Linux network servers Uncategorized

Getting ntop running on CentOS

What is ntop

ntop is a linux service which monitors network traffic and nework devices on your LAN.  However the best explanation cabe had be visting ntop’s website.

So how you install and set it up then? Well, that’s when the fun begins, though by the end of it you might not think of it as “fun”.

Installing ntop

I am using CentOS 5.6 so the version of ntop which comes with it is the older  3.3.9. The latest version being 4.1.0 and can be downloaded from and compiled and setup if you wish. However, I stuck with the version in the repositories of CentOS.

One thing about the install on CentOS is that it is entirely broken. You’ll see why later.

To download ntop, simply perform

sudo yum install ntop

Now you’d be tempted to just go ahead and do

sudo service ntop start

However that is not going to work, for several reasons. Firstly, you need to set a admin password  and second, the path which contains the various files is in the wrong place.  For the first simply run

sudo ntop -A

But! do not do that until you have fixed the config file. The config file is set to put the files in the folder /var/lib/ntop which causes permissions problems. The “correct” or rather, usable, folder you want to use is /etc/ntop which already contains some of the files.

So really the first thing you need to do is modify the config file /etc/ntop.conf.

Change the following line

# sets the directory that ntop runs from
--db-file-path /var/lib/ntop


--db-file-path /etc/ntop

Now you can set the admin password and start the service. One item you will notice is that ntop will spit out the errors.

Error Opening file ./GeoLiteCity.dat
Error Opening file ./GeoIPASNum.dat

If you check the /etc/ntop folder you will see those files are there. The issue is not with the files, but with the contents. ntop runs fine however and you can access the web interface at http://localhost:3000


This gets the ntop started and going and access to ntop on the web host. In my next post I will show how to connect ntop to the reverse proxy so you can monitor the server remotely.

That will also be even more “fun”.

APIC crash hang kernel logs network Ubuntu

Random crash of Backup server

I have been trying to nail down an issue with my backup server. I thought I had solved it with a boot option of noapic , because the server worked fine after this setup. It booted reliably up each time.

Until yesterday, when it did something that it had done before. That is the NIC seems to turn off all by itself and then the OS sort of hangs. Before this point the server had sent out its e-mails and even started a couple of backups. I’m not able to login at the console, so the only option I have is a power off and then a boot.

Checking through the logs reveals nothing. DMESG, syslog, messages reveals nothing. No panic, nothing. All I can see is that after sometime backuppc can no longer ping machines and then backuppc soon stops – perhaps because the server is now hung. Pinging the backup server does not work either, so the server really is locked up.

It is very annoying to say the least. The previous server was rock-solid in this regard. It was extremely slow, but at least it booted and stayed up. This maybe because it had a more modern BIOS than the current unit. Which makes me think I will now have to hunt down a updated BIOS.

This really is the first Ubuntu/Linux unreliability I have had in over four (4) years of using Linux.

If anyone has some place to begin, please don’t hesitate to comment. I am running Ubuntu 10.04 LTS server edition. Its only purpose is to run Backuppc and this server is woken by WOL each night to start the backup and then shutsdown early morning when all backups are done.

edit: Just to let you know that this appeared to be a hardware issue and I have switched everything over to the original backup machine. Which is much slower but at least works. I now need to wonder what the problem is.