Publisher: Prentice Hall PTR
Available for download is chapter 3 entitled "Multi Router Traffic Grapher (MRTG)".
One of the defining characteristics of a good network administrator is the overwhelming need to simplify his day-to-day work. This can be accomplished by scripting or using specialized tools for a task.
When it comes to open source tools, there's a plethora of tools administrators can use, and depending on the level of their knowledge, even tailor to their own needs. You would think that with all the information that comes with a Linux or Unix operating system and the wealth of information that can be found online that a book of this type is unnecessary. When you pick it up you also realize it's not one of those mammoth guides. So what did the author put into this title to make it interesting for all you network administrators using or interested in using open source tools? Read on to find out.
About the author
James Kretchmar has worked for six years as a systems programmer and network engineer for MIT Network Operations, helping to run MIT's campus-wide, 30,000-host network. He has administered all levels of the network hierarchy; written and deployed tools to streamline administration; implemented campus-wide routing plans; and been extensively involved in design, deployment, and troubleshooting of core network infrastructure. MIT makes extensive use of open source tools-several of which Kretchmar personally wrote.
Inside the book
The first thing I noticed when I started reading the book was the lack of a typical long introductory chapter on network administration that can be found in other books of this type. I think Kretchmar made the right choice when he decided to make it practical and short. This leaves more space for the truly interesting stuff.
In order to be able to understand the tools you're about to use you have to get some basic knowledge first. Even if you're an experienced network administrator, repeating some of this basic stuff is not wasted time at all. The book kicks off with an overview of SNMP where you learn what it is and how you can use it for network management. Of course, the author also provides details on various tools.
What follows is an overview of the Multi Router Traffic Grapher (MRTG), a tool that produces web pages that display graphs of bandwidth use on network links of daily, weekly, monthly and yearly scales. If you want a good tool that will help you diagnose network problem, give MRTG a try. After going through the details in this chapter you'll be able to install, configure and use MRTG.
When someone mentions the name Neo, the first thing you think about is probably some fight scene from the Matrix. This time, however, we're sticking to network administration with a tool of the same name, written at MIT. Kretchmar notes that Neo is a very handy tool and by reading on you realize what it can do for you and you see various examples of its use. I mean seriously, did you think, even for a second, that the folks over at MIT would use something that wasn't great?
Next, you get an understanding of NetFlow, a Cisco mechanism for collecting information about the internals of network traffic. As for the tool of choice, here come the popular Flow-Tools that collect and process crucial interface-level NetFlow information. The author details the installation, configuration and finishes off with a section on manipulating Flow data.
Another interesting tool developed by MIT is Oak. The purpose of Oak is to collect syslog messages from servers and network equipment, condense the information and notify you of problems as they arise. As before, you learn about the installation and configuration and just to get you started Kretchmar offers a sample Oak configuration file for you to explore.
A vital part of an administrator's job is service monitoring. You certainly want to know when something suddenly stops working. The tools that can make your life easier are introduced - Sysmon and Nagios. The author gives in-depth details on Sysmon installation and configuration while Nagios is only briefly introduced with its advantages and disadvantages. Kretchmar notes that Nagios is much more complicated than Sysmon so I guess that's the reason he decided to provide more information on Sysmon. Good choice.
One of the most popular tools in an administrator's arsenal is certainly TCPDUMP, and as before, the author provides you with detailed information in order to enable you to install it, configure it, and most importantly - use it. Moving on, Kretchmar introduces you to many basic tools, all combined into one chapter. This is where novice users will get their money's worth as they explore tools such as ping, netcat, traceroute, netstat, etc.
The last chapter of the book brings forward the topic of creating custom tools. Kretchmar introduces you to scripting, the Bourne Shell and Perl. This is the only chapter that I believe should have been extended to include more information as the advanced users will definitely find it to be too short. As for the intermediate users that are relatively new to scripting, they will get a good starting point.
My 2 cents
The beauty of this book lies in it's simplicity. The author manages to make things easy to understand and all the material is pretty straightforward. If at times you feel you need more information, you can use the provided links to expand your knowledge.
Kretchmar chose the topics for this book wisely and the amount of space dedicated to each topic is basically enough. Depending on what specific information you're looking for, some of you may feel there's something missing, but that's why the links are here. It's no surprise that I found everything to be so informative and concentrated on the practical part, just take a look at the biography of the author above and you'll realize what experience was put into "Open Source Network Administration".
If you're wondering how the network administration experience can be improved and what open source tools can make your life easier, get a copy of this book and many of your questions will be answered.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.