Simple traffic graphing

Enable SNMP on router

We are going to use MRTG to create traffic graphs of our (MikroTik) routers. For this to work, SNMP must be enabled on the routers. The next screenshots show you how to configure SNMP in RouterOS.

Important: What you see on the screenshots is not current best practice! You should enable and use both, authentication (SHA1) and encryption (AES). Don't use MD5 and DES, as they must be considered broken in a cryptographic sense. Additionally you should restrict SNMP access to certain hosts.

Don't forget that you also may need to create appropriate firewall rules to allow SNMP.

Installing and configuring MRTG

Next thing to do is installing MRTG. I'm using a Ubuntu linux for this task. Just type in the console:

sudo apt-get update && sudo apt-get install mrtg

After the installation, I recommend to remove the default cron entry created by the installation process. The default cron for MRTG is located in /etc/cron.d/mrtg. Simply move this file to a backup location:

sudo mv /etc/cron.d/mrtg /home/user/mrtg-cron.bkp

Next, create MRTG configuration files for the routers you want to monitor. In my case, I want to create a config for every router, so I'm as flexible as possible. For this task, I wrote a simple bash-script:

#!/bin/bash
# filename create-mrtg-config.sh IP=$1 echo "Creating config for IP $IP" cfgmaker --show-op-down \ --no-down \ --zero-speed=1000000000 \ --global "LogDir: /var/www/htdocs/mrtg/log" \ --global "ImageDir: /var/www/htdocs/mrtg/img" \ --global "HtmlDir: /var/www/htdocs/mrtg" \ --output /etc/mrtg/$IP.new public@$IP sed 's^WorkDir: /var/www/mrtg^#WorkDir: /var/www/mrtg^g' $IP.new > $IP.cfg rm $IP.new indexmaker --title="Traffic Statistics for $IP" --output=/var/www/htdocs/mrtg/$IP.html /etc/mrtg/$IP.cfg

Let's talk about the cfgmaker parameters. I quote the man page:

--no-down
do not look at admin or opr status of interfaces

--show-op-down
show interfaces which are operatively down

--zero-speed=1000000000
use this speed in bits-per-second as the interface speed for all interfaces that return a speed of 0 via ifSpeed/ifHighSpeed. 100Mbps = 100000000
My addition: It is very important to define this parameter, otherwise, interfaces which are down don't get graphed because these interfaces report "0" as speed!

--global "LogDir: /var/www/htdocs/mrtg/log"
--global "ImageDir: /var/www/htdocs/mrtg/img"
--global "HtmlDir: /var/www/htdocs/mrtg"
Use /var/www/htdocs/mrtg/log as directory for storing the collected (raw) data.
Use /var/www/htdocs/mrtg/img as directory for stroting the graph images.
Use /var/www/htdocs/mrtg as directory for storing the HTML files.

--output /etc/mrtg/$IP.new public@$IP
Set the global output directory and finally the community and IP to query via SNMP.

The indexmaker finally creates the HTML-Index using the specified configuration.

If you're wondering about the sed line: The cfgmaker-script shipped with Ubuntu's MRTG automatically adds a WorkDir parameter in the config which I do not want. The sed line only adds a # to comment this out, so it does not affect my manually set parameters for the different directories.

Okay, now you can type

sudo ./create-mrtg-config.sh 10.10.1.1

to create a new MRTG configuration and the HTML index file. Of course you need to allow execution of the script and to adapt the IP.

Creating the graphs

Assuming you created a MRTG config file /etc/mrtg/10.10.1.1.cfg, you now can run

sudo env LANG=C mrtg /etc/mrtg/10.10.1.1.cfg

If you take a look in /var/www/htdocs/mrtg/log

sudo ls -lisha /var/www/htdocs/mrtg/log

you'll see that there are freshly created files containing the collected data.

Serving the graphs

The HTML files are now located in /var/www/mrtg. To serve them, you'll need a webserver. I'm using nginx for this purpose. You can install nginx by typing

sudo apt-get update && sudo apt-get install nginx

Because nginx does not serve content in /var/www, you need to edit the "root" parameter in /etc/nginx/sites-available/default

root /var/www

That's it. After typing

sudo service nginx restart

you should be able to access http://your-ip/mrtg/10.10.1.1.html

Go back

My Whishlist

If the information I provided was helpful to you, I would really appreciate if you have a look on my Amazon whishlist.

I'm not begging for anything and I will continue to share my knowledge but of course I would be really happy to see some packages arriving ;-)