Commit c0f83326 authored by 's avatar

Updated documentation


git-svn-id: file:///home/svn/mapi/trunk@1568 8d5bb341-7cf1-0310-8cf6-ba355fef3186
parent 025c6746
......@@ -23,68 +23,61 @@ I. PREREQUISITIES
Note 2: If you want to monitor MPLS links and classify packets based on
L3 or L4 headers, which are after MPLS headers, you need the
latest libpcap from CVS, because support for IP filtering of
MPLS packets is not yet include in libpcap distributed in packages
MPLS packets is not yet included in libpcap distributed in packages
or as a tarball. See http://www.tcpdump.org how to checkout libpcap
sources from CVS and compile them.
II. GET DiMAPI AND BUNDLED APPLICATIONS
II. GET MAPI AND BUNDLED APPLICATIONS
DiMAPI and bundled applications are available from SVN server:
MAPI and bundled applications are available from SVN server:
svn checkout https://svn.testnett.uninett.no/mapi/trunk
III. INSTALL DiMAPI
III. INSTALL MAPI
Do this on all remote monitoring stations and on the central station
(if you use the central station).
More detailed instructions are included in README file of DiMAPI sources.
These instructions are also included in README file of DiMAPI sources.
MAPI_DIR is installation directory for MAPI, for example, /usr/local/mapi.
1) cd trunk
2) ./bootstrap.sh
3) ./configure --prefix=/usr/local/mapi --enable-trackflib \
3) ./configure [ --prefix=MAPI_DIR ] \
[ --enable-trackflib ] \
[ --enable-dimapi ] \
[ --with-libpcap=/usr/local/src/libpcap ] \
[ --enable-dag --with-libdag=/usr/local/dag ]
[ --enable-anonflib --enable-ipfixflib --enable-extraflib ] \
[ --enable-napatech --with-libdag=/opt/napatech ]
It is recommended that you use all the options in the above example.
Use --prefix to specify installation directory.
Use --enable-trackflib if you want to detect application-layer
protocols (e.g., gnutella, skype).
Use --enable-dimapi if you want to gather results from remote monitoring
stations on a central station.
stations.
Use --with-libpcap if you want to use some specific libpcap, such as the
latest sources from CVS in order to monitor MPLS links.
Use --enable-dag and --with-libdag if you want to read packets from a DAG
card. You need DAG software installed before running the configure command.
card.
Features enabled by --enable-anonlib, --enable-ipfixlib and
--enable-extraflib are currently not used by ABW but you can include them
in your installation of MAPI for future use.
Use --enable-napatech and --with-libnapatech if you want to read packets
from a Napatech card.
4) make
5) make install
6) vi MAPI_DIR/etc/mapi.conf
6) Check etc/mapi.conf in installation directory
MAPI_DIR is equal to the value of "--prefix" when configuring MAPI
installation directory. Add monitoring interfaces, such as eth1,
/dev/dag0, etc., for example:
[driver]
device=eth1
driver=mapinicdrv.so
mpls=0
vlan=0
It should include [driver] sections for network interfaces, such as
eth1, /dev/dag0, /dev/ntx0, etc.
Specify mpls=1 if packets received on this monitoring interface have
MPLS headers. Default is mpls=0 and can be omitted. Note that packets
may have MPLS headers in one direction of a link, but not have MPLS
headers in the other direction of the same link.
MPLS headers. Default is mpls=0 and can be omitted.
Specify vlan=1 if packets received on this monitoring interface have
802.1Q headers. Default is vlan=0 and can be omitted.
......@@ -92,13 +85,13 @@ III. INSTALL DiMAPI
7) vi /etc/ld.so.conf
add MAPI_DIR/lib and MAPI_DIR/share/mapi
directory
8) ldconfig
IV. INSTALL ABW
Do this on all remote monitoring stations and on the central station
(if you use the central station).
ABW_DIR is installation directory for MAPI, for example, /usr/local/abw.
1) cd trunk/applications/abw
......@@ -133,45 +126,41 @@ IV. INSTALL ABW
5) make install
6) vi ABW_DIR/etc/abw.conf
6) Edit ABW_DIR/etc/abw.conf
ABW_DIR is equal to the value of "--prefix" when configuring ABW
installation directory. Specify what monitoring should be done,
follow comments in this file.
Specify what monitoring should be done, follow comments in this file.
7) ABW_DIR/bin/dag.sh { 4.3 | 6.2 | 8.2 } [ 0 | 1 | 2 ... ] [ -f ] }
7) (optional) ABW_DIR/bin/dag.sh <card_type> [ <card_number> ] [ -f ]
This step is needed only if you use DAG cards. The "dag.sh" script
initializes the specified DAG card. Try "dag.sh" without arguments for
online help.
Initializes DAG card. "dag.sh" without arguments shows help.
8) ABW_DIR/bin/mapi.sh [ -d ] start
8) (optional) /opt/napatech/bin/load_driver.sh
Start DiMAPI or MAPI. When you use the central station, use -d to start
DiMAPI. When you do not use the central station, omit -d to start MAPI.
Initializes Napatech card.
9) ABW_DIR/bin/abw -f ABW_DIR/etc/abw.cfg
9) ABW_DIR/bin/mapi.sh start
Starts MAPI.
10) ABW_DIR/bin/abw -f ABW_DIR/etc/abw.cfg
Start ABW executable in foreground to check that it recognizes configured
protocols on configured monitoring interfaces. If some traffic is sent to
the configured monitoring interfaces, non-zero number of received packets
and bytes should be reported periodically. You can stop ABW executable by
Ctrl-C.
protocols. You can stop ABW executable by Ctrl-C.
10) ABW_DIR/bin/abw.sh start
11) ABW_DIR/bin/abw.sh start
Start ABW executable in background.
Optional tasks:
11) crontab -e (replace ABW_DIR with ABW installation directory)
12) crontab -e (replace ABW_DIR with ABW installation directory)
0,15,30,45 * * * * ABW_DIR/bin/abw_mapi.sh 2>&1 > /dev/null
1,16,31,46 * * * * ABW_DIR/bin/abw_check_rrd.sh 2>&1 > /dev/null
2,17,32,47 * * * * ABW_DIR/bin/abw_check_data.sh 2>&1 > /dev/null
0 0 * * * ABW_DIR/bin/abw_delete_old_graphs.sh 2>&1 > /dev/null
abw_mapi.sh checks if ABW and DiMAPI are running and possibly restarts
abw_mapi.sh checks if ABW and MAPI are running and possibly restarts
them.
abw_check_rrd.sh checks if RRD files are being updated.
......@@ -181,28 +170,25 @@ IV. INSTALL ABW
abw_delete_old_graphs.sh deletes old graphs.
12) Initialize DAG cards automatically during operating system startup.
13) Initialize DAG card automatically during operating system startup.
cp scripts/dag-init.sh /etc/init.d/dag
edit /etc/init.d/dag to call dag.sh with proper arguments for all
Edit /etc/init.d/dag to call dag.sh with proper arguments for all
DAG cards that you have in your server
do whatever is necessary so that /etc/init.d/dag is called automatically
during operating system startup (e.g., type "insserv" in SuSe Linux
or create startup links manually)
Do whatever is necessary so that /etc/init.d/dag is called automatically
during operating system startup (e.g., type "insserv /etc/init.d/dag" in
SuSe Linux or create startup links manually)
IV. INSTALLATION OF USER INTERFACE ON THE WEB SERVER
Do this on the web server.
1) cd trunk/applications/abw/htdocs
2) vi conf.php
2) Edit conf.php
Set variables and addresses of remote monitoring stations and
of the central station in the section between "BEGINNING OF USER
CONFIGURATION SECTION" and "END OF USER CONFIGURATION SECTION".
Edit section between "BEGINNING OF USER CONFIGURATION SECTION" and
"END OF USER CONFIGURATION SECTION".
3) mkdir /var/www/abw
......@@ -211,8 +197,7 @@ IV. INSTALLATION OF USER INTERFACE ON THE WEB SERVER
4) cp * /var/www/abw
Copy user interface scripts to a directory on the web server
dedicated for the ABW application.
Copy user interface scripts to a directory on the web server.
5) su www-data
......@@ -220,22 +205,21 @@ IV. INSTALLATION OF USER INTERFACE ON THE WEB SERVER
6) ssh-keygen -t dsa
Create an SSH key for the user that is running the web serve
and store the key to $HOME/.ssh/id_dsa file. Do this ONLY if
this key does not exist yet. Otherwise you will rewrite an
Create an SSH key for the user that is running the web server
and store this key to $HOME/.ssh/id_dsa file. Do this ONLY if
this key does not yet exist. Otherwise you will rewrite an
existing key.
7) scp $HOME/.ssh/id_dsa.pub \
root@remote_monitoring_station:ABW_HOME/.ssh/authorized_keys
abw@monitoring_station:.ssh/authorized_keys
Copy the public SSH key of the user that is running the web server
to the authorized_keys file of the abw user on all remote monitoring
stations and on the central station. This allows the web server to
retrieve results. Replace ABW_HOME with the home directory of ABW user.
to the authorized_keys file of the abw user on all monitoring stations.
This allows the web server to retrieve results. Replace ABW_HOME with the
home directory of abw user.
Make sure that correct access rights are set on the public SSH key
on all remote monitoring stations and the central station (this should
be done on remote monitoring stations and on the central station):
on all monitoring stations:
chown abw:abw ABW_HOME/.ssh
chmod 700 ABW_HOME/.ssh
......@@ -243,7 +227,7 @@ IV. INSTALLATION OF USER INTERFACE ON THE WEB SERVER
chown abw:abw ABW_HOME/.ssh/authorized_keys
chmod 600 ABW_HOME/.ssh/authorized_keys
8) ssh abw@remote_monitoring_station
8) ssh abw@monitoring_station
Manually connect to all remote monitoring stations and to the central
station as abw user. Allow to add public SSH keys to the known_hosts file.
......
I. INTRODUCTION
ABW is an application for passive monitoring of used capacity of a network
line and its distribution between protocols. It runs on top of DiMAPI
(Distributed Monitoring Application Interface).
link and its distribution among protocols. It runs on top of MAPI
(Monitoring Application Interface).
Primary advantages of monitoring used capacity by ABW when compared to active
monitoring or using SNMP are the following:
Features:
- Monitoring is completely non-intrusive, it does not affect user traffic
in any way, it can run continuously and it measures real used capacity
(instead of throughput of test packets after stressing user traffic).
- non-intrusive
- can run continuously
- measures real used capacity
- can monitor capacity usage in short intervals (from 1 second)
- can detect short peaks
- can show capacity usage by different protocols (L3, L4, L7)
- We can monitor capacity usage in short intervals (e.g., 1 second)
and therefore detect short peaks.
II. MONITORING CARDS
- We can distinquish capacity used by different protocols in different
layers of the OSI hierarchy (L2, L3, L4 or application protocols)
A monitoring station needs one or more network cards to capture packets
from monitored links. It can be regular Ethernet cards or monitoring cards
(DAG, Napatech, COMBO).
A combination of header filtering and payload searching is used to detect
application protocols that use dynamic ports.
II. LOCAL AND DISTRIBUTED MODE
ABW can be used in to modes:
- In the local mode with MAPI, the user interface on the web server
contacts directly all remote monitoring stations capturing packets.
- In the distributed mode with DiMAPI, the user interface on the web server
contacts only the central station, which in turn gathers results from
remote monitoring stations capturing packets.
ABW can also use a combination of these two modes. That is the web server can
contact some remote monitoring stations directly and obtain results from other
monitoring stations through the central station.
You simply point the conf.php script on the web server to the right station for
each monitored link - to the central station or to a remote monitoring station.
Using the central station makes configuration in conf.php a little bit
simpler, but contacting the remote monitoring stations directly currently
provides faster response and is recommended.
III. MONITORING CARDS
Each remote monitoring station needs one or more network cards to capture
packets from monitored links. It can be regular NICs, DAG cards or COMBO cards.
Each card needs to be connected to on optical splitter or to a mirroring port
on a router or switch.
Two directions of one monitored link can be monitored by:
a) two ports on a multi-port monitoring card,
b) two single-port monitoring cards in one remote monitoring station,
c) two single-port monitoring cards in two remote monitoring stations.
This is configured in the ABW configuration file abw.conf. ABW gathers results
correctly and displays them in one graph (inbound traffic in the upper part
of the graph and outbound traffic in the lower part of the graph).
You can monitor only one direction of a link, in which case only upper
or only lower part of the graph is displayed and you can also mix both
directions together when using a mirroring port, in which case only upper
part of the graph is displayed and it includes both directions.
Each card needs to be connected to a monitored link using an optical splitter
or a mirroring port on a router or switch.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment