Open Source Network Administration [Paperback]

Chapter 1: Introduction. I felt this was a very well-written and easy to understand introduction to the world of Open Source network administration. It goes through the basic reasons to use Open Source, answers many of the question that many people only familiar with closed-source software may have, including questions of quality and security, as well as smart reasons to use open source software.

Chapter 9: Basic Tools. Need to know what a ping is, how it works, and why it's important? This book takes he time and effort to carefully explain how basic things such as ping. It explores telnet, netcat, traceroute, MTR, and netstat. It's a great chapter for reviewing these basics and exploring what you require.

Chapter 10: Custom Tools. This chapter gets into explaining the basics of bash scripting, bash itself, basic Perl scripts and what they are commonly used for, and how to use cron. Again, these are basics, but vital to anyone looking for basic knowledge of the environment.

The chapters in between cover subjects suh as SNMP, MRTG, Oak, and Tcpdump, all great tooks in network administration. The author gives detailed explainations of all these tools, how to use them, how to set them up, and offers tests and examples of them in action.

I would recommend these to anyone who is new to putting together an open source network. The instructions and descriptions of all the tools are at a level that I feel most moderately computer-literate people can follow.

This book covers a good amount of information regarding network methodologies like SNMP. But since the primary purpose of this book is dedicated to open source tools, the majority of the book focuses on those specific tools that the author thinks will be of value.

Overall, this is a good book. Having a single point of reference for free utilities is always a good thing. Not only does the book cover some genuinely useful tools - there's a caveat on that later, though - but it also lists where to get the software and gives instructions on how to compile each package. For someone who is new to UNIX and doesn't really feel comfortable with the idea of compiling software, this book will help to alleviate those fears.

There are some things with this book, however, that don't make it the open source panacea that network administrators might be looking for.

The book assumes that IT shops have Cisco hardware. Whereas there is no doubt that Cisco is the current big boy, the technology market has proven time and time again that those at the top often do not stay there. Since there is no guarantee that competitors will be Cisco-compatible or will have the same functions, many of the tools in this book that rely on Cisco routers will most likely be incompatible with those environments. In some cases this means that entire chapters in this book might be useless.

There is also an entire chapter dedicated to basic network functions, like telnet, ping, and traceroute. I have been working with Solaris for over seven years. I currently am in a position where I have to deal with AIX and SCO. In some cases the operating system revisions are several years old. With that in mind, I have yet to run into a version of UNIX that doesn't already have these commands available right from the operating system.

The chapter on system automation and notification is very cramped. In a single chapter, the author attempts to cover shell scripting, Perl scripting, sendmail, and even text manipulation via sed and awk-like syntax in Perl. That one chapter alone will be a serious cause of brain explosion for someone who has never worked with these tools before. I have taught each of these topics (sans Perl) in my highly-regarded Solaris administration course, and I can tell you that each of these topics requires its own chapter. Compressing all of these topics into one chapter is like compressing "The Silmarillion", "The Hobbit", and "The Lord of the Rings" plus its appendix to a single 100-page book.

Additionally, there are a number of other, very popular open source network tools that are conspicuously left out of this book. The most glaring omission that I noticed is Ethereal, a very popular GNU-licensed network analyzer. I'm sure that other administrators will be able to mention other tools that have been left out.
The most discouraging thing about this book is that it carries what I consider to be a hefty price tag ($44.99 MSRP) for a book that is less than 250 pages long. In addition, this book is a compilation of information that is already available for free on the Internet and can be found without very extensive searching. Overall, this is still a respectable book. It's a good collection of open source network administration tools (albeit only a relative few). But if you aren't a Cisco shop you might find about one-fourth of the book to be useless, and if you are already an experienced UNIX admin some of the other chapters will be of no additional benefit.

Given its potentially limited amount of usefulness based on your environment, I can't really suggest this book unless you are in a Cisco shop and are relatively new to the UNIX world - not because the information isn't valuable, but because the price tag doesn't necessarily justify its value even though the book itself is rather solid.

I was able to accomplish these tasks because OSNA is a "cross platform" book. The author doesn't limit himself to discussing how to run the tool. He gives guidance on how to configure Cisco routers to export NetFlow records or enable SNMP reporting. Sometimes these simple steps are buried in Cisco's Web site, so I appreciated getting straight to business. I literally had these tools running in a matter of minutes thanks to Kretchmar's instructions and the FreeBSD package system (e.g. "pkg_add -r <package>").

On the down side I thought coverage of old stand-bys like tcpdump, traceroute, and netstat was unnecessary. I would have liked reading about more "niche" tools like MTR. If you like this book, keep an eye out for my "Tao of Network Security Monitoring" in the summer. I'll take a similar approach in several chapters by discussing security-related network monitoring tools.