Network Resource Grapher (NRG) graphs performance trends on Simple Network Management Protocol (SNMP) enabled devices. NRG is a high reliability application written in Perl that is easier to install and configure than the venerable Multi-Router Traffic Grapher (MRTG) and it is also far more efficient because graph data is stored using RRDtool, which stores graph data very compactly and only generates graphs when a user clicks a link to view them. NRG was written by Steve Rader who developed it to replace MRTG for WiscNet.
In Part 1, we’ll install and configure NRG and demonstrate graphing an Ethernet switch or router. In Part 2 we’ll cover some NRG and SNMP advanced topics that will enable you to graph any device.
This section covers installing and configuring NRG and supporting software.
You may install the MacPorts package manager with these instructions, which include instructions for installing XWindows (X11). Follow the instructions carefully and perform all non-optional steps.
It is necessary to run NRG and Apache as the same user because graph images are created from RRD files "on the fly" when a graph link is clicked, therefore Apache must have sufficient permissions to create graph images. The default Apache user and group for OS X is “www”, so you may either run NRG as user “www”, or you may also create a new user for NRG in the Accounts preference pane in your Mac's System Preferences and set Apache to run as that user. As long as you run NRG as the same user as the Apache user, NRG will work fine.
NRG requires some special settings for the web server. Open Apache's httpd.conf file in a text editor and perform the following steps. If you are using Apple's built-in Apache, that file is /etc/httpd/httpd.conf. If you've installed another version of Apache the file will be in a different location.
Make a backup copy of httpd.conf.
%%cd /etc/httpd%%sudo cp httpd.conf httpd.conf.orgThen open the httpd.conf file in a text editor and uncomment these lines.
AddHandler cgi-script .cgi LoadModule expires_module libexec/httpd/mod_expires.so AddModule mod_expires.c
Add these directives.
<Directory /Library/WebServer/Documents/nrg> Options ExecCGI </Directory
<Files "*.gif"> ExpiresActive On ExpiresDefault M5 </Files>
Put your Mac’s DNS name in the ServerName parameter. This is optional, but it is a good idea.
ServerName bigmac.mycompany.com
Set the Apache user and group to the user you chose to run NRG. If you chose user and group “www” no changes need to be made.
User <nrg-user> Group <nrg-group>
Start Apple's built-in Apache web server by turning on Personal Web Sharing in your Mac's System Preferences, or turn it off and on to restart it.
Install NRG with MacPorts and then configure it for use.
Using MacPorts, NRG and all its supporting software is installed with a single command.
%%sudo port install nrgRename the Site.mconf sample file so you can use it.
%%cd /opt/local/var/nrg%%sudo mv Site.mconf.sample Site.mconfSet the WEB_PREFIX and WebRootDir variables in files /opt/local/var/nrg/Makefile and /opt/local/var/nrg/Site.mconf respectively to your Apache document root.
WEB_PREFIX = /Library/WebServer/Documents WebRootDir[*]: /Library/WebServer/Documents
Finally, make NRG and all associated files owned by the user designated for NRG.
%%sudo -s%%find /opt/local/var/nrg –print | xargs chown <nrg-user>:<nrg-group>%%exitFinally, create a symbolic link in your Apache document root (/Library/WebServer/Documents/ for Apple's built-in Apache) to the NRG data directory.
%%sudo ln -s /opt/local/var/nrg/web /Library/WebServer/Documents/nrg
To graph a network device, it must have its SNMP agent turned on and a community string set. Community strings function as a password for SNMP queries. On a Cisco switch, use the following command to enable read-only SNMP access.
switch22>snmp-server community <community-string> RO
Check to see if the device’s SNMP agent is responding by using OS X’s snmpwalk command to query the switch.
%%snmpwalk –v 2c –c <community string> <ip address>
Here are portions of an SNMP response from a Cisco switch.
SNMPv2-MIB::sysDescr.0 = STRING: Cisco Internetwork Operating System Software IOS (tm) C2950 Software (C2950-I6K2L2Q4-M), Version 12.1(22)EA3, RELEASE SOFTWARE (fc1) Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Tue 25-Jan-05 20:34 by antonino SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.9.1.325 SNMPv2-MIB::sysUpTime.0 = Timeticks: (659873562) 76 days, 8:58:55.62 SNMPv2-MIB::sysContact.0 = STRING: SNMPv2-MIB::sysName.0 = STRING: -2950 SNMPv2-MIB::sysLocation.0 = STRING: SNMPv2-MIB::sysServices.0 = INTEGER: 2 SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00 RFC1213-MIB::ifIndex.1 = INTEGER: 1 RFC1213-MIB::ifIndex.2 = INTEGER: 2 RFC1213-MIB::ifIndex.3 = INTEGER: 3 [ ... snip ... ] RFC1213-MIB::ifDescr.1 = STRING: "FastEthernet0/1" RFC1213-MIB::ifDescr.2 = STRING: "FastEthernet0/2" RFC1213-MIB::ifDescr.3 = STRING: "FastEthernet0/3"
NRG auto-discovery occurs when NRG can discover a device's network interfaces and automatically generate an appropriate .conf file for it, which generally works for most switches, hubs, and routers. You set devices to be auto-discovered in the /opt/local/var/nrg/Site.mconf file.
Use the “SomeSwitch” example from the top of the sample Site.mconf file as a template. Modify occurrences of “SomeSwitch” to a descriptive name for a switch or router as shown. Modify the TCP/IP address and community string appropriately.
WebRootDir[*]: /Library/WebServer/Documents NRGSubDir[*]: nrg ConfFiles: *.conf BucketMconfTargets: yes HashBucketSize: 0 RunScript: run-nrg # ------------ Switch Template ---------------- #Directory: /net/traffic #SomeSwitch: DISCOVER_ALL_IFACES public@10.0.73.10 #define(SOMESWITCH_IF, "SomeSwitch's Network Interface Data Table") #SomeSwitch-iface: DISCOVER_TABLE -title SOMESWITCH_IF /net/traffic/SomeSwitch #Directory: /net/errors #SomeSwitch: DISCOVER_IFACE_ERRORS public@10.0.73.10 #define(SOMESWITCH_ERR, "SomeSwitch's Network Interface Errors Data Table") #SomeSwitch-err: DISCOVER_TABLE -title SOMESWITCH_ERR /net/errors/SomeSwitch # ------------ Begin Switch Definitions ---------------- Directory: /net/traffic switch21: DISCOVER_ALL_IFACES public@1.2.3.4 define(SWITCH21_IF, "Switch21's Network Interface Data Table") switch21-iface: DISCOVER_TABLE -title SWITCH21_IF /net/traffic/switch21 Directory: /net/errors switch21: DISCOVER_IFACE_ERRORS public@1.2.3.4 define(SWITCH21_ERR, "Switch21's Network Interface Errors Data Table") switch21-err: DISCOVER_TABLE -title SWITCH21_ERR /net/errors/switch21
The first time NRG is run, a complete “rediscover” must be done (later you may want to use the faster “make update” –see below). Perform these commands to run NRG as user “nrg”.
%%cd /opt/local/var/nrg%%sudo –u nrg make rediscover%%sudo –u nrg make notify
Note
If you don’t run the "make” command as your designated NRG user, the RRD files will not be owned by the Apache user and you’ll get a permissions error when trying to view graphs in a browser. If this happens, just reassign the file ownership to the NRG user (the same as during install) with this command.
%%sudo -s%%find /opt/local/var/nrg –print | xargs chown <nrg-user>:<nrg-group>%%exit
Use this command to make a data collection run for your devices.
%%sudo –u nrg /opt/local/var/nrg/run-nrg(–d for debug)
When run-nrg finishes, it prints a status report. Here is a typical status report without the debug switch.
#-------------------------------------------------------------- run-nrg 754: started at Monday October 23 17:55:15 2006 10/23/06 17:55:15 (1077328515): processed 34 targets 10/23/06 17:55:15 (1077328515): gathered 102 datapoints 10/23/06 17:55:15 (1077328515): failed to gather 0 datapoints 10/23/06 17:55:15 (1077328515): logged 102 datapoints 10/23/06 17:55:15 (1077328515): failed to log 0 datapoints 10/23/06 17:55:15 (1077328515): elapsed time 00:00:08 (8 secs) run-nrg 754: finished at Monday October 23 17:55:23 #--------------------------------------------------------------
Jobs are scheduled via the Unix cron facility by inserting commands in a user's crontab file. There is a crontab for each user so we’ll use sudo to edit the NRG user's crontab file.
%%sudo –u <nrg-user> crontab -e
If you set the EDITOR shell variable during the MacPorts install, the editor you selected will open the crontab file. If you didn’t set this variable you may want to set it now because the default editor is a somewhat arcane editor called vi, which can be difficult for the uninitiated. To execute an NRG run script every five minutes and write a log file to /var/logs/run-nrg.log, enter the following entry into the NRG user's crontab file.
# Run NRG every 5 minutes & write to a log file /5 * * * * /opt/local/var/nrg/run-nrg >> /var/log/run-nrg.log
After run-nrg completes you may go to http://localhost/nrg to view your NRG web page. After nrg-run has been set to run via cron, you will begin to see graph data in the graphs after a few run-nrg runs have completed. NRG makes a web page for each interface containing five graphs. Each page contains a four-hour, last day, last week, last month, and graph. Below are screenshots of NRG pages for a single Ethernet switch.
Read Part 2 to learn advanced NRG and SNMP topics required to graph non-standard SNMP devices or devices that do not auto-discover properly, and also non-SNMP devices. If you still need assistance with NRG you should carefully check the documentation and/or consult the NRG mailing list.