ntop (Network Top) is a powerful, user-friendly network traffic monitoring tool that helps system administrators and network engineers visualize and analyze network traffic in real time. It provides detailed insights into network usage, bandwidth consumption, and traffic patterns, making it an essential tool for monitoring and troubleshooting network performance on Linux servers.
If you want to install and configure ntop on your Linux system, this step-by-step guide by Go4hosting will walk you through the process, covering installation, configuration, and basic usage.
What Is ntop?
ntop is an open-source network traffic probe that displays network usage using a web-based interface. It supports a wide variety of network protocols and is capable of monitoring both live network traffic and historical data.
There are two main versions:
ntopng: The newer, actively maintained version with enhanced features and a modern web interface.
ntop: The original legacy version (less commonly used now).
This guide focuses on installing ntopng, which is recommended for most use cases.
Prerequisites
Before installing ntopng, ensure your system meets the following requirements:
A dedicated Linux server or VPS (Ubuntu, Debian, CentOS, RHEL, etc.).
Root or sudo access to install packages.
Basic knowledge of command-line operations.
Network interface(s) to monitor.
Internet access to download software packages.
Step 1: Update Your System
Before installing any new software, update your system's package list and upgrade existing packages to their latest versions.
For Debian/Ubuntu:
bash
CopyEdit
sudo apt update
sudo apt upgrade -y
For CentOS/RHEL:
bash
CopyEdit
sudo yum update -y
Step 2: Install Required Dependencies
ntopng requires some dependencies to be installed, including the Redis database, which it uses for data storage.
Debian/Ubuntu:
bash
CopyEdit
sudo apt install -y wget gnupg2 redis-server
CentOS/RHEL:
bash
CopyEdit
sudo yum install -y epel-release
sudo yum install -y wget redis
Enable and start the Redis service:
bash
CopyEdit
sudo systemctl enable redis
sudo systemctl start redis
Step 3: Add the ntop Repository
To install the latest version of ntopng, you should add the official ntop repository.
For Debian/Ubuntu:
First, import the repository GPG key:
bash
CopyEdit
wget https://packages.ntop.org/apt/ntop.key
sudo apt-key add ntop.key
Add the ntop repository to your sources list (for Ubuntu 22.04 example):
bash
CopyEdit
echo "deb https://packages.ntop.org/apt/22.04/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/ntop.list
Update package list:
bash
CopyEdit
sudo apt update
For CentOS/RHEL:
Download and install the ntop repository RPM:
bash
CopyEdit
sudo yum install -y https://packages.ntop.org/centos/ntop-release-latest.el7.noarch.rpm
sudo yum clean all
sudo yum update -y
Step 4: Install ntopng
With the repository added, you can now install ntopng.
Debian/Ubuntu:
bash
CopyEdit
sudo apt install -y pfring-dkms nprobe ntopng ntopng-data n2disk cento
CentOS/RHEL:
bash
CopyEdit
sudo yum install -y pfring nprobe ntopng cento n2disk
Note: Some components like nprobe and cento may require licenses for advanced features. The basic ntopng functionality works without them.
Step 5: Configure ntopng
Edit Configuration File
The main configuration file is located at:
bash
CopyEdit
/etc/ntopng/ntopng.conf
Common options to configure:
-i : Network interface(s) to monitor (e.g., eth0).
-w : Web interface port (default 3000).
-m : Local network subnet for traffic analysis.
Example configuration to monitor eth0 and set the web interface to port 3000:
conf
CopyEdit
--interface=eth0
--http-port=3000
--local-networks="192.168.1.0/24"
You can edit this file using:
bash
CopyEdit
sudo nano /etc/ntopng/ntopng.conf
Make sure to replace eth0 and the subnet with your actual network interface and local network.
Step 6: Start and Enable ntopng Service
Enable the ntopng service to start on boot and start it immediately:
bash
CopyEdit
sudo systemctl enable ntopng
sudo systemctl start ntopng
Check service status:
bash
CopyEdit
sudo systemctl status ntopng
Step 7: Access the ntopng Web Interface
By default, ntopng�s web UI runs on port 3000. Open a web browser and navigate to:
cpp
CopyEdit
http://:3000
You will see the ntopng login screen.
Default Credentials:
Username: admin
Password: admin
Important: For security, change the default password after first login.
Step 8: Using ntopng
Once logged in, you can:
View real-time network traffic stats.
Analyze bandwidth usage by IP, protocol, or application.
Monitor network flows and hosts.
Generate detailed traffic reports.
Explore menus like:
Hosts
Flows
Traffic
Interfaces
Additional Tips and Troubleshooting
Allow Firewall Access
If your server firewall is enabled, allow traffic to port 3000:
For UFW (Ubuntu):
bash
CopyEdit
sudo ufw allow 3000/tcp
sudo ufw reload
For firewalld (CentOS/RHEL):
bash
CopyEdit
sudo firewall-cmd --add-port=3000/tcp --permanent
sudo firewall-cmd --reload
Monitor ntopng Logs
Logs are located at:
bash
CopyEdit
/var/log/ntopng/ntopng.log
Use logs to diagnose any issues.
Update ntopng
To keep ntopng updated:
bash
CopyEdit
sudo apt update && sudo apt upgrade -y # Debian/Ubuntu
sudo yum update -y # CentOS/RHEL
Conclusion
Installing ntopng on Linux is a straightforward process that empowers you to monitor your network traffic effectively. Whether you are managing a Go4hosting VPS, dedicated server, or a cloud infrastructure, ntopng provides valuable insights to maintain network health, troubleshoot issues, and optimize bandwidth.
With this guide, you now know how to:
Prepare your Linux system
Add ntop's official repository
Install and configure ntopng
Access and use the web-based interface
If you need further assistance or wish to explore advanced network monitoring setups, reach out to the Go4hosting support team. Our experts are ready to help you maximize your server and network performance.