Monitoring network performance with GNetWatch

208

Author: Ben Martin

GNetWatch is a network monitoring and performance testing tool that lets you can see the status of hosts on your network, send ping requests of varying size and quality of service to hosts, and investigate SNMP information. GNetWatch includes support for using Wireshark and nmap to snoop packets and investigate hosts on the network.

There are no packages of GNetWatch in the Ubuntu, Fedora, or openSUSE repositories. GNetWatch is written in Java and is offered in a bundle download that also includes the source, javadocs, user manual, and third-party libraries that GNetWatch uses. If you install the bundle download, the only dependencies you will have to meet are having a Web browser and Java Runtime Environment (JRE) installed. Note that you must install the 32-bit JRE on a 64-bit machine because GNetWatch includes and uses some 32-bit compiled libraries. If you see errors like the ones below then you are trying to use a 64-bit JRE. I used Sun’s jre-6u6-linux-i586.bin with GNetWatch 3.1 for this article.




Exception in thread "GUI" java.lang.UnsatisfiedLinkError:

.../libswt-pi-gtk-3235.so: .../libswt-pi-gtk-3235.so:

wrong ELF class: ELFCLASS32 (Possible cause: architecture word width mismatch)



$ file libswt-pi-gtk-3235.so

libswt-pi-gtk-3235.so: ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), stripped


With the 64-bit warning out of the way, you can install and run GNetWatch as shown below. Note that you’ll also need to have the 32-bit version of Firefox installed.




tar xzvf /FromWeb/GNetWatchBundle-Linux-3_1.tar.gz

cd ./GNetWatchBundle-Linux-3_1/

$ export MOZILLA_FIVE_HOME=/usr/lib/firefox-2.0.0.14

$ export LD_LIBRARY_PATH=`pwd`:$MOZILLA_FIVE_HOME

$ /usr/local/jre1.6.0_06/bin/java -Xmx1G -jar GNetWatchBundle.jar


The distribution tarball of GNetWatch that you expanded above contains many XML files that are used for configuration. In the GNetWatchBundle-Linux-3_1 directory you will find the config.xml file, which allows you to set your locale, how many queues are made available by GNetWatch (queues are used to perform actions like pinging hosts), and a few platform-specific options. The platform-specific options should be set correctly if you downloaded the Linux bundle version of GNetWatch. The initial-objects.xml configuration file lets you specify a tree of hosts that you would like to initially appear in the middle pane of the GNetWatch GUI.

The GUI design revolves around attaching actions to hosts in the center pane and, if desired, viewing the detailed output of actions in a view that the action associates with the host it is operating on. When you select either the user-defined folder or any folder under it, the leftmost pane becomes active and you can add new groups (folders), networks, or IPv4/v6 addresses. New hosts added using the left pane in this manner are automatically saved. A few irritations presents themselves with the left pane for adding hosts. Firstly, it is only ever useful if you have selected either user-defined or a folder under it. Once you have your hosts set up, the left pane doesn’t offer anything and takes up screen space all the time. Also, when entering a new group, pressing Enter in the add group text entry field does not create the group; you have to click the add group button below the text entry box. There’s a similar problem for adding an IPv4 target. I also could not find a way to edit an IPv4 address if it was mistyped when originally entered, other than deleting the IPv4 address and creating it again.

To perform some task on a host or network, select it from the middle pane and use the action menu. For example, to check whether a host is alive, select the “ping target” action. Doing this adds a ping action below the target in the center pane of the GUI and an up/down view. The ping action shows you the round trip time to the host you are pinging. Double-clicking the up/down view that the ping action creates shows you a graph of the history of your ping times, and creates a new page on the right of the display showing the history of all ping events for the host, as well as the statistics for the last 30 seconds, five minutes, and one hour. To update the statistics in the tab on the right side of the display you have to double-click on the view again in the center pane.

Issuing a UDP or HTTP load test for a host is a two-step process. First you select the option “Set IP Options” or “Set HTTP Options” from the Target menu, then use the Action menu to start the UDP or HTTP flood. When these actions are started they operate in a similar manner to pinging a host: a new action is shown as the child of the target, and a new view is added so you can see the output of the action.

GNetWatch can use Wireshark to sniff network traffic and detect hosts and networks, adding them to the middle pane for you. I had issues getting the IP sniffing with Wireshark to work. If you are running GNetWatch as a regular user then GNetWatch makes no attempt to sudo tethereal, which is likely to be the simplest way a non-root user can start capturing packets. If you create a tethereal shell script in the user’s path for use with GNetWatch, make sure it can execute the real tshark executable without prompting for passwords. Also note that the packet sniffing functionality in GNetWatch is limited to host detection.

One other thing that I found difficult to get used to was the lack of context menus. For example, right-clicking a host in the middle pane shows no context menu. I expected to be able to right-click on a running ping action and select stop from a context menu.

The information collected by GNetWatch is stored in a relational database using JDBC. By default GNetWatch uses HSQLDB, so you do not have to set up any database to start using GNetWatch. The JDBC collection feature could be useful for consolidating data from larger networks and to let you connect to the same database from multiple locations.

When you restart GNetWatch it automatically starts performing the actions it was performing when you closed it down. So if you are pinging a collection of hosts and monitoring their CPU load and free memory, all of these actions will be started automatically when you open GNetWatch again.

See section 5 of the manual for some step-by-step instructions on how to perform common tasks like computing round trip times, using nmap, and flooding a host with HTTP requests.

Wrap up

The use of the Standard Widget Toolkit (SWT) makes GNetWatch feel like a native application rather giving you the feeling you are running a Java application, but the GUI can be a little clunky at times. Having GNetWatch start its previous monitoring tasks automatically makes it a useful tool for monitoring a collection of hosts, and the system used for monitoring the CPU load and free memory can be extended through the use of shell scripts (see section 3.4.1 of the manual). If you run ping or nmap on hosts regularly with GNetWatch you can leave the terminal and see ping latencies graphically.

Categories:

  • System Administration
  • Networking