[mrtg] Re: MRTG tunneling

Lars Holmström lars.holmstrom at flysta.net
Fri Nov 16 21:35:53 MET 2001 

Bob,

this is a problem very similar to what I have in one location. I need to extract
diskdata, CPU etc. on a remote machine, without enabling SNMP and did not like to
start a ftpserver either.

Since I am not intrested in very accurate timings, but rater trends for the remote
machine(s) I use the folloing method ;

First I extract the data on the remote machine I need for MRTG on the local host
by executing a few scripts via crontab. The files are sent to a directory of the
WEBserver on the remote machine. I fetch the files via an external script in MRTG
and MRTG get all its data with a delay of up to a maximum of 5 minutes. In your
case I would replace my "HTTP GET" with a TCP session that can either be left open
or opened every time you need the data.

/Lars


Robert Gahl wrote:

> At 07:58 AM 11/16/2001 -0800, Dave Williams wrote:
> >  MRTG indeed uses UDP (SNMP Port 161) and I am pretty certain the SNMP agent
> >running on the routers/workstations cannot be changed to use TCP.  I suspect
> >your firewall rules are setup to allow TCP packets that are established by
> >"trusted" hosts to have bidirectional communication with "unstrusted" hosts.
> >What you need is firewall software that uses "stateful" rules allowing SNMP
> >Replies from "untrusted" hosts to pass through the firewall in response to a
> >SNMP Get request from a "trusted" host.  Most enterprise firewall products
> >can do this.  Hope this helps.
>
> And Lars Holmstrom earlier wrote:
>
> >My understanding is that MRTG it self does not use either UDP or TCP. It is
> >rather a question for what MRTG is calling. If you for example use a standard
> >TARGET based on SNMP you call the module in
> ><MRTGpath>/lib/mrtg2/SNMP_session.pl
> >
> >This specific module uses UDP to port 161.
> >
> >But you may use MRTG and call any pther program. This program may use TCP
> >for its communication.
>
> First off, thanks! Both ideas give me a direction to pursue. Just to
> illumine the question a bit, I am using MRTG to talk to the Foundry
> hardware and it works just fine. The problem is that I have a NAT'd network
> behind the ServerIron's and there are several pieces of Sun hardware back
> in there. I'm trying to gather disk usage, paging, CPU and Oracle database
> stuff from them. I believe (but don't quote me) that I can redirect TCP
> inbound on the ServerIron's (we do this for things like SSH, etc.) but not
> UDP, which I would have to do in order to talk to the equipment running
> behind the Foundry. So, one of the engineers asked me about the possibility
> of using TCP rather than UDP to talk to the Sun's.
>
> Again, thanks for the feedback. If you have anything else to add (based on
> what I've told you so far), I'm all ears! :)
>
> ===
> Bob Gahl Bicycle (Ryan Vanguard) Mobile ||     @
>    ARPA/Internet: bgahl at fireclick.com    ||  !_ \
>      URL: http://www.fireclick.com/      ||  (*)-~--+--(*)
> "If you're trying to be politically correct you're like a chameleon
> in front of a mirror. What can you say that won't be offensive to
> somebody?" Robin Williams
>
> --
> Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
> Archive     http://www.ee.ethz.ch/~slist/mrtg
> FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
> WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi


--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi

More information about the mrtg mailing list