Saturday, December 11, 2010

How To Monitor Network with Ntop on Ubuntu 10.04 and Mikrotik


Install Ntop

$sudo apt-get install ntop

Next, Configure Ntop

Set Admin Password

$sudo ntop --set-admin-password

Restart Ntop Service

$sudo /etc/init.d/ntop restart

Then check if your ntop already running by visiting

http://[your_ntop_server_ip]:3000 (without [ ])

Next, we configure ntop to receive Mikrotik's traffic flow

Select Menu: Plugin -> NetFlow -> Activate
Select Menu: Plugin -> NetFlow -> Configure
Edit the Netflow Name = Mikrotik (activate)
Edit Local Collector UDP Port = 2055
Edit Virtual NetFlow Interface Network Address = [your_mikrotik_ip_in_cidr_format]
Select Admin -> Switch Interface -> Select Mikrotik
If your ntop service is up and running, next step is to configure mikrotik.

Enable traffic-flow on mikrotik by following these steps below:

[admin@Mikrotik] > /ip traffic-flow
[admin@Mikrotik] /ip traffic-flow> set enabled=yes
[admin@Mikrotik] /ip traffic-flow> print
enabled: yes
interfaces: all
cache-entries: 4k
active-flow-timeout: 30m
inactive-flow-timeout: 15s
[admin@Mikrotik] /ip traffic-flow> target
[admin@Mikrotik] /ip traffic-flow target> add address=[your_cacti_server_ip]:2055 \
\... version=9
[admini@Mikrotik] /ip traffic-flow target> print
Flags: X - disabled
# ADDRESS VERSION
0 [your_cacti_server_ip]:2055 9
[admin@Mikrotik] /ip traffic-flow target> print
Flags: X - disabled
# ADDRESS VERSION
0 [your_cacti_server_ip]:2055 9

After a while your ntop will began collecting data from Mikrotik traffic Flow. Done!

*Update:

It seems that the current version of libpcap in Ubuntu 10.04 has bug in it. So I need to manually upgrade to the new version (libpcap-dev_1.1.1-2_all.deb)

References:
  • http://fisikaunud.wordpress.com/2008/10/08/network-monitor-ntop-di-windows-dengan-mikrotik/
  • http://www.mikrotik.com/testdocs/ros/2.9/ip/traffic-flow.php
  • https://help.ubuntu.com/community/Ntop

5 comments:

Anonymous said...

Thanks

Anonymous said...

1million X thanks !!!!

Anonymous said...

I was having trouble with limited data reporting in Ntop, not all statistics showing up. Your solution regarding libpcap-dev_1.1.1-2_all.deb fixed the problem. Thank you! Found a copy here: http://wahoo.canonical.com/pool/main/libp/libpcap/

Anonymous said...

when I enter the IP on the 'Virtual NetFlow Interface Network Address "after I set its IP number is not showing why? but even so the '0 .0.0.0 '

koi singh said...

nice review, thanks for share


Gclub
บาคาร่า