Transcript SNMP-based Network Management
Remote Network Monitoring (RMON)
Mi-Jung Choi
Dept. of Computer Science KNU Email: [email protected]
1
Table of Contents
• • • • •
Basic Concepts RMON Goals RMON MIB Table Management RMON MIB Groups RMON2
2
RMON Basic Concepts
• Extends the SNMP functionality without changing the protocol • Allows the monitoring of remote networks (internetwork management) • MAC-layer (layer 2 in OSI) monitoring • Defines a Remote MONitoring (RMON) MIB that supplements MIB-II – with MIB-II, the manager can obtain information on individual devices only – with RMON MIB, the manager can obtain information on the LAN as a whole • called
network monitors , analyzers or probes
3
RFC
1513 1757 2021
RMON RFCs Date
Sept. 1993 Feb. 1995
Title
Token Ring Extensions to the Remote Network Monitoring MIB Remote Network Monitoring Management Information Base (RMON MIB) Jan. 1997 Remote Network Monitoring Management Information Base Version 2 using SMIv2 (RMON MIB2) 4
RMON Goals
• Monitoring subnetwork-wide behavior • Reducing the burden on agents and managers • Continuous off-line monitoring in the presence of failures (in network or manager) • Proactive monitoring – perform some of the manager functions (e.g., diagnostics) • Problem detection and reporting • Provide value-added (analyzed) data • Support multiple managers 5
Example Configuration for Remote Monitoring
Management console with RMON probe
Ethernet Central Site
Router Router Local management console with RMON probe Router Router
Ethernet
PC with RMON probe FDDI backbone Bridge Router with RMON probe Token Ring LAN
Ethernet
PC with RMON probe 6
Example of RMON probe with two interfaces
agent a agent b agent c Interface 1 RMON probe Interface 2 Subnetwork X Subnetwork Y agent d agent e
7
Control of Remote Monitors
• RMON MIB contains features that support
extensive control
from NMS – Configuration control – Action Invocation • RMON MIB is organized into a number of
functional groups
• • Each group may contain one or more
tables
and one or more
data tables control
Control table
(typically read-write) contains parameters that describe the data in a data table (typically read-only) 8
Configuration Control
• At configuration time, NMS sets the appropriate control parameters to configure the remote monitor to collect the desired data – the parameters are set
by adding a new row to the control table
or
by modifying an existing row
– a control table may contain objects that specify
the source of data to be collected
,
the type of data
,
the collection timing
, etc.
• To modify or disable a particular data collection function: – it is necessary first to invalidate the control row – this causes the deletion of that row and the deletion of all associated rows in data tables – NMS can create a new control row with the modified parameters 9
RMON MIB Table Mgmt (1)
• The RMON specification includes a set of
textual conventions
and deletion and
procedural rules
for row addition • Textual conventions OwnerString ::= DisplayString EntryStatus ::= INTEGER { valid (1), createRequest (2), underCreation (3), invalid (4) } 10
RMON MIB Table Mgmt (2)
• • •
Row Addition
– is achieved by using the SNMP
SetRequest PDU
which includes instance objects and their values
Row Deletion
– is achieved by setting the status object for that row to
invalid Row Modification
– is achieved by
first invalidating the row and then adding the row
with new object instance values 11
Example Control & Data Tables
rmlControlIndex
rm1ControlTable
rmlControlParameter rmlControlOwner
1 5 monitor
rmlControlStatus
valid (1) 2 26 manager alpha valid (1) 3 19 manager beta valid (1)
rmlDataControlIndex
rm1DataTable
rmlDataIndex 1 1 2 2 2 2 2 3 3 3 4 1 2 5 1 2 rmlDataValue 46 96 85 77 27 92 86 26 12
Transitions of EntryStatus State
non existent create Request under Creation valid
performed by manager performed by agent
invalid 13
RMON MIB
rmon (mib-2 16) statistics (1) history (2) alarm (3) host (4) hostTopN (5) matrix (6) filter (7) capture (8) event (9) tokenRing (10)
14
RMON MIB Groups
1. statistics:
maintains MAC-level utilization and error stats
2. history:
records periodic statistical samples from the stats group
3. alarm:
allows NMS to set sampling interval & alarm threshold
4. host:
contains counters for traffic from hosts on the subnetwork
5. hostTopN:
contains sorted host stats that top a list based on some parameter in the host table
6. matrix:
shows utilization and error stats in matrix for host pairs
7. filter:
allows the monitor to observe packets that match a filter
8. capture:
specifies how data is sent to NMS
9. event:
specifies events to be generated by the RMON probe
10. tokenRing:
maintains stats & config info for token ring subnet 15
RMON MIB2
• • • • •
RMON MIB monitors MAC-level subnet traffic RMON MIB2 can monitor traffic of packets at layers 3 to 7 of the OSI Reference Model Provides Network-layer Visibility
– can distinguish between local LAN and remote LAN traffic
Provides Application-layer Visibility
– can analyze traffic to and from hosts for particular applications – can determine which applications are putting the load on the net
RMON MIB2 is basically an extension of RMON MIB
16
RMON MIB2
rmon (mib-2 16) statistics (1) history (2) alarm (3) host (4) hostTopN (5) matrix (6) filter (7) capture (8) event (9) tokenRing (10) RMON 1 protocolDir (11) protocolDist (12) addressMap (13) nlHost (14) nlMatrix (15) alHost (16) alMatrix (17) usrHistory (18) probeConfig (19) RMON 2
17
RMON MIB2 Groups
11. protocolDir:
a master directory of all of the protocols that the probe can interpret
12. protocolDist:
aggregate stats on the amount of traffic generated by each protocol, per LAN segment
13. addressMap:
contains MAC and port addresses of the devices
14. nlHost:
network layer traffic stats per host
15. nlMatrix:
network layer traffic stats per pairs of hosts
16. alHost:
application layer traffic stats per host
17. alMatrix:
application layer traffic stats per pairs of hosts
18. userHistory:
periodically samples and logs user-defined data
19. probeConfig:
defines standard configuration parameters for RMON probes 18
Summary
• RMON
extends the SNMP functionality
changing the protocol without • RMON can monitor information on a
whole subnetwork
• RMON is used extensively in analyzing network traffic
for problem detection and network planning
• RMON2 allows monitoring of
traffic at layers 3 to 7
in the OSI Model • RMON2 can be used to analyze network traffic more accurately even
to the application level
• Read Chapters 8, 9 and 10 19