Category Archives: xDSL


MRTG Tips & Tricks


MRTG Tips and Tricks

I spent some time recently creating some new graphs for a special project. It’s an 8 pair ADSL2+ EFM boded group. There were several items that I had to use that are not what you would call “standard” MRTG options. The following are some of the things I had to do to make everything work and display correctly.

64 Bit Counters using SNMP v2c

The particular OID’s I am using are 64 bit counters. By default, MRTG uses SNMP v1, which cannot read 64 bit counters. By specifying 5 colons and a 2 on your target, you are telling MRTG to use SNMP v2c.


Add OID’s Together

These particular Enterprise OID’s are split out into Unicast, Broadcast and Multicast bytes. In order to get the total traffic, all the OID’s must be added together. No problem! MRTG can do that. Simply specify your first 2 OID’s, then use the + sign to add them together. In this case, I am adding 3 sets of OID’s together. Transmit and Receive counters for Unicast, Broadcast and Multicast.

Target[target]: + +

Router Uptime

Once you do any arithmetic on the OID’s, MRTG no longer grabs the router uptime. You must add router uptime to the configuration file to get the router uptime to display properly again in the graphs.

RouterUptime[target]: <community string>@<ip address>


The timezone of the unit under monitor and the server are different. In order for the times on the graph to be accurate, you must override the server locale with that of the unit under test. MRTG uses the Solaris 10 locale’s to determine timezones. Here, I am using Mountain time.

Timezone[target]: US/Mountain

Asymmetric Speeds
Since these are ADSL2+ physical links, the train rates for transmit and receive are different. MRTG can handle this too! You must specify what the transmit and receive link speeds are, so MRTG can calculate the percentages correctly. This is done by using the MaxBytes1 and MaxBytes2 parameters in the config file.

Take the EFM group bitrate (144,752,000 bps) divided by 8 to get 18094000 BYTES/s and 6,464,000 bps divided by 8 to get 808000 BYTES/s.

MRTG will also show a line on your graph to indicate the uppermost bound of the lower speed link. This makes it easier to read.

MaxBytes1[target]: 808000
MaxBytes2[target]: 18094000

Final MRTG Config File

## ADSL EFM Interface 1/4/29
Target[target]: + +
RouterUptime[target]: public@
Timezone[target]: US/Mountain
WithPeak[target]: mw
Options[target]: growright, bits
LegendI[target]: UP
LegendO[target]: DN
MaxBytes1[target]: 808000
MaxBytes2[target]: 18094000
Title[target]: Traffic Analysis EFM Connection
PageTop[target]: <h1>Traffic Analysis EFM Connection</h1>
 <div id="sysdetails">
 <td>EFM Group</td>
 <td>Max Speed:</td>
 <td>144 MBits/s Downstream 6.7 Mbits/s Upstream</td>


DSL Chipset Exploit

In all my years of working with DSL, this is only the second time I’ve seen a consumer modem exploited. Surprisingly, this does not happen more. These SOC’s (System On a Chip) are asked to do a lot nowadays, though it’s not surprising someone has exploited them.

Be vigilant with your network traffic.