With Linux in your data centers, you value the ability to monitor different network protocols on your servers. With this gathered information, you can troubleshoot issues or tweak your servers such that they outperform the original specs. Most Linux administrators might recall ntop. It was the de facto standard, text-based tool for monitoring network protocols. That tool has been deprecated, in favor of ntopng (aka The Network Time Protocol Reference Implementation, refactored, the Next Generation). This particular tool takes ntop to the next level, by giving it a web-based interface that is exponentially more powerful and easier to use. I’m going to walk you through the process of installing ntopng on the Ubuntu Server 16.04 platform. The process does require you to install via the command line, so be prepared to type a bit, or copy and paste.
We’ll be installing the stable build, as opposed to installing the outdated version from the standard repository. The steps for this are as follows:
- Open a terminal window.
- Download the repository information by issuing the command wget http://apt-stable.ntop.org/16.04/all/apt-ntop-stab…
- Install the repository with the command sudo dpkg -i apt-ntop-stable.deb
- Clean apt repositories with the command sudo apt-get clean all
- Update apt with the command sudo apt-get update
- Install the application with the command sudo apt-get install ntopng
Make sure the ntopng service is running with the command sudo systemctl start ntopng.
That’s all there is to the installation.
Next we must instruct ntopng which network interface to monitor and the listening port. This configuration is optional. If you opt to leave the default ntopng configuration, it will listen on all interfaces. If you want to specify which interface/port the service uses, issue the command sudo nano /etc/ntopng/ntopng.conf. In that file, you’re going to set those options by commenting out (removing the leading #) and configuring them to meet your needs:
For example, those two lines might look like:
Once you’ve taken care of that, save and close the file. Restart ntopng with the command sudo systemctl restart ntopng.
You might also need to open up your firewall, so that port 3000 can be reached. To do that, issue the command:
sudo ufw allow 3000
Point a web browser (one on the same network as your ntopgn server) to http://SERVER_IP:PORT (Where SERVER_IP is the IP address of your server and PORT is the port number you assigned to the service. You will be immediately asked to change the password for the ntopng admin user (the admin username is admin). Once you’ve logged in, you can start viewing your ntopng dashboard (Figure A), where you’ll get real-time data about your server and devices communicating with said server.
As ntopng starts to pick up traffic flow, you can double-click on one of the local talkers or remote destinations to get more information about the traffic or the device. You can then click on any entry in the top menu bar to check on host, device (Figure B), and interface traffic.
That’s all there is to getting a powerful network protocol monitor up and running on your data center Ubuntu server. Give ntopng a spin and see if doesn’t offer you the exact networking information you were looking for.