[mrtg] Re: MRTG tunneling
lars.holmstrom at flysta.net
Fri Nov 16 21:35:53 MET 2001
this is a problem very similar to what I have in one location. I need to extract
diskdata, CPU etc. on a remote machine, without enabling SNMP and did not like to
start a ftpserver either.
Since I am not intrested in very accurate timings, but rater trends for the remote
machine(s) I use the folloing method ;
First I extract the data on the remote machine I need for MRTG on the local host
by executing a few scripts via crontab. The files are sent to a directory of the
WEBserver on the remote machine. I fetch the files via an external script in MRTG
and MRTG get all its data with a delay of up to a maximum of 5 minutes. In your
case I would replace my "HTTP GET" with a TCP session that can either be left open
or opened every time you need the data.
Robert Gahl wrote:
> At 07:58 AM 11/16/2001 -0800, Dave Williams wrote:
> > MRTG indeed uses UDP (SNMP Port 161) and I am pretty certain the SNMP agent
> >running on the routers/workstations cannot be changed to use TCP. I suspect
> >your firewall rules are setup to allow TCP packets that are established by
> >"trusted" hosts to have bidirectional communication with "unstrusted" hosts.
> >What you need is firewall software that uses "stateful" rules allowing SNMP
> >Replies from "untrusted" hosts to pass through the firewall in response to a
> >SNMP Get request from a "trusted" host. Most enterprise firewall products
> >can do this. Hope this helps.
> And Lars Holmstrom earlier wrote:
> >My understanding is that MRTG it self does not use either UDP or TCP. It is
> >rather a question for what MRTG is calling. If you for example use a standard
> >TARGET based on SNMP you call the module in
> >This specific module uses UDP to port 161.
> >But you may use MRTG and call any pther program. This program may use TCP
> >for its communication.
> First off, thanks! Both ideas give me a direction to pursue. Just to
> illumine the question a bit, I am using MRTG to talk to the Foundry
> hardware and it works just fine. The problem is that I have a NAT'd network
> behind the ServerIron's and there are several pieces of Sun hardware back
> in there. I'm trying to gather disk usage, paging, CPU and Oracle database
> stuff from them. I believe (but don't quote me) that I can redirect TCP
> inbound on the ServerIron's (we do this for things like SSH, etc.) but not
> UDP, which I would have to do in order to talk to the equipment running
> behind the Foundry. So, one of the engineers asked me about the possibility
> of using TCP rather than UDP to talk to the Sun's.
> Again, thanks for the feedback. If you have anything else to add (based on
> what I've told you so far), I'm all ears! :)
> Bob Gahl Bicycle (Ryan Vanguard) Mobile || @
> ARPA/Internet: bgahl at fireclick.com || !_ \
> URL: http://www.fireclick.com/ || (*)-~--+--(*)
> "If you're trying to be politically correct you're like a chameleon
> in front of a mirror. What can you say that won't be offensive to
> somebody?" Robin Williams
> Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
> Archive http://www.ee.ethz.ch/~slist/mrtg
> FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
> WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
More information about the mrtg