SNMP-based Network Management
Download
Report
Transcript SNMP-based Network Management
POSTECH DP&NM Lab
Remote Network
Monitoring (RMON)
1
POSTECH DP&NM Lab
Table of Contents
•
•
•
•
Basic Concepts
RMON Goals
RMON MIB Groups
RMON2
2
POSTECH DP&NM Lab
RMON Basic Concepts
• Extends the SNMP functionality without changing
the protocol
• Allows the monitoring of remote networks
(internetwork management)
• MAC-layer (layer 2 in OSI) monitoring
• Defines a Remote MONitoring (RMON) MIB that
supplements MIB-II
– with MIB-II, the manager can obtain information on individual
devices only
– with RMON MIB, the manager can obtain information on the LAN
as a whole
• called network monitors, analyzers or probes
3
POSTECH DP&NM Lab
RMON RFCs
RFC
Date
Title
1513
Sept. 1993
Token Ring Extensions to the
Remote Network Monitoring MIB
1757
Feb. 1995
Remote Network Monitoring
Management Information Base
(RMON MIB)
2021
Jan. 1997
Remote Network Monitoring
Management Information Base
Version 2 using SMIv2 (RMON MIB2)
4
POSTECH DP&NM Lab
RMON Goals
• Monitoring subnetwork-wide behavior
• Reducing the burden on agents and managers
• Continuous off-line monitoring in the presence of
failures (in network or manager)
• Proactive monitoring
– perform some of the manager functions (e.g., diagnostics)
• Problem detection and reporting
• Provide value-added (analyzed) data
• Support multiple managers
5
POSTECH DP&NM Lab
Example Configuration for
Remote Monitoring
Management console
with RMON probe
Ethernet
Central Site
Router
Local management
console with
RMON probe
Router
Router
Router
Ethernet
FDDI backbone
PC with
RMON probe
Bridge
Router with
RMON probe
Ethernet
Token Ring LAN
PC with
RMON probe
6
POSTECH DP&NM Lab
Example of RMON probe with
two interfaces
agent
a
agent
b
agent
c
Interface 1
Subnetwork
X
RMON
probe
Interface 2
Subnetwork
Y
agent
d
agent
e
7
POSTECH DP&NM Lab
Control of Remote Monitors
• RMON MIB contains features that support
extensive control from NMS
– Configuration control
– Action Invocation
• RMON MIB is organized into a number of
functional groups
• Each group may contain one or more control
tables and one or more data tables
• Control table (typically read-write) contains
parameters that describe the data in a data table
(typically read-only)
8
POSTECH DP&NM Lab
RMON MIB
rmon (mib-2 16)
statistics (1)
history (2)
alarm (3)
host (4)
hostTopN (5)
matrix (6)
filter (7)
capture (8)
event (9)
tokenRing (10)
9
POSTECH DP&NM Lab
RMON MIB Groups
1. statistics: maintains MAC-level utilization and error stats
2. history: records periodic statistical samples from the stats group
3. alarm: allows NMS to set sampling interval & alarm threshold
4. host: contains counters for traffic from hosts on the subnetwork
5. hostTopN: contains sorted host stats that top a list based on
some parameter in the host table
6. matrix: shows utilization and error stats in matrix for host pairs
7. filter: allows the monitor to observe packets that match a filter
8. capture: specifies how data is sent to NMS
9. event: specifies events to be generated by the RMON probe
10. tokenRing: maintains stats & config info for token ring subnet10
POSTECH DP&NM Lab
RMON MIB2
• RMON MIB monitors MAC-level subnet traffic
• RMON MIB2 can monitor traffic of packets at
layers 3 to 7 of the OSI Reference Model
• Provides Network-layer Visibility
– can distinguish between local LAN and remote LAN traffic
• Provides Application-layer Visibility
– can analyze traffic to and from hosts for particular applications
– can determine which applications are putting the load on the net
• RMON MIB2 is basically an extension of
RMON MIB
11
POSTECH DP&NM Lab
RMON MIB2
rmon (mib-2 16)
statistics (1)
history (2)
alarm (3)
host (4)
hostTopN (5)
protocolDir (11)
protocolDist (12)
addressMap (13)
nlHost (14)
matrix (6)
nlMatrix (15)
filter (7)
alHost (16)
capture (8)
alMatrix (17)
event (9)
usrHistory (18)
tokenRing (10)
probeConfig (19)
RMON 1
RMON 2
12
POSTECH DP&NM Lab
RMON MIB2 Groups
11. protocolDir: a master directory of all of the protocols that the
probe can interpret
12. protocolDist: aggregate stats on the amount of traffic
generated by each protocol, per LAN segment
13. addressMap: contains MAC and port addresses of the devices
14. nlHost: network layer traffic stats per host
15. nlMatrix: network layer traffic stats per pairs of hosts
16. alHost: application layer traffic stats per host
17. alMatrix: application layer traffic stats per pairs of hosts
18. userHistory: periodically samples and logs user-defined data
19. probeConfig: defines standard configuration parameters for
RMON probes
13
POSTECH DP&NM Lab
Summary
• RMON extends the SNMP functionality without
changing the protocol
• RMON can monitor information on a whole
subnetwork
• RMON is used extensively in analyzing network
traffic for problem detection and network
planning
• RMON2 allows monitoring of traffic at layers 3 to
7 in the OSI Model
• RMON2 can be used to analyze network traffic
more accurately even to the application level
• Read Chapters 8, 9 and 10
14
POSTECH DP&NM Lab
Lab activity
RMON Group
Function
Elements
15