What is NetFlow: a network protocol developed by Cisco Systems

Web applications, blogs? You need web monitoring tools!

In French the word "present" has two meanings: the present, this moment that you are reading this article, or a gift among others. There is no confusion here, but the adjective "free" can mean free, without cost, and free, that he has freedom. Today we will see several free applications that you can use as web monitoring tools system administrator tasks.

Web server monitoring

What are we looking for in web monitoring tools? What is a web server?

It is a computer or device capable of offering information or data by means of a protocol (or securely by HTTPS). For your supervision, we consider two main areas: internal supervision and external supervision.

In the internal part, there are three crucial points:

General state of your Web server: load, disk space, temperature of the components (if not virtual), ie the basic values ​​of any server.

Web traffic: open connections, listening, addresses, etc.

Information in the logs : it is very important to configure, since you have several domains on the same web server, each with its independent file.

For external supervision :

Simple tests: if it is online, response time, certificates expiration (if using HTTPS), etc.

Transactional web monitoring: it monitors the processes that respond to a series of steps. The simplest example is if a user can connect to your web server (say you have a simple blog with WordPress installed).

Pandora FMS

If you are a new reader of our blog, here is a surprise: the free version of Pandora FMS is able to work with the 3 points of internal supervision (by means of software agents) and the first point of external supervision!

Can't you believe it? I explain to you.

You can find more information on everything that has been described so far at this link .

You are probably using a web server with Apache: for this specific case we have a great article written by the creator and founder of Pandora FMS.

The network management (local or extended) indirectly participates in the Web supervision.

After using Pandora FMS and / or some of the web monitoring tools shown here, you can perform web optimization , since the performance of web applications has become a key element for the proper functioning of organizations.

Web monitoring tools

I come back to the subject of free or "free" applications: the web monitoring tools that I include also have more permissive licenses, like the one from MIT or the same Apache license, or more restrictive such as the free ones. Since this is a very broad subject, Wikipedia collects a large number, if not all.

Another type of web monitoring tool that I must name is the one offered as a physical service from different parts of the world. Although some are free programs , it is obvious that there is a monetary cost to maintain virtual or real machines all over the planet, so that they regularly access your website from so far away and let you know.

With these explanations, let's now see the web monitoring tools.

Only

Yes, you yourselves, as programmers, can use "real user supervision," placing specific instructions before and after your code does read and / or write operations on your web server, then by keeping an additional journal. Later, we'll see its counterpart, User Experience ( UX ).

I must also mention the figure of the "poor man": on the CodeProject site there is a tool with a personalized free license which indicates how to work practically by hand (I do not recommend this method, I include it only for educational purposes).

Linux Dash

I consider it the lightest, but don't be fooled by appearances. It has been created in a minimalist but versatile way: you can use Go, Python or Node.js languages, because surely some of these working environments are already installed on your system. This way, you don't add a load just to install a web monitoring tool.

What is NetFlow? Well I know what you are thinking, what comes to your mind every time you go to one of those articles trying to define a computer concept: “Ufff, doesn't it seem like all of them computer concepts compete with each other to appear complicated? They almost sound like forced names of energy drinks. "" NetFlow gives help ""

What can we say about it? To me, they would have names that sound like Elvish, but there's nothing we can do. Today we are going to explain: "what is NetFlow?" We've already ruled out the energy drink, and just in case you're wondering, it doesn't refer to isotonic drinks or a lost brand of sporting goods.

What is NetFlow? Definition

Okay, Netflow is just a network protocol developed by Cisco Systems (a company that was founded in 1984 and is considered one of the biggest companies in the tech industry today). Netflow is designed and used to collect information about IP traffic . He's getting further and further away from your idea of ​​an energy drink, eh? Netflow is so popular that when in the industry they refer to one of the many other versions that exist with the same mission, they also call it Netflow. Even if they are not part of the brand. As you know, this is the case with industrial glue. It doesn't matter what brand it is, it's often called Loctite. O with the dolls: “Daddy, buy me a Barbie”.

Supported by the Cisco Routers and Switches Compendium, NetFlow allows devices to collect information. What kind of information? Well, this information that comes from the traffic that goes through the links. After that, it then sends this traffic information to a device called the NetFlow Collector , using User Datagram Protocol (UDP, a transport level protocol based on the exchange of datagrams).

There are many ways to measure and charge for information on IP networks. Cisco simply offers the NetFlow protocol, which is supported by multiple router models from the same company. Netflow only obtains this information from the flows that make up the traffic through said devices.

NetFlow was introduced as a new feature in Cisco routers to gain the property of collecting IP network traffic when entering or exiting an interface. Once you have the data on the table (“on the table” is a way of speaking, since we are not talking about scrolls or maps) the data acquired through NetFlow can be analyzed. A good, experienced network administrator can infer or infer keys such as where traffic is coming from or where it is going, possible triggers for congestion, or types of service.

Cisco NetFlow v5 , the most standardized Cisco NetFlow, defines flow as a unidirectional sequence of packets that share the following characteristics:

Input interface

Source IP address

Destination address

IP protocol

Source port for UDP or TCP

Destination port for UDP or TCP, type and code for ICMP

IP service type

The Cisco brand, along with v5, also has NetFlow v7, v9 and v10 ; they add more values ​​than those mentioned here and which extend their description.

What is NetFlow? Some applications

Among all the possibilities of NetFlow, we can take advantage of its use for accounting or invoicing . It provides us with all kinds of detailed information, from IP numbers, types of ports or services, schedules… to the number of packets in circulation. Being able to operate with all these types of resources can give us a lot of flexibility and maneuver in accounting. We can change the rate types by taking advantage of our data. For example, from a flat rate to more ductile joints that are installed during the hours of the day, the use of bandwidth, applications, devices, service.

One of the best ways to use all the information provided by Netflow is to improve the design and optimize the analysis of your networks. Create a policy for routers and their actions, recreate the backbone, develop strategic network engineering plans minimizing operating costs, increase performance, capacities and resources, etc.

Of course, now that we have answered the question "what is NetFlow?" », We can move towards network supervision. Imagine the possibilities that NetFlow can offer you, because with it it is quite possible to monitor everything that is happening on the network. NetFlow-based study strategies allow us to analyze parameters related to particular routers, switches or network traffic and their applications. All of this can help us avoid problems by preventing actions and finding possible breakdowns, before anyone else.

Besides, do you know who benefits like no one else and is a champion of this last point, supervision? Of course Pandora FMS . It is flexible monitoring software capable of monitoring devices, infrastructure, applications, services and business procedures.