Funkcionisanje AMRES veza prema Internetu u proteklom i
Download
Report
Transcript Funkcionisanje AMRES veza prema Internetu u proteklom i
Overview of
network monitoring
development at
AMRES
Slavko Gajin
Content
Past, present and future:
Why we started?
How we started?
What are the major development milestones?
What we have now?
What are we planning for further development?
Akademska mreža
GN3/NA3/T4
- Network
Srbije
monitoring workshop
Belgrade, 20-21 October, 2009
www.amres.ac.yu
How we started?
Back to ’90s...
low level routers and modem technology up to 2mbps,
many different vendors, no interoperability
instable links - problems with quality of wires (around cities and
inside racks)
multi-domain network (and still is)
many institutions and network administrators
unable to access far-end equipment
NOC
set of individuals
limited resources
access to knowledge (RFC only)
equipment
tools
money
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
Motivation
Network monitoring:
not HOW to monitor, but WHAT to monitor !
First step
to collect all relevant information
Result
huge single table with:
links, institutions, local and far end routers, modes,
admin contacts...
not only a peace of paper...
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
Motivation
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
Motivation
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
Motivation
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
Motivation
“Version 0” was born
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
Monitoring startup
MRTG - Multi Router Traffic Grapher
free easy-to-use web tool
innovative time-charts
live traffic statistics
any SNMP OID is available for monitoring
but...
fixed time frames - daily, weekly, monthly, yearly
not easy-to-configure
unhandled syntax errors
interfaces’ IDs changies - inconsistent results
not scalable
Other solutions
Cacti, Nagios, SmokePing, OpenNMS...
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
Own approach - NetIS
NetIS - Network Information and Monitoring System
Information system
equipment and links inventory
netadmin address book
topology database
simple IP database
Monitoring system
SNMP - traffic and port status
ping response
web interface for generating MRTG config file
alerts and event log
looking glass – remote execution of show commands
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V1
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V1
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V1
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V1
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V1
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V1
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V1
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V1
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V1
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V1
Drawbacks
MRTG
time frames were static
integration was artificial
lack of configurable SNMP monitoring
pure HTTP
“hard core” programming
low level of usability
manual configuration
hard word
could not follow frequent network changes
inconsistency
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V2 – NetIIS
Main improvements
auto-discovery
system parameters
interface details
SNMP ID (index) for consistency and accuracy
description
topology - neighboring links learned by CDP
connected hosts learned by ARP
separate GUI client
drag-and-drop between windows
improved usability
topology editor
advanced multi-user permissions
DNS query
new lookup...
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V2
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V2
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V2
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V2
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
Troubleshooting examples
Connection break:
100% packet loss
check the throughput
how long it last
check SNMP status
run “show interface” command
call the other side
call the carrier provider (Telecom)
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
Troubleshooting examples
Connection break:
less than 100% packet loss
Check router performances
Check link utilization
traceroute command
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetIS V3
Technological improvement
fully java based – JSP and java GUI client
Many new features:
MRTG is fully replaced by own RRD-like solution
(own grapher, database instead of RRD files)
configurable SNMP monitors
improved alarms: email, SMS
event-log, syslog, looking glass
nagios support
SLA reports
improved usability
Lates version know as ICMyNet.IS
(separate presentation is following)
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetFlow tool
initial work:
cflow - caida’s netflow collector and visualization perl tool
adapted to support additional requests:
more configurable options – traffic patters !
dynamic time frame based on RRD
graphs for subnets, protocols and services
simple web interface for row data dump
filtering, grouping, sorting
based on complex criteria
useful but slow
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetFlow tool – old version
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetFlow tool – old version
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
NetFlow tool – old version
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
ICmyNet.Flow - current version
Own java web base solution:
collector
aggregator
archiver
grapher
configurator...
Main featuers
traffic patterns
netflow v5 and V9 support
configurable
Separate presentation is following...
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
ICmyNet.Flow - current version
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
ICmyNet.Flow - current version
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
Syslog viewer
Web-base java software
NetIIS module
standalone server application
Features
collector for syslog messages
simple processing
SQL database archiving
data filtering
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
Syslog viewer
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
Syslog viewer
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
ICmyNet toolset – ongoing work and plans
Current position
understand users’ needs
accumulated know-how
deep technology experience
Further plans
ICmyNet - Integrated platform for several networking
tools:
.IMS – Information and monitoring system
.Flow – NetFlow analyzer
.MIB – MIB browser
.LOG – Log analyzer
.Config – Configuration manager
.Explorer – network discovery tool
GN3/NA3/T4 - Network monitoring workshop
Belgrade, 20-21 October, 2009
Questions...