Network monitoring is getting easier all the time, even for large networks. There are dozens of expensive commercial products, and even better dozens of Free and Open Source software programs. Today we're taking a look at OpenNMS, which I think is the best of the lot.
Network monitoring software falls into two general categories: keeping an eye on things, or keeping an eye on things and issuing alerts when something isn't working. OpenNMS, Nagios, Zabbix, mon, and Big Sister do both monitoring and alerting. MRTG, ntop, and IPTraf collect statistics and display them in various ways, but don't send alerts. If you just want pretty graphs to look at every so often, MRTG is the quickest and easiest. If you're looking for something to keep an eye on every possible system, service, or device, and to notify you of problems, consider OpenNMS even for small networks. It's no more difficult to install and set up than Nagios, and will gracefully scale up as large as you need.
OpenNMS lacks one feature a lot of network admins think is essential: a graphical network maps generator. If you must have maps, there are all kinds of network map generators available, from the free Cheops-NG to Internode Nodemap to expensive commercial mappers. I'm not convinced that graphical maps are all that useful, especially as your network grows. They tend to not be reliable and to need a lot of manual tweaking to be accurate. But those who must have maps have a lot of choices, so I don't consider it to be a fatal flaw.
What is OpenNMS?
If you're into industry awards, OpenNMS won the Gold Medal in the SearchNetworking.com 2007 Product Excellence awards. It triumphed over HP OpenView and IBM's Tivoli, which puts it in elite company. In fact the OpenNMS developers target OpenView and Tivoli as the products to beat, so you know they're aiming high.
The OpenNMS team are committed to keeping OpenNMS licensed under the GPL, and not using the dual-license dodge. There are two releases: stable and development. You won't find a dumbed-down free version lacking essential features, or an expensive separate commercial version with the goodies you really want. They don't play silly games with the source code, like making it available only on CD/DVD at an inflated price, so it is readily available.
How do they make money? By selling support services and custom development. OpenNMS.org is their GPL and download site. OpenNMS.com is their commercial site. You can find everything from one-shot installation help, to staff training, to ongoing maintenance and services. Their pricing compares favorably to the big-time commercial products, which run into the tens of thousands of dollars in the blink of an eye just for software licenses, never mind support services.
A big plus, as we all know, from using any open-source application is not having to wait on an unresponsive vendor for bug and security fixes, because if all else fails, you can take matters into your own hands. The OpenNMS team are pretty responsive, so it's unlikely you'll have to do that. They accept patches from anyone, so don't be shy about submitting your own code. (It goes through a review process; it's not just lumped in with everything else.)
OpenNMS relies completely on SNMP, so as long as your network hosts are running an SNMP agent you never have to leave your underground network administrator lair. After installation, all it needs is a couple of configuration tweaks to get you up and running. Out of the box it supports over 20 services. Just fire it up, then it polls your network and starts collecting data. As you add services or hosts, it will hunt them down and start monitoring them automatically.
OpenNMS manages polling in a very civilized manner that is kind to your network bandwidth. Its default polling interval is five minutes. When it finds an outage it increases the polling interval to 30 seconds. If the outage still exists after five minutes it returns to five-minute polling intervals. Of course these are configurable to suit your desires.
Installation is a bit hairy. This is one of those applications that cries out for a "software appliance" version that includes all necessary packages and the operating system. You'll need both the Java JRE and SDK, Perl, Curl, PostgreSQL, RRDTool, Apache, and Tomcat. I'm no coder, so I will gladly buy the beverage of choice for the fine person who does package this into a single-CD install.
Until that wonderful day, your best bet is to follow the excellent installation instructions. They're different for different Linuxes, and the nice OpenNMS folks have included instructions for Debian, RPM-based Linuxes, Solaris, and source installations. Plus pages of good troubleshooting tips.
While OpenNMS is endlessly and bewilderingly customizable, the default configuration might be all you'll ever need. In discovery-configuration.xml you need to define your network range with the include-range directive:
<discovery-configuration threads="1" packets-per-second="1" initial-sleep-time="300000" restart-sleep-time="86400000" retries="3" timeout="800"> <include-range> <begin>192.168.0.1</begin> <end>192.168.0.254</end> </include-range> </discovery-configuration> </pre></tt> To watch multiple subnets, just add more <b>include-range</b> directives in their own separate stanzas: <tt><pre> <include-range> <begin>192.168.1.1</begin> <end>192.168.1.254</end> </include-range> </pre></tt>
OpenNMS includes its own Java-based SNMP implementation called JoeSNMP. If you have other SNMP applications running, turn them off. Make sure your correct IP address range is in snmp-config.xml:
<snmp-config retry="3" timeout="800" read-community="public" write-community="private"> </definition> <definition read-community="public"> <range begin="192.168.0.1" end="192.168.0.254"/> <range begin="192.168.1.1" end="192.168.1.254"/> </definition> </snmp-config>
Save your changes and start or restart OpenNMS. /etc/init.d/opennms start should do it, though beware of Linux distribution differences. Then fire up a Web browser and point it to port 8080 on the OpenNMS server:
On Debian, try port 8180 if 8080 doesn't work. Log in with the default login and password of admin, admin. Go away for a few minutes and let OpenNMS start collecting and displaying network data.
Next week we'll dive a little deeper into customizing OpenNMS. Be sure to study the installation documentsfor your particular flavor of Linux.
- Measure Network Performance with iperf
- Measure Network Performance: iperf and ntop
- Monitor Your Net with Free, High-Performance ZABBIX
- SNMP for Everybody
- Make Sense of SNMP/MRTG Alphabet Soup
- OpenNMS screenshots
- Interview with Tarus Balog, head of OpenNMS development
- Tomcat on Debian funkiness