1 kyung hee university prof. choong seon hong remote network monitoring statistics collection
TRANSCRIPT
11Kyung Hee Universit
y
Prof. Choong Seon HONG
Remote Network Monitoring Remote Network Monitoring statistics Collectionstatistics Collection
22Kyung Hee Universit
y
Introduction Introduction Defining a remote monitoring MIB that supplements MIB-II
Providing the network manager with vital information about the internetwork
Providing significant expansion in SNMP functionality
RMON-Related FRCs
RFC 1513 : Token Ring Extensions to the Remote Network Monitoring MIB
RFC 1757 : Remote Network Monitoring Management Information Base
RFC 2021 : Remote Network Monitoring Management Information Base II
RFC 2074 : Remote Network Monitoring MIB Protocol Identifiers
RFC 2613 Remote Network Monitoring MIB Extensions for Switched Networks Version 1.0. (proposed standard) June 1999
RFC 2819 : Remote Network Monitoring Management Information Base, May 2000. (obsolete RFC1757)
RFC 2895 : Remote Network Monitoring MIB Protocol Identifier Reference, August 2000. (obsolete RFC 2074)
RFC 2896 : Remote Network Monitoring MIB Protocol Identifier Macros, August 2000. (informational)
33Kyung Hee Universit
y
Basic ConceptsBasic Concepts
Network monitor, network analyzer, network probe : studying the
traffic on a network
producing summary information, including error statistics and performance statistics
filter : used to limit the number of packets counted or captured, based on packet type or other packet characteristics
Remote monitors : monitors that communicate with a central
network management station
44Kyung Hee Universit
y
RMON GoalsRMON Goals
Defining standard network-monitoring functions and interfaces for communicating between SNMP-based management consoles and remote monitors
Designing Goals for RMON described in RFC 1757
off-line operation : to limit or halt the routine polling of a monitor by network manager
Proactive monitoring : using running diagnostics and logging network performance
Problem detection and reporting
Value-added-data : performing analyses specific to the data collected on its subnetwork
ex) analyzing subnetwork traffic to determine which hosts generate the most traffic or errors on the subnetwork
Multiple managers
for improving reliability for performing different functions (ex, engineering and operations) for providing management capability to different units within an organization
55Kyung Hee Universit
y
RMON Goals (cont’d)RMON Goals (cont’d)
A system that implements the RMON MIB is referred to as an
RMON probe.
no different from any other SNMP agent
77Kyung Hee Universit
y
OID TreeOID Tree
ITU-T(0) iso(1) joint-iso-ITU-T (2)
…. org(3) …..
….. dod(6) …..
….. internet (1) …..
directory(1) …… mgmt(2) …. Experimental(3) private(4)
Mib-2(1) enterprises(1)
system(1) interfaces(2) at(3) ip(4) icmp(5) tcp(6) udp(7) egp(8) cmot(9) transmission(10) snmp(11) Rmon(16)…... ……...
88Kyung Hee Universit
y
Control of Remote MonitorsControl of Remote Monitors
For managing a remote monitor effectively, the RMON MIB
contains features that support extensive control from the
management station
Configuration : the type and form of data to be collected
remote monitor needs to be configured for data collection
Action invocation : by changing the value of the object
99Kyung Hee Universit
y
Table ManagementTable Management
Providing technique for row addition and deletion
Textual conventions
two new data types
OwnerString ::= DisplayStringEntryStatus ::= INTEGER { valid (1),
createRequest (2), underCreation (3), invalid (4) }
Ownerstring : indicating the owner of a row in read-write table in the RMON MIB
Object name ending in Owner
EntryStatus : used in the creation, modification,and deletion of rows
Object name ending in Status
1010Kyung Hee Universit
y
Table Management (cont’d)Table Management (cont’d)
General structure used for all control and data tables in the RMON
MIB1 (see Figure 8.2)
Columnar parameter in control table (see Figure 8.3)
rmlControlIndex
rmlControlParameter
rmlControlOwner
rmlControlStatus
Row Addition
using SetRequest PDU
SetRequest variablebindings (see 7.2.1.3)
supporting concurrent table addition attempts from multiple management stations : named the “RMON Polka”
1111Kyung Hee Universit
y
Table Management (cont’d)Table Management (cont’d)agent itself is owner
Each row has a unique value
1212Kyung Hee Universit
y
Table Management (3)Table Management (3)
RMON Polka’s steps
1) for a management station attempts to create a new row, status object value : createRequest (2)
2) after completing create operation, agent sets the status object value to underCreation (3) : until the management station is finished creating all of the rows that it desires for its configuration
3) after finishing all the rows, setting status object value to Valid (1)
4) if the row already exists or createRequest, an error will be returned
Row Modification and Deletion
By setting the status object value for that row to invalid thru issuing the appropriate SetRequest PDU
Modification : at first, invalidating the row and then providing the row with new parameter values
1313Kyung Hee Universit
y
Table Management (4)Table Management (4)
Transition of EntryStatus state
Nonexistent Createrequest
UnderCreation
Valid
Invalid
Performed by managerPerformed by agent
1414Kyung Hee Universit
y
RMON MIBRMON MIB RMON MIB Groups
statistics : maintaining low-level utilization and error statistics for each subnetwork monitored by agent
history : recording periodic statistical samples from information available in the statistics group
Alarm : setting a sampling interval and alarm threshold for any counter or integer recorded by the RMON probe
host : containing counters for various types of traffic to and from hosts attached to the subnetwork
hostTopN : containing sorted host statistics that report on the hosts that top a list based on some parameter in the host table
matrix : showing error and utilization information in matrix form
filter : allowing the monitor to observe packets that match a filter
capture : governing how data is sent to a management console
event : giving a table of all events generated by the RMON probe
tokenRing : maintaining statistics and configuration information for token ring subnetworks
1515Kyung Hee Universit
y
RMON MIB (cont’d)RMON MIB (cont’d) Remote network monitoring MIB
rmon (mib-2, 16)
statistics (1)
history (2)
alarm (3)
host (4)
hostTopN (5)
matrix (6)
filter (7)
capture (8)
event (9)
tokenRing (10)
1616Kyung Hee Universit
y
RMON MIB (cont’d)RMON MIB (cont’d)
RMON II
protocolDir (11)
ProtocolDist (12)
addressMap(13)
nlHost (14)
nlMatrix (15)
alHost (16)
alMatrix (17)
usrHistory (18)
probeConfig (19)
rmonConformance (20)
1717Kyung Hee Universit
y
RMON MIB (2)RMON MIB (2)
Some dependencies
alarm group : requiring the implementation of the event group
hostTopN group : requiring the implementation of the host group
packet capture group : requiring the implementation of the filter group
1818Kyung Hee Universit
y
StatisticsStatistics Group Group
Providing useful information about the load on a subnetwork and the over
all health of the subnetwork
Containing the basic statistics for each mentioned subnetwork (see Figure
8.6)
etherStatsTable : collecting a variety of counts for each attached subnetw
ork, including byte, packet, error, and frame size counts (see Table 8.2)
Providing much more detail about Ethernet behavior than MIB-II interfaces group
dot3Statstable : collecting statistics for a single system on an ethernet
etherStatsTable : collecting statistics for all systems on an ethernet
read-write objects : etherStatsDataSource, etherStatsOwner, and etherStatsStatus
2121Kyung Hee Universit
y
historyhistory Group Group
Defining sampling functions for one or more of the interfaces of th
e monitor (See Figure 8.7)
historyControlTable : specifying the interface and the details of the
sampling functions
etherHistoryTable : recording the data
Relationship between the control table and the data table (see Fig.
8.8)
2424Kyung Hee Universit
y
historyhistory Group (cont’d) Group (cont’d)
History table
Identifying the interface
2525Kyung Hee Universit
y
historyhistory Group (cont’d) Group (cont’d)
etherHistoryUtilization
etherStateOctets and etherStatePkts can be used to measure the utilization of the subnetwork
Utilization = Interval x 107
x 100% (Packets x (96 + 64)) + (Octets x 8)
Interframe-gappreamble
Medium data rate
2626Kyung Hee Universit
y
hosthost Group Group
Used for gathering statistics about specific hosts on the LAN
Monitor learns of new hosts on the LAN by observing the source a
nd destination MAC addresses in good packets
Consisting of three tables : one control table and two data tables (
see Fig. 8.9)
relationship between the control table and two data table (Fig 8.11)
Counters in hostTable (Table 8.3)
3030Kyung Hee Universit
y
hosthost Group (2) Group (2) A simple RMON Configuration
agent a agent b agent c
RMONProbe
agent d agent e
Subnetwork X
Subnetwork Y
Interface 1
Interface 2
K = 2Subnetwork X Iinterface #1; hostControlIndex = 1 has three hosts; hostControlTablesize is3 (N1 = 3) ; Subnetwork Y has two hosts (N2 = 2)
3131Kyung Hee Universit
y
hostTopNhostTopN Group Group
Used to maintain statistics about the set of hosts on one subnetwo
rk that top a list based on some parameter
Driving from data in the host group
report : set of statistics for host group object on one interface or su
bnetwork
Consisting of one control table and one data table (see Fig. 8.12 an
d Fig. 8.13)
3434Kyung Hee Universit
y
hostTopNhostTopN Group (cont’d) Group (cont’d)
Specifying particular subnetwork
3535Kyung Hee Universit
y
MatrixMatrix Group Group
Used to record information about the traffic between pairs of hosts
on a subnetwork
The information is stored in the form of a matrix
useful for pairwise traffic information, such as finding out which devices are making the most use of a server
Consisting of one control table and two data tables (Fig. 8.14)