A blog post How to Analyse MikroTik Traffic Using ntopng explains how to properly configure the Mikrotik, nProbe and ntopng for this purpose. To monitor Mikrotik traffic, ntopng needs to be used in combination with nProbe (see Using ntopng with nProbe ). Depending on the amount of traffic on your network, you might see data in as little as 10-15 seconds. ntopng features Mikrotik traffic monitoring. Wait about a minute and then try reviewing some of the data in the ntop interface. Type in your router’s IP/netmask in the Virtual NetFlow Interface Network Address section and click Set Interface Address.Įnabling traffic flow on the Mikrotik can be done with just two configuration lines: /ip traffic-flowĪdd address=192.168.10.65:2055 disabled=no version=5.Type 2055 in the Local Collector UDP Port section and click Set Port.Type “Mikrotik” in the NetFlow Device section and click Set Interface Name.Click Add NetFlow Device and fill in the following: Roll your mouse over the Plugins menu again, then NetFlow, and then click Configure. Roll your mouse over the Plugins menu, then NetFlow, and then click Activate. Open a web browser and open to access the ntop interface. Once you set the password, you may need to press CTRL-C to get back to a prompt in some ntop versions. Set an admin password for ntop: ntop -set-admin-password # ntop to skip those calls, at a tiny performance penalty. I had to comment out the sched_yield() option to get ntop to start: # Under certain circumstances, the sched_yield() function causes the ntop web Install ntop first: yum -y install ntopĪdjust /etc/nf so that ntop listens on something other than localhost: # limit ntop to listening on a specific interface and port
These instructions are for Fedora 15, but they should be pretty similar on most other Linux distributions. Mikrotik calls it “traffic flow” and it’s much more efficient than setting up a mirrored or spanned port and then using ntop to dump traffic on that interface. I discovered today that these devices offer Cisco NetFlow-compatible statistics gathering which can be directed to a Linux box running ntop. It’s no secret that I’m a big fan of the RouterBoard network devices paired with Mikrotik’s RouterOS.
0 kommentar(er)
