wiki:Nmm2022/Agenda/SmokepingSetup

Version 32 (modified by geethike, 3 years ago) ( diff )

--

Network Management & Monitoring - Smokeping

In this exercise you will install Smokeping and get it to monitor various devices in the class network.

Since most of the tasks in this exercise require you to be "root", the first thing you should do is to connect to your PC and start a root shell.

$ sudo -s
#

Install Smokeping

Before we install Smokeping we have to update our OS and install Apache web server.

# apt update
# apt upgrade
# apt install apache2
# systemctl start apache2
# systemctl enable apache2

Now we will continue with the Smokeping installation.

# apt install smokeping
# chmod u+s /usr/bin/fping
# a2enmod cgi
# systemctl reload apache2

Initial Configuration

Let's make sure that your web server and Smokeping are running:

# systemctl start apache2
# systemctl enable smokeping
# systemctl start smokeping

Then point your web browser at:

http://hostX/smokeping/smokeping.cgi

(replace "hostX" with your own host/IP) to check that it is running.

Files that are associated with Smokeping can accessed as follows;

# cd /etc/smokeping/config.d
# ls -l

-rwxr-xr-x 1 root root  578 2022-02-26 01:55 Alerts
-rwxr-xr-x 1 root root  237 2022-02-26 01:55 Database
-rwxr-xr-x 1 root root  413 2022-02-26 05:40 General
-rwxr-xr-x 1 root root  271 2022-02-26 01:55 pathnames
-rwxr-xr-x 1 root root  859 2022-02-26 01:55 Presentation
-rwxr-xr-x 1 root root  116 2022-02-26 01:55 Probes
-rwxr-xr-x 1 root root  155 2022-02-26 01:55 Slaves
-rwxr-xr-x 1 root root 8990 2022-02-26 06:30 Targets

The files that you'll need to change, at a minimum, are:

  • Alerts
  • General
  • Probes (to be done later)
  • Targets

Now open the General file (note the first capital letter)

# vim General

(you can replace "vim" with "nano" or "vi" if you like)

Change the following lines according to your institute:

owner    = NOC
contact  = sysadm@localhost
mailhost = localhost
cgiurl   = http://localhost/smokeping/smokeping.cgi
# specify this to get syslog logging
syslogfacility = local5

Save the file and exit. Now let's restart the Smokeping service to verify that no mistakes have been made before going any further:

# systemctl restart smokeping

Now open the Alerts file (note the first capital letter)

# cd /etc/smokeping/config.d
# vim Alerts

Change the following lines:

to = sysadm@localhost
from = smokeping-alert@localhost

Save the file and exit. Restart Smokeping:

# systemctl restart smokeping

Configure monitoring of devices

The majority of your time and work configuring Smokeping will be done in the file /etc/smokeping/config.d/Targets

For this class please do the following:

Use the default FPing probe to check:

  • Servers in your campus
  • Firewalls
  • Switches
  • Routers

You can use the your physical Network Devices or the Devices in Network we configured on our last Workshop (Workshop on Tuning up Campus Network) for testing.

Create some hierarchy to the Smokeping menu for your checks.

For example, the Targets file is already partially pre configured. To start we are going to add some entries to this file.

Start with:

# cd /etc/smokeping/config.d
# editor Targets

You can take the section from * Targets * to the end of the Local Machine and make it look something like this. Feel free to use your own "remark", "menu" text and titles.

NOTE: We recommend that you COPY and PASTE text from these exercises directly in to the Targets file and do the amendments according to your network setup. Typing all this by hand will take too long.

*** Targets ***

probe = FPing

menu = Top
title = Network Latency Grapher
remark = Smokeping Latency Grapher for Network Monitoring \
         and Management Workshop.

+Local

menu = Local Network Monitoring and Management
title = Local Network

++LocalMachine

menu = Local Machine
title = This host
host = localhost

Now, below the "localhost" we start with the configuration of items for our class.

We will add in an entry for our workshop DMZ Web server (172.30.1.20) and for all the hosts on your campus.

NOTE: Be sure that you replace "Y" with your campus number.

#
# ********* Campus Servers **********
#

+WebServers

menu = WebServers
title = Campus web Servers

++Web

menu = DMZ Web
title = DMZ Web
host = 172.30.1.20

OK. Let's see if we can get Smokeping to stop and start with the changes we have made, so far. Save and exit from the Targets file. Now try doing:

# systemctl restart smokeping

If you see error messages, then read them closely and try to correct the problem in the Targets file. In addition, Smokeping is now sending log message to the file /var/log/syslog . You can view what Smokeping is saying by typing:

# tail -F /var/log/syslog

If you want to see all smokeping related messages in the file /var/log/syslog you can do this:

# grep smokeping /var/log/syslog

If there are no errors you can view the results of your changes by going to:

http://hostX/smokeping/smokeping.cgi

Configure monitoring of Other devices of Campus

Once you have configured the hosts on your campus, then it's time to add the entries for the Routers, Switches and Firewalls in your campus network.

# cd /etc/smokeping/config.d 
# editor Targets

Go to the bottom of the file and add in entries for your campus routers and switches:

#
#******** Campus  Network Devices ********
#

+campusYNetwork

menu = Campus  Network Devices
title = Network Devices Campus

#
# ********** Campus Border Router *********
#

++Routers
menu = Border Routers
title = Border Router

+++campus1
menu = FAC1
title = Faculty 1 (FAC1)
host = 10.1.2.1


+++campus2
menu = FAC2
title = Faculty 2 (FAC2)
host = 10.1.3.1


+++campus3
menu = FAC1-BLD1-FL2
title = Faculty One (FAC1-BLD1-FL2)
host = 10.1.2.4


++Firewalls
menu = PFsense Firewall
title = PFsense Firewall
host = 10.1.0.2

Add new probes to Smokeping

The current entry in the Probes file is fine, but if you wish to use additional Smokeping checks you can add them in here and you can specify their default behavior. You can do this, as well, in the Targets file if you wish.

To add a probe to check for HTTP latency as well as DNS lookup latency, edit the Probes file and add the following text TO THE END of that file:

# vim Probes 
+ EchoPingHttp

+ EchoPingHttps

+ DNS
binary = /usr/bin/dig
pings = 5
step = 180
lookup = www.learn.ac.lk

The DNS probe will look up the IP address of www.nsrc.org using any other open DNS server (resolver) you specify in the Targets file. You will see this a bit further on in the exercises.

Now Save and exit from the file and verify that your changes are working:

# systemctl restart smokeping
# tail -F /var/log/syslog

Add HTTP latency checks for the Workshop Hosts

Edit the Targets file again and go to the end of the file:

# vim Targets
#
# Local Web server response
#

+HTTP

menu = Local HTTP Response
title = HTTP Response DMZ web

++DMZ-Web

menu = DMZ Web
title = DMZ Web HTTP response time
probe = EchoPingHttp
host = 172.30.1.20

you can add multiple web servers as you needed.

You could also use the "probe = EchoPingHttp" statement once for host1, and then this would be the default probe until another "probe = " statement is seen in the Targets file.

You can add more host entries if you wish, or you could consider checking the latency on remote machines - these are likely to be more interesting. Machines such as your own publicly accessible servers are a good choice, or, perhaps other web servers you use often (Google, Yahoo, Government pages, stores, etc.?).

For example, consider adding something like this at the bottom of the Targets file:

#
# Remote Web server response
#

+HTTPSRemote

menu = Remote HTTPS Response
title = HTTPS Response Remote Machines

++google

menu = Google
title = Google.com HTTPS response time
probe = EchoPingHttps
host = www.google.org

++learn

menu = LEARN
title = LEARN HTTPS response time
probe = EchoPingHttps
host = www.learn.ac.lk

++youtube

menu = Youtube
title = Youtube HTTPS response time
probe = EchoPingHttps
host = www.youtube.com

Add your own hosts that you use at your organization to the list of Remote Web Servers.

Once you are done, save and exit from the Targets file and verify your work:

# systemctl restart smokeping

Add DNS latency checks

At the end of the Targets file we are going to add some entries to verify the latency from our location to remote recursive DNS servers to look up an entry for nsrc.org.

You would likely substitute an important address for your institution in the Probes file instead. In addition, you can change the address you are looking up inside the Targets file as well. For more information see:

http://oss.oetiker.ch/smokeping/probe/DNS.en.html

and

http://oss.oetiker.ch/smokeping/probe/index.en.html

Now edit the Targets file again. Be sure to go to the end of the file:

# cd /etc/smokeping/config.d
# vim Targets

At the end of the file add:

#
# Sample DNS probe
#

+DNS

probe = DNS
menu = DNS Latency
title = DNS Latency Probes

++LocalDNS1
menu = LEARN DNS
title =  DNS Delay for local DNS Server on learn.ac.lk
host = 192.248.7.254

++GoogleA
menu = 8.8.8.8
title = DNS Latency for google-public-dns-a.google.com
#host = google-public-dns-a.google.com
host = 8.8.8.8

++GoogleB

menu = 8.8.4.4
title = DNS Latency for google-public-dns-b.google.com
#host = google-public-dns-b.google.com
host = 8.8.4.4

Now save the Targets file and exit and verify your work:

# systemctl restart smokeping

Look at additional Smokeping probes and consider implementing some of them if they are useful to your organization:

http://oss.oetiker.ch/smokeping/probe/index.en.html

Note: See TracWiki for help on using the wiki.