Page 1 of 3
Many system builders find themselves doing double-duty as network administrators for their customers. Even if the system builder isn't formally the admin, they're often the person who installed and set up the network. So it's only natural that the customer relies on them when the network experiences problems.
But troubleshooting a network when you're not constantly on-site can be difficult, especially when the problems are intermittent (as they frequently are). One alternative is to temporarily connect a machine to the customer's network, then let the machine gather data for a day or two. This often is enough to help you pinpoint the root cause of network issue. This system can also help you taking proactive steps to audit a network for performance and security issues, so these issues can be addressed before they become major problems.
In this Recipe, I'll show you how to build such a network-monitoring system, and without busting your budget. In fact, all you'll need is an old laptop, the FreeBSD operating system, and some open-source software that is included with the FreeBSD package. Your total cost could be as little as a few hours of your time.
Here's a list of the hardware and software you'll need to turn that old laptop into a portable network-troubleshooting system:
Hardware: Since you won't be doing any heavy-duty computation, hardware requirements for a laptop-based portable network monitoring station are modest. A good starting point would be a laptop with the following specifications:
- 500 MHz Pentium III CPU
- 256 MB of RAM
- 10-GB hard drive
- DVD-ROM drive
- 10/100/1000BaseT Ethernet card
The main reason for going with a faster CPU is the ability to use tools with graphical user interfaces (GUIs). Running modern GUIs on slower machines can be frustrating.
More specifically, here's the system I used for this recipe. It's a low-end Dell Latitude CPiA with the following specs as a proof of concept:
- 366 MHz Pentium II CPU
- 128 MB of RAM
- 5.5 GB hard disk
- CD-ROM drive
- 10/100BaseT Ethernet card
By the way, if you don't have an old laptop lying around, try eBay or some other auction or used-equipment site. You should be able to buy a used system with these specs for no more than $150.
Software: We'll use open-source software for this project, so your cost will be zero when you download them. Here are the particulars:
- FreeBSD: This freeware OS runs well on older hardware, is secure, and supports the tools we'll be using in this Recipe. Further, instead of having to hunt down applications all over the Internet, you'll be able to install all of them as part of the FreeBSD packages system.
In fact, all the software applications I discuss in this Recipe can be installed through the FreeBSD ports/packages system as detailed in the article itself. I provide links to their respective Web sites directly below, because the sites provide more in-depth documentation about them than can be obtained from the FreeBSD.org site.
- Ethereal: Known as a protocol analyzer, this software is basically a packet sniffer. It allows you to look at and analyze all the packets going across a network segment.
- Ntop: Here's another packet sniffer, this time with the valuable ability to display output in tables and graphs in browser-friendly HTML format. I'll go into more detail on both the Ethereal and Ntop sniffers later in this Recipe.
- Netcat: This tool lets you use network sockets from a command line. It's installed by default and called "nc" by FreeBSD. You can use Netcat to see if a host is accepting connections on a particular TCP port. For example, "nc www.example.com 80" will let you know if the host is accepting connections on port 80.
- Nmap: This is a port-scanning utility. It lets you identify hosts on a network and determine on which ports they are listening.
- Ping and Traceroute: These two utilities can help you verify network connectivity, latency, and routes. Like the other tools in this list, both Ping and Traceroute are installed by default.
- Smbclient: This is the client part of the Samba suite. It lets you to access Windows network shares from a UNIX-type OS.
- SSH and telnet: These two utilities allow you to access network devices via the command line. Both clients are installed by default. The SSH server facilitates remotely logging into your system so you can check on tests while they're in progress.