Fnord.

It used to be that, if you had corporate funding, you’d buy ‘enterprise grade’ routers and switches that sported a remote management protocol called SNMP, for Simple Network Management Protocol. Typically, you’d buy a copy of HP’s OpenView (at around 50,000$) and use it to monitor all of your SNMP devices. Since SNMP actually asks the routers what they’re doing, it’s precise and has very little network impact. Sorted, as the Brits would say.

Those of us who network as a hobby/home/hacker were left out of this particular nerdvana, and turned to indirect solutions like Smokeping, and/or free software like syslog. Workable but not as good.

However (you knew this was coming, right?) the world has moved on. Prosumer-grade routers like my Linksys RV042 (at all of $149) and Airport Express (the N version, $99, more on this later) now have SNMP support built in! So that’s half of the puzzle. There have also been significant advances on the software side:

That’s Cacti, a web-based SNMP monitor running on my Debian box. It’s one of the nicest pieces of programming I’ve seen in some time, very polished and amazingly easy to use considering the complexity of what it does. You have access control, easy device configuration, many many graph options, and the ability to monitor non-SNMP devices like, say, system load. I’ve setup a guest account, password guest, that you can experiment with here. The data is real, monitoring my firewall’s traffic and part of my wireless as well. The guest account is configured to be read-only, so feel free to poke around and experiment.

Let me back up a bit. First off, you need

1. SNMP-capable hardware. My newer Airport Express (b/g/n, part number MB321LL/A) has full support, but the previous b/g (part number M9470LL/A) does not. My RV042 has SNMP, but the more common WRT54 series doesn’t unless you install the third-party Tomato firmware. (More Airport info is here and here.)
2. A server to run Cacti.

Next up is the firewall, very similar:

On the negative side there’s a few of Cacti limitations to note:

• Cacti doesn’t support SNMP traps, or asychronous alerts. This is a showstopper for a serious monitoring system, as you won’t get notified when something dies or fails.
• Since it doesn’t have MIB support, using vendor or device-specific features requires writing a data query, which I’ve not yet tried.
• You can’t issue SNMP commands from Cacti.

 

While I was learning all of this, I also took detours into MRTG and snmpd and found this nifty Dashboard widget for OSX called iEyeNet:

Which requires no server, so if you just want a way to peek now and then iEyeNet is a great solution.

Overall I’m thrilled to finally get to play with SNMP, and having views into the state of my network is marvelous. If you poke around, you’ll see that I’ve also setup entries for monitoring non-SNMP hosts via simple pings, which is also nice but less complete. Overall Cacti and iEyeNet are both useful, free and easy to get running.

My wish list looks like this right now:

1. Alerts on failures or traps
2. Ability to look by traffic type, e.g. “Is bittorrent why I’m so slow?”

Overall, SNMP is highly recommended. I’d say flat out not to buy any new network hardware without SNMP built in. It’s just too useful. 

Update 11/17/08: Cacti works on the iPhone browser too:

This entry was posted on Friday, November 14th, 2008 at 10:37 am and is filed under Debian, Networking, Reviews and recommendations. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.