MRTG (Multi-Router Traffic Grapher) is a public domain package for producing graphs of various router statistics via a Web page. You can easily create graphs of traffic flow statistics through your home network's firewall/router or even your Linux box's NIC cards using MRTG. The product is available from the MRTG Web site ( and also on your distribution CDs. Figure shows a sample MRTG graph.

2. A typical MRTG Web page.

MRTG Download and Installation

You need to install MRTG before proceeding. Most Red Hat and Fedora Linux software products are available in the RPM format. When searching for the file, remember that the MRTG RPM's filename usually starts with mrtg and a version number, as in mrtg-2.10.5-3.i386.rpm.

In addition to MRTG, you need to install the SNMP utility tools as explained earlier and you need to have a Web server package installed for MRTG to work. Red Hat Linux usually comes with the Apache Web server software preinstalled. The easiest way to tell if Apache is installed is to run the rpm -q httpd command. If you don't get a positive response, you can refer to Chapter 20, "The Apache Web Server," for installation details. By default Apache expects the HTML files for your Web site to be located in /var/www/html. MRTG places its HTML files in /var/www/mrtg.

Configuring MRTG

By default, MRTG maps the inbound and outbound data throughput rates on the device it is polling. Methods for specifying other OIDs, such as CPU and memory usage, are discussed in Chapter 23, "Advanced MRTG for Linux." For now, I'll stick with the default configuration.

When the MRTG RPM is installed, it creates a directory called /etc/mrtg in which all future configuration files are stored. To create a replacement default /etc/mrtg/mrtg.cfg configuration file for the server, follow these steps:

Use MRTG's cfgmaker command to create a configuration file named mrtg.cfg for the server (Bigboy) using a Read Only community string of craz33guy. Place all data files in the directory /var/www/mrtg:.

[[email protected] tmp]# cfgmaker --output=/etc/mrtg/mrtg.cfg \
--global "workdir: /var/www/mrtg" -ifref=ip \
--global 'options[_]: growright,bits' \
[email protected]

--base: Get Device Info on [email protected]:
--base: Vendor Id:
--base: Populating confcache
--snpo: confcache [email protected]: Descr lo --> 1
--snpo: confcache [email protected]: Descr wlan0 --> 2
--base: Walking ifAdminStatus
--base: Walking ifOperStatus
--base: Writing /etc/mrtg/mrtg.cfg
[[email protected] tmp]#


Using the -ifref=ip cfgmaker command option instructs MRTG to use the interface's IP address as the title for each graph. Unfortunately, this causes errors when Fedora Core 1 polls another Fedora Core 1 server; the errors prevent the graphs from being created correctly. You can avoid this problem by removing the option to get graph titles using the much less recognizable MAC address of the interfaces.


As explained in the SNMP section, there are different versions of SNMP. If your query doesn't work, check to make sure you are using the required version and then check other SNMP configuration parameters on the target device. You can specify MRTG's SNMP query version with the --snmp-options cfgmaker option. Here is an example of cfgmaker using an SNMP version 2 query of a router with an IP address of The --snmp-options option's five colons before the 2 are important:

     [[email protected] tmp]# cfgmaker --
     output=/etc/mrtg/ \
     -ifref=ip --global "workdir: /var/www/mrtg" \
     --snmp-options=:::::2 [email protected]

Edit /etc/mrtg/mrtg.cfg, and remove the sections related to interfaces you don't need to monitor. A certain candidate would be the virtual loop-back interface Lo: (with the IP address of, which doesn't pass any network traffic at all.

Run MRTG using /etc/mrtg/mrtg.cfg as your argument three times. You'll get an error the two times as MRTG tries to move old data files, and naturally, the first time it is run, MRTG has no data files to move.

[[email protected] tmp]# env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
Rateup WARNING: /usr/bin/rateup could not read the primary log
file for localhost_192.168.1.100
Rateup WARNING: /usr/bin/rateup The backup log file for local-
host_192.168.1.100 was invalid as well
Rateup WARNING: /usr/bin/rateup Can't remove local-
host_192.168.1.100.old updating log file
Rateup WARNING: /usr/bin/rateup Can't rename local-
host_192.168.1.100.log to localhost_192.168.1.100.old updating
log file
[[email protected] tmp]# env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
Rateup WARNING: /usr/bin/rateup Can't remove local-
host_192.168.1.100.old updating log file
[[email protected] tmp]# env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
[[email protected] tmp]#

Use MRTG's indexmaker command to create a Web index page using your new mrtg.cfg file as a guide. The MRTG Web GUI expects to find the index file in the default MRTG Web directory of /var/www/mrtg/, so the format of the command would be:

[[email protected] tmp]# indexmaker --output=/var/www/mrtg/index.html \

MRTG is run every five minutes by default, and the file that governs this is /etc/cron.d/mrtg. For MRTG to work correctly, edit this file, replacing all occurrences of /usr/bin/mrtg with env LANG[eq]C /usr/bin/mrtg. The explanation for changing the language character set for MRTG is given in the "Troubleshooting MRTG" section.

This isn't allyou need to view the graphs too. This will be covered later, but first I'll show you how to poll multiple devices.

Getting MRTG to Poll Multiple Devices

The Fedora Core MRTG installation process creates a cron file named /etc/cron.d/mrtg. This file tells the cron daemon to run MRTG using the /etc/mrtg/mrtg.cfg file every five minutes to poll your network devices. You can configure MRTG to poll multiple devices, each with a separate configuration file. Here's how:

Create a new configuration file using the steps from the previous section; choose a filename that is not mrtg.cfg.

Add a new MRTG line in /etc/cron.d/mrtg for each new configuration file you create:

0-59/5 * * * * root env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
0-59/5 * * * * root env LANG=C /usr/bin/mrtg /etc/mrtg/device1.cfg
0-59/5 * * * * root env LANG=C /usr/bin/mrtg /etc/mrtg/device2.cfg

Run the indexmaker command, and include all of your /etc/mrtg configuration files, to regenerate your Web index page.

[[email protected] tmp]# indexmaker --output=/var/www/mrtg/index.html \
/etc/mrtg/mrtg.cfg /etc/mrtg/device1.cfg /etc/mrtg/device2.cfg

Other versions of Linux keep their MRTG cron enTRies inside the /etc/crontab file. Edit this file using the same syntax as the Fedora /etc/cron.d/mrtg file, and then restart the cron daemon to re-read the configuration:

[[email protected] tmp]# service crond restart

You could also create a script with the /usr/bin/mrtg/etc/mrtg/device.cfg entries in it and make cron run it every five minutes. This way you can just edit the script each time you add a device without having to restart cron.

Configuring Apache to Work with MRTG

MRTG is useful because it can provide a graphical representation of your server's performance statistics via a Web browser.

With Fedora Core, MRTG creates an add-on configuration file named /etc/httpd/conf.d/mrtg.conf that includes all the necessary Apache commands for MRTG to work.

Some configuration may need to be done, because by default MRTG accepts Web requests from the Linux console only. You can add your home network to the file by inserting the network on the Allow from line, or you can allow universal access by commenting out that line along with the Deny from line. This example adds access from the network:

     <Location /mrtg>
         Order deny,allow
         Deny from all
         Allow from localhost

If you want to access MRTG from the Internet, then you'll have to comment out the Deny statement and allow from all IP addresses:

     <Location /mrtg>
         Order deny,allow
         Allow from all

Remember to restart Apache after you make these modifications for the changes to take effect.


With newer versions of Fedora, Apache automatically reads the add-on files in the /etc/httpd/conf.d/ directory. With Fedora Core 1, you have to specifically configure the Apache configuration file /etc/httpd/conf/httpd.conf to find it. You can do this yourself by inserting this line at the very bottom of the main Apache configuration file before restarting Apache for the change to take effect:

     include "/etc/httpd/conf.d/mrtg.conf"

Basic Security

If you are accessing MRTG graphs from the Internet, you may want to add password protection to the directory by using a .htaccess file as described in Chapter 20.

How to View the MRTG Graphs in Your Web Browser

You can now access your MRTG graphs by pointing your browser to the URL:


Using MRTG to Monitor Other Subsystems

MRTG will generate HTML pages with daily, weekly, monthly, and yearly statistics for your interfaces. By default, MRTG provides only network interface statistics. Chapter 23 has detailed examples and explanations of how to monitor Linux disk, CPU, memory, and Web connection data. The MRTG Web site,, also has links to other sites that show you how to monitor many other subsystems on a variety of devices and operating systems.

Troubleshooting MRTG

There are many simple steps you can use to troubleshoot MRTG. Take a look at some of the most common ones.

Basic Steps

MRTG won't work if SNMP queries don't work. Make sure you follow the SNMP troubleshooting steps if you have any difficulties.

Setting the Correct Character Set

MRTG usually works only if your system uses an ASCII-based (Western European) character set. If it isn't set, then you'll get errors such as this every time you run MRTG from the command line or as part of a cron job:

     [email protected] tmp]# mrtg /etc/mrtg/mrtg.cfg
     ERROR: Mrtg will most likely not work propperly when the environment
            variable LANG is set to UTF-8. Please run mrtg in an envir..
            where this is not the case:

            env LANG=C /usr/bin/mrtg ...
     [[email protected] tmp]#

Your system's character set is defined in /etc/sysconfig/i18n, and the current Fedora default of en_US.UTF-8 won't work, but en_US will after a system reboot. This is not necessarily a good idea, especially if the native language Linux uses on your system is not ASCII based, other things may fail to work.

A better solution is to always run MRTG using this command instead of using just plain /usr/bin/mrtg:

     env LANG=C /usr/bin/mrtg

This will modify the character set used by MRTG alone and shouldn't affect anything else.

Fedora Core 1 MRTG Errors with net-snmp

A bug appears in the MRTG implementation for some Fedora Core 1 MRTG versions when polling another Fedora Core 1 server.

When using a -ifref=ip statement with the cfgmaker command, every line in the configuration file that is generated becomes commented out. When it works, this statement is very convenient, because it makes MRTG provide graphs sorted by the IP addresses of the interfaces instead of the default, which is the much harder to recognize interface MAC address. Upgrading to the most current Core 1 version of MRTG will fix the problem:

     ### Interface 6 >> Descr: '' | Name: '' | Ip: ''
     ### The following interface is commented out because:
     ### * has a speed of which makes no sense
     ### * got 'Received SNMP response with error code
     ###       error status: noSuchName
     ###       index 1 (OID:
     ###     SNMPv1_Session (remote host: "localhost" [].161)
     ###                       community: "craz33guy"
     ###                      request ID: 824482716
     ###                     PDU bufsize: 8000 bytes
     ###                         timeout: 2s
     ###                         retries: 5
     # Target[localhost_192.168.1.100]: /[email protected]:
     # SetEnv[localhost_192.168.1.100]: MRTG_INT_IP=""
     # MaxBytes[localhost_192.168.1.100]: 0
     # Title[localhost_192.168.1.100]: Traffic Analysis for
     # PageTop[localhost_192.168.1.100]: <H1>Traffic Analysis for
     #  <TABLE>
     #    <TR><TD>System:</TD>     <TD>bigboy in Unknown</TD></TR>
     #    <TR><TD>Maintainer:</TD> <TD>[email protected]</TD></TR>
     #    <TR><TD>Description:</TD><TD>  </TD></TR>
     #    <TR><TD>ifType:</TD>     <TD> ()</TD></TR>
     #    <TR><TD>ifName:</TD>     <TD></TD></TR>
     #    <TR><TD>Max Speed:</TD>  <TD>0.0 bits/s</TD></TR>
     #  </TABLE>

As all the lines in the configuration file are commented out with a # character, indexmaker fails to create an index.html file and gives errors:

     [[email protected] tmp]# indexmaker --output=/var/www/mrtg/stats/index.html
     Use of uninitialized value in hash element at /usr/bin/indexmaker line
     [[email protected] tmp]#

     Python   SQL   Java   php   Perl 
     game development   web development   internet   *nix   graphics   hardware 
     telecommunications   C++ 
     Flash   Active Directory   Windows