• Introduction
• System Requirements
• Installation
• NetInstall CD
• Live CD
• Configuration
• Console
• Storage
• Passwords
• Networking
• MTU Changes
• User Management
• Exit
• Timezone Configuration
• Web
• Local Performance Services
• Global Performance Services
• Java OWAMP Client
• Reverse Traceroute
• Reverse Ping
• perfAdmin BWCTL
• perfAdmin OWAMP
• perfAdmin PingER
• perfAdmin SNMP
• Cacti Graphs
• Administrative Information
• Communities
• External BWCTL Limits
• External OWAMP Limits
• Enabled Services
• NTP
• Scheduled Testing
• Scheduled BWCTL
• Scheduled PingER
• Scheduled OWAMP
• Scheduled Traceroute
• Cacti Administration
• Cacti Config Step 1
• Cacti Config Step 2
• Cacti Config Step 3
• Cacti Config Step 4
• Cacti Config Step 5
• Cacti Config Step 6
• Cacti Config Step 7
• Cacti Config Step 8
• Cacti Config Step 9
• Cacti Config Step 10
• Cacti Config Step 11
• Cacti Config Step 12
• Cacti Config Step 13
• Configuration Help
• Frequently Asked Question
• About
• Credits
• Last Updated

Introduction

The following guide describes in detail the steps required to set up version 3.2.1 of the perfSONAR performance Toolkit (pS Performance Toolkit 3.2.1). It is important to follow each step in order. Upon getting stuck, consult the FAQ or join the mailing list.

For installation instructions specific to version 3.2 of the pS Performance Toolkit, please visit http://code.google.com/p/perfsonar-ps/wiki/pSPerformanceToolkit32.

System Requirements

The system recommendations for the pS Performance toolkit are now located here.

Installation

Version 3.2.1 of the pS Performance Toolkit consists of two primary installation mediums:

• NetInstall CD
• Allows the entire OS image to be installed directly to a host's hard disk
• Requires network connectivity to download necessary packages
• Does not support upgrade functions from prior versions of the pS Performance Toolkit
• Allows an upgrade path directly from the host via yum - no physical access to the machine will be required.
• Live CD
• Classic use case.
• Can run without harming host's hard disk contents
• Can run and store measurements on host's hard disk
• Ability to upgrade from prior versions of the pS Performance Toolkit

The following sections describe the installation procedure for each of the products.

NetInstall CD

The pS Performance Toolkit iso and md5 checksum are available for download to all interested parties. Once downloaded please verify the MD5 sum:

user@host:~$ md5sum pS-Performance_Toolkit-NetInstall-3.2.1.1.iso;cat pS-Performance_Toolkit-NetInstall-3.2.1.1.iso.md5
e299ce35dbde8c557420cdf933ddbb5e  pS-Performance_Toolkit-NetInstall-3.2.1.1.iso
e299ce35dbde8c557420cdf933ddbb5e  pS-Performance_Toolkit-NetInstall-3.2.1.1.iso

If the calculated value matches the downloaded value, the ISO image is complete and should be burned to a CD. If the value DOES NOT match, consider re-downloading the file. After burning, please insert the CD into the target machine to boot. Some items to consider:

• The target machine should have some way to access the console. This can be via an attached monitor and keyboard or via remote access through serial ports or KVMs.
• The target machine's BIOS must allow the machine to boot from CD. If the CD does not boot, adjust the BIOS (normally access via F12, F2, Del, etc.) and try again.
• The target hardware should match what is described in System Requirements.

After booting the following screen will appear:

Options can be presented at this time (e.g. going into single user mode) but if nothing is required, simply press enter. The boot process will commence after this:

The CentOS installer will start automatically, and load several drivers.

Since this installer relies on access to the network to download operating system files, setting up network access is required. This screen enables both IPv4 and IPv6 in either DHCP or Static modes. Select what works best before proceeding:

The system will apply the settings to interfaces it can find on the system:

After establishing network connectivity, some files will be downloaded to continue the process:

The installer will proceed into the next stage:

The installer will now ask a series of questions before setting up the system:

The first step is to select the target hard disk. The user will have the option to use existing disks and partitions (if they can be read) or deleting the partitions and starting over. Do what works best for the target host:

The system may display warnings if the disk is targeted to be altered from an existing state:

The next step will allow the user the option to modify and review the partition choices:

Even though the network interface was initially set up before to download the initial install files, the user must still configure it for regular use. This screen allows the user to make changes to the networking configuration:

There are some options to select:

• Activate on boot will enable this interface to start when the computer starts
• Enable IPv4 support is the most common situation, and enables the user to use IPv4 addressing
• Enable IPv6 support enables the user to use IPv4 addressing

This screen allows a choice between DHCP and static configurations for the IPv4 address:

This screen allows a choice between DHCP and static configurations for the IPv6 address:

The last networking option is the manual setting of the hostname. If the host is being statically configured, this step can be used to set the hostname.

The next screen sets the clock (N.B. most systems are set to UTC) and the timezone.

The root password must be set next, be sure to remember the password:

The system is mostly configured - the listing of available packages will be retrieved from the CentOS mirror:

The next screen will allow the user to choose which package groups can be installed. By default all functionality that a pS Performance Toolkit node will need is already selected or enabled. It is strongly suggested that users do not de-select the initial packages - this may lead to complications in configuring/operating the pS Performance Toolkit. The choice of additional packages can be used to add other tools to the target host. The user does not have to select anything additional, but for the interested more information on what is inside of each group is available in the CentOS Documentation. In general the following groups are available:

• Administration Tools
• Authoring and Publishing
• Base - Enabled by default and REQUIRED
• Beagle
• Clustering
• Cluster Storages
• Development Libraries
• Development Tools
• Dialup Networking Support
• DNS Name Server
• Editors
• Educational Software
• Emacs
• Engineering and Scientific
• Fedora Packager
• FreeNX and NX
• FTP Server
• Games and Entertainment
• GNOME Desktop Environment
• GNOME Software Development
• Graphical Internet
• Graphics
• Hardware Support
• Horde
• Java
• Java Development
• KDE (K Desktop Environment)
• KDE Software Development
• KVM
• Legacy Network Server
• Legacy Software Development
• Legacy Software Support
• Mail Server
• Mono
• MySQL Database
• Network Servers
• News Server
• Office/Productivity
• OpenFabrics Enterprise Distribution
• PostgreSQL Database
• Printing Support
• Ruby
• Server Configuration Tools
• Sound and Video
• System Tools
• Text-based Internet - Enabled by default
• Tomboy
• Virtualization
• Web Development
• Web Server
• Window Managers
• Windows File Server
• XFCE-4.4
• X Software Development
• X Window System
• Yum Utilities

Select the groups that make the most sense for the installation (e.g. if this is a standalone server, XWindows may not be necessary). Also note that if a package is not selected that may be useful in the future, it may be installed after the server is complete by using the yum tool:

sudo yum install PACKAGENAME

or

sudo yum groupinstall GROUPNAME

After completing, press OK.

The system will now calculate the packages to install:

The system will keep an install log in /root. This is am important file to save in case there are problems with the install, do not delete this file.

The filesystem will be formatted:

The packages and times to install will be calculated:

Depending on the amount of packages to install, and the speed of the network connection, the following may take minutes or hours:

The following is a common, but recoverable, error. The CentOS mirror network experiences connectivity and validity problems from time to time. The installer is structured to always check the files it downloads and verify the MD5 fingerprint to be sure that the file is complete. If a file is not complete, it should be deleted and re-downloaded. When the following screen appears, press the RETRY button. Note that sometimes this may need to be pressed a couple of times.

The process will complete and finish by installing the bootloader (to allow the user in to the new operating system):

The pS Performance Toolkit has several post install scripts to set up the measurement structure. This step may take several minutes:

Finally, the process completes:

The system will reboot. If the CD does not eject automatically, be sure not boot from the CD when the system comes back up:

There will be only one kernel available on the system when it starts. This may change over time. Note that this is a Web100 kernel. If for some reason it is not a Web100 kernel there may have been a problem with the install. Possible reasons include:

• The Web100 kernel in the pS Performance Toolkit repository was older than a kernel in the CentOS repository. This may occur if a recent CVE was announced and the pS Performance Toolkit developers have not released a new version yet
• The Web100 kernel did not install cleanly due to problems with other packages

It there are questions on this particular issue, feel free to mail the mailing list

The system will start up like any other Linux distribution.

Finally the user will see a typical login screen.

To log in to the new system, use the root user, and a blank password:

Note that while the root user starts with a blank password, SSH is disabled by default. The only way to log on to the new system is via the console.

After logging in for the first time, the root user is required to set a new non-blank password. Note that CentOS requires this to be a password of moderate strength, and will prompt the user to pick something it feels is strong. After finishing this step, login is complete. See the image below:

The message at login describes the two main forms of Configuration:

To start configuration, run:

sudo /opt/perfsonar_ps/toolkit/scripts/nptoolkit-configure.py

Once the passwords are set, login to the web interface and finish configuration. The web interface should be available at: 

https://[host address]/toolkit

An important thing to note is that in the description above, there is no IP address or hostname found for this host currently. This will need to be rectified in the console configuration step.

Live CD

The pS Performance Toolkit iso and md5 checksum are available for download to all interested parties. Once downloaded please verify the MD5 sum:

user@host:~$ md5sum pS-Performance_Toolkit-LiveCD-3.2.1.1.iso;cat pS-Performance_Toolkit-LiveCD-3.2.1.1.iso.md5 
f5ed7dda7bd8e3431c2e648effd9b48d  pS-Performance_Toolkit-LiveCD-3.2.1.1.iso
f5ed7dda7bd8e3431c2e648effd9b48d  pS-Performance_Toolkit-LiveCD-3.2.1.1.iso

If the calculated value matches the downloaded value, the ISO image is complete and should be burned to a CD. If the value DOES NOT match, consider re-downloading the file. After burning, please insert the CD into the target machine to boot. Some items to consider:

• The target machine should have some way to access the console. This can be via an attached monitor and keyboard or via remote access through serial ports or KVMs.
• The target machine's BIOS must allow the machine to boot from CD. If the CD does not boot, adjust the BIOS (normally access via F12, F2, Del, etc.) and try again.
• The target hardware should match what is described in System Requirements.

After booting the following screen will appear:

Options can be presented at this time (e.g. going into single user mode) but if nothing is required, simply press enter. The boot process will commence after this:

Some services will not start on first load, and as such there may be red FAILED warnings on the screen. This is normal. In particular, NTP (the time service) will not be active when the server starts. This will cause some tools like BWCTL to fail as well. Over time (usually around an hour) NTP will stabilize and the pSPT will automatically re-start failed services. For a picture of NTP failing on boot, see below:

The system is configured to search for addresses via DHCP by default. This may cause the system to pause for a short amount of time if there is no DHCP server on the target network. Note that in the Console Configuration phase a static IP can be specified. The following shows the messages that will appear when the host searches for available network interfaces. Note that we get a successful DHCP address on eth0:

Also note that the pS Performance Toolkit searches for connectivity on several interfaces, possibly more than are available on the target system. This is also normal, the added interfaces will not alter the behavior or operation of the host.

The system will configure and start up services next. It is normal to see some of these services fail (they will be configured in the Console and Web portions so they do start up properly). The final step is to present the console to the user:

If upgrading from an existing LiveCD deployment (3.1.x or 3.2.x) there may be existing users on the system already, possibly knoppix and root. The existing passwords for these users will still be on the system after the upgrade. If starting with a fresh install, to log in to the new system, use the root user, and a blank password:

Note that while the root user starts with a blank password, SSH is disabled by default. The only way to log on to the new system is via the console.

After logging in for the first time, the root user is required to set a new non-blank password. Note that CentOS requires this to be a password of moderate strength, and will prompt the user to pick something it feels is strong. After finishing this step, login is complete. See the image below:

The message at login describes the two main forms of Configuration:

To start configuration, run:

sudo /opt/perfsonar_ps/toolkit/scripts/nptoolkit-configure.py

Once the passwords are set, login to the web interface and finish configuration. The web interface should be available at: 

https://[host address]/toolkit

An important thing to note is that in the description above, there is no IP address or hostname found for this host currently. This will need to be rectified in the console configuration step.

Configuration

Configuration of the pS Performance Toolkit is split into two parts:

• Console - Configured on the target computer
• Caveat: The console can be reached via a serial line or tool that may redirect this over a working network connection.
• Web - Can be configured remotely

In general the console configuration contains essential options that should be reviewed and set before the system can operate as a measurement framework. Note that certain functionality, including the basic measurement tools, will function without any configuration. The web based configuration steps can be performed remotely and should be used to personalize and customize the measurement experience.

Console

At the console screen, type the following command:

sudo /opt/perfsonar_ps/toolkit/scripts/nptoolkit-configure.py

The following menu will appear:

There are 5 options that may be configured through this menu:

• Storage - Configure drive to hold data/customizations
• Passwords - Set the root password, or those of other users.
• Networking - Set networking to be DHCP or Static
• User Management - Add additional users to the system
• Exit - After exiting the menu

The following sections detail the actions available under each option. Note that as a menu item is addressed, they will change color. Options in magenta have yet to be configured, and options in green have already been configured. It is possible to re-configure green items as required.

Storage

After choosing Option 1 from the menu, the following prompt will appear listing what drives were available on the system (experience may vary):

After choosing a drive, this message may appear:

An internal check requests that the disk have the minimum 10GB of capacity. It is possible to proceed with a smaller disk, but not recommended. Note that any partition combination is acceptable, as long as the minimum size is respected. Note that for simplicity a single partition will give the pSPT the most access to storage.

If the drive is unformatted or is not formatted with the ext3 filesystem, there will be an option for format the drive in question. While Linux can natively read and write many filesystems, some (specifically NTFS and FAT) do not contain support for features required by the toolkit. N.B.: formatting a hard drive will render any existing old data un-readable. Please be sure to select the proper target hard drive before proceeding:

The screen will display the results of the formatting step. Note that a machine reboot is required before the system will be completely usable. It is strongly recommended that the host be rebooted immediately, particularly before adding users or altering networking. There is a strong possibility that the changes made will not be saved to the disk.

The remainder of the menu can be navigated before the reboot will be requested:

If the user chooses to reboot later, the menu will re-appear and mark that this step has been visited:

Passwords

After choosing Option 2 from the menu, the system will attempt to change the system passwords. There are two options as to which passwords may be available:

• root and knoppix users. This would be the case of existing pS Performance Toolkit v3.1.x installs that were upgraded.
• root user only. This would be the case of new pS Performance Toolkit v3.2.x installs.

The following message may appear if the passwords were already set.

Answering no will exit to the menu, answering yes will bring up the following dialog.

The system is designed to sense weak passwords, and the following warning may appear if a password with little strength is selected. Note that it will not prevent the user from using a weak password, the system will just warn the password is weak.

Systems that feature a knoppix user will ask to change this password at the same time as root. After completing this step, the system will drop back to the menu. Note that this step will now appear in green.

Networking

After choosing Option 3 from the menu, the following menu will appear:

Note that if the user has experience with older versions of the pS Performance Toolkit this new network configuration screen will seem different. It is based on the RHEL configuration tools. There are two options:

• Edit Devices: Use this to change between Static and DHCP on the network interfaces
• Edit DNS Configuration: Use this to change DNS settings for the host

We will select the top option first:

On this screen the user will see many network devices that can be configured. Note: due to complications in the menu system, the pS Performance Toolkit developers have pre-loaded the settings for up to to 5 devices. Not all of these devices will be active on a given machine. In general eth0 or eth1 may be used (and will have a descriptive name as discovered in the boot process). Highlight one of the devices to configure it, and press enter. The following shows configuration that utilizes DHCP, after making changes press OK:

The following shows configuration that utilizes a static address, after making changes press OK:

To exit the interface configuration press Save when finished. The Edit DNS Configuration screen allows the user to make changes to the DNS settings on the host, when finished press OK:

After making any changes, please press Save & Quit to exit. The system will drop back to the configuration menu:

Note that there will not be any notable change to the color in the Configure Networking menu since this is an optional step.

MTU Changes

There is currently no option to set the MTU size via the Networking dialog. To manually set the MTU:

• cd into /etc/sysconfig/network-scripts
• Edit the ifcfg-eth file for the interface in question. Commonly the file will look like this:

DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
HWADDR=00:0c:29:98:5a:12
TYPE=Ethernet

• Add the following line (Assuming Jumbo frames):

MTU=9000

• Save the file, and restart networking:

sudo /etc/init.d/network restart

User Management

After choosing Option 4 from the menu, the following menu will appear with options:

• Add a new user
• Delete a user
• Change a user's password

Option 1 allows a new user to be added to the system. Simply enter the name of the user (or enter nothing and press enter to exit):

There will be some options for the new user. First, is the user allowed to log in via SSH:

Note that for the user to be able to log in via SSH, SSH must be enabled on the machine. See section for more details. Also, it is possible to put the user in the administrative group (e.g. allowing the user to use sudo to run commands):

Enter the password for the user:

Verify the password again. Note that the system will check for weak passwords, although it will not stop the user from using a weak password:

After finishing, the system will drop back into the user management menu:

Selecting Option 2 will remove a user's account, simply type in a username:

After typing in a valid account, there is an option to remove the home directory:

After finishing, the system will drop back into the user management menu:

Note that entering an invalid username will simply exit, and return to the user management menu:

Selecting Option 3 will change the password for a user's account, simply type in a username:

Enter the password for the user:

Verify the password again. Note that the system will check for weak passwords, although it will not stop the user from using a weak password:

After finishing, the system will drop back into the user management menu:

Note that entering an invalid username will simply exit, and return to the user management menu:

Upon hitting exit, the system will drop back into the user management menu:

Exit

If the Storage or Networking settings were changed (e.g. even if a change was not requested) the system will request a reboot:

Note that if neither were entered, the system will return to the console.

Timezone Configuration

Timezone configuration is no longer a part of the pS Performance Toolkit configuration scripts, but it can be accomplished using some CentOS tools. Invoking the following tool:

sudo tzselect

Will start the process:

There will be several menus where the user can narrow down the specific region they are located in:

Once the user settles on a given timzone, there will be a confirmation step:

Finally, instructions will be given to make the choice of timezone permanent. Note that the suggested instructions may be used for the global profile file as well:

/etc/profile

The other solution, as recommended by RedHat in this article, suggest editing the:

/etc/sysconfig/clock

file. The file by default will have the following information:

To change the value to a more appropriate timezone, consult:

/usr/share/zoneinfo/*

for a list of timezones, or use the value that was displayed in the steps above.

Web

Configuration over the web is available after the machine has come online. First, determine the URL to go to for configuration.

In most cases, the message seen during login will contain the URL:

In some cases, the message will have a URL like https://[host address]/:

If this is the case, login and run ifconfig. The URL will be the IP address after inet addr. In the following example, the URL will be https://192.168.69.137/:

Enter this address in a web browser, and the following screen will appear:

The menu on the left side of the screen has the following areas that can be viewed and configured, this guide will examine each:

• User Tools
• Local Performance Services
• Global Performance Services
• Java OWAMP Client
• Reverse Traceroute
• Reverse Ping
• Service Graphs
• Throughput (BWCTL)
• One-Way Latency (OWAMP)
• Ping Latency (PingER)
• SNMP Utilization
• Cacti Graphs
• Toolkit Administration
• Administrative Information
• External BWCTL Limits
• External OWAMP Limits
• Enabled Services
• NTP
• Scheduled Tests
• BWCTL Tests
• PingER Tests
• OWAMP Tests
• Cacti SNMP Monitoring
• Toolkit Information
• Configuration Help
• Frequently Asked Questions
• About
• Credits

Local Performance Services

The home page, is linked via the Local Performance Services button:

This page lists the measurement tools currently on this node as well as the versions of each piece of software. There are 3 states for each tool:

• Running - The service is functioning normally
• Not Running - The service is stopped either accidentally or due to a problem.
• Disabled - The service has been disabled via the Enabled Services dialog.

A service may be in the Not Running state for a number of reasons, initially it is likely that the service has not been configured. If when examining this list a service is in this state, and the operator feels it shouldn't be, please try to restart the service and check the logs.

Global Performance Services

Using the perfSONAR Lookup Service, the pS Performance Toolkit is able to locate and display information on other perfSONAR services, world-wide. The Global Performance Services page displays the global set of perfSONAR services:

The time when the set of services was retrieved is displayed at the top of the page. The toolkit regularly runs a script to query the global services. This information is used by the Global Performance Services page as well as other pages, including Scheduled Tests page. Note that if the date seems rather old the script could be experiencing an error - please consult the /var/log/perfsonar/ls_cache_daemon.log log if this is the case.

Java OWAMP Client

JOWAMP is a Java client of the OWAMP tool that executes an owamp test from the web browser to the server located on that particular node. The code is still experimental, as such we have several warnings related to use of the code including this initial warning that will appear when the link is first clicked:

Because JOWAMP is a Java applet, it must run in the browser and may trigger several warnings. These warnings convey information about executing code that is not signed within the browser. The warnings will look similar to this (will vary by web browser):

After accepting this warnings, the JOWAMP main screen will start:

Running a test between the machine with the web browser and the performance node will produce results similar to this:

If for some reason an error was experienced, the following items should be checked:

• Firewalls - Check to be sure the performance node and the system with the web browser are either un-firewalled or have setting that would allow OWAMP traffic. See the OWAMP page for more details.
• NTP - Be sure the performance node has a stable NTP numbers. The machine with the web browser does not need NTP, but should have synchronized time.
• Browser Security - Check to be sure the browser allows web applets to be executed, and that all of the warnings were agreed too in the previous steps.

Reverse Traceroute

The Reverse Traceroute tool was developed at SLAC and allows a user to run a traceroute from the performance node to the web browser of the initializing machine. The GUI appears as so:

The results of the traceroute are displayed as they complete:

Note that one of the intentions of this tool is to perform reverse traceroute tests to other hosts in the hopes of detecting asymmetric routing behaviour. To traceroute to another host, enter the host address into the form, and press the Enter key:

Reverse Ping

The Reverse Ping tool was developed at SLAC and is similar to the Reverse Traceroute. It allows a user to run a ping from the performance node to the web browser of the initializing machine. The GUI appears as so:

Note that one of the intentions of this tool is to perform reverse ping tests to other hosts in the hopes of detecting asymmetric delay behaviour. To ping to another host, enter the host address into the form, and press the Enter key:

perfAdmin BWCTL

perfAdmin is a series of CGI scripts that display data from perfSONAR services. Each pS Performance Toolkit contains a perfSONAR-BUOY instance that is capable of making regular BWCTL tests to other hosts. This GUI is used to show the results of these tests.

The first capture is seen when the service does not have any information to display, or may be in the Disabled or Not Running state:

Once the host is collecting data, a screen similar to the following will appear:

There are three sections to the GUI:

• Active Tests - Data that has been collected in the past week.
• Summary Graph - Shows the aggregate average observed into and out of each host.
• Inactive Tests - Data that is present in the system, but older than a week.

Graphs can be produced for individual tests:

perfAdmin OWAMP

perfAdmin is a series of CGI scripts that display data from perfSONAR services. Each pS Performance Toolkit contains a perfSONAR-BUOY instance that is capable of making regular OWAMP tests to other hosts. This GUI is used to show the results of these tests.

The first capture is seen when the service does not have any information to display, or may be in the Disabled or Not Running state:

Once the host is collecting data, a screen similar to the following will appear:

There are three sections to the GUI:

• Active Tests - Data that has been collected in the past week.
• Inactive Tests - Data that is present in the system, but older than a week.

Graphs can be produced for individual tests:

perfAdmin PingER

perfAdmin is a series of CGI scripts that display data from perfSONAR services. Each pS Performance Toolkit contains a PingER instance that is capable of making regular Ping tests to other hosts. This GUI is used to show the results of these tests.

The first capture is seen when the service does not have any information to display, or may be in the Disabled or Not Running state:

Once the host is collecting data, a screen similar to the following will appear:

Graphs can be produced for individual tests:

perfAdmin SNMP

perfAdmin is a series of CGI scripts that display data from perfSONAR services. Each pS Performance Toolkit contains a Cacti instance that is capable of collecting regular SNMP tests and exposing these via the SNMP MA. This GUI is used to show the results of these tests.

The first capture is seen when the service does not have any information to display, or may be in the Disabled or Not Running state:

Once the host is collecting data (after going through the Cacti Administration step), a screen similar to the following will appear:

Graphs can be produced for individual tests:

Cacti Graphs

Cacti is used to poll SNMP on network devices, this particular interface to Cacti is read-only, and can be used to show cacti graphs to un-authenticated users:

Cacti Administration describes how to configure Cacti.

Administrative Information

This section requires authentication, and as such requires that the certificate be approved for the pS Performance Toolkit. The following warning will appear. Note that the pS Performance Toolkit uses a self-generated and self-signed certificate, this was done for simplicity in installation, and will cause this warning to appear in most browsers. Adding an exception is normally required before viewing:

The following box may appear before accessing any of the functionality:

Authenticate with the knoppix user or any other user that has administrative privileges on this system (See User Management for more information).

The administration screen will appear like this the first time:

Upon clicking edit, the following dialog will appear:

The information will appear in the web form after entry:

Clicking on the communities will add them to the configuration:

Clicking Add New Community will display a dialog box:

Adding new communities can be done in this manner:

Lastly, hit Save to be sure the changes are saved.

The following message will confirm that the changes were saved.

Note that if the user chooses to leave this page before saving the following warning may appear (depending on the web browser used):

Communities

A community identification is a self organizing way to form affiliations within the perfSONAR world. For instance, if a perfSONAR service is associated with a specific scientific project (e.g. LHC, eVLBI), or has access to a certain network (Internet2, NLR, ESnet), these values can be entered as "community" values and exported into the perfSONAR Information Services. Participating in this procedure allows others in the community an easy way to identify specific instances throughout the world as being affiliated. Adding a community value or values is recommended, but not required.

Selecting which communities identify this installation can be confusing to answer for new users. This particular question is trying to associate some loosely coupled labels to the data that the pS Performance Toolkit disk will be making available to the larger world. Think of this step similar to assigning labels to photos or music (e.g. a photo of a dog might have labels: Dog, Rover, etc. but someone else may choose different labels). In general there is no wrong way to choose a keyword. Choose keywords that best describe the circumstances that surround this installation.

Some examples of valid answers are:

• Internet2 - The data made available somehow connects the Internet2 backbone
• LHC (CMS, ATLAS, etc.) - The disk is part of the LHC deployment structure
• eVLBI - The disk is a part of the larger telescope community
• MAX - A connector of member of the MAX gigapop

We would recommend choosing keywords that:

• Describe the location/installation (e.g. the name of the organization installing): MCNC, UDel
• Network connections: ESnet, GEANT, Internet2, NLR, RNP
• Virtual Organizations (VOs): CMS, ATLAS

Use as many community names as necessary to properly categorize the data from the installation.

External BWCTL Limits

This section requires authentication, and as such requires that the certificate be approved for the pS Performance Toolkit. The following warning will appear. Note that the pS Performance Toolkit uses a self-generated and self-signed certificate, this was done for simplicity in installation, and will cause this warning to appear in most browsers. Adding an exception is normally required before viewing:

The following box may appear before accessing any of the functionality:

Authenticate with the root user or any other user that has administrative privileges on this system (See User Management for more information).

The BWCTL Limits screen allows the operator to set limits on the resources that the BWCTL tool may consume on the target system. For instance:

• Protocols allowed: Whether the users can perform TCP or UDP bandwidth tests.
• Test duration: The maximum duration of that a user can request for a bandwidth test.
• UDP bandwidth allowed: The maximum bandwidth a user can request for a UDP bandwidth test.

Note a subtle nuance to the two classes of limitations:

1. Privileged clients will take the highest precedence
2. Un-privileged clients are derived from Privileged client permissions

For example, if a bandwidth limit of 500 MB was set for the Privileged clients, then the Un-privileged clients will be able to use less than or equal to this amount - never more. Take this into consideration when setting the limits.

The screen defaults to these settings:

Clicking an edit link brings up a dialog:

Note that if we click the UDP check box, we get more items in the dialog. When we are done, we can click Save.

Note that after clicking Save we have a some text in red.

Maximum Test Length (seconds) for the Unprivileged Clients section is greater than the value that is set in the Privileged Clients section. This setting will need to be changed in one of two ways before saving:

• Re-adjust Unprivileged Clients to be less than what is in Privileged Clients
• Adjust Privileged Clients to be greater than what is in Unprivileged Clients

In the next image we will take the second approach, and edit the Privileged Clients to be greater than or equal to the setting in Unprivileged Clients.

After making the edits, the screen no longer shows any red text, indicating that the settings meet the rules of the limits file.

The next dialog allows us to add a user that can use the BWCTL tools. Note that this functionality is normally used to add a person to a more privileged group than they would otherwise be able to access.

This screen shows the results of adding the new user.

Networks can also be added into the hierarchy of resources, this screen shows us adding a subnet (a /24) into the Privileged Clients permissions.

This screen shows the results of adding the network.

When done, press the Save button to commit the changes to disk, and restart the affected services.

Note that if the user chooses to leave this page before saving the following warning may appear (depending on the web browser used):

After saving the following screen is seen.

External OWAMP Limits

This section requires authentication, and as such requires that the certificate be approved for the pS Performance Toolkit. The following warning will appear. Note that the pS Performance Toolkit uses a self-generated and self-signed certificate, this was done for simplicity in installation, and will cause this warning to appear in most browsers. Adding an exception is normally required before viewing:

The following box may appear before accessing any of the functionality:

Authenticate with the knoppix user or any other user that has administrative privileges on this system (See User Management for more information).

The OWAMP Limits screen allows the operator to set limits on the resources that the OWAMP tool may consume on the target system. For instance:

• Bandwidth allowed: The amount of network bandwidth that users can request for their OWAMP tests.
• Disk usage: OWAMP tests record information about all packets received which are stored on disk. The disk usage allows administrators to configure the amount of disk space that users can request for their OWAMP tests.
• Saving vs deleting test results: The OWAMP records stored on disk can be deleted when they are fetched or stored for later retrieval. Administrators can configure when the test results are deleted.

Note a subtle nuance to the two classes of limitations:

1. Privileged clients will take the highest precedence
2. Un-privileged clients are derived from Privileged client permissions

For example, if a maximum bandwidth of 10 MB was set for the Privileged clients, then the Un-privileged clients will be able to use less than or equal to this amount - never more. Take this into consideration when setting the limits.

The screen defaults to these settings:

Clicking an edit link brings up a dialog:

Note there are protections in place to prevent the Privileged Clients section from being more restrictive than the Unprivileged Clients section. The picture below has made a change to Privileged Clients, the message indicates that to be consistent, a change to Unprivileged Clients has been made as well.

Note that if Unprivileged Clients was changed to be a less restrictive value than Privileged Clients, there will be a warning in red.

The next dialog allows us to add a user that can use the OWAMP tools. Note that this functionality is normally used to add a person to a more privileged group than they would otherwise be able to access.

This screen shows the results of adding the new user.

Networks can also be added into the hierarchy of resources, this screen shows us adding a subbet (a /24) into the Privileged Clients permissions.

This screen shows the results of adding the network.

When done, press the Save button to commit the changes to disk, and restart the affected services.

Note that if the user chooses to leave this page before saving the following warning may appear (depending on the web browser used):

After saving the following screen is seen.

Enabled Services

This section requires authentication, and as such requires that the certificate be approved for the pS Performance Toolkit. The following warning will appear. Note that the pS Performance Toolkit uses a self-generated and self-signed certificate, this was done for simplicity in installation, and will cause this warning to appear in most browsers. Adding an exception is normally required before viewing:

The following box may appear before accessing any of the functionality:

Authenticate with the knoppix user or any other user that has administrative privileges on this system (See User Management for more information).

The enabled services screen lists the services that will start and stop when the machine does. The screen looks similar to this:

A breakdown of each service:

• PingER - Enables this host to perform scheduled ping tests. These tests will periodically ping configured hosts giving administrators a view of the latency from their site over time.
• perfSONAR-BUOY Throughput Testing - Enables this host to perform scheduled throughput tests. These tests will run periodically giving administrators a view of the throughput to and from their site over time. N.B.: Enabling this will disable OWAMP, PingER and perfSONAR-BUOY Latency Testing. These can be manually re-selected if desired.
• perfSONAR-BUOY Latency Testing - Enables this host to perform scheduled one-way latency tests. These tests will run periodically giving administrators a view of the latency from their site over time. N.B.: Enabling this will disable perfSONAR-BUOY Throughput Testing, BWCTL, NDT, and NPAD. These can be manually re-selected if desired.
• perfSONAR-BUOY Measurement Archive - Makes available the data collected by the perfSONAR-BUOY Latency and Throughput tests.
• NDT - Allows clients at other sites to run NDT tests to this host.
• NPAD - Allows clients at other sites to run NPAD tests to this host.
• BWCTL - Allows clients at other sites to run Throughput tests to this host
• OWAMP - Allows clients at other sites to run One-Way Latency tests to this host
• SSH - Allows administrators to remotely connect to this host using SSH
• SNMP MA - Makes available SNMP statistics collected by Cacti (Note: Cacti must be configured for this to work)
• Traceroute MA - Makes available results of data collected by scheduled traceroute tests
• Traceroute Scheduler - Enables this host to run scheduled traceroute tests.
• Lookup Service - Registers your services into the global set of perfSONAR services so that they can be discovered

To ease the decision process of selecting the appropriate services for a given deployment (e.g. deploying only bandwidth-centric services) there are two buttons at the bottom of the page:

• Only Enable Bandwidth Services - Turns on bandwidth testing applications, and turns off other services
• Only Enable Latency Services - Turns on latency testing applications, and turns off other services

After selecting which services to enable, press Save to save the changes:

Note that if the user chooses to leave this page before saving the following warning may appear (depending on the web browser used):

NTP

This section requires authentication, and as such requires that the certificate be approved for the pS Performance Toolkit. The following warning will appear. Note that the pS Performance Toolkit uses a self-generated and self-signed certificate, this was done for simplicity in installation, and will cause this warning to appear in most browsers. Adding an exception is normally required before viewing:

The following box may appear before accessing any of the functionality:

Authenticate with the knoppix user or any other user that has administrative privileges on this system (See User Management for more information).

NTP is a protocol for keeping accurate time on networked machines. NTP access is very important to measurement tools (e.g. OWAMP and BWCTL) and the pS Performance Toolkit will require a working NTP configuration to use these tools. NTP configuration should consist of:

• 4-5 Servers (for redudency and to help the NTP algorithms make good choices)
• Of a similar stratum (e.g. all Stratum 1, or all Stratum 2)
• Geographically close (within the same timezone is a safe assumption)
• On divergent network paths (prevents problems with failed network paths or asymetric congestion)

The following screen shows a default NTP configuration:

The following NTP clocks have been identified as being valuable to use, note that many of these are available via R&E connectivity and may not be available via non R&E peerings:

• United States - Eastern Timezone
• chronos.es.net ESnet - New York, NY USA
• owamp.atla.net.internet2.edu Internet2 - Atlanta, GA USA
• owamp.newy.net.internet2.edu Internet2 - New York, NY USA
• time-a.nist.gov NIST - Gaithersburg, MD USA
• navobs1.oar.net Naval Observatory - Columbus, OH USA
• ntp0.usno.navy.mil Naval Observatory - Washington, DC USA
• United States - Central Timezone
• owamp.chic.net.internet2.edu Internet2 - Chicago, IL USA
• owamp.hous.net.internet2.edu Internet2 - Houston, TX USA
• United States - Mountain Timezone
• owamp.salt.net.internet2.edu Internet2 - Salt Lake City, UT USA
• tick.usnogps.navy.mil Naval Observatory - Colorado Springs, CO USA
• United States - Pacific Timezone
• saturn.es.net ESnet - Sunnyvale, CA USA
• owamp.losa.net.internet2.edu Internet2 - Los Angeles, CA USA
• ntp-ucla.usno.navy.mil Naval Observatory - Los Angeles, CA USA
• ntp-uw.usno.navy.mil Naval Observatory - Seattle, WA USA
• United States - Alaskan Timezone
• ntp-ua.usno.navy.mil Naval Observatory - Fairbanks, AK USA
• United States - Hawaiian Timezone
• tick.mhpcc.hpc.mil Maui HPC Center - Maui, HI USA
• South America (Brazil)
• a.ntp.monipe.rnp.br RNP Time Server #1 - Brazil
• b.ntp.monipe.rnp.br RNP Time Server #2 - Brazil
• c.ntp.monipe.rnp.br RNP Time Server #3 - Brazil
• d.ntp.monipe.rnp.br RNP Time Server #4 - Brazil
• e.ntp.monipe.rnp.br RNP Time Server #5 - Brazil

If the user happens to know of a closer or better time source, the Add New NTP Server button can be pressed. The image below shows the process of adding a new server.

After adding a new server, it will show up in the list. Note that it will be selected automatically.

N.B.: Routing has a large impact on if an NTP time source is reachable and close from a particular instance. It is recommended that the Select Closest Servers option be used:

After running the closest servers will be selected, and servers that were unreachable will be marked in red:

When done, press the Save button to commit the changes to disk, and restart the affected services.

Note that if the user chooses to leave this page before saving the following warning may appear (depending on the web browser used):

The results of saving are seen below:

Scheduled Testing

This section requires authentication, and as such requires that the certificate be approved for the pS Performance Toolkit. The following warning will appear. Note that the pS Performance Toolkit uses a self-generated and self-signed certificate, this was done for simplicity in installation, and will cause this warning to appear in most browsers. Adding an exception is normally required before viewing:

The following box may appear before accessing any of the functionality:

Authenticate with the knoppix user or any other user that has administrative privileges on this system (See User Management for more information).

The Scheduled Testing screen allows the user to schedule several types of regular test:

• BWCTL - Bandwidth Testing
• PingER - Two-way Latency Testing
• OWAMP - One-way Latency Testing
• Traceroute - Traceroute Testing

The screen will look similar to this initially:

The following sections detail setting up tests for each of these measurement types.

Scheduled BWCTL

The screen will look similar to this initially:

Upon adding a BWCTL test via the Add New Throughput Test button, the following dialog will appear:

Enter the following information:

• Description - Enter a name for this test, e.g. 10 Second BWCTL Tests, every 4 Hours. N.B. that this will be used to reference the test on the GUI.
• Time Between Tests - How often to run the BWCTL tests. N.B. that this number, along with Test Duration, will dictate how busy the system, and the local network will be.
• Test Duration - How long of a BWCTL test to run. The general rule of thumb is that if the round-trip times to all hosts being tested to are less than 50ms, the test duration should be at least 10 seconds. If the round-trip times to all hosts being tested to are less than 100ms, the test duration should be at least 20 seconds. If the round-trip times for any host being tested to is more than 100ms, the test duration should be at least 30 seconds. N.B. that this number, along with Time Between Tests, will dictate how busy the system, and the local network will be.
• Bandwidth Tester - Currently only iperf is allowed here.
• Protocol - TCP or UDP testing.
• UDP Bandwidth - Seen only when UDP testing is selected, allows the user to specify the requested bandwidth for UDP testing.
• Use Auto-tuning - Allow the linux kernel to tune the buffers or set different own buffer sizes.
• Window Size - Seen only when Use Auto-tuning is not checked, allows the user to specify a send window size.

After saving, the test is setup but there are hosts associated with the test. These can be added either by:

• Manually entering hostnames/IP addresses
• Searching the perfSONAR information services for communities

The user can manually enter a test host as seen in this example:

The host will be added to the list of tests hosts.

Use of the Communities keywords will also reveal hosts that are in the same community as the host. Below shows the search for hosts in the Internet2 community:

When the list returns, they will display on the page. The user can then click and add new hosts to the test that are already in the same community. Below is what happens after adding a host from this list:

When done, press the Save button to commit the changes to disk, and restart the affected services.

Note that if the user chooses to leave this page before saving the following warning may appear (depending on the web browser used):

After saving, the screen will look similar to this:

Finally, if there is an attempt to schedule tests that conflict, e.g.:

• Schedule BWCTL tests when there are OWAMP or PingER tests already scheduled
• Schedule Latency tests such as OWAMP or PingER when there are already BWCTL tests scheduled

The system will warn of conflicting measurement goals. The warning is shown below.

Scheduled PingER

The screen will look similar to this initially:

Enter the following information when the dialog appears:

• Description - Enter a name for this test, e.g. 10 Packet PingER Tests, every 1 Hour. N.B. that this will be used to reference the test on the GUI.
• Time Between Tests - How often to run the tests.
• Packets Sent Per Test - How many Ping Packets per test. Note that sending more will increase the total length of a test.
• Time Between Packets - The interval between Ping Packets. Setting this higher will increase the total length of a test
• Size Of Test Packets - How large of a Ping packet to use in testing.

After saving, the test is setup but there are hosts associated with the test. These can be added either by:

• Manually entering hostnames/IP addresses
• Searching the perfSONAR information services for communities

The user can manually enter a test host as seen in this example:

The host will be added to the list of tests hosts.

Use of the Communities keywords will also reveal hosts that are in the same community as the host. Below shows the search for hosts in the Internet2 community:

When the list returns, they will display on the page. The user can then click and add new hosts to the test that are already in the same community. Below is what happens after adding a host from this list:

When done, press the Save button to commit the changes to disk, and restart the affected services.

Note that if the user chooses to leave this page before saving the following warning may appear (depending on the web browser used):

After saving, the screen will look similar to this:

Finally, if there is an attempt to schedule tests that conflict, e.g.:

• Schedule BWCTL tests when there are OWAMP or PingER tests already scheduled
• Schedule Latency tests such as OWAMP or PingER when there are already BWCTL tests scheduled

The system will warn of conflicting measurement goals. The warning is shown below.

Scheduled OWAMP

The screen will look similar to this initially:

Unlike PingER and BWCTL tests, OWAMP tests run constantly. Enter the following information when the dialog appears:

• Description - Enter a name for this test, e.g. 25 PPS OWAMP Test. N.B. that this will be used to reference the test on the GUI.
• Packet Rate - How many packets per second to send.
• Packet Size - Size of each packet

After saving, the test is setup but there are hosts associated with the test. These can be added either by:

• Manually entering hostnames/IP addresses
• Searching the perfSONAR information services for communities

The user can manually enter a test host as seen in this example:

The host will be added to the list of tests hosts.

Use of the Communities keywords will also reveal hosts that are in the same community as the host. Below shows the search for hosts in the Internet2 community:

When the list returns, they will display on the page. The user can then click and add new hosts to the test that are already in the same community. Below is what happens after adding a host from this list:

It is also possible to configure the port range for OWAMP tests via the administrative GUI. The button Configure OWAMP Test Port Range appears after setting up a regular OWAMP test. Enter a range to limit OWAMP testing for firewall reasons:

When done, press the Save button to commit the changes to disk, and restart the affected services.

Note that if the user chooses to leave this page before saving the following warning may appear (depending on the web browser used):

After saving, the screen will look similar to this:

Finally, if there is an attempt to schedule tests that conflict, e.g.:

• Schedule BWCTL tests when there are OWAMP or PingER tests already scheduled
• Schedule Latency tests such as OWAMP or PingER when there are already BWCTL tests scheduled

The system will warn of conflicting measurement goals. The warning is shown below.

Scheduled Traceroute

The screen will look similar to this initially:

Upon adding a traceroute test via the Add New Traceroute Test button, the following dialog will appear:

Enter the following information:

• Description - Enter a name for this test, e.g. 10 Minute Tracerote Tests. N.B. that this will be used to reference the test on the GUI.
• Time Between Tests - How often to run the traceroute tests. e.g. The default of 10 minutes means each traceroute test will be run every 10 minutes.
• Packet Size - The size in bytes of the probe packets sent by traceroute
• Time between packets - The time to pause between sending individual probe packets
• Timeout for test - The maximum amount of time to wait for a test to complete
• Timeout for individual hops - The maximum amount of time to wait for an individual probe
• First Hop to Report - The first hop to display where 0 is the first hop.
• Maximum Number of Hops - Determines the longest path that a traceroute will record.
• Protocol - Specify whether you want traceroute to use UDP or ICMP. UDP is the default but ICMP may be useful for firewalls that block UDP traceroute.

After saving, the test is setup but there are no hosts associated with the test. These can be added either by:

• Manually entering hostnames/IP addresses
• Searching the perfSONAR information services for communities

The user can manually enter a test host as seen in this example:

The host will be added to the list of tests hosts.

Use of the Communities keywords will also reveal hosts that are in the same community as the host. Below shows the search for hosts in the Internet2 community:

When the list returns, they will display on the page. The user can then click and add new hosts to the test that are already in the same community. Below is what happens after adding a host from this list:

When done, press the Save button to commit the changes to disk, and restart the affected services.

Note that if the user chooses to leave this page before saving the following warning may appear (depending on the web browser used):

After saving, the screen will display a message saying Configuration Saved And Services Restarted.

Cacti Administration

This section requires authentication, and as such requires that the certificate be approved for the pS Performance Toolkit. The following warning will appear. Note that the pS Performance Toolkit uses a self-generated and self-signed certificate, this was done for simplicity in installation, and will cause this warning to appear in most browsers. Adding an exception is normally required before viewing:

The following box may appear before accessing any of the functionality:

Authenticate with the knoppix user or any other user that has administrative privileges on this system (See User Management for more information).

The following steps will explain the basic setup of Cacti (e.g. to poll a network device). A user wishing to do more with the software should consult the documentation.

Cacti Config Step 1

Visit the Cacti instance by clicking the link on the main page.

Cacti Config Step 2

After logging in, the home screen is visible. In the middle there will be an option to Create devices. This is where we will begin.

Cacti Config Step 3

The next screen shows the currently known devices. The basic setup will always include localhost. The example below shows a previously configured switch. On the right side there is an Add button (although it doesn't appear to be so). Click this to add a new device.

Cacti Config Step 4

The next screen features many places to add information about the new network device. Note that the red circles are representative of the most common places to make changes. When finished press Create.

Cacti Config Step 5

By default Cacti will only poll the System information of the SNMP enabled host at this stage, just to see if it is alive. To poll information such as network statistics it is necessary to create Graphs. We will proceed by clicking on Create graphs for this Host.

Cacti Config Step 6

The next screen displays the possible interfaces that are available for data display. Note that this may be a large number. In general it is efficient to simply click the all checkbox at the top unless there are certain interfaces to poll, or not poll. After checking this, scroll to the bottom.

Cacti Config Step 7

At the bottom of the page is a drop down for the format of the data. It is common to use the 64 bit counters (especially for backbone networks) and display the information as bytes as shown here. Other options are of course available. When done click Create.

Cacti Config Step 8

The resulting page should show the success or failure of each interface. At this point the following actions have happened:

• RRD Files have been created for the interfaces in question
• A Poller has been notified that these are values of interest (polling will occur by default every 5 minutes)
• Graph templates have been established

We now can organize this set into a graph tree for later display. Select Graph Trees on the left hand side.

Cacti Config Step 9

Select Default Tree. It is also possible to create a new tree at this stage if desired.

Cacti Config Step 10

As in Step 3 there is another Add button to click because we wish to add a new host to the tree.

Cacti Config Step 11

Select Host from the drop down. This will automatically populate the next drop down with the network device. When done, click Create.

Cacti Config Step 12

The next menu shows that the device has been added. To see the graphs click on Graphs on the top.

Cacti Config Step 13

By default the user can view the localhost statistics, but below this the new network device is present.

Configuration Help

This link will re-direct to the current installation instructions for the pS Performance Toolkit.

Frequently Asked Question

This link will re-direct to the FAQ page.

About

This link will re-direct to the pS Performance Toolkit Home Page.

Credits

This link honors organizations that have helped to develop, integrate, and test the pS Performance Toolkit.

Last Updated

$Id$