We have a mix of paid and free tools that vary a lot in their feature sets, but they all offer basic SNMP bandwidth monitoring. Here’s our guide to the best Linux bandwidth monitoring tools.
Knowledge is power! Consequently, knowing what the bandwidth utilization of the network you manage will give you power by allowing you to be proactive and by ensuring that network congestion is avoided as much as possible. To accomplish that, what you need are bandwidth monitoring tools. And since Linux is a popular platform with many network administrators, let’s have a look at some of the best Linux bandwidth monitoring tools available. Considering that most of them are free and open source, they will allow you to start monitoring bandwidth at no other cost than the time you’ll spend installing and configuring them. As you’ll soon find out, many of these tools are as good as some of the best Windows tools.
We’ll begin our exploration by having an overview of bandwidth monitoring. We’ll explain what it is and, more importantly, how it works. This will lead us to discuss the Simple Network Management Protocol, the basis of most monitoring tools. Then, we’ll briefly discuss Linux in general and also what it means to use it as a platform for monitoring tools. Once we’re all on the same page, we’ll be ready for the core of our subject, the best Linux bandwidth monitoring tools.
Network bandwidth monitoring is a very specific type of monitoring. What it does is measure the amount of traffic passing a given point on a network. Typically, the measuring point is a router or switch interface but it’s not uncommon to monitor bandwidth utilization of a server’s LAN interface. The important thing here is to realize that all we’re measuring is the amount of traffic. Bandwidth monitoring won’t give you any information about what that traffic is, only how much of it there is.
There are several reasons for wanting to monitor network bandwidth utilization. First and foremost, it can help you pinpoint areas of contention. As a network circuit’s utilization grows, its performance starts degrading. This is a fact of life. The more you approach the maximum capacity, the more impact there is on performance. By allowing you to keep an eye on network utilization, bandwidth monitoring tools give you a chance to detect high utilization—and address it—before it becomes noticeable by users.
Capacity planning is another major benefit of network monitoring tools. Network circuits—especially long distance WAN connections—are expensive and will often have only the bandwidth that was required when they were initially installed. While that amount of bandwidth might have been OK back then, it will eventually need to be increased. By monitoring the evolution of your network circuits’ bandwidth utilization, you’ll be able to see which ones need to be upgraded and when.
Bandwidth monitoring tools can also be useful for troubleshooting poor application performance. When a user complains that some remote application has slowed down, looking at the network bandwidth utilization can give you a pretty good idea whether or not the problem is caused by network congestion. If you see low network utilization, you can likely concentrate your troubleshooting efforts elsewhere.
SNMP Monitoring Explained
Most network bandwidth monitoring tools rely on the Simple Network Management Protocol (SNMP) to do their magic. Most networking equipment has built-in SNMP capability and can be polled by monitoring tools at regular intervals. Despite its misleading name, SNMP is actually quite complex. But don’t worry, you don’t have to be an expert and know all about it to use it. It’s just like you don’t have to be an auto mechanic to drive a car. It is, however, preferable to have at least some idea of how it works so let’s have a look at it.
At its base, SNMP is a communication protocol that specifies how an SNMP management system can read and write operational parameters in remote devices. The parameters are referred to as Object Identifiers or OIDs. Some of the interesting OIDs, from a monitoring standpoint, are those that contain major device metrics such as CPU and memory load or disk usage, for example. But when monitoring networking bandwidth utilization, two OIDs are of particular interest. They are the bytes out and the bytes in counters associated with each interface. They are automatically incremented by the network devices as data is output or input.
Dating back to a time when IT security was not an issue, SNMP only has minimal security. An SNMP manager connecting to an SNMP-enabled device will transmit a “community string” with its request. If the string matches that configured in the equipment, the request will be carried out. Devices typically have two community strings configured, one for read-only OIDs and one for modifiable ones. The communication is not encrypted and anyone intercepting it would see the community strings in clear text. This is why SNMP is only used on private, secure networks.
A Real-Life Example
Here’s how most monitoring systems use SNMP to monitor bandwidth utilization. They periodically read the bytes in and out counters of a networking device’s interfaces at know intervals. Five minutes is a typical interval value but shorter times can be used for finer resolution. They then store the polled values in some sort of database or file.
The rest of the process is simple maths. The monitoring system subtracts the previous counter value from the current one to get the number of bytes transmitted or received during the polling interval. It can then multiply that number by eight to get the number of bits and divide it by the number of seconds in the interval to get the number of bits per second. This information is typically plotted on a graph showing its evolution in time and stored in a database.
It is important to note that what you get is an estimation of the average utilization over the polling interval, not the real bandwidth utilization. For instance, let’s suppose that a circuit is used at maximum capacity during half of the polling interval and carries no traffic during the other half. It would show up as being used at 50% of its capacity despite being maxed out for an extended period. Shorter polling intervals will reduce this distortion but it is important to keep in mind that these systems only give you average values.
A Word About Linux
As an operating system, Linux is not, functionally speaking, very different from any others such as Windows or OS X. The main difference between Linux and other popular operating systems is the fact the Linux is an open-source product and most distributions are available for free. Many people tend to confuse open-source and free. It is true that open source software is often free but it is not necessarily the case. For instance, the Red Hat Enterprise Linux OS is not free. To add to the confusion, actors of the open-source movement often refer to open-source software as free software with free implying freedom rather than the absence of cost.
Over the years, Linux, which was once a marginal operating system installed by nerds and computer science students—I recall spending weeks downloading SLS Linux one diskette image at a time over a 1200 baud connection; I guess I was one of those nerds—has grown to be a popular option as a server operating system. Some recent distributions are also making much progress as a viable alternative to Windows as a personal computer operating system.
Using Linux As A Monitoring Platform
While Linux is a popular operating system for servers of all kind, it is even more so when it comes to running specific tools. There are several free and open-source network bandwidth monitoring tool that will only run on Linux. And if your tool of choice can run on either Windows or Linux, wouldn’t it make more economic sense to run in on a free OS rather than waste some money on a costly operating system?
While some people still don’t trust free and open-source operating systems and software for mission-critical applications and wouldn’t, for instance, put their precious corporate data on a MySQL server running on Linux, many of them don’t usually have as many objections to using the platform for running network administration tools.
One big advantage of using Linux as the underlying platform for network monitoring tools is that it is easy to set up a Linux server with only the required packages. While this can be done with Windows, it is considerably more complicated.
The Best Linux Bandwidth Monitoring Tools
We’ve searched the web for some of the best bandwidth monitoring tools that can run on Linux. What we came up with are some commercial products and some free and open-source ones. Some products on our list can be installed on either Linux or Windows while some are Linux-only. They all offer SNMP bandwidth monitoring and they all have a centralized console where you can configure the tool and see the monitoring results. While there are a few command-line only tools, we’ve excluded them from our list.
1. ManageEngine OpManager
The ManageEngine OpManager is a powerful all-in-one network monitoring tool that offers comprehensive network monitoring capabilities. It can help you keep an eye on network bandwidth utilization, detect network faults in real time, troubleshoot errors, and prevent downtime. The tool supports various environments from multiple vendors and can scale to fit your network, regardless of its size. It can run on either Linux or Windows and will let you monitor your devices and network and give you visibility over your entire network infrastructure. Installation and setup of this product are both quick and easy. You can get it running in under two minutes. It requires no complex installation procedures and comes bundled with built-in databases and web servers.
The ManageEngine OpManager constantly monitors network devices’ performance in real time and displays it on its live dashboards and graphs. In addition to bandwidth, it examines several critical operational metrics such as packet loss, errors and discards, etc.
The tool can help you detect, identify, and troubleshoot network issues with its threshold-based alerts. You can easily set multiple thresholds for every performance metric and get notifications when they are exceeded. Reporting is another area where this tool shines. Intelligent reports will let you get detailed insights on network performance. There are more than 100 built-in reports and you can customize, schedule and export these out-of-the-box reports as needed.
Zabbix is a free and open-source product which can be used to monitor anything. The tools can run on a handful of Linux distributions—including Rapsbian, the Raspberry Pi version on Linux—and it will monitor network bandwidth, servers, applications and services, as well as cloud-based environments. It features a highly professional look and feel. This product also boasts a broad feature set, unlimited scalability, distributed monitoring, strong security, and high availability. Despite being free this is a true enterprise-grade product.
Zabbix uses a combination of monitoring technologies. It supports SNMP monitoring as well as the Intelligent Platform Monitoring Interface (IMPI). It can also do agent-based monitoring with agents available for most platforms. For easy setup, there’s auto-discovery as well as out-of-the-box templates for many devices. The tool’s web-based user interface has several advanced features such as widget-based dashboards, graphs, network maps, slideshows, and drill-down reports.
Zabbix also features a highly customizable alerting system which will not only send out detailed notification messages but that can also be customized based on the recipient’s role. It can also escalate problems according to flexible user-defined service levels.
There are two versions of Nagios available. There’s the free and open-source Nagios Core and there’s the paid Nagios XI. Both share the same underlying engine but the similarity stops there. Nagios Core is an open-source monitoring system that runs on Linux. The system is completely modular with the actual monitoring engine at its core. The engine is complemented by dozens of available plugins which can be downloaded to add functionality to the system. Each plugin adds some features to the core.
Preserving the modular approach, the tool’s front-ends is also modular and several different community-developed options are also available for download. The Nagios core, the plugins and the front end combine and make for a rather complete monitoring system. There is a drawback to this modularity, though. Setting up Nagios Core can turn out to be a challenging task.
Nagios XI is a commercial product based on the Nagios Core engine but it is a complete self-contained monitoring solution. The product targets a wide audience from small businesses to large corporations. It is much easier to install and configure than Nagios Core, thanks to its configuration wizard and auto-discovery engine. Of course, this ease of setup and configuration comes at a price. You can expect to pay around $2 000 for a 100-node license and about ten times as much for an unlimited one.
4. Zenoss Core
Zenoss Core may not be as popular as some of the other monitoring tools on this list but it truly deserves to be here because of its feature set and professional look. The tool can monitor many things such as bandwidth utilization, traffic flows, or services like HTTP and FTP. It has a clean and simple user interface and its alerting system is excellent. One thing worth mentioning is its rather unique multiple alerting system. It allows a second person to be alerted if the first one does not respond within a predefined delay.
On the downside, Zenoss Core is one of the most complicated monitoring systems to install and set up. Installation is an entirely command-line driven process. Today’s network administrators are used to GUI installers, configuration wizards and auto-discovery engines. This could make the product’s installation seem a bit archaic. Then again, this is in line with the Linux world. There is ample installation and configuration documentation available and the end result makes it worth the efforts.
We had to include Cacti on this list. After all, at 17 years of age, it is one of the oldest free and open-source monitoring platform. And it is still quite popular to this day it is still actively developed. The latest version was just released in late January. While Cacti might not be as feature-rich as some other products, it is still an excellent tool. Its web-based user interface has a somewhat of a vintage feel but it is well laid out and easy to understand and use. Cacti is comprised of a fast poller, advanced graphing templates, and multiple acquisition methods. While the tool primarily relies on SNMP polling, custom scripts can be devised to get data from virtually any source.
This tool’s main strength is in polling devices to fetch their metrics—such as bandwidth utilization—and graphing the collected data on web pages. It does an excellent job of that but that’s all it will do. If you don’t need alerting, fancy reports or other extras, the product’s simplicity might be just what you need. And if you need more functionality, Cacti is open-source and entirely written in PHP, making it highly customizable and you can add any missing features you need.
Cacti makes extensive use of templates which account for an easier configuration. There are device templates for many common types of devices as well as graph templates. There’s also a huge online community of users who write custom templates of all kinds and make them available to the community and many equipment manufacturers also offer downloadable Cacti templates.
The Multi Router Traffic Grapher, or MRTG, is the granddaddy of all network bandwidth monitoring systems. While the open-source project has been around since 1995, it is still in widespread usage, despite the fact that the latest version is already five years old. It is available for Linux and Windows. Initial setup and configuration are somewhat more complicated than what you’d experience with other monitoring systems but excellent documentation is readily available.
Installing MRTG is a multi-step process and you need to carefully follow the setup instructions. Once installed, you configure the software by editing its configuration file. What MRTG lacks in user-friendliness, it gains in flexibility. Mostly written in Perl it can easily be modified and adapted to one’s exact needs. And the fact that it’s the first monitoring system and that it is still around is a testament to its value.