Hi,
I got some helpful answers on my question, but i had no time to test them all
until now. But it seems, according to David Robson and others, that gathering
the information that i am interseted in will be a problem with a switch.
The switch seems to know only about the total traffic on each port, but
not about the traffic between different machines.
tcpdump, snoop or cmu-smtp are exactly NOT what i want. For this reason,
tools build on top of these cannot be what i want.
In fact, i have tried only MRTG until now, but even this is not, what i
wanted to have. I wanted to get a real time graphical display of all computers
and the traffic between them.
I do not want to see/examine each paket, but only a graphical summary of
the network load. And i do not want to get a graph which shows the average
load of my switch or it's ports but of ALL connections (n machines --> n**2
possible connections).
Netscarf could be nice, but requires a WWW server to run it's admintool - why
the hell do i have to setup a WWW server just to view my network ?
If i have more free time, i will have a look at some other programs (in the
last time, i had - as usual - other things to do...)
Thanks to all who have replied. Their answers are listed below.
BTW: Apologies for the long delay of this SUMMARY...
Stefan
ORIGINAL POSTING:
-----------------
Hi,
in the past, we have used etherman (from curtin university, australia) to
monitor the network traffic in our LAN.
Now we have switched to a 10/100 MBit autosensing switch (BayStack 350T),
plugged fast ethernet cards in some of our machines and have switched from
thinwire to twisted pair.
The performance improvement is nice, but there is now one problem: etherman
sees only the traffic on the local interface (of course - it cannot look
inside the switch). So it became useless for me.
I have tried cmu-snmp, but the output of this program is only ASCII and
very confusing.
So i am looking for a graphical network monitor (commercial or free), which
can work with our switch. Any suggestions ?
ANSWERS:
--------
David Robson <robbo@box.net.au>
Using a switch will always be a problem for monitoring. I suspect you need
to get your data from the switch itself...
Jochen Bern <bern@TI.Uni-Trier.DE>
tkined (Though it only shows the total Interface Load of a Node ...)
Andy Lee <andrew.lee@research.natpower.co.uk>
http://www.ee.ethz.ch/~oetiker/webtools/mrtg/pub
holmberg@ihs.com (Tom Holmberg)
You should check out Frontier Software's Netscout. It will do everything
you are looking for. 508-244-4440, Chelmsford, Ma ,USA
Benjamin Cline <benji@hnt.com>
You could try scion/netscarf, available from http://www.merit.edu/~netscarf
17phil@edp.ird.govt.nz (Philip Plane)
Have a look at xsnmp. It's a graphical network monitor built on top of
cmu-snmp. I haven't used the snmp stuff in it myself, just the host
monitoring. No idea where the distribution comes from, but I've seen
it included with some Linux distributions so the source should be easy
to find.
hsie@al.noaa.gov (Eirh-Yu Hsie)
Try Scotty Tcl extension, a Tcl extension to build network management
applications using Tcl (and Tk). The scotty extension provides new Tcl
commands to
- send and receive ICMP packets
- query the Domain Name System (DNS)
- access UDP sockets from Tcl
- probe and use some selected SUN RPCs
- retrieve and serve documents via HTTP
- send and reveice SNMP messages (SNMPv1, SNMPv2USEC, SNMPv2C)
- write special purpose SNMP agents in Tcl
- parse and access SNMP MIB definitions
- schedule jobs that are to be done regularly
and for some OSI-folks there is some optional code to
- parse and access GDMO MIB definitions
- invoke CMIP operations based on the osimis/isode toolkit
You will find the latest version of these packages at ftp://ftp.smli.com/
and many mirror sites around the globe. Note, this scotty/tkined version
will most likely not work with later versions of Tcl and Tk.
CMU original location
ftp://ftp.sei.cmu.edu/pub/argus-1.5
COAST -- Computer Operations, Audit, and Security Technology
http://www.cs.purdue.edu/coast/archive/data/categ50.html
JANET -- Joint Accademic Network CERT
http://www.ja.net/CERT/JANET-CERT/SOFTWARE.html
sniffit - fairly obvious what this does
http://reptile.rug.ac.be/~coder/sniffit/sniffit.html
MRTG (Multi Router Traffic Grapher)
http://www.ee.ethz.ch/~oetiker/webtools/mrtg/mrtg.html
http://presto.tamucc.edu/LAN (examples of some graphs)
SCOTTY
http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/
tcpdump - Akin to SNOOP
Commercial Tools: HP Netmetrix
Network General's Network Analyzer (PC)
blymn@baea.com.au (Brett Lymn)
If you have deep pockets you can get Optivity which comes from
BayNetworks - this package is an add on to Sun Net Manager (and some
other network management stations) that allows you to do all sorts of
nice things to your Bay gear - like pull a front panel view. I
suspect it may be an overkill for what you have though.
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:58 CDT