\documentclass{ictlab} % Copyright (c) 2003 by Nick Urbanik . % This material may be distributed only subject to the terms and % conditions set forth in the Open Publication License, v1.0 or later % (the latest version is presently available at % http://www.opencontent.org/openpub/). \RCS $Revision: 1.9 $ \usepackage{verbatim,key,alltt} \usepackage[hang,bf,nooneline]{caption2} \ifx\pdftexversion\undefined \else \usepackage[pdfpagemode=None,pdfauthor={Nick Urbanik}]{hyperref} \fi \newcommand*{\labTitle}{Lab Test: Using Cricket to Monitor Network Traffic} \providecommand*{\SNMP}{\acro{SNMP}\xspace} \providecommand*{\MIB}{\acro{MIB}\xspace} \providecommand*{\ID}{\acro{ID}\xspace} \providecommand*{\OID}{\acro{OID}\xspace} \providecommand*{\FAQ}{\acro{FAQ}\xspace} \providecommand*{\RPM}{\acro{RPM}\xspace} \providecommand*{\MRTG}{\acro{MRTG}\xspace} \providecommand*{\CPAN}{\acro{CPAN}\xspace} \providecommand*{\RRD}{\acro{RRD}\xspace} \providecommand*{\COUNTER}{\texttt{COUNTER}\xspace} \providecommand*{\GAUGE}{\texttt{GAUGE}\xspace} \providecommand*{\DERIVE}{\texttt{DERIVE}\xspace} \providecommand*{\ABSOLUTE}{\texttt{ABSOLUTE}\xspace} %\providecommand*{\}{\acro{}\xspace} \renewcommand*{\floatpagefraction}{0.75} % default is .5, to increase % density. \renewcommand*{\bottomfraction}{0.6} % default is 0.3 \renewcommand*{\topfraction}{0.85} % default is 0.7 \renewcommand*{\textfraction}{0.1} % default is 0.2 \begin{document} Your task is to configure Cricket to monitor network traffic in and out of your own computer. To do this, you will need to have the agent running on your machine, configured with access to the Mib-2 tree. You should have done this already; the process is described in the handout entitled \emph{SNMP Agent and the Set Operation}\@. You should provide at least one graph, with meaningful labels. You should be able to explain what you did and why. You have to the end of this class to complete the exercise. Note that this exercise mainly involves configuring a data source for Cricket\@. The reference manual for Cricket is helpful. I am reproducing the information about types of data source that Cricket uses. \texttt{rrd-ds-type} Default value: \texttt{GAUGE} The \texttt{DS} type is used by \texttt{RRD} to know how to interpret the numbers fetched from this datasource. There are three possibilities: \begin{description} \item[\GAUGE] The measurement will be directly copied into the \texttt{RRD} datafile without any extra processing. Examples of this type of measurement include readings from thermometers, percent disk space free, etc. \item[\COUNTER] The measurements from \COUNTER datasources will be treated like SNMP counters. An \SNMP counter increases monotonically until a fixed wrap-around point (usually either $2^{31}-2$ or $2^{63}-2$, depending on the size of the data type). To convert a \COUNTER measurement into a rate (for instance, ``count of octets'' to ``octets per second'') \RRD subtracts the previous value from the current one, and adjusts for any wraparound conditions. Any \SNMP variable which is marked with the \SNMP ``\COUNTER'' data type would normally have its \texttt{rrd-ds-type} set to \COUNTER, but unless your datasource guarantees a monotonous increase, it is better to use \DERIVE with an \texttt{rrd-min} of zero. \item[\DERIVE] \DERIVE is like \COUNTER, but there is no overflow check, so negative rates are possible. This datasource type would be useful when you have a count of something (which may increase and decrease), and you want to graph the rate of change. With an rrd-min of zero, the \DERIVE datasource type acts like \COUNTER, except that negative samples are treated as unknown. Handling \SNMP \COUNTER{}s in this fashion helps reduce the occurrence of spikes in the graphs. Negative values can result from restarting the device or implementation errors in its \SNMP agent, and are common enough to really recommend using \DERIVE rather than \COUNTER. %% \item[\ABSOLUTE] \ABSOLUTE is for \COUNTER{}s which get reset upon %% reading. Some \SNMP variables have this property. Using \ABSOLUTE %% instead of \COUNTER tells \RRD to compute the rate assuming the %% value is an absolute count of octets (or whatever) during the last %% polling period. \end{description} The datasource type names are case-insensitive. They are passed directly through to \RRD when the \RRD file is created. If the datasource type is changed later, you must use rrd-tune to apply the change to the underlying \RRD file. For more information about them, consult the \RRD documentation for the create command. Please note that I have revised the first Cricket document quite a lot, with some useful description of the way that Cricket works, and its configuration. \end{document}