Top free open source tools for network admins: RANCIDWe've all had that horrible sinking feeling in the pit of our stomachs when we've copied and pasted a new config into a router or switch and it stops responding. Did I remember to back up my old config before I uploaded the new one? How late will I be staying up tonight to fix this mess?
RANCID (Really Awesome New Cisco confIg Differ) is a versioning system for your switch and router configs. It uses either CVS or Subversion to store each new version of your configuration files. As it gathers and stores the configs for each of your devices, it runs a diff against the previous version to see what, if any, changes have been made. When it detects a change, it sends out an email with the details of that change to an address of your choosing. With RANCID, you'll know whenever a change has been made by your NOC team.
Because RANCID runs via a crontab entry, you can control how often it logs in and checks your configurations. If you are a stable shop and rarely make changes, you might have RANCID check once a day. If you are a more dynamic NOC and make changes frequently, you can set RANCID to check hourly or as often as is appropriate for your company.
One of the neat features of RANCID is that it includes a looking-glass server. You can take a quick peek at all the routes in your organization and search for any elements that are out of sorts when you suspect a routing problem on your network.
RANCID supports gear from most of the big networking vendors, including Cisco, HP ProCurve, Juniper, Foundry, and several others. It is known to work on Linux, BSDs, Mac OS X, and Solaris.
Top free open source tools for network admins: OpenNMS and CactiOpenNMS has a place in every enterprise. It's a highly scalable network monitoring system that is completely open source software. A single server can monitor hundreds of thousands of network interfaces and produce nice graphs for metrics such as bandwidth usage, CPU, memory, and more.
You can set thresholds that indicate when a device is busy or down and receive a notification via email, SMS, IM, and so on. Of course you can have separate logins for each of your NOC team, and you can set up an on-call schedule so that notifications go only to on-duty team members. OpenNMS also has an escalation handler, so if the level-one NOC techs don't take care of an issue right away, an engineer or manager can be notified to oversee issue resolution.
The Cacti graphing solution makes a good complement to OpenNMS. Although OpenNMS has the same graphing capabilities, Cacti's more intuitive Web UI allows nontechnical staff to build and manage collections of graphs that are interesting to them. For example, you could configure Cacti to graph data from your (SNMP-capable) HVAC controllers, and your facility maintenance team members could log in to Cacti and build custom views that display only the data they need to see. If one is watching fan rotation speed and another is tracking electrical power draw, they wouldn't have to view each other's data.
You can organize Cacti's graphs into trees, similar to the old Microsoft file system viewers used to display files in a directory structure. And with individual logins for each staff member, everyone gets their own view settings saved under their login.
Top free open source tools for network admins: My TraceRouteMy TraceRoute (MTR) is not quite as useful as it once was. MTR relies on ICMP packets to judge network latency -- and ICMP are the first packets modern routers will drop in favor of more important data traffic when they get too busy. However, I still find MTR a great tool for troubleshooting network links that traverse multiple routers. Specify a destination, and MTR shows you a list of routers that your traffic passes through on the way (as well as the destination itself) and the results of a continuous ping to those routers.
MTR updates the statistics of the pings as it runs, so you can see which routers are slow to respond or which are dropping a significant number of ping requests. The results include the percentage of lost packets, the response times from each router (average, best, and worst), and the standard deviations for those times. How many times have you heard a user complaining "the Internet is slow," only to discover that the problem is a particular website or provider upstream from your office? MTR is a great way to see whether there really is a problem and to get a quick idea of where the problem resides.
One of MTR's more commonly used command-line options is -n, which stops MTR from doing reverse DNS lookups on the IP addresses of the routers it pings. This is handy when you're having DNS problems and don't want to wait for the lookups to timeout. Another useful option is -r, which issues a single summary report after running a certain number of pings (specified by the -c option) to each router. This can be used with scripts to build regular reports to be printed, emailed, or even inserted into a Web page.
Top free open source tools for network admins: PHP WeathermapSometimes you want the 10,000-foot overview of your network traffic. PHP Weathermap provides exactly that. It shows a logical map of your routers and the links between them, using different colors to indicate how busy each link is. PHP Weathermap is a good complement to an application such as Cacti or OpenNMS.
PHP Weathermap does not handle its own data collection, so you'll need to pair it with another application such as Cacti, OpenNMS, MRTG, or RRDtool. PHP Weathermap has a plug-in that helps it integrate into Cacti, with some options available in the Cacti preference panels.
You will need to edit the map config files to adjust the appearance of your maps. You can do this by hand, though PHP Weathermap offers a GUI editor that runs within a Web browser. You can use the editor to create your nodes (routers and switches) and links, as well as produce a functioning map.
When you're ready for manual tweaking, you can add custom background images to the map and insert custom icons for your routers. You can also add subnodes, which allow you to display more information within the router's icon, such as CPU or memory usage. You can also insert parallel links or bonded links between routers.
Through further tweaking of config files, you can fine-tune the placement of router icons and the map's legend. If you have a more complicated map with plenty of router icons, you can create curved link lines between your router icons to help keep the map readable and less cluttered or cramped.
Top free open source tools for network admins: NtopNeed an sFlow or NetFlow collector to get a thorough look at your data traffic flows? Ntop will take NetFlow or sFlow data from popular switches and routers and display it in a Web GUI, complete with clickable links that take you to details about particular hosts or protocols or to actual conversations and flows.
There are interesting features to Ntop's output, such as identifying workstation users by their email addresses and (passively) detecting the operating systems of network hosts through packet analysis. Ntop will break down traffic volume on a per-protocol basis, helpful for comparing the traffic your network actually has to what you think it should have.
Ntop can give you a list of IP protocols, sortable by protocol type, as well as lists of traffic sources and destinations. Ntop also creates a matrix table of IP traffic, so you can see who is talking to whom and how much data is being passed between the two. Of course, data is not as useful if you cannot sort it. Ntop allows you to sort on both the traffic source and the destination.
Platforms supported include Windows and all major Unix types, such as Linux, the BSDs, Solaris, and Mac OS X. Although resource usage will vary by network size and the configuration options that you choose, Ntop should be very light on modern workstation and laptop hardware. Ntop's Web UI accepts multiple HTTP usernames and passwords, so each member of your NOC team can have individual access, and you can force Ntop to work with HTTPS.
Ntop supports a wide range of network protocol types, IP protocol types, and even network media types. There is support for several VoIP protocols, including Cisco SCCP, Asterisk's IAX protocol, and of course SIP. Ntop can even do protocol decodes on most common IP protocols. If you want the information for later retrieval and analysis, Ntop can record its network traffic data to RRD-style files on a disk.
This article, "Top 10 free open source tools for network admins," was originally published at InfoWorld.com. Follow the latest developments in networking and open source at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.
Read more about networking in InfoWorld's Networking Channel.
This story, "Top 10 free open source tools for network admins" was originally published by InfoWorld.