SNMP - PowerPoint PPT Presentation

About This Presentation

Title:

SNMP

Description:

CMIP requires more overhead on the network, but with fast ethernet and ATM this could be a nit. CMOT is the implementation of CMIP over TCP. – PowerPoint PPT presentation

Number of Views:248

Avg rating:3.0/5.0

Slides: 62

Provided by: bestitdoc

Category:

Tags: snmp | cmip

more less

Transcript and Presenter's Notes

Title: SNMP

1
SNMP
2
(No Transcript)
3
Agenda

Features
What justified the need
History
Objective
What is SNMP ?
MIB Design
SNMP
RMON
Protools
Standards Summary

4
Wanted An Application for IT Integration of
System People Processes
End-User Support
Management Support
Infrastructure Support
Support Process
Technology Process
Network Mgmt
Desktop Mgmt
Security Mgmt
Server Mgmt
5
Centralized Alerts Open Alerting Architecture
Page, Fax, E-Mail
Help Desk
SNMP
Programmable Backend
6
RMON MIB Standard

RMON - Published Under RFC 1271/1513 And contains
9 Groups
RMON Is an SNMP Definition or MIB
Designed To Capture All relevant Information
Necessary To Manage And Analyze Local or Remote
Networks
Developed By IETF (Internet Engineering Task
Force)
Consists Of A Plethora Of Definitions Relating To
Network Traffic And Alarm Conditions
Can Be Extended Beyond IETF Definition By Adding
Private Extensions
Vendors Can Add Value To RMON Via Their Own
Private Extensions, some Proprietary And Others
Public Domain

7
RMON MIB Overview

RMON MIB
Remote Monitoring - Management Information Base
RFC 1271 - Ethernet Standard
RFC 1513 - Token Ring Standard
Objective
Use SNMP and standard MIB design to provide
multi-vendor interoperability between monitoring
products and management station

8
RMON - High Level View

Remote Network Monitoring (MIB)
Monitoring of the LAN Traffic and devices
Performance Monitoring
Proactive Network Monitoring activities
Discover abnormalities and trends
Performance isolation
Device Monitoring
Fault Management
Discover problems
Eliminates Reactive Network Monitoring Activities
Trend Analysis

9
RMON MIB Features

Additional packet error counters
Ethernet Token Ring error stats
Frame size distribution
Event and alarm generation
Performance/traffic matrix
Host tables
Filtering and packet capture for analysis and
decode applications

10
RMON RMON 2

Statistics
History
Alarms
Hosts
Host Top N
Traffic Matrix
Filter
Packet Capture
Events
Token Ring

All 10 groups plus...
Protocol Directory
Protocol Distribution
Address Mapping
Network Layer Host
Network Layer Matrix
Application Layer Host
Application Layer Matrix
User History
RMON Conformance
(everything except Probe Configuration)

11
Management Information Base

MIB -- Management Information Base
MIBs describe object attributes
Some MIBs are pre-loaded
Additional MIBs are needed
Loaded manually
Downloaded from manufactures WEB sites
Standard MIBs
MIB-I
MIB-II
RMON
RMON 2
Bridge
Repeater

12
SNMP MIB Comparison
13
MIB Structure
iso (1) org (3) dod (6) internet (1) directory
(1) mgmt (2) experimental private
(4) mib-2 (1)
enterprises (1) system (1)
interfaces (2) snmp (11) cisco (9) hp(11)
novell(23) sysObjectID (2) sysDescr (1)

14
MIB OIDs
15
SNMP/RMON/RMON II
16
Abstract Syntax Notation (ASN.1)
iso
org
dod
internet
private
enterprises
RMON
1 . 3 . 6 . 1 . 4 . 1 . 16
1 . 3 . 6 . 1 . 4 . 1 . 16 . 1 . 1 . 1 . 12
Object Identifier of an SNMP MIB Object
17
Statistical
18
Enterprise Level
RMON II
ISO Five Levels
19
Embedded RMON

"Mini RMON"

Switch

Statistics (collision, errors, utilization,
broadcast/multicast, etc.)
History
Alarms
Events

20
Roving Probe
Switch
Catalyst 5000
ATM Switch

CiscoSystems

Copied Traffic
Analysis Port
Switch Manager
Probe
21
Monitor Switched Networks
22
RMON RMON 2

Statistics
History
Alarms
Hosts
Host Top N
Traffic Matrix
Filter
Packet Capture
Events
Token Ring

All 10 groups plus...
Protocol Directory
Protocol Distribution
Address Mapping
Network Layer Host
Network Layer Matrix
Application Layer Host
Application Layer Matrix
User History
RMON Conformance
(everything except Probe
Configuration)

23
Benefits Of Ongoing Remote Monitoring

Better Understanding Of Computing Environment On
An Ongoing Basis
Preventive Maintenance, Spot Problems Early
Faster Problem Solving When They Occur
Improved Productivity Due To Centralized
Monitoring
Reduces Need To Travel To Remote Sites To Monitor
Health Of Network Or Diagnose Problems
Cost And Productivity Benefits

24
SNMP Summary (continued)

Alternatives to SNMP
Distributed Management Environment(DME)
Common Management Interface Protocol(CMIP)
CMIP Over TCP/IP(CMOT)

25
Managing Critical Devices
26
RMON MIB
27
Root
10
Token Ring
9
Events
Organizations
8
Packet Capture
DOD
7
Filters
Internet
Private
6
Traffic Matrix
Management
MIB I II
5
Host TopN
RMON
4
Hosts
3
MIB I
Alarms
2
1
History
MIB II
Statistics
28
RMON2 Architecture
MIB I II (1)
Statistics (1)
protocolDir (11)
RMON (16)
History (2)
protocolDist (12)
Alarms (3)
addressMap (13)
Hosts (4)
nlHost (14)
Host Top N (5)
nlMatrix (15)
Traffic Matrix (6)
alHost (16)
Filters (7)
alMatrix (17)
Packet Capture (8)
Events (9)
usrHistory (18)
Token Ring (10)
probeConfig (19)
rmonConformance (20)
RFC 1271
29
MIB I MIB II
30
RMON, RMON2 and Beyond

Application

Presentation
Session
Enterprise RMON
Transport
Network
RMON2
Data Link (MAC)
RMON Standard
Physical

31
Enterprise RMON vs RMON2
Enterprise RMON
7 6 5 4 3 2 1
RMON2
RMON 1
Hosts Host TopN Host Matrix Stats History Alarms E
vents Filters Packet CApture
32
RMON Functionality Comparison
EnterpriseRMON
RMON
RMON2
ü
ü
ü
Ethernet/Token Ring
ü
ü
9/10 Groups
ü
ü
ü
ü
MAC Layer Monitoring
ü
ü
Network Layer Monitoring
ü
ü
Application Layer Monitoring
ü
Switch Support
ü
VLAN Support
ü
Distributed Device Monitoring
Advanced Topology Support
ü
(100 BaseT, WAN, FDDI, ATM)
33
Groups

RMON History Groups

34
RMON MIB Groups
Description
Group
Segment Statistics
History
Alarm
Host
Host Top N
35
RMON MIB Groups (continued)
Group
Traffic Matrix
Filter
Packet Capturing
Events
36
Statistics Group Statistics (etherStatsIndex)
1.1.1

Index ? Fragments
Data Source ? Jabbers
Drop Events ? Collisions
Octets ? Pkts64Octets
Pkts ? Pkts65to127Octets
Broadcast Pkts ? Pkts128to511Octets
Multicast Pkts ? Pkts512to1023Octets
CRC Align Errors ? Pkts1024to1518Octets
Undersize Pkts ? Owner
Oversize Pkts ? Status

37
History Group History (etherHistoryEntry) 2.2.1

Index ? CRC Align Errors
Sample Index ? Fragments
Interval Start ? Undersize Pkts
Drop Events ? Oversize Pkts
Octets ? Fragments
Pkts ? Jabbers
Broadcast Pkts ? Collisions
Multicast Pkts ? Utilization

38
Alarm Group Alarm(alarmEntry)3.1.1

Index ? Rising Threshold
Interval ? Falling Threshold
Variable ? Rising Event Index
Sample Type ? Falling Event Index
Value ? Owner
Startup Alarm ? Status

39
Host Group Hosts(hostEntry)4.2.1

Address ? In Octets
Creation Order ? Out Octets
Index ? Out Errors
In Pkts ? Out Broadcast Pkts
Out Pkts ? Out Multicast Pkts

40
Hosts Group Hosts(hostTimeEntry)4.3.1

Address ? Time In Octets
Creation Order ? Time Out Octets
Index ? Time Out Errors
Time In Pkts ? Time Out Broadcast Pkts
Time Out Pkts ? Time Out Multicast Pkts

41
Host Top N Group HostTopN(hostTopNEntry)5.2.1

Top N Report ? Top N Address
Top N Index ? Top N Rate

42
Matrix Group Matrix(matrixSDDSEntry)6.2.16.3.1

SD Source Address ? SD Pkts
SD Dest Address ? SD Octets
SD Index ? SD Errors
DS Source Address ? DS Pkts
DS Dest Address ? DS Octets
DS Index ? DS Errors

43
Filter Group Filter(filterEntry)7.1.1

Index ? Pkt Data Not Mask
Channel Index ? Pkt Status
Pkt Data Offset ? Pkt Status Mask
Pkt Data ? Pkt Status Not Mask
Pkt Data Mask ? Owner
? Status

44
Filter Group Filter(channelEntry)7.2.1

Channel Index ? Channel Event Index
Channel IfIndex ? Channel Event Status
Channel Accept Type ? Channel Matches
Channel Data Control ? Channel Description
Turn On Event Index ? Channel Owner
Turn Off Event Index ? Channel Status

45
Packet Capture Group Capture(captureBufferEntry)8.
2.1

Buffer Control Index ? Buffer Pkt Data
Buffer Index ? Buffer Pkt Length
Buffer Pkt ID ? Buffer Pkt Time
? Buffer Pkt Status

46
Event Group Event(logEntry)9.2.1

Log Event Index ? Log Time
Log Index ? Log Description

47
How Does RMON Differ From What Network Monitoring
Does Today?

SNMP compliant
Same statistics but in different groups
Has Comprehensive Traffic Matrix
Supports more alarms
Does not define applications
Console application not specified
Database not specified

48
Applications

MIB Walkers
Detail MIB knowledge
Single variable
Point visibility
Table Tools
Reflect MIB organization
User view in MIB
Integrated Tools
MIB Table
Multi-MIB
Other Applications, databases, etc.

49
General/ProtoolsRMONDescription
50
Product Highlights

Standards Based
Full RMON Support
All 9 Groups
Ethernet And Token Ring
Scalable Solution
Grows As Network Grows
Easy To Add New Agents
Distributed Monitoring Solution
Faster Problem Solving
Preventive Maintenance

51
Product Highlights (continued)

Integrated Into Leading Management Platforms
Platform As Home For Management Applications
Platform Services Integration (Alert Management,
Database etc.)
Application Integration Possible
Operating System Independence
Able To Mix And Match Agents With Console On Any
Operating System
UNIX, OS/2, Windows
Fits Reality Of Heterogeneous User Environments

52
Product Features

Monitoring Of Key Performance Variables
Baselining For Normal Behavior
Real-Time Maps Of Traffic Flow
Real-Time And Trend Graphing Of all Statistics
On-Line Help (Network Consultant)
Infinite Filtering (By Address, Length, Mask)
Graphical User Interface
Export To DDE For Sophisticated Reporting

53
Product Description

Console Product - Foundation Manager
Advanced Monitoring, Analysis And Managing
Console For RMON Compliant SNMP Agents
Support For Up To 256 Remote RMON Agents (In
Monitor Mode)
Operating System Support - OS/2, Microsoft
Windows and UNIX Q2
Remote Products - Cornerstone Agent
OS/2 And Microsoft Windows Support
Real Time Monitor For Each Segment With User
Interface
Requires Dedicated Machine
Supports Ethernet Or Token Ring Topologies

54
Product Description (continued)

Remote Products - Cornerstone Probe
RMON Agent Only, With No User Interface
Turnkey Bundled RMON Agent, Software And Hardware
Supports Ethernet Or Token Ring Topologies

55
Benefits Of Ongoing Remote Monitoring

Better Understanding Of Computing Environment On
An Ongoing Basis
Preventive Maintenance, Spot Problems Early
Faster Problem Solving When They Occur
Improved Productivity Due To Centralized
Monitoring
Reduces Need To Travel To Remote Sites To Monitor
Health Of Network Or Diagnose Problems
Cost And Productivity Benefits

56
Summary
57
Appendix