overview of network monitoring development at amres slavko gajin
Post on 14-Dec-2015
220 Views
Preview:
TRANSCRIPT
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009 Akademska mreža Srbijewww.amres.ac.yu
Content
Past, present and future:Why we started?How we started?What are the major development milestones?What we have now?What are we planning for further development?
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
How we started?Back to ’90s...
low level routers and modem technology up to 2mbps, many different vendors, no interoperabilityinstable links - problems with quality of wires (around cities and inside racks)
multi-domain network (and still is)many institutions and network administratorsunable to access far-end equipment
NOCset of individuals
limited resources access to knowledge (RFC only)equipment toolsmoney
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
Motivation
Network monitoring:not HOW to monitor, but WHAT to monitor !
First stepto collect all relevant information
Result huge single table with:
links, institutions, local and far end routers, modes, admin contacts...
not only a peace of paper...
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
Motivation
“Version 0” was born
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
Monitoring startup
MRTG - Multi Router Traffic Grapherfree easy-to-use web toolinnovative time-chartslive traffic statisticsany SNMP OID is available for monitoring
but...fixed time frames - daily, weekly, monthly, yearlynot easy-to-configure
unhandled syntax errorsinterfaces’ IDs changies - inconsistent resultsnot scalable
Other solutionsCacti, Nagios, SmokePing, OpenNMS...
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
Own approach - NetISNetIS - Network Information and Monitoring SystemInformation system
equipment and links inventorynetadmin address booktopology databasesimple IP database
Monitoring systemSNMP - traffic and port statusping responseweb interface for generating MRTG config filealerts and event loglooking glass – remote execution of show commands
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
NetIS V1
DrawbacksMRTG
time frames were staticintegration was artificial
lack of configurable SNMP monitoringpure HTTP
“hard core” programming low level of usability
manual configurationhard wordcould not follow frequent network changes inconsistency
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
NetIS V2 – NetIIS Main improvements
auto-discoverysystem parametersinterface details
SNMP ID (index) for consistency and accuracy description
topology - neighboring links learned by CDPconnected hosts learned by ARP
separate GUI client drag-and-drop between windowsimproved usabilitytopology editor
advanced multi-user permissionsDNS querynew lookup...
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
Troubleshooting examplesConnection break: 100% packet loss
check the throughputhow long it lastcheck SNMP statusrun “show interface” commandcall the other sidecall the carrier provider (Telecom)
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
Troubleshooting examplesConnection break: less than 100% packet loss
Check router performancesCheck link utilizationtraceroute command
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
NetIS V3
Technological improvementfully java based – JSP and java GUI client
Many new features:MRTG is fully replaced by own RRD-like solution (own grapher, database instead of RRD files)configurable SNMP monitorsimproved alarms: email, SMSevent-log, syslog, looking glass nagios supportSLA reportsimproved usability
Lates version know as ICMyNet.IS (separate presentation is following)
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
NetFlow tool
initial work:cflow - caida’s netflow collector and visualization perl tooladapted to support additional requests:
more configurable options – traffic patters !dynamic time frame based on RRDgraphs for subnets, protocols and servicessimple web interface for row data dump
filtering, grouping, sortingbased on complex criteriauseful but slow
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
ICmyNet.Flow - current version
Own java web base solution:collectoraggregatorarchivergrapherconfigurator...
Main featuerstraffic patternsnetflow v5 and V9 supportconfigurable
Separate presentation is following...
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
ICmyNet.Flow - current version
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
ICmyNet.Flow - current version
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
Syslog viewer
Web-base java software NetIIS module standalone server application
Featurescollector for syslog messagessimple processingSQL database archiving data filtering
GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009
ICmyNet toolset – ongoing work and plans
Current positionunderstand users’ needs accumulated know-howdeep technology experience
Further plansICmyNet - Integrated platform for several networking tools:
.IMS – Information and monitoring system
.Flow – NetFlow analyzer
.MIB – MIB browser
.LOG – Log analyzer
.Config – Configuration manager
.Explorer – network discovery tool
top related