Presentation is loading. Please wait.

Presentation is loading. Please wait.

NOC Tools Donal O’Cearbhaill HEAnet Ltd.. Ireland’s National Education and Research Network Provides Internet services to Irish Universities 2005 - Broadband.

Published byBlaise Watson Modified over 9 years ago

Similar presentations

Presentation on theme: "NOC Tools Donal O’Cearbhaill HEAnet Ltd.. Ireland’s National Education and Research Network Provides Internet services to Irish Universities 2005 - Broadband."— Presentation transcript:

1 NOC Tools Donal O’Cearbhaill HEAnet Ltd.

2 Ireland’s National Education and Research Network Provides Internet services to Irish Universities 2005 - Broadband for Schools

3 Free ‘always on’ broadband connectivity to Schools 3 Year Agreement –Dept of Education/Dept of Communication/TIF 3,925+ Schools 7 Access Providers HEAnet backbone network Onward connectivity to Internet & Educational Networks HEAnet Managed Services: Network; Security; E-Mail Broadband for Schools

4 Challenges 4,000 schools Highly contended links A lot of satellite connections SLA/Contract enforcement

5 Installation Rate

6 Monitoring/ISP Infrastructure 28 Debian/Ubuntu servers 4 Fibrenetix disk arrays –Disk based backup –rsync & application level dumps –Syslog nodes PostgreSQL database Aggregation Routers –7301 –PPPoE –GRE Border/Services Routers –6500, 3750

7

8 Tools SmokePing Nagios Rancid Cacti Netflow

9 SmokePing Latency measurement tool Runs probes in parallel >3,800 hosts RRD backend –Reporting Historical view Acceptance testing Tuning –FPing timeouts decreased –Total number of probes reduced –Satellite frequency reduced

10 Nagios 4,131 services on 3,905 hosts Top 5 number of hosts on nagios.org Populated by SmokePing and memcache –Nagios runs checks serially –>1 hour vs. 15 mins Nagios populates –sidebar alarms –Schools Up Graph

11 Rancid Really Awesome New Cisco confIg Differ 3,296 Router configs Maintains history of changes –Mails changes

12 Cacti 3,900 hosts Data gathering –SNMP –External Perl scripts Graph templating Database driven Cricket: 27 mins –Perl Cacti: <5 mins –Cactid –Custom multithreaded C application

13 Cacti Weathermap

14 Interconnects

15 Netflow NfSen is a graphical web based front end for the nfdump netflow tools Query abuse reports Usage reporting

16 Reporting Daily Reports DNS log reporting Report infected PCs –Top MX lookups –Misconfigurations –Active Directory Netflow –IPs –Schools usage Gigabytes downloaded by schools on 22/03/07: 332 Gigabytes uploaded by schools on 22/03/07 : 48 Total MegaBytes downloaded for Digiweb Satellite: 12834 Total MegaBytes uploaded for Digiweb Satellite: 1202 Total MegaBytes downloaded for Digiweb Wireless: 77578 Total MegaBytes uploaded for Digiweb Wireless: 10217 Total MegaBytes downloaded for ESATBT ADSL: 54352 Total MegaBytes uploaded for ESATBT ADSL: 6632 Total MegaBytes downloaded for HSData Wireless: 3047 Total MegaBytes uploaded for HSData Wireless: 575 …..

17 Logging Syslog server per PoP –Servers –Routers Logcheck –Logfile scanner IP to school identifier –Mapping IP to school

18 Server Monitoring SSH keys –Sharing keys/fingerprints –High overhead SNMP –Less configurable Memcache –Local Perl script –Easy to rollout –Load –Disk Space –Monitor Processes

19 Memcache Distributed memory caching system Low overhead Speed up dynamic database-driven websites by caching data and objects in memory Developed for LiveJournal –Slashdot –Wikipedia –SourceForge Schools –Nagios –Maps –Server status

20 Subversion Modern replacement for CVS Provisioning System –Configs ViewCVS Checkins get mailed Schools-noc –Scripts stored on every server –Automatically updated –cron.d

21 Sidebar Nagios polled every minute Populated into memcache Sidebar alarms Pubcookie single sign-on

22

23

24

25 Provisioning System Services provisioned –CPE router config –Nagios –RADIUS –Cacti –Cisco ACS (TACACS+) –SmokePing –Fortigate (Content filtering) –Maps –DNS –Webhosting

26 Provisioning System Text::Template templating system Data stored in authoritative database PostgreSQL’s INET type is brilliant! Perl scripts generate configlets Added to Subversion Perl/Shell provisioning agents handle service restarts etc. Ability to stop all provisioning

27 Provisioning System Structure

28

29 Google Maps

30

31 Random things we’ve encountered Predictable traffic levels Smokeping, Nagios and Cricket/Cacti take a lot of tuning to monitor our network Difficult to achieve high bandwidth and high level of reliability in transparent content filter

32 donal.ocearbhaill@heanet.ie

33

Download ppt "NOC Tools Donal O’Cearbhaill HEAnet Ltd.. Ireland’s National Education and Research Network Provides Internet services to Irish Universities 2005 - Broadband."

Similar presentations

NAGIOS AND CACTI NETWORK MANAGEMENT AND MONITORING SYSTEMS.

NAGIOS AND CACTI NETWORK MANAGEMENT AND MONITORING SYSTEMS.
Point Protection 111. Check List AAA to the Network Devices Controlling Packets Destined to the Network Devices Config Audits.

Point Protection 111. Check List AAA to the Network Devices Controlling Packets Destined to the Network Devices Config Audits.
Overview of network monitoring development at AMRES Slavko Gajin.

Overview of network monitoring development at AMRES Slavko Gajin.
Bangkok, Thailand An Introduction intERLab at AIT Network Management Workshop March 11-15 – Bangkok, Thailand Hervey Allen & Phil Regnauld.

Bangkok, Thailand An Introduction intERLab at AIT Network Management Workshop March – Bangkok, Thailand Hervey Allen & Phil Regnauld.
1 CHEP 2000, 10.02.2000Roberto Barbera Roberto Barbera (*) Grid monitoring with NAGIOS WP3-INFN Meeting, Naples, 29.11.2002 (*) Work in collaboration with.

1 CHEP 2000, Roberto Barbera Roberto Barbera (*) Grid monitoring with NAGIOS WP3-INFN Meeting, Naples, (*) Work in collaboration with.
Network Management Workshop intERlab at AIT Thailand March 11-15, 2008 Network Operations and Network Management.

Network Management Workshop intERlab at AIT Thailand March 11-15, 2008 Network Operations and Network Management.
HEAnet & The Schools Network Presentation to HEAnet National Networking Conference by Ronan Byrne & Tim Maher 10 th November 2005.

HEAnet & The Schools Network Presentation to HEAnet National Networking Conference by Ronan Byrne & Tim Maher 10 th November 2005.
MONITORING TOOLS Open Source Security Tools to monitor your network.

MONITORING TOOLS Open Source Security Tools to monitor your network.
Building a Home Web Server Grant Root

Building a Home Web Server Grant Root
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Cold Fusion High Availability “Taking It To The Next Level” Presenter: Jason Baker, Digital North Date: 01.07.2004.

Cold Fusion High Availability “Taking It To The Next Level” Presenter: Jason Baker, Digital North Date:
Cacti Workshop Tony Roman 20112 Agenda What is Cacti? The Origins of Cacti Large Installation Considerations Automation The Current.

Cacti Workshop Tony Roman Agenda What is Cacti? The Origins of Cacti Large Installation Considerations Automation The Current.
5/12/011 eircom net IP Network Karl Jeacle

5/12/011 eircom net IP Network Karl Jeacle
Monitoring backbone networks Manuel ubredu, Valeriu Vraciu – RoEduNet Chiinău, September 9, 2014.

Monitoring backbone networks Manuel ubredu, Valeriu Vraciu – RoEduNet Chiinău, September 9, 2014.
Academic Network - retrospective. Academic Network – University of Montenegro MREN’s technical body is Center of Information System (CIS) of University.

Academic Network - retrospective. Academic Network – University of Montenegro MREN’s technical body is Center of Information System (CIS) of University.
Bangkok, Thailand Smokeping & Cacti intERLab at AIT Workshop March 11-15 – Bangkok, Thailand Hervey Allen.

Bangkok, Thailand Smokeping & Cacti intERLab at AIT Workshop March – Bangkok, Thailand Hervey Allen.
Securing Schools Firewalling and Filtering on the Broadband for Schools Network. Liam Kennedy Network Engineer HEAnet Ltd.

Securing Schools Firewalling and Filtering on the Broadband for Schools Network. Liam Kennedy Network Engineer HEAnet Ltd.
Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.

Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.
PacNOG 6: Nadi, Fiji Dealing with DDoS Attacks Hervey Allen Network Startup Resource Center.

PacNOG 6: Nadi, Fiji Dealing with DDoS Attacks Hervey Allen Network Startup Resource Center.
These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/)

These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (

Similar presentations

Ads by Google