Networking

Real time network topology and traffic flow with Etherape

Jack Wallen shows you how to use the Etherape network monitoring tool for UNIX and UNIX-like OSs.

There are numerous reasons why you would want to watch your network topology or the flow of traffic on your network. Say you are experiencing a bandwidth bottleneck. What is causing that bottleneck? Is it a particular user? A machine gone awry? How do you find out what is happening without having to walk around to every single machine on your network? Easy. The Etherape network monitor gives you a real-time graphical display of your network and the flow of traffic. Using this tool you can easily pinpoint suspect machines. Let's take a look at exactly how you can use this tool to troubleshoot networking issues.

Installation

Etherape is only available for UNIX and UNIX-like OSs (such as Linux and even OS X). In order to use Etherape you will need:

  • libpcap
  • GTK+
  • Libglade 2
  • GNOME
  • Standard resolver library (name depends upon OS)

If you are using a modern Linux distribution, installation is quite simple. Just open up your package manager, search for etherape, mark Etherape for installation, and click Apply to install.

To install on OS X take a look at the Darwinports Page for Etherape for downloads and instructions for installation.

Once it is installed you will find Etherape in Applications | System Tools (in the GNOME desktop). You will find, however, that running from the menu will not work as Etherape needs admin privileges in order to make use of the network connection. So instead of running Etherape from the menu, open up a terminal window and issue the command etherape with admin privileges. NOTE: If you are using Ubuntu, that command will be sudo etherape. If you are using a distribution that does not make use of sudo you will first need to su to the root user and then issue the command etherape.

Usage

When Etherape starts up you will instantly see traffic flow in a graphic window (see Figure A). As traffic flows across your network, the real-time image will update. Figure A

As you can see, last.fm is using up quite a bit of bandwidth.
As your network traffic patterns ebb and flow, Etherape will instantly update those patterns in the windows shown in Figure A. But let's say you want to get a clearer picture of what an individual machine is doing. To do that, click View | Nodes (in the Etherape main window), which will open up the Nodes window (see Figure B).

Figure B

Here you see statistics for individual nodes on the network.

The machine that was shown using the last.fm traffic appears as jack-ubuntu in the Nodes listing. This window shows the current traffic, accumulated traffic, last heard packet, how many packets have been exchanged, as well as the name and address of the node.

If you need to check to see what protocols are sucking up the most of your bandwidth, click View | Protocols. This window (see Figure C) allows you to see if one particular protocol is killing your network.

Figure C

The protocol listing also shows the associated port.

Now that you have collected all of the necessary information on any network issues you are having, you can easily act accordingly. Without the help of a tool like Etherape, this task would be far more challenging.

Final thoughts

The only thing that Etherape is missing is the ability to save and review dumps for later examination. Otherwise, Etherape is one of the best (and most user-friendly) network monitoring tools you will find. Have you tried Etherape? If so, what was your experience? Did this monitoring tool help you resolve a network issuing that was previously plaguing you? If it did not help what did? Share your thoughts with your fellow TechRepublic readers.

About

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website jackwallen.com.

Editor's Picks

Free Newsletters, In your Inbox