acknowledgement

dreams never turn to reality unless a lot of effort and hardwork is put into
it.and no effort bears fruit in the absence of support and guidance.it takes a
lot of effort to work your way through this goal and having someone to guide
you and help you is always a blessing.we would like to take this oppurtunity
to thank a few who were closely involved in the completion of this small
dream of ours - this project.

at the outset we thank the principal mr. ommen samuel for granting
permission to proceed with the project .

we sincerely thank mrs.preetha mathew ,head of the department of

computer science for providing the necessary facilities to us.

we would like to thank the vsnl authorities for providing this great
opportunity to us.

we are also extremely grateful to our internal project guide mr.jabir,lecturer

in computer science and our external project guide mr sajan
john,network engineer(vsnl) for the valuable suggestions provided which
helped us to overcome the major problems during the design of the project.

we thank our families and friends whose prayer and encouragement kept us
going.

last but not the least we thank the lord for giving us the confidence and the
ability to achieve this dream

introduction
even a small company may have a number of pieces of hardware with many services and
software packages running on them. larger companies may have hundreds or even thousands of
items to keep up and running. both small and large companies may have decentralized
operations, implying a decentralized it infrastructure, with no ability to physically see many of
the machines at all.

naturally, each piece of hardware will have a unique set of software products running on it. faced
with a multitude of hardware and software to monitor, administrators cannot pay attention to
each specific item; the default posture in this kind of situation is to respond to service outages on
a reactive basis. worse, awareness of the problem usually comes only after an end-user
complains.

therefore, an automated tool that can help in system administration can be extremely helpful.
these tools go by the generic name of network management software, and all share the capability
to:

•keep track of all the services and machines running in the infrastructure;

•raise alerts before small problems become large ones;

•run from a central location to reduce the need to physically go to each machine; and,

•provide a visual representation of system-wide status, outstanding problems, etc.

our project is to customize an existing network monitoring system nagios, for the vsnl
broadband network. nagios is a free, open-source web-based network monitor developed
by ethan galstead. nagios is designed to run on linux, but can be also be used on unix
variants. nagios monitors the status of host systems and network services and notifies the
user of problems. the installation and configuration of nagios is done in a way typical for
linux. the system can be controlled via web browser .

about the organisation

videsh sanchar nigam limited (vsnl)
vsnl was incorporated on march 19, 1986 under the indian companies act ,
1956 to take over the activities of the erstwhile overseas communication services (ocs)
with effect from april 1, 1986.the first submarine telegraph cable from u.k. landed in
bombay in 1870, heralding the era of external telecommunications in india.the eastern
telegraph co. (etc) of 1872 and the indian radiotelegraph co. (irt) of 1927 merged to form
the indian radio and cable communications co. (ircc) in 1932.the h.f. radio telegraph
made its appearance on the scene in 1927, followed by radio telephony in 1933.

consequent to india's independence in 1947, there were phenomenal developments in her

communication system and technology. the government of india took over the ircc, giving
birth to the overseas communications service (ocs), a government department.the satellite
era dawned in 1970. india also had, by 1982, wideband submarine telephone cable system
and troposcatter system in the external telecommunications network. on april 1, 1986, the
videsh sanchar nigam limited (vsnl) - a wholly government owned corporation - was born
as successor to ocs.

there were unexpected developments in mobile communications too. now it is possible to

communicate and do business with people on the move - on land, on the high seas or in
the air, even while we are moving from one place to another. these developments also
made possible safety through communications - during natural calamities like flood or
earthquake or man-made calamities like war, when conventional systems are thrown out
of gear. meanwhile, vsnl introduced internet services in india in the year 1995. the new
era of communications started towards the new millennium.
it is a well known fact that a large number of people from kerala work overseas.as a
result, international telephone calls to and from kerala had always been very high.it was
therefore quite natural for vsnl to have its footprints established in kerala.by october 1996
,vsnl started providing internet dial-up service from vyttila office with a router setup
using servers at chennai,which initially was 64kbps, was upgraded to 2mbps.in
march1998 ,the gateway from ernakulam vsb, located at kakkanad was commissioned
with a 13m standard b antenna,gateway digital switch and dcme equipment.in april 1998,
asianet evening tv news up linking started from vsnl ernakulam.
in october 1998, an internet carrier was radiated from this earth station to kdd japan.vsnl
ernakulam also started providing leased lines services for internet as well as iplc.by
october 1998 , as per government policy internet dial-up was handed over to the then
dot.however in january 2001,vsnl ernakulam again started dial-up service using ras and
digital lines
in terms of inter-vsnl bandwidth servicing , vsnl ernakulam is providing other centeres
like chennai and banglore,iplc links to various international destinations some of the
leading it companies like infosys and satyam , from bangalore and chennai are provided
stae-of-the- art fibre connectivity from ernakulam via sea-me-we-3.
among the other major achievements of the ernakulam vsnl station were the
commissioning of the mega submarine cable projects of the time-sea-me-we-3(south east
asia,middle east,west europe 3) and safe(south africa far east).it may be mentioned that
for safe,cochin is the only landing point in india.the total number of international circuits
in operation in march 2002 are 2124.
in february 2002, the government of india, as per their disinvestments plan, released 25%
of vsnl's equity to a strategic partner. consequently, vsnl was taken over under the
administrative control of tatas. it is under the management of tatas - india's best known
industrial house-that vsnl is now charting its future course.
proposed system
nagios is a host and service monitor designed to inform you of network problems
before your clients, end-users or managers do. it has been designed to run under the linux
operating system but works fine under most *nix variants as well. the monitoring daemon
runs intermittent checks on hosts and services you specify using external "plugins" which
return status information to nagios. when problems are encountered, the daemon can send
notifications out to administrative contacts in a variety of different ways .. current status
information, historical logs, and reports can all be accessed via a web browser. nagios has
a lot of features, making it a very powerful monitoring tool. some of the major features
are listed below:
1monitoring of network services
2monitoring of host resources
3monitoring of environmental factors such as temperature
4simple plugin design that allows users to easily develop their own host and service
checks
5ability to define network host hierarchy, allowing detection of and distinction
between hosts that are down and those that are unreachable
6contact notifications when service or host problems occur and get resolved (via user-
defined method)
7optional escalation of host and service notifications to different contact groups
8ability to define event handlers to be run during service or host events for proactive
problem resolution
9support for implementing redundant and distributed monitoring servers
10external command interface that allows on-the-fly modifications to be made to the
monitoring and notification behavior through the use of event handlers, the web
interface, and third-party applications
11retention of host and service status across program restarts
12scheduled downtime for suppressing host and service notifications during periods
of planned outages
13ability to acknowledge problems via the web interface
14web interface for viewing current network status, notification and problem history,
log file, etc.
15simple authorization scheme that allows you restrict what users can see and do
from the web interface

feasibility study
 feasibility study is a test of a system proposal, according to its workability, impact on the
organization, ability to meet the user needs and effective use of resources. thus when a new
application is proposed, it normally goes through a feasibility study before it is approved for
development. the main objective of feasibility study is not to solve the problem but acquire a
sense of its scope. during the study, the problem definition is crystallized and aspects of the
problem to be included in the system are determined. every project is feasible, given unlimited
resources and infinite time. it is both necessary and prudent to evaluate of the project at the
earliest possible time. so a detailed study was carried out to check the workability of the system.

during the feasibility study of the project some primary area of interest is considered very
carefully.
they are:
economic feasibility: - an evaluation of development cost weighed against the ultimate
income or benefit derived from the developed system or product.
technical feasibility: -a study of function, performance and constraint that may affect the
ability to achieve an acceptable system.
technical feasibility
open source doesn't just mean access to the source code. the license shall not restrict any
party from selling or giving away the software as a component of an aggregate software
distribution containing programs from several different sources. the program must
include source code, and must allow distribution in source code as well as compiled form.
the license must allow modifications and derived works, and must allow them to be
distributed under the same terms as the license of the original software. it may restrict
source-code from being distributed in modified form only if the license allows the
distribution of "patch files" with the source code for the purpose of modifying the
program at build time. it must not discriminate against any person or group of persons. it
must not restrict anyone from making use of the program in a specific field of endeavor.
the rights attached to the program must apply to all to whom the program is redistributed
without the need for execution of an additional license by those parties. the rights
attached to the program must not depend on the program's being part of a particular
software distribution. the license must not place restrictions on other software that is
distributed along with the licensed software. no provision of the license may be
predicated on any individual technology or style of interface.

nagios is an open source software.so it is technically feasible to use it.

economical feasibility
nagios is agreeing to the terms of free software foundation and hence using it is
economically feasible.
free software is a matter of the users' freedom to run, copy, distribute, study, change and
improve the software. more precisely, it refers to four kinds of freedom, for the users of
the software:

•the freedom to run the program, for any purpose (freedom 0).

•the freedom to study how the program works, and adapt it to your needs (freedom 1).
access to the source code is a precondition for this.

•the freedom to redistribute copies so you can help your neighbor (freedom 2).

•the freedom to improve the program, and release your improvements to the public,
so that the whole community benefits (freedom 3). access to the source code is a
precondition for this.
a program is free software if users have all of these freedoms.
moreover linux operating system,apache web server,gd library and gcc - all used to run
nagios ,are freely available.

system requirement specification

an srs establishes the basis for agreement between the client and the supplier on what the
software product will do.it is the medium through which the client and the user needs are
accurately specified to the developer.it provides a reference for validation of the final product.it
is a prerequisite to high quality software and also reduces the development cost.

design plan - input/output design

i/o design forms one of the major aspects of any system design. it requires much careful
attention towards the user side. it defines the interface between user and system. carefully
designed inputs and outputs define how effective the system is.

input design
 input design converts user-oriented inputs to computer-based format, which
requires careful attention.in input design, data is accepted for computer processing and input to
the system.inaccurate input data is the most common cause of errors in data processing.

output design
outputs are the most important and direct source of information to the user and to the
department. intelligent output design will improve the systems relationship with the user and
help much in decision-making. outputs are also used to provide a permanent hard copy of the
results for later uses. outputs can be meant for users as well as management.

data flow diagram

a data flow diagram (dfd) is a diagram that describes the flow of data and the processes
that change or transform data throughout a system. it is a structured analysis and design tool that
can be used for flowcharting in place of, or in association with, information oriented and process
oriented system flowcharts. when analysts prepare the dfd, they specify the user needs at a level
of detail that virtually determines the information flow into and out of the system and the
required data resources. this network is constructed by using a set of symbols that do not imply a
physical implementation. the dfd reviews the current physical system, prepares input and output
specification, specifies the implementation plan etc.

four basic symbols are used to construct data flow diagrams.

basic data flow diagram symbols are

1a "square" defines a source (originator) or destination of a system data.

2an "arrow" identifies data flow. it is a pipeline through which information flows.
3a "circle" represents a process that transforms incoming data flow(s) into outgoing data
flow(s).
4an "open rectangle" is a data store.
 BRAS

CISCO SWITCH CISCO SWITCH CISCO SWITCH

Host Alive
Checking

NAGIOS
SERVER

BRAS

CISCO SWITCH CISCO SWITCH CISCO SWITCH

Services

NAGIOS
SERVER BRAS

CISCO SWITCH CISCO SWITCH CISCO SWITCH

Alerts

NAGIOS
SERVER

working environment

hardware requirements

processor :pentium 4
memory :1 gb
hard disk :40 gb
keyboard :108 keys
mouse :standard mouse
monitor :vga color monitor
lan card

software requirements

operating system :linux (fedora 8)

monitoring tool :nagios
web server :apache
front end tools :html,cgi

linux

network architecture
the vsnl network we monitored consisted mainly of cisco switches 2950 and 3750.
the cisco catalyst 2950 series switch is a fixed-configuration, stackable standalone switch that
provides wire-speed fast ethernet and gigabit ethernet connectivity. this switch offers two distinct
sets of software features and a range of configurations to allow small, midsize, and enterprise
branch offices and industrial environments to select the right combination for the network edge.
standard image software offers cisco ios software functions for basic data, voice, and video
services. for networks with requirements for additional security, advanced quality of service
(qos), and high availability, enhanced image software delivers intelligent services such as rate
limiting and security filtering for deployment at the network edge.
the cisco catalyst 3750 series switch is an innovative product for midsize organizations and
enterprise branch offices. featuring cisco stackwise technology, the switch improves lan
operating efficiency by combining ease of use and the highest resiliency available for stackable
switches.cisco stackwise technology is a revolutionary stacking architecture that brings high
levels of resiliency, automation, and performance to stackable switches. with cisco stackwise
technology, customers can create a single, 32-gbps switching unit with up to nine cisco catalyst
3750 series switches.

they are connected to the main internet cloud via bras.it is a cisco 7301 router.
a broadband remote access server (bras) routes traffic to and from the digital subscriber line
access multiplexers (dslam) on an internet service provider's (isp) network.the bras sits at the
core of an isp's network, and aggregates user sessions from the access network. it is at the bras
that an isp can inject policy management and ip quality of service (qos).
the specific tasks include:

•aggregates the output from dslams

•provides user ppp sessions or ip over atm sessions

•enforces quality of service (qos) policies

•routes traffic into an internet service provider’s backbone network

the compact cisco 7301 router is the industry's highest performance single rack unit router with
million packets per second processing. with 3 built-in gigabit ethernet interfaces (copper or
optical) and a single slot for any cisco 7000 series port adapter, the cisco 7301 is highly flexible
for a variety of applications. additionally for broadband aggregation, the cisco 7301 supports up
to 16,000 subscribers sessions making it ideal for pay-as-you-grow broadband deployment
models.

remote access service (ras) is

there are 3 main rass located at cochin,calicut and trivandrum.
considered to be a wide area network (wan) connection.
esns and edns are connected to the bras. a no. of dslams and ddslams are connected to the bras.
ddslams are used for extension.

a dslam collects data traffic from multiple subscribers into a centralized point so that it can be
uploaded to the router over a frame relay, atm, or ethernet connection.the router provides the
logical termination for ppp sessions. these may be ppp over ethernet (pppoe) or ppp over atm
(pppoa) encapsulated sessions. by acting as the ppp termination point, the bras is responsible for
assigning session parameters such as ip addresses to the clients. the bras is also the first ip hop
from the client to the internet.the bras is also the interface to authentication, authorization and
accounting systems
a digital subscriber line access multiplexer (dslam) allows telephone lines to make faster
connections to the internet. it is a network device, located near the customer's location, that
connects multiple customer digital subscriber lines (dsls) to a high-speed internet backbone line
using multiplexing techniques.by locating dslams at locations remote to the telephone company
central office (co), telephone companies are now providing dsl service to consumers who
previously did not live close enough for the technology to work.
the dslam at the co collects the digital signals from its many modem ports and combines them
into one signal, via multiplexing.depending on the product, dslams connect dsl lines with some
combination of asynchronous transfer mode (atm), frame relay or internet protocol networks .in
terms of the osi 7 layer model, the dslam acts like a massive network switch, since its
functionality is purely layer 2.the aggregated signal then loads onto backbone switching
equipment, traveling through an access network (an) — also known as a network service
provider (nsp) — at speeds of up to 10 gbit/s and connecting to the internet-backbone.the dslam,
functioning as a switch, collects the adsl modem data (connected to it via twisted or non-twisted
pair copper wire) and multiplexes this data via the gigabit link that physically plugs into the
dslam itself, into the telco's backbone.a dslam is not always located in the telephone company
central office, but may also serve customers within a neighborhood serving area interface (sai),
sometimes in association with a digital loop carrier. dslams are also used by hotels, lodges,
residential neighbourhoods and other corporations setting up their own private telephone
exchange.besides being a data switch and multiplexer, a dslam is also a large number of modems,
each modem on the aggregation card communicating with a subscriber's dsl modem. this modem
function being inside the dslam rather than separate hardware, and being wideband rather than
voiceband, it isn't often called a modem.
customers connect to the dslam through adsl modems or dsl routers, which are connected to the
pstn network via typical unshielded twisted pair telephone lines. each dslam has multiple
aggregation cards, and each such card can have multiple ports to which the customers lines are
connected. typically a single dslam aggregation card has 24 ports, but this number can vary with
each manufacturer. the most common dslams are housed in a telco-grade chassis, which are
supplied with (nominal) 48 volts dc. hence a typical dslam setup may contain power converters,
dslam chassis, aggregation cards, cabling, and upstream links. the most common upstream links
in these dslams use gigabit ethernet or multi-gigabit fiber optic links.
ip-dslam stands for internet protocol digital subscriber line access multiplexer. user traffic is
mostly ip based.traditional 20th century dslam used asynchronous transfer mode (atm)
technology to connect to upstream atm routers/switches. these devices then extract the ip traffic
and pass it on to an ip network. ip-dslams extract the ip traffic at the dslam itself. thus it is all ip
from there. advantage of ip-dslam over a traditional atm dslam is in terms of lower capital
expenditure and operational expenditure and a richer set of features and functionality.
digital subscriber line (dsl) technology is a modem technology that uses existing twisted-pair
telephone lines to transport high-bandwidth data, such as multimedia and video, to service
subscribers. the term xdsl covers a number of similar yet competing forms of dsl technologies,
including adsl, sdsl, hdsl, hdsl-2, g.shdl, idsl, and vdsl. xdsl is drawing significant attention from
implementers and service providers because it promises to deliver high-bandwidth data rates to
dispersed locations with relatively small changes to the existing telco infrastructure.
xdsl services are dedicated, point-to-point, public network access over twisted-pair copper wire
on the local loop (last mile) between a network service provider's (nsp) central office and the
customer site, or on local loops created either intrabuilding or intracampus. currently, most dsl
deployments are adsl, mainly delivered to residential customers.
asymmetric digital subscriber line (adsl) technology is asymmetric. it allows more bandwidth
downstream—from an nsp's central office to the customer site—than upstream from the
subscriber to the central office. this asymmetry, combined with always-on access (which
eliminates call setup), makes adsl ideal for internet/intranet surfing, video-on-demand, and
remote lan access. users of these applications typically download much more information than
they send.
adsl transmits more than 6 mbps to a subscriber and as much as 640 kbps more in both directions
(shown in figure 21-1). such rates expand existing access capacity by a factor of 50 or more
without new cabling. adsl can literally transform the existing public information network from
one limited to voice, text, and low-resolution graphics to a powerful, ubiquitous system capable
of bringing multimedia, including full-motion video, to every home this century.

figure 21-1 the components of an adsl network include a telco and a cpe
adsl will play a crucial role over the next decade or more as telephone companies enter new
markets for delivering information in video and multimedia formats. new broadband cabling will
take decades to reach all prospective subscribers. success of these new services depends on
reaching as many subscribers as possible during the first few years. by bringing movies,
television, video catalogs, remote cd-roms, corporate lans, and the internet into homes and small
businesses, adsl will make these markets viable and profitable for telephone companies and
application suppliers alike.
an adsl circuit connects an adsl modem on each end of a twisted-pair telephone line, creating
three information channels: a high-speed downstream channel, a medium-speed duplex channel,
and a basic telephone service channel. the basic telephone service channel is split off from the
digital modem by filters, thus guaranteeing uninterrupted basic telephone service, even if adsl
fails. the high-speed channel ranges from 1.5 to 9 mbps, and duplex rates range from 16 to 640
kbps. each channel can be submultiplexed to form multiple lower-rate channels.
adsl characteristics:
asymmetric – the data can flow faster in one direction than the other. more precisely, data
transmission is faster downstream (to the user) to the subscriber than upstream (from the
user). costumers do not need a high bi-directional transmission speed. they actually
connect to the internet in a relatively passive mode because the amount of data they
download is enormously higher than the amount of data they transmitting.
digital – no type of communication is transferred in an analog method. all data is purely
digital, and only at the end, modulated to be carried over the line.
subscriber line – the data is carried over a single twisted pair copper loop to the subscriber
premises
languages & tools

nagios

nagios
nagios is a system and network monitoring application. it is an open source,
unix-based enterprise monitoring package with a web-based
front-end or console. it watches hosts and services that you specify, alerting you
when things go bad and when they get better. nagios can monitor assets like
servers, network devices,and applications, essentially any device
or service that has an address and can be contacted via tcp/ip. it
can monitor hosts running microsoft windows, unix/linux, novell
netware,and other operating systems. we can use a variety of
network protocols, including http, snmp, and ssh, to conduct this
monitoring. nagios can also receive snmp traps, and we can build
and easily integrate our own custom monitoring checks using a
variety of languages, including c, perl,and shell scripts.

nagios can also be configured as a robust redundant monitoring

infrastructure that is capable of disaster recovery and failover
modes of operation.

nagios uses transmission control protocol/internet protocol (tcp/ip)

to monitor hosts and devices. thus, we need to deploy our nagios
server or servers where they have network visibility of the hosts
and devices that is required to be monitored.

nagios is designed to primarily run on the linux operating system.nagios installations consist of
two major components: the nagios server and the nagios plug-ins. the nagios server is the core of
the nagios solution and performs functions such as interpreting the configuration, running the
web console, and initiating notifications and checks. the nagios plug-ins provide the interfaces to
hosts, devices, and applications to allow you to monitor them.
nagios has an impressive list of features that include:

•monitoring of network services such as http, smtp, ssh, telnet, etc.

•monitoring of server resources, such as disk usage and load averages.

 •real time notification of failures via email, pager, etc.

•a very informative web interface that makes it very easy to identify problem hosts.

•licensed under the gnu gpl.

nagios runs on unix and its variants and optionally requires a web server to be installed
(for the web interface).
to understand the usefulness of nagios, consider a typical it infrastructure that one or
more system administrators are responsible for. even a small company may have a
number of pieces of hardware with many services and software packages running on
them. larger companies may have hundreds or even thousands of items to keep up and
running. both small and large companies may have decentralized operations, implying a
decentralized it infrastructure, with no ability to physically see many of the machines at
all.
naturally, each piece of hardware will have a unique set of software products running on
it. faced with a multitude of hardware and software to monitor, administrators cannot pay
attention to each specific item; the default posture in this kind of situation is to respond
to service outages on a reactive basis. worse, awareness of the problem usually comes
only after an end-user complains.
therefore, an automated tool that can help in system administration can be extremely
helpful. these tools go by the generic name of network management software, and all
share the capability to:

•keep track of all the services and machines running in the infrastructure;

•raise alerts before small problems become large ones;

•run from a central location to reduce the need to physically go to each machine;
and,

•provide a visual representation of system-wide status, outstanding problems, etc.

two main problems keep network management software from being more widely used:

•it tends to be extremely expensive; and,

•it requires significant work to configure for a given environment.

nagios is an open source network management tool that solves the first problem. it too,
requires a fair amount of configuration, but there are a couple of suggestions to reduce
that burden later in this article.
the nagios architecture
the nagios application runs on a central server, either linux or unix. each piece of
hardware that must be monitored runs a nagios daemon that communicates with the
central server. depending on the instructions in the configuration files the central server
reads, it will "reach out and touch" the remote daemon to instruct it to run a necessary
check. while the application must run on linux or unix, the remote machines may be any
piece of hardware that may be communicated with.
depending upon the response from the remote machine, nagios will then respond with an
appropriate action, again, according to its configuration. depending upon what remote
test needs to be performed, nagios will perform the test via a native machine capability
(e.g., test to see if a file exists) or will run a custom test program (called a plugin) to test
something more specific (e.g., check to see if a particular set of values has been placed
into a database). if a check return value is not correct, nagios will raise an alert via one
or several methods -- again, according to how it has been configured.

plugin theory
in order for nagios to be of any use, install plugins.plugins are usually
installed in the /usr/local/nagios/libexec. plugins are scripts or binaries which perform all
the service and host checks that constitute monitoring. plugins are compiled executables
or scripts (perl, shell, etc.) that can be run from a command line to check the status or a
host or service. nagios uses the results from plugins to determine the current status or
hosts and services on the network. nagios is useless without them.

unlike many other monitoring tools, nagios does not include any internal mechanisms for
checking the status of services, hosts, etc. instead, nagios relies on external programs
(called plugins) to do all the dirty work. nagios will execute a plugin whenever there is a
need to check a service or host that is being monitored. the plugin does something to
perform the check and then simply returns the results to nagios. nagios will process the
results that it receives from the plugin and take any necessary actions .
the image below shows how plugins are separated from the core program logic in nagios.
nagios executes the plugins which then check local or remote resources or services of
some type. when the plugins have finished checking the resource or service, they simply
pass the results of the check back to nagios for processing

010009000003ae1806000000254a030000001610000026060f002220574d464301000000
00000100c81b000000002d00000000200000ec740500ec940500010000006c0000000000
000000000000a1020000d4000000000000000000000046520000ff19000020454d460000
0100ec9405000e0000000100000000000000000000000000000000040000000300004001
0000f000000000000000000000000000000000e2040080a90300460000002c0000002000
0000454d462b014001001c000000100000000210c0db0100000060000000600000004600
00005000000044000000454d462b224004000c000000000000001e4009000c0000000000
0000244001000c000000000000003040020010000000040000000000803f214007000c00
the good thing about the plugin architecture is that we can monitor just about anything we
can think of. if we can automate the process of checking something, we can monitor it
with nagios. the only real downside to the plugin architecture is the fact that nagios has
absolutely no idea what it is that we’re monitoring. as such, nagios cannot produce graphs
of changes to the exact values of resources we’re monitoring over time. it can only track
changes in the state of those resources. only the plugins themselves know exactly what
they’re monitoring and how to perform checks. however, plugins can return optional
performance data along with status information.this performance data can then be passed
on to external applications which could produce graphs of service-specific information .
when nagios needs to check the status of a particular service that we have defined, it will
execute the plugin specified in the <check_command> argument of the service
definition. the plugin will check the status of the service or resource specified and return
the results to nagios.in each host definition we use the <host_check_command> argument
to specify a plugin that should be executed to check the status of the host. host checks are
not performed on a regular basis - they are executed only as needed, usually when there
are problems with one or more services that are associated with the host.host checks can
use the same plugins as service checks. the only real difference between the two types of
checks is in the interpretation of the plugin results. if a plugin that is used for a host check
results in a non-ok status, nagios will believe that the host is down.
in most situations, we’ll want to use a plugin which checks to see if the host can be
pinged, as this is the most common method of telling whether or not a host is up.

snmp
in today's complex network of routers, switches, and servers, it can seem like a daunting task to
manage all the devices on the network and make sure they're not only up and running but
performing optimally. this is where the simple network management protocol (snmp) can help.
snmp was introduced in 1988 to meet the growing need for a standard for managing internet
protocol (ip) devices. snmp provides its users with a "simple" set of operations that allows these
devices to be managed remotely. cisco systems currently includes snmp support in every router
and communications server. cisco snmp agents communicate successfully with all snmp-
compliant nmss.cisco routers provide many useful system monitoring and management
capabilities to help administrators manage large cisco router-based internetworks.cisco routers
also can report a wide variety of information about their internal configuration and status. cisco's
snmp implementation allows trap messages to be directed to multiple management stations. this
capability allows virtually instantaneous notification of network problems across the
internetwork.

an snmp-managed network consists of three key components:

• managed devices

• agents

• network-management systems (nmss)

a managed device is a network node that contains an snmp agent and that resides on a managed
network. managed devices collect and store management information and make this information
available to nmss using snmp. managed devices, sometimes called network elements, can be any
type of device including, but not limited to, routers and access servers, switches and bridges,
hubs, ip telephones, computer hosts, or printers.

an agent is a network-management software module that resides in a managed device. an agent

has local knowledge of management information and translates that information into a form
compatible with snmp.

an nms executes applications that monitor and control managed devices. nmss provide the bulk
of the processing and memory resources required for network .

snmp uses the user datagram protocol (udp) as the transport protocol for passing data between
managers and agents.udp was chosen over the transmission control protocol (tcp) because it is
connectionless; that is, no end-to-end connection is made between the agent and the nms when
datagrams are sent back and forth.snmp has been implemented over tcp, but this is more for
special-case situations in which someone is developing an agent for a proprietary piece of
equipment. snmp uses the udp port 161 for sending and receiving requests, and port 162 for
receiving traps from managed devices. every device that implements snmp must use these port
numbers as the defaults
when either an nms or an agent wishes to perform an snmp function (e.g., a request or trap), the
following events occur in the protocol stack:

application

first, the actual snmp application (nms or agent) decides what it's going to do. for example, it can
send an snmp request to an agent, send a response to an snmp request (this would be sent from
the agent), or send a trap to an nms. the application layer provides services to an end user, such
as an operator requesting status information for a port on an ethernet switch.

udp

the next layer, udp, allows two hosts to communicate with one another. the udp header contains,
among other things, the destination port of the device to which it's sending the request or trap.
the destination port will either be 161 (query) or 162 (trap).

ip

the ip layer tries to deliver the snmp packet to its intended destination, as specified by its ip
address.

medium access control (mac)

the final event that must occur for an snmp packet to reach its destination is for it to be handed
off to the physical network, where it can be routed to its final destination. the mac layer is
comprised of the actual hardware and device drivers that put theipdata onto a physical piece of
wire, such as an ethernet card. the mac layer also is responsible for receiving packets from the
physical network and sending them back up the protocol stack so they can be processed by the
application layer (snmp, in this case).

at present there are three different implementations of the snmp protocol.there is namely;
snmpv1, snmpv2c, and snmpv3. nagios works with all versions of snmp.

5 snmp command messages:getrequest, getnextrequest, getresponse, setrequest, trap.

snmp uses five basic messages (get, get-next, get-response, set, and trap) to
communicate between the manager and the agent. the get and get-next messages allow the
manager to request information for a specific variable. the agent, upon receiving a get or get-next
message, will issue a get-response message to the manager with either the information requested
or an error indication as to why the request cannot be processed. a set message allows the
manager to request a change be made to the value of a specific variable in the case of an alarm
remote that will operate a relay. the agent will then respond with a get-response message
indicating the change has been made or an error indication as to why the change cannot be made.
the trap message allows the agent to spontaneously inform the manager of an "important" event.

the small number of commands used is only one of the reasons snmp is "simple." the other
simplifying factor is its reliance on an unsupervised or connectionless communication link. this
simplicity has led directly to its widespread use, specifically in the internet network management
framework. within this framework, it is considered "robust" because of the independence of the
managers from the agents, e.g. if an agent fails, the manager will continue to function, or vice
versa.

snmp advantages:
• simple design & implementation
-users can easily program variables that they want to monitor

• expansibility
-protocol can be updated to meet future needs.
snmp disadvantages:
• security gaps
-intruders access to the information carried along the network
-snmp version 2 has fixed some security issues

• not a particularly efficient protocol

-bandwidth is wasted with needless information
-e.g:snmp version multiple length
snmp itself does not define which information (which variables) a managed system should offer.
rather, snmp uses an extensible design, where the available information is defined by
management information bases (mibs). mibs describe the structure of the management data of a
device subsystem; they use a hierarchical namespace containing object identifiers (oid). snmp
organizes data as mib.mib stands for management information base.mib: snmp separates
definition of the communication protocol and encoding from the set of items that can be
accessed.mib is organized in a tree structure with individual variables;a long numeric tag or
object identifier (oid) is used to distinguish each variable uniquely in the mib and in snmp
messages.mib lists the unique object identifier of each managed element in an snmp network.a
mib can be depicted as an abstract tree with an unnamed root. individual data items make up the
leaves of the tree. object identifiers (ids) uniquely identify or name mib objects in the tree. object
ids are like telephone numbers -- they are organized hierarchically with specific digits assigned
by different organizations.the mib is a virtual information store. it is a small database of
information and it resides on the agent. information collected by the agent is stored in the mib.
the mib is precisely defined; the current internet standard mib contains more than a thousand
objects. each object in the mib represents some specific entity on the managed device. in a
typical mib, we find the system name, ip routing tables, and counts of the packets handled by
each protocol. the most popular protocol in use to manipulate mibs is the simple network
management protocol .

snmp is the de facto standard communications protocol supporting integrated network

management in heterogeneous environments. with a wide array of snmp management features,
cisco systems provides truly useful management functionality across an extensive range of media
and protocols. as a leader in snmp-based management, cisco will continue to expand its
management capabilities to incorporate new protocols and features important to those protocols

testing methods

system testing is the stage of implementation which is aimed at ensuring that the system
works accurately and efficiently before a live operation begins. during the development of this
software project, errors of various types can occur at various stages. the first major hurdle in the
process of implementation is the period of testing the system. the debugging process is the most
unpredictable part of the testing procedure. to make the system developed here to be reliable and
accepted, various testing methods are used

further testing methods are implemented to make the software developed here completely
error-free and reliable. the types of tests conducted are described below followed by the testing
strategies adopted.

testing objectives
 testing is a process of executing a program and finding a bug.

 a good test case is one that has a high probability of finding an undiscovered error.

 a successful test is one that uncovers an undiscovered error.

if testing is conducted successfully according to the objectives as stated above, it would uncover
errors in the software. also testing demonstrates that software functions appear to the working
according to the specification, that performance requirements appear to have been met.

there are three ways to test a program

 for correctness

 for implementation efficiency

 for computational complexity.

tests for correctness are supposed to verify that a program does exactly what it was designed to
do. this is much more tedious than it may at first appear, especially for large programs.

tests for implementation efficiency attempt to find ways to make a correct program faster or use
less storage. it is a code-refining process, which re-examines the implementation phase of
algorithm development. tests for computational complexity amount to an experimental analysis
of the complexity of an algorithm or an experimental comparison of two or more algorithms,
which solve the same problem.

the following ideas should be a part of any testing plan

 preventive measures

 spot checks

 testing all parts of the program

  test data

 looking for trouble

 time for testing

 retesting

for our project has been verified by the reputed faculty of the organization.
whenever an error occurred, it was corrected on the spot. a quality team deputed by the
management verified tested the software .

security measures

system security refers to the technical innovations and procedures applied to the
hardware and operating system to protect against the deliberate or accidental damage from a
defined threat. to avoid unauthorized access, password protection is highly recommended while
running the application.
every candidate system must provide built-in procedures for security and integrity of data.
without safeguards against unauthorized access, fraud, natural disasters etc, system could be so
vulnerable so as to threaten he survival of a computer organization. to do an adequate job on
security, a system analyst must analyze the risks, exposures and costs and specify measures such
as password and encryptions to provide protection. in addition backup copies of software and
recovery restart procedures must be available when needed.
tight system security can be costly, but appropriate security is justified compared to the
catastrophe that could result from no protective measures. the main three motives behind security
are:
1. the near-total dependence of organization on computer-based information's makes it
imperative that a system be protected on a regular basis.
2. data are a major asset and should be protected .in database environment where computer
files are centralized, security becomes critical.
3. demonstrating effective security measures reinforces management support for designing
and implementing candidate system.
system security problem can be divided into four related issues: security, integrity, privacy and
confidentiality. they determine file structure, data structure and access procedures.
system security refers to the technical innovation and procedures applied to the hardware
and operating systems to protect against deliberate or accidental damage from a defined threat. in
contrast, data security is the protection of data from loss, disclosure, modifications and
destructions.
system integrity refers to the proper functioning of hardware and programs, appropriate
physical security and safety against external threats such as eavesdropping and wiretapping. in
comparison data integrity make sure that data do not differ from there original form ad have not
been accidentally or intentionally disclosed, altered or destroyed.
privacy defines the rights of the users or organization to determine what information they
are willing to share with or accept from others and how the organization can be protected against
unwelcome, unfair or excessive dissemination of information about it.
the term confidentiality is a special status given to sensitive information in a database to
minimize the possible invasion of privacy. it is an attribute of information that characterizes its
need for protection. system security is the technical means of providing such protection. in
contrast privacy is largely a procedural matter of how information is used.
data privacy and security are issues that go beyond the scope of the system development.
they are actually societal concern .an organization that depends heavily on the use of databases
requires special controls to maintain viable information. these controls are classified into three
general categories.

1. the physical security or protection from fire, flood and other physical damage.
2. database integrity through data validation techniques.
3. control measures through passwords, encryption and monitoring users on a
regular basis.

potential threats to system security include errors and omissions, disgruntled and
dishonest employees, fire and natural disasters .errors and omissions cause the most damage .risk
analysis helps assess the probability and cost of possible disasters, pinpoint unacceptable
exposures and adopt preventive measures as [part of a security plan .the goal is to identify the
threat that results in the greatest monetary losses and provide protection to the appropriate
degree.

after system security risks have been evaluated, the next step is to select security
measures. these measures are classified as follows

authentcation checking it is a scheme for identifying persons to the system based on "something
you know" such as a username and password or a picture badge," something you are" such as a
finger print or voice print or "something you have" such as a credit card, key or special terminals.
the system provides facility to change the password. this should be done once a week or so. this
is necessary because there is a chance that others can get the username and password by
eavesdropping or so. in such a case this changing of password will help to make the system
secure.

system integrity
these lines of defense safeguards the functioning of hardware, database, software,
physical security and operating procedures .the proper backup of software and hardware is
extremely important.

validation
web developers have faced a tough choice when adding form validation logics to their
pages. we can add form validation routines to the server-side code or to the client –side code.
the advantage of writing validation logic in client-side code is that we can provide instant
feedback to users. for eg, if a user neglects to enter a value in a required form field you can
instantly display an error message without requiring a roundtrip back to the server.

maintenance

maintenance is the enigma of system development. it holds the software industry captive,
tying up programming resources. thirty years ago, software maintenance was considered an
'iceberg'. what was immediately visible was all there is to it, but an enormous mass of potential
problems and cost lies under the surface. the maintenance of existing software can account for
over 60% of all effort expended by a software development organization, and the percentage
continues to rise as the amount of software increases.
types of maintenance activities
only about 20% percent of all maintenance work is spent 'fixing mistakes'. the remaining
80% is spent adapting existing systems to changes in their external environment, making
enhancements requested by users, and reengineering an application for future use. so
maintenance activities include:

a. corrective maintenance
even with the best quality assurance activities, it is likely that the customer
will detect defects in the software. corrective maintenance changes the software to correct
defects.

b. adaptive maintenance
over time, the original environment for which the software was developed
is likely to change. adaptive maintenance results in modification to the software to accommodate
changes to its external environment.

c. perfective maintenance (enhancement)

as software is used the customer will recognize additional functions that
will provide benefit. perfective maintenance extends the software beyond its original functional
requirements.

d. preventive maintenance (reengineering)

computer software deteriorates due to change, and because of this, preventive
maintenance, often called, software reengineering, must be conducted to enable the software
to serve the needs of its end users. in essence, preventive maintenance makes changes to
 computer programs so that they can be more easily corrected, adapted and enhanced.

maintenance is difficult because:

a. poor documentation
b. not as rewarding and exciting as developing systems
c. few tools and techniques are available
d. lack of a good test plan
e. standards, procedures and guidelines are poorly defined and enforced
f. minimal standards for maintenance
g. no such job classification as a maintenance manager

making enhancements is all about perfective maintenance. it means

adding, modifying or redeveloping the code to support changes in the specifications. it is
necessary to keep up with changing user needs and the operational environment. more money
and time is spent on perfective maintenance than on corrective or adaptive maintenance together.
the post implementation review of the system is conducted to determine the future enhancements
required by the system.

sy st em impl eme nt atio n

installing nagios

unpack the distribution : tar xzf nagios-2.10.tar.gz

create nagios user/group : adduser nagios
create installation directory : mkdir /usr/local/nagios
change the owner of the base installtion directory to be the
nagios user and group : chownnagios.nagios /usr/local/nagios
add command file group : /usr/sbin/groupadd nagcmd
add the apache web server and nagios to the
newly created group : /usr/sbin/usermod -g nagcmd apache
/usr/sbin/usermod -g nagcmd nagios
run the configure script : ./configure --prefix=/usr/local/nagios -- with-
cgiurl=/nagios/cgi-bin--with-htmurl=/nagios/ --with-nagios-user= nagios
--with-nagios-group= nagios --with-command-group= nagcmd
compile nagios and the cgis : make all
install the binaries and html files : make install
make install-init
make install-command
make install-config
change to the root of nagios installation directory :
cd /usr/local/nagios
five different subdirectories are created :

sub-directory contents

bin/ nagios core program

etc/ main, resource, object, and cgi configuration files should be put here

sbin/ cgis

share/ html files (for web interface and online documentation)

var/ empty directory for the log file, status file, retention file, etc.

var/archives empty directory for the archived logs

var/rw empty directory for the external command file

install the plugins :

unpack the distribution : tar xzf nagios-plugins-1.4.110.tar.gz
run the configure script : ./configure
compile plugin : make all
install plugin : make install

setup the web interface :

configure aliases and directory options for the web interface :

scriptalias /nagios/cgi-bin /usr/local/nagios/sbin

<directory "/usr/local/nagios/sbin">
options execcgi
allowoverride none
order allow,deny
allow from all
authname "nagios access"
authtype basic
authuserfile /usr/local/nagios/etc/htpasswd.users
require valid-user
</directory>
alias /nagios /usr/local/nagios/share
<directory "/usr/local/nagios/share">
options none
allowoverride none
order allow,deny
allow from all
authname "nagios access"
authtype basic
authuserfile /usr/local/nagios/etc/htpasswd.users
require valid-user
</directory>

restart the web server : /etc/rc.d/init.d/httpd restart

configure web authentication :

an authenticated user is someone who has authenticated to the web server with a
username and password and has been granted access to the nagios web interface.an
authenticated contact is an authenticated user whose username matches the short name of
acontact definition in wer object configuration file(s).

setting up authenticated user :

htpasswd-c/usr/local/nagios/etc/htpasswd.users agiosadmin
to require authentication for the nagios web interface, specify who has access. this is done
by using the htpasswd command supplied with apache.
running the following command will create a new file called htpasswd.users in the
/usr/local/nagios/etc directory. it will also create an username/password entry for
nagiosadmin. provide a password that will be used when nagiosadmin authenticates to the
web server.
enable authentication/authorization functionality in the cgis :
use_authentication=1
set the use_authentication variable in the cgi configuration file to a non-zero value.
default permissions to cgi information :

cgi data authenticated contacts other authenticated users

host status information yes no

host configuration information yes no
host history yes no
host notifications yes no
host commands yes no
service status information yes no
service configuration information yes no
service history yes no
service notifications yes no
service commands yes no
all configuration information no no
system/process information no no
system/process commands no no

authenticated contacts are granted the following permissions for each service for which
they are contacts
• authorization to view service status information
• authorization to view service configuration information
 • authorization to view history and notifications for the service
• authorization to issue service commands
authenticated contacts are granted the following permissions for each host for which they
are contacts
• authorization to view host status information
• authorization to view host configuration information
• authorization to view history and notifications for the host
it is important to note that by default no one is authorized for the following...
• viewing the raw log file via the showlog cgi
• viewing nagios process information via the extended information cgi
• issuing nagios process commands via the command cgi
• viewing host group, contact, contact group, time period, and command definitions
via the configuration cgi.

the various cgis distributed with nagios are ,

file name: status.cgi

this is the most important cgi included with nagios. it allows to view the current status of
all hosts and services that are being monitored. the status cgi can produce two main types
of output – a status overview of all host groups particular and a detailed view of all
services .

file name: statusmap.cgi

this cgi creates a map of all hosts we define on the network. the cgi uses thomas boutell’s
gd library to create a png image of the network lawet.

file name: tac.cgi

this cgi is designed to server as a "birds-eye view" of all network monitoring activity. it
allows to quickly see network outages, host status, and service status. it distinguishes
between problems that have been "handled" in some way (i.e. been acknowledged, had
notifications disabled, etc.) and those which have not been handled, and thus need
attention.

file name: config.cgi

this cgi allows to view objects (i.e. hosts, host groups, contacts, contact groups, time
periods,services, etc.) that is defined in object configuration file.

verify changes :
to check and see if the changes made to apache work, point web browser at
http://127.0.0.1 /nagios/ and get the web interface for nagios.

configuring nagios :
to configure nagios or defined objects (hosts, services, etc.) that should be
monitored.,there are several different configuration files that need to be created or edited
before monitoring anything. they are described below...
• main configuration file
the main configuration file /usr/local/nagios/etc/nagios.cfg contains a number of
directives that affect how nagios operates. this config file is read by both the nagios
process and the cgis. this is the first configuration file going to want to create or edit.a
sample main configuration file is generated automatically when we run the configure
script before compiling the binaries. when we install the sample config files using the
make install-config command, a sample
main configuration file will be placed into /usr/local/nagios/etc. the
default name of the main configuration file is nagios.cfg.
• resource file(s)
resource files can be used to store user-defined macros. resource files can also
contain other information ,although this will depend on how we have compiled nagios.
the main point of having resource files is to use them to store sensitive configuration
information and not make them available to the cgis.
• object definition files
object definition files are used to define hosts, services, hostgroups, contacts,
contactgroups, commands, etc. this is where we define what things we want to monitor
and how to monitor them.
• cgi configuration file
the cgi configuration file /usr/local/nagios/etc/cgi.cfg contains a number of directives
that affect the operation of the cgis.a sample cgi configuration file is generated
automatically when we run the configure script before compiling the binaries. when we
install the sample config files using the make install-config
command, the cgi configuration file will be placed in the same directory as the main and
host config files /usr/local/nagios/etc. the default name of the cgi configuration file is
cgi.cfg.
methods for starting nagios :
there are basically four different ways we can start nagios:
1. manually, as a foreground process
2. 2. manually, as a background process
3. manually, as a daemon
4. automatically at system boot
• running nagios manually as a foreground process
if we enabled the debugging options when running the configure script (and
recompiled nagios), this would be first choice for testing and debugging. running nagios
as a foreground process at a shell prompt will allow us to more easily view what’s going
on in the monitoring and notification processes.
to run nagios as a foreground process for testing, invoke nagios like this...
/usr/local/nagios/bin/nagios </usr/local/nagios/etc/nagios.cfg >
to stop nagios at any time, just press ctrl-c. if we’ve enabled the debugging options we’ll
probably want to redirect the output to a file for easier review later.
 • running nagios manually as a background process
to run nagios as a background process, invoke it with an ampersand as follows...
/usr/local/nagios/bin/nagios < /usr/local/nagios/etc/nagios.cfg > &
• running nagios manually as a daemon
in order to run nagios in daemon mode we must supply the -d switch on the command
line as follows...
/usr/local/nagios/bin/nagios -d </usr/local/nagios/etc/nagios.cfg >
• running nagios automatically at system boot
when we have tested nagios and are reasonably sure that it is not going to crash, we will
probably want to have it start automatically at boot time. to do this in linux we will have
to create a startup script in /etc/rc.d/init.d/ directory. we will also have to create a link to
the script in the runlevel(s) that we wish to have nagios to start in.a sample init script
(named daemon-init) is created in the base directory of the nagios distribution when we
run the configure script. we can install the sample script to /etc/rc.d/init.d directory using
the ’make install-init’ command.

stopping and restarting nagios

once we have nagios up and running, we may need to stop the process or reload the
configuration data "on the fly".: before we restart nagios, make sure that we have verified
the configuration data using the -v command line switch, especially if we have made any
changes to the config files. if nagios encounters problem with one of the config files
when it restarts, it will log an error and terminate.

stopping and restarting with the init script

stop nagios : /etc/rc.d/init.d/nagios stop

restart nagios : /etc/rc.d/init.d/nagios restart
process and then starts nagios up again.
reload configuration data : /etc/rc.d/init.d/nagios reload

future scope

in case of further enhancements in the needs of vsnl network monitoring the

required changes can be made easily to nagios.
 conclusion

a sincere attempt has been made to develop a system,which will increase the performance of
existing system and will be beneficial to the organization. the main aim of the project was to
provide a simple, user friendly and flexible environment.it will run with a good performance and
in a reliable way.

it is designed in such a way that the maintenance of the system is easy.after the successful user
testing ,it has been found that the new system overcomes most of the limitations of the existing
system and works according to the design specifications given.the developed system dispenses
with the problems and meets the need by providing reliable and complete information.the newly
developed system consumes lee processing time and productivity is increased.it also provides
security with the use of passwords.it has been developed with user friendliness , with messages
and control information outputs required are made available in the required format.