many locations, and where you have servers at different locations.If you want to put a device in between the LAN and the router in that location so you can measure the traffic you will need to assign a new address and subnet to either the server or the router. This will involve complexity and changes that you may not be able to do for any number of reasons. Additionally, it has to be noted the firewall can’t tell you anything about the local traffic on your LAN – it will only record what is going out of that network. Yet, it may be you have a user backing up his whole hard drive to the local file server. This won’t be picked up by the firewall. Ideally, we can construct a portable solution. We could set up some free open source software on a low-end PC or laptop running Linux and just plug it in to the network somewhere, letting it sniff out everything going on. You could fly in to a site, plug it in for a day or two and gather enough data to analyse. Indeed, this could be a great use for an ASUS Eee or any of the multitude of netbooks coming to prominence – your own teeny tiny network analysis device. The first stop on this journey is MRTG, the Multi Router Traffic Grapher. This has long been a staple of the Internet and will work with any SNMP-enabled router. It polls the router periodically (the default is five minute intervals) and graphs this over time. MRTG maintains a nice collection of web pages, with embedded graphs, so viewing the results is really easy. In fact, you’ll even find some ISPs or Universities that display their MRTG pages on the public Internet. MRTG is written partially in C and partially in Perl; you can probably find a binary version for your favoured distro but the developer’s web site provides clear instructions for downloading, compiling and running. However, MRTG doesn’t quite get us where I’d like. As good as MRTG is, it doesn’t actually let you drill down beyond just the amount of bandwidth being consumed through your router. Don’t get me wrong: this is still a terrific starting point in network fault-finding because it shows clearly how much data you are sending in and out of your network. Plus, it is portable because you can plug in a computer running MRTG without imposing any changes on your network whatsoever, save for possibly enabling SNMP on the router. You will not see just what the traffic is, or by who and to where, and nor will you get any figures on internal traffic. So let’s see what else we can find. CONTINUED |
| < Next story in category | Previous story in the category > |
|---|
