Using GNUPlot with icmp/tcpping/hping3

Recently I’ve started playing with hping and tcpping to allow for tcp/udp packet testing.

One neat little tool called GNUPlot allows for you to take statistics and then plot them on a diagram. In this tutorial I’ll show you how easy it is.

Step 1: Gather the data and extract out to a .dat file

Via TCPPing

shell> tcpping -x 600 www.pingpros.com 80 | awk 'NF > 1 { print $(NF - 1); }' | grep -E "[0-9]" > pingprostcpdata.dat

Via hping3

shell> hping3 -S -p 80 -c 600 www.pingpros.com | awk 'NF > 1 { print $(NF - 1); }' | grep -E "[0-9]" | sed -e 's/rtt=//g' > pingproshpingdata.dat

Via ICMP

shell> ping -c 600 www.google.com | awk -F [=\ ] 'NF > 1 { print $(NF - 1); }' | grep -E "[0-9]" > pingprosicmpdata.dat

If you can cat the files you’ll notice the data is the same. It’s up to you which program you want to run on! They both work and provide the same data. My preference is tcpping but if you are an hping type of person go ahead and play around with the script as you like.

TCPPING Results:

23.505
25.563
22.789
23.976
26.712
21.986
23.228
22.705
22.944
22.816

HPING Results

23.4
25.1
23.1
26.1
22.2
26.6
26.0
23.1
26.9
23.8

With GNUPlot installed type in:

shell> gnuplot

In the GNUPlot terminal add:


set terminal pngcairo size 1024,768 enhanced font 'Verdana,10'
set output "vrrp-vs-nonvrrp.png"
set ylabel "Time in miliseconds"
set xlabel "Number of Pings"

set autoscale

set style line 1  lc rgb ‘#0025ad’ lt 1 lw 1.5
set style line 2  lc rgb ‘#09ad00’ lt 1 lw 1.5

plot “pingprostcpping.dat” title “some title” w lp, \
“pingproshping.dat” title “some other title” w lp

 

You can also awk you files to find the average:

awk ' FNR==1 {average1 += $1} END {print average1;}' pingprostcpdata.dat
0.334
awk -v N=1 '{ sum += $N } END { if (NR > 0) print sum / NR }' pingprostcpdata.dat
 

You can also make bar graphs to compare the data

set terminal pngcairo enhanced font 'Verdana,10'
set output "vrrp-vs-nonvrrp-bargraph.png"

set style fill solid

set autoscale

plot [0.5:][0:10] ‘pingproshping.dat’ with histogram, ‘sw1-core-vlan134.dat’ with histogram

Installing TCPPing and HPing on CentOS 7.x

Install TCPPing

1: Install tcptraceroute


shell> sudo yum install tcptraceroute

2: Download TCPPing and set permissions


shell> sudo cd /usr/bin/
shell> sudo wget http://pingpros.com/pub/tcpping
shell> sudo chmod 755 tcpping

Install HPing

1: Install EPEL Repository

shell> sudo yum install epel-release

2: Install HPing3

shell> sudo yum install hping3

 

Credits:
TCPPING – http://www.vdberg.org/~richard/tcpping

Installing TCPPing and HPing on Debian / Ubuntu

Install TCPPing

1: Install tcptraceroute


shell> sudo apt-get install tcptraceroute

2: Download TCPPing and set permissions


shell> cd /usr/bin/
shell> wget http://pingpros.com/pub/tcpping
shell> chmod 755 tcpping

Install HPing


shell> sudo apt-get install hping3

 

Credits:
TCPPING – http://www.vdberg.org/~richard/tcpping

House Keeping

I have been working on articles in the backend as of lately but a few upcoming changes…

 

  1. I have updated the blog theme to a newer design. This design will allow for me to have a better page tree breakdown between the Linux and Network Articles.
  2. I am deleting all of the blog entries as I convert them to pages. Blog entries will mostly be linked to the newest pages created.
  3. Better breakdown of Linux/Network articles (based on OS Type/Vendor Type).

Stay Tuned…

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Further Learning

Labs:

  • IOS – GNS3 – GNS3.net (free). Works best on MAC (windows/Linux supported)
    • Good for doing routing testing (we built an entire global ospf/bgp lab at IMC and tested changes there before deploying)
  • vEOS (free) Using Virtualbox you can build your own Arista mini lab to test functionality.
  • JunOS – GNS3/Virtualbox (free). Works best on MAC (windows/Linux supported)
  • NX-OS – Cisco VIRL ($150/yr). Works best on MAC (windows/Linux supported)
  • F5 Virtual Lab
    • https://devcentral.f5.com/questions/virtual-edition-lab-license-is-now-9699

 

Books:

Courses:

Emulators:

Other

rsyslog Configuration with multiple hosts on CentOS 7.x

yum install rsyslog

chkconfig rsyslog on

 

vim /etc/rsyslog.conf

 

Uncomment the UDP and TCP syslog reception items to match below:

# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514

Add Template before GLOBAL DIRECTIVES

$template RemoteLogs,”/apps/syslog/%HOSTNAME%/%$now%.log” *
*.* ?RemoteLogs
& ~

Configure Debian 7.x/8.x and Ubuntu 14.04 LTS Boxes with Smokeping

  • Login and then update the OS

shell> sudo apt-get update
shell> sudo apt-get upgrade

  • Configure Hostname (in our example we will use turtle):

shell> sudo hostname turtle
shell> sudo vim /etc/hostname

    • Add

turtle.pingpros.com

    • Change Hosts File

shell> sudo vim /etc/hosts

      • From

127.0.0.1        debian

      • To

127.0.0.1        turtle.pingpros.com

  • Restart hostname

shell> sudo /etc/init.d/hostname.sh

  • Install Postfix, cacti, smokeping

shell> sudo apt-get install postfix
shell> sudo apt-get install sendmail
shell> sudo apt-get install smokeping

  • Install TCPPing

shell> apt-get install tcptraceroute
shell> cd /usr/bin/
shell> wget http://www.vdberg.org/~richard/tcpping
shell> chmod 755 tcpping

  • Configured Apache for Smokeping support

shell> cd /etc/apache2/conf-available
shell> sudo ln -s ../../smokeping/apache2.conf smokeping.conf
shell> sudo a2enconf smokeping
shell> sudo a2enmod cgid
shell> service apache2 reload

  • Configure Smokeping

shell> sudo vim /etc/smokeping/config.d/General

cgiurl   = http://turtle.pingpros.com/cgi-bin/smokeping.cgi

REBOOT

Monitoring in the Cloud as a Network Admin

I’ve been perplexed with a problem lately as a network engineer. Obviously the use of Public/Hybrid clouds from third party providers causes a lack of any sort of visibility for a network engineers.

The question is…how do we…as network engineers gain the visibility necessary to see the health of the cloud and performance within the network.

Here are a few ideas that one can utilize to start gaining more visibility for an engineer to help with performance metrics and troubleshooting:

  1. Monitor all server equipment nic cards.
  2. Smokeping between different servers
  3. Monitor local bandwidth going out to the cloud
  4. Trending reports will tell you if the cloud has issues
  5. Have a Network Host in the cloud that is dedicated to running latency, jitter numbers utilizing smokeping
Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather