Replicate cacti data from a private network to a public one

Post general support questions here that do not specifically fall into the Linux or Windows categories.

Moderators: Developers, Moderators

Post Reply
jmacias
Posts: 5
Joined: Mon Aug 22, 2005 5:29 pm
Location: Mexico

Replicate cacti data from a private network to a public one

Post by jmacias »

I have the following scenario:

- A customer with 400+ routers on a private frame relay network
- He wants us to monitor his routers for him
- Obviously there's no way for an external host to see anything inside the frame relay network
- Cacti's front end has to be available from our network (a firewall restricted homologated subnet)

I don't see any simple way to handle this, but I was thinking if I can have a cacti server in the private network (cacti-in) doing the regular polling, and then replicate the information to another cacti server on our network (cacti-out).

Provisioning works the other way around, it is done in our server (cacti-out) and replicated to the private server (cacti-in). Though, I see a big problem, when I create a new device I won't be able to see it, so the snmp queries won't see it, and won't find any interface or nothing else to graph.

Any hints on how can I get this scenario working?

Thanks

Jorge
Top
User avatar
BSOD2600
Cacti Moderator
Posts: 12171
Joined: Sat May 08, 2004 12:44 pm
Location: USA

Post by BSOD2600 »

Probably the easiest setup would be to have a VPN connection into his private network / cacti server. Then you'd have full access, it would be secured, and you would be 'local' on his LAN.
Top
jmacias
Posts: 5
Joined: Mon Aug 22, 2005 5:29 pm
Location: Mexico

Post by jmacias »

BSOD2600,

thanks for you suggestion, I though about something like that but the customer just won't provide any sort of outside access into his network.
Top
User avatar
BSOD2600
Cacti Moderator
Posts: 12171
Joined: Sat May 08, 2004 12:44 pm
Location: USA

Post by BSOD2600 »

Umm, ok. So if he won't allow any outside access in, how are you suppose to manage it? Let alone replicate it out to another server. Doesn't sound like he has thought through the situation very much.
Top
jmacias
Posts: 5
Joined: Mon Aug 22, 2005 5:29 pm
Location: Mexico

Post by jmacias »

He will let a host inside the private network send data to an external host, but not the other way around. I also think it makes no sense to try to outsource the monitoring service when you can't be seen from the outside.
Top
User avatar
BSOD2600
Cacti Moderator
Posts: 12171
Joined: Sat May 08, 2004 12:44 pm
Location: USA

Post by BSOD2600 »

Alright, well then if he'll allow stuff to go outside, then you possibly have an option.

1) Set up MySQL replication between the private network and your server. Not sure if it will work one way, but I think it should
2) Set up the private server to FTP the .rrd files to your server.

That should be it for replication. Although, I'm not sure how you're suppose to make changes to the private server...
Top
Post Reply

Return to “Help: General”

Who is online

Users browsing this forum: No registered users and 4 guests