================== Network Monitoring ================== OSDx provides many tools to inspect network traffic and provide insightful statistics about how traffic is being processed in the system. Capturing traffic ================= The ``traffic dump monitor`` command displays all the traffic going through the router in real time. It also provides a large range of options to modify its behavior. Two key options are ``save ``, which saves the traffic in a ``.pcap`` file, and ``filter `` which filters the traffic using a tcpdump filter. *Examples:* .. code-block:: none admin@osdx$ traffic dump monitor tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes 13:09:44.352460 IP 10.215.168.1 > 10.215.168.2: ICMP echo request, id 54236, seq 1, length 64 13:09:44.352649 IP 10.215.168.2 > 10.215.168.1: ICMP echo reply, id 54236, seq 1, length 64 .. code-block:: none admin@osdx$ traffic dump monitor filter icmp save capture tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes ^C9 packets captured 9 packets received by filter 0 packets dropped by kernel Output file was generated in '/support/capture.pcap' Bandwidth ========= The ``traffic bandwidth monitor interface `` command shows a graph displaying the amount of traffic going through the selected interface. .. figure:: bandwidth.png :width: 400px *Bandwidth graph* The graph may be exited by pressing ``Ctrl+C``. Flows ===== The ``traffic flow monitor interfaces `` command shows a graph displaying the currently active network flows. .. figure:: flow.png :width: 400px *Flow graph* The graph may be exited by pressing ``Ctrl+C``. Another useful command for checking flows is ``system conntrack monitor``, which shows all state changes for every active network flow. *Example:* .. code-block:: none admin@osdx$ system conntrack monitor [NEW] icmp 1 30 src=10.215.168.1 dst=10.215.168.2 type=8 code=0 id=26362 [UNREPLIED] src=10.215.168.2 dst=10.215.168.1 type=0 code=0 id=26362 [UPDATE] icmp 1 30 src=10.215.168.1 dst=10.215.168.2 type=8 code=0 id=26362 src=10.215.168.2 dst=10.215.168.1 type=0 code=0 id=26362 [DESTROY] icmp 1 src=10.215.168.1 dst=10.215.168.2 type=8 code=0 id=9835 packets=59 bytes=4956 src=10.215.168.2 dst=10.215.168.1 type=0 code=0 id=9835 packets=59 bytes=4956 ^Cconntrack v1.4.5 (conntrack-tools): 3 flow events have been shown. The monitor session may be ended by pressing ``Ctrl+C``. SNMP ==== The :osdx:op:`service snmp monitor traps community *` and :osdx:op:`service snmp monitor traps user *` families of commands provide a way to show the SNMP traps as they are triggered. For more information about SNMP monitoring see the :ref:`SNMP Monitoring ` chapter. *Example:* .. code-block:: none admin@osdx$ service snmp monitor traps community COMMUNITY2TEST 2023-06-30 22:57:11 10.0.0.1(via UDP: [10.0.0.1]:33209->[10.0.0.2]:162) TRAP, SNMP v1, community COMMUNITY2TEST TELDAT-OSDX-TRAPS-ALARM-MIB::alarmNotification1 Enterprise Specific Trap (0) Uptime: 1:18:39.08 TELDAT-OSDX-TRAPS-ALARM-MIB::alarm1Name = STRING: ALARM2TEST TELDAT-OSDX-TRAPS-ALARM-MIB::alarm1Status = INTEGER: true(1) 2023-06-30 22:57:11 10.0.0.1(via UDP: [10.0.0.1]:57094->[10.0.0.2]:162) TRAP, SNMP v1, community COMMUNITY2TEST TELDAT-OSDX-TRAPS-ADVISOR-MIB::advisorNotification1 Enterprise Specific Trap (0) Uptime: 1:18:39.11 TELDAT-OSDX-TRAPS-ADVISOR-MIB::advisor1Name = STRING: ADVISOR2TEST TELDAT-OSDX-TRAPS-ADVISOR-MIB::advisor1Status = INTEGER: true(1)