= Network Management & Monitoring - Smokeping = In this exercise you will install Smokeping and get it to monitor various devices in the class network. Since most of the tasks in this exercise require you to be "root", the first thing you should do is to connect to your PC and start a root shell. {{{ $ sudo -s # }}} === Install Smokeping === Before we install Smokeping we have to update our OS and install Apache web server. {{{ # apt update # apt upgrade # apt install apache2 # systemctl start apache2 # systemctl enable apache2 }}} Now we will continue with the Smokeping installation. {{{ # apt install smokeping # chmod u+s /usr/bin/fping # a2enmod cgi # systemctl reload apache2 }}} ''' NOTE :'''Select No configuration for Postfix configuration for this exercise. === Initial Configuration === Let's make sure that your web server and Smokeping are running: {{{ # systemctl start apache2 # systemctl enable smokeping # systemctl start smokeping }}} Then point your web browser at: {{{ http://hostX/smokeping/smokeping.cgi }}} (replace "hostX" with your own host/IP) to check that it is running. Files that are associated with Smokeping can accessed as follows; {{{ # cd /etc/smokeping/config.d # ls -l -rwxr-xr-x 1 root root 578 2022-02-26 01:55 Alerts -rwxr-xr-x 1 root root 237 2022-02-26 01:55 Database -rwxr-xr-x 1 root root 413 2022-02-26 05:40 General -rwxr-xr-x 1 root root 271 2022-02-26 01:55 pathnames -rwxr-xr-x 1 root root 859 2022-02-26 01:55 Presentation -rwxr-xr-x 1 root root 116 2022-02-26 01:55 Probes -rwxr-xr-x 1 root root 155 2022-02-26 01:55 Slaves -rwxr-xr-x 1 root root 8990 2022-02-26 06:30 Targets }}} The files that you'll need to change, at a minimum, are: * Alerts * General * Probes (to be done later) * Targets Now open the General file (note the first capital letter) {{{ # vim General }}} (you can replace "vim" with "nano" or "vi" if you like) Change the following lines according to your institute: {{{ owner = NOC contact = sysadm@localhost mailhost = localhost cgiurl = http://localhost/smokeping/smokeping.cgi # specify this to get syslog logging syslogfacility = local5 }}} Save the file and exit. Now let's restart the Smokeping service to verify that no mistakes have been made before going any further: {{{ # systemctl restart smokeping }}} Now open the Alerts file (note the first capital letter) {{{ # cd /etc/smokeping/config.d # vim Alerts }}} Change the following lines: {{{ to = sysadm@localhost from = smokeping-alert@localhost }}} Save the file and exit. Restart Smokeping: {{{ # systemctl restart smokeping }}} = Configure monitoring of devices = The majority of your time and work configuring Smokeping will be done in the file ''' /etc/smokeping/config.d/Targets''' For this class please do the following: Use the default FPing probe to check: * Servers in your campus * Firewalls * Switches * Routers You can use the your physical Network Devices or the Devices in Network we configured on our last Workshop ''' (Workshop on Tuning up Campus Network) ''' for testing. Create some hierarchy to the Smokeping menu for your checks. For example, the Targets file is already partially pre configured. To start we are going to add some entries to this file. Start with: {{{ # cd /etc/smokeping/config.d # editor Targets }}} You can take the section from *** Targets *** to the end of the Local Machine and make it look something like this. Feel free to use your own "remark", "menu" text and titles. NOTE: We recommend that you COPY and PASTE text from these exercises directly in to the Targets file and do the amendments according to your network setup. Typing all this by hand will take too long. {{{ *** Targets *** probe = FPing menu = Top title = Network Latency Grapher remark = Smokeping Latency Grapher for Network Monitoring \ and Management Workshop. +Local menu = Local Network Monitoring and Management title = Local Network ++LocalMachine menu = Local Machine title = This host host = localhost }}} Now, below the "localhost" we start with the configuration of items for our class. We will add in an entry for our workshop ''' DMZ Web server ''' (172.30.1.20) and for all the hosts on your campus. {{{ # # ********* Campus Servers ********** # +WebServers menu = WebServers title = Campus web Servers ++Web menu = DMZ Web title = DMZ Web host = 172.30.1.20 }}} OK. Let's see if we can get Smokeping to stop and start with the changes we have made, so far. Save and exit from the Targets file. Now try doing: {{{ # systemctl restart smokeping }}} If you see error messages, then read them closely and try to correct the problem in the Targets file. In addition, Smokeping is now sending log message to the file ''' /var/log/syslog '''. You can view what Smokeping is saying by typing: {{{ # tail -F /var/log/syslog }}} If you want to see all smokeping related messages in the file ''' /var/log/syslog ''' you can do this: {{{ # grep smokeping /var/log/syslog }}} If there are no errors you can view the results of your changes by going to: {{{ http://hostX/smokeping/smokeping.cgi }}} === Configure monitoring of Other devices of Campus === Once you have configured the hosts on your campus, then it's time to add the entries for the Routers, Switches and Firewalls in your campus network. {{{ # cd /etc/smokeping/config.d # editor Targets }}} Go to the bottom of the file and add in entries for your campus routers and switches: {{{ # #******** Campus Network Devices ******** # +campusYNetwork menu = Campus Network Devices title = Network Devices Campus # # ********** Campus Border Router ********* # ++Routers menu = Border Routers title = Border Router +++campus1 menu = FAC1 title = Faculty 1 (FAC1) host = 10.1.2.1 +++campus2 menu = FAC2 title = Faculty 2 (FAC2) host = 10.1.3.1 +++campus3 menu = FAC1-BLD1-FL2 title = Faculty One (FAC1-BLD1-FL2) host = 10.1.2.4 ++Firewalls menu = PFsense Firewall title = PFsense Firewall host = 10.1.0.2 }}} === Add new probes to Smokeping === The current entry in the Probes file is fine, but if you wish to use additional Smokeping checks you can add them in here and you can specify their default behavior. You can do this, as well, in the Targets file if you wish. To add a probe to check for HTTP latency as well as DNS lookup latency, edit the Probes file and add the following text TO THE END of that file: {{{ # vim Probes }}} {{{ + EchoPingHttp + EchoPingHttps + DNS binary = /usr/bin/dig pings = 5 step = 180 lookup = www.learn.ac.lk }}} The DNS probe will look up the IP address of www.nsrc.org using any other open DNS server (resolver) you specify in the Targets file. You will see this a bit further on in the exercises. Now Save and exit from the file and verify that your changes are working: {{{ # systemctl restart smokeping # tail -F /var/log/syslog }}} === Add HTTP latency checks for the Workshop Hosts === Edit the Targets file again and go to the end of the file: {{{ # vim Targets }}} {{{ # # Local Web server response # +HTTP menu = Local HTTP Response title = HTTP Response DMZ web ++DMZ-Web menu = DMZ Web title = DMZ Web HTTP response time probe = EchoPingHttp host = 172.30.1.20 }}} you can add multiple web servers as you needed. You could also use the ''' "probe = EchoPingHttp" ''' statement once for host1, and then this would be the default probe until another "probe = " statement is seen in the Targets file. You can add more host entries if you wish, or you could consider checking the latency on remote machines - these are likely to be more interesting. Machines such as your own publicly accessible servers are a good choice, or, perhaps other web servers you use often (Google, Yahoo, Government pages, stores, etc.?). For example, consider adding something like this at the bottom of the Targets file: {{{ # # Remote Web server response # +HTTPSRemote menu = Remote HTTPS Response title = HTTPS Response Remote Machines ++google menu = Google title = Google.com HTTPS response time probe = EchoPingHttps host = www.google.org ++learn menu = LEARN title = LEARN HTTPS response time probe = EchoPingHttps host = www.learn.ac.lk ++youtube menu = Youtube title = Youtube HTTPS response time probe = EchoPingHttps host = www.youtube.com }}} Add your own hosts that you use at your organization to the list of Remote Web Servers. Once you are done, save and exit from the Targets file and verify your work: {{{ # systemctl restart smokeping }}} === Add DNS latency checks === At the end of the Targets file we are going to add some entries to verify the latency from our location to remote recursive DNS servers to look up an entry for nsrc.org. You would likely substitute an important address for your institution in the Probes file instead. In addition, you can change the address you are looking up inside the Targets file as well. For more information see: http://oss.oetiker.ch/smokeping/probe/DNS.en.html and http://oss.oetiker.ch/smokeping/probe/index.en.html Now edit the Targets file again. Be sure to go to the end of the file: {{{ # cd /etc/smokeping/config.d # vim Targets }}} At the end of the file add: {{{ # # Sample DNS probe # +DNS probe = DNS menu = DNS Latency title = DNS Latency Probes ++LocalDNS1 menu = LEARN DNS title = DNS Delay for local DNS Server on learn.ac.lk host = 192.248.7.254 ++GoogleA menu = 8.8.8.8 title = DNS Latency for google-public-dns-a.google.com #host = google-public-dns-a.google.com host = 8.8.8.8 ++GoogleB menu = 8.8.4.4 title = DNS Latency for google-public-dns-b.google.com #host = google-public-dns-b.google.com host = 8.8.4.4 }}} Now save the Targets file and exit and verify your work: {{{ # systemctl restart smokeping }}} Look at additional Smokeping probes and consider implementing some of them if they are useful to your organization: http://oss.oetiker.ch/smokeping/probe/index.en.html