Network telemetry for fun and profit

For some reason, I've found myself on a network telemetry kick recently. It all started with a need to get very clear data on network latency seen on an MPLS network to assist in diagnosing perceived network problems. Awhile ago I hacked together a quick perl script to ping an endpoint and dump data to a flat file in a format easily digested by gnuplot. The scatter graphs created in this fashion were always int

For some reason, I've found myself on a network telemetry kick recently. It all started with a need to get very clear data on network latency seen on an MPLS network to assist in diagnosing perceived network problems. Awhile ago I hacked together a quick perl script to ping an endpoint and dump data to a flat file in a format easily digested by gnuplot. The scatter graphs created in this fashion were always interesting, and very useful for proving network SLA breaches to telecom providers.

Recently though, that wasn't good enough. With 8 endpoints to measure and days of data needed, I had to make it somewhat official. Thus, MRLG was born. You can download mrlg-0.01.tgz here.

At the center of the package is a simple perl daemon that pings remote endpoints every 5 seconds, and populates a MySQL database with the resulting latency determined. A nightly database maintenance script runs to cull data more than 48 hours old to a reporting table to speed up queries, and all data ages out after 90 days. It is possible to draw a graph with data for a full 90-day timeslice, however.

The graphs are drawn with GD by a perl command-line utility. This permits graphs to be generated at scheduled intervals for quick perusal. In addition, there's a PHP front end that's built to dynamically display five static graphs per endpoint, and a full on-the-fly GUI graph generator.

mrlg-graph.pl Usage

-g WxH             - Size of graph, e.g. 1024x768
-s n               - Scale height in milliseconds
-h n.n.n.n         - Hosts to include, comma separated. MUST MATCH CAPTURED DATA HOSTS. Omit for all.
-f path/file       - Output path/filename
-l string          - Graph Title
-m n               - Median latency (Default: 50ms)
-t n(m|h|d|w|mo)   - Timeframe in minutes,hours,days,weeks,months from now.

Thus,

mrlg-graph.pl -g800x600 -s600 -h10.18.1.1,10.20.1.1 -f /var/www/html/graph.png -l "Test Graph" -t5d

would generate an 800x600 graph with a Y scale of 600ms, showing datapoints for hosts 10.18.1.1 and 10.20.1.1 to file /var/www/html/graph.png titled "Test Graph" showing data for the past 5 days. For occasional use, the PHP front end makes all this much simpler.

In the interest of time, I wrote it against MySQL, but I'm starting to think that RRDTool might be a better choice, although I don't think the graph generation available in RRDTool would be the best depiction of this data, so it might just be simpler to rewrite the back end and pull the data points. Also, averaging this data is useful, but it's nice to be able to plot every point.

Maybe that'll happen in v0.02. You never know.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies