Presentation is loading. Please wait.

Presentation is loading. Please wait.

Remote Monitoring (RMON) RMON specification is primarily a definition of a MIB RMON specification is primarily a definition of a MIB RFC 1757/2819 Remote.

Published bySharlene Jody Butler Modified over 8 years ago

Similar presentations

Presentation on theme: "Remote Monitoring (RMON) RMON specification is primarily a definition of a MIB RMON specification is primarily a definition of a MIB RFC 1757/2819 Remote."— Presentation transcript:

1 Remote Monitoring (RMON) RMON specification is primarily a definition of a MIB RMON specification is primarily a definition of a MIB RFC 1757/2819 Remote network monitoring management information base RFC 1757/2819 Remote network monitoring management information base RFC 2021 Remote network monitoring management information base II RFC 2021 Remote network monitoring management information base II RFC 2074 Remote network monitoring MIB identifier RFC 2074 Remote network monitoring MIB identifier

2 Goals (RFC1757) Off-line operation Off-line operation –reduce polling from manager Proactive monitoring Proactive monitoring –Monitor can run diagnostics and log network performance (if sufficient resources) Problem detection and reporting Problem detection and reporting –Active probing of the network –The consumption of network resources –Passively recognize certain error conditions such as congestion on the traffic that it observes –Log the condition and attempt to notify the management station

3 Goals (RFC1757) con’t Value-added-data Value-added-data –Monitor can perform analyses specific to the data collected on its subnetwork –Analyse subnetwork traffic to determine which hosts generate the most traffic or errors on the subnetwork Multiple managers Multiple managers –Support more than one manager –To improve reliability, to perform different functions

4 Fig 8.1 Fig 8.1

5 Control of remote monitors RMON MIB contains features that support extensive control from the management station RMON MIB contains features that support extensive control from the management station 2 categories of RMON MIB features 2 categories of RMON MIB features –Configuration –Action invocation

6 Configuration & Active invocation Configuration Configuration –Each MIB group consists of one or more control tables and data tables Control table – read/write contains parameter that describe the data in data table Control table – read/write contains parameter that describe the data in data table Data table – read only contains information that is defined by control table Data table – read only contains information that is defined by control table Action invocation Action invocation –Use SET operation to issue a command –RMON MIB defines objects to be represented several commands

7 Multiple Manager - Problems Concurrent requests for resources could exceed the capability of the monitor to supply those resources Concurrent requests for resources could exceed the capability of the monitor to supply those resources A management station could capture and hold monitor resources for long period of time A management station could capture and hold monitor resources for long period of time Resources could be assigned to management station that crashes without releasing the resources Resources could be assigned to management station that crashes without releasing the resources

8 Multiple Manager – Solution Ownership label is used for a particular row of the table Ownership label is used for a particular row of the table –A management station may recognize resources it owns and no longer need –A network operator can identify and negotiate the management station to free the resources –A network operator may have the authority unilaterally to free resources another network operator has reserved –If a management station experiences a reinitialization, it can recognize resources it had reserved in the past and free those it no longer needs

9 Ownership concept Ownership label contains one or more of the following: Ownership label contains one or more of the following: –IP address, management station name, network manager’s name, location or phone number However, the ownership label does not act as a password or access-control mechanism However, the ownership label does not act as a password or access-control mechanism Therefore, a row can be read-write by the management station who does not own the row Therefore, a row can be read-write by the management station who does not own the row

10 Fig 8.3 Fig 8.3

11 Good and Bad Packets RFC 2819 RFC 2819 Good packets are error-free packets that have a valid frame length. Good packets are error-free packets that have a valid frame length. For example, on Ethernet, good packets are error-free packets that are between 64 octets long and 1518 octets long. For example, on Ethernet, good packets are error-free packets that are between 64 octets long and 1518 octets long.

12 Bad packets are packets that have proper framing and are therefore recognized as packets, but contain errors within the packet or have an invalid length. Bad packets are packets that have proper framing and are therefore recognized as packets, but contain errors within the packet or have an invalid length. For example, on Ethernet, bad packets have a valid preamble and SFD, but have a bad CRC, or are either shorter For example, on Ethernet, bad packets have a valid preamble and SFD, but have a bad CRC, or are either shorter

13 The RMON MIB RMON (v1) MIB is incorporated into MIB-II with a subtree identifier of 16 (10 groups) RMON (v1) MIB is incorporated into MIB-II with a subtree identifier of 16 (10 groups) statistics: maintains low-level utilization and error statistics for each subnetwork monitored by the agent statistics: maintains low-level utilization and error statistics for each subnetwork monitored by the agent History: record periodic statiscal samples from information available in the statistic group History: record periodic statiscal samples from information available in the statistic group

14

15 RMON MIB Group alarm: allow the management console user to set a sampling interval and alarm threshold for any counter or integer recorded by the RMON probe alarm: allow the management console user to set a sampling interval and alarm threshold for any counter or integer recorded by the RMON probe host:contains counter for various types of traffic to and from hosts attached to the subnetwork host:contains counter for various types of traffic to and from hosts attached to the subnetwork hostTopN: contains sorted host statistics that report that top a list based on some parameter in the host table hostTopN: contains sorted host statistics that report that top a list based on some parameter in the host table

16 matrix: show error and utilization information in matrix form matrix: show error and utilization information in matrix form filter:allow the monitor to observe packet that match a filter filter:allow the monitor to observe packet that match a filter (Packet) capture: governs how data is sent to a management console (Packet) capture: governs how data is sent to a management console event: gives a table of all events generated by RMON probe event: gives a table of all events generated by RMON probe tokenRing:maintains statistics and configuration information for token ring subnetworks tokenRing:maintains statistics and configuration information for token ring subnetworks

17 Important note 1 All groups in the RMON MIB are optional but there are some dependencies All groups in the RMON MIB are optional but there are some dependencies The alarm group require the implementation of the event group The alarm group require the implementation of the event group The hostTopN group requires the implementation of the host group The hostTopN group requires the implementation of the host group The packet capture group require the implementation of the filter group The packet capture group require the implementation of the filter group

18 Important note 2 Collection of traffic statistics for one or more subnetworks Collection of traffic statistics for one or more subnetworks –statistics, history, host, hostTopN, matrix, tokenRing Various alarm conditions and filtering with user-defined Various alarm conditions and filtering with user-defined –alarm, filter, capture, event

19 Statistics Group (1) Fig 8-6 Fig 8-6

20 Statistics Group (2) Table 8.2 Table 8.2

21 Statistics Group (3)

22 Statistics Group (4) The statistics group provides useful information about the load and overall health of the subnetwork The statistics group provides useful information about the load and overall health of the subnetwork Various error conditions are counted such as CRC or alignment error, collision, undersized and oversized packets Various error conditions are counted such as CRC or alignment error, collision, undersized and oversized packets

23 History Group The history group is used to define sampling functions for one or more of the interfaces of the monitor The history group is used to define sampling functions for one or more of the interfaces of the monitor 2 tables 2 tables historyControltable – specify the interface and detail of sampling function historyControltable – specify the interface and detail of sampling function etherHistorytable – record data etherHistorytable – record data

24 Fig 8.7 Fig 8.7

25

26 historyControlTable historyControlIndex: index of entry which is the same number as used in etherhistoryTable historyControlIndex: index of entry which is the same number as used in etherhistoryTable historyControlDataSource: identify interface to be sampled historyControlDataSource: identify interface to be sampled historyControlBucketsRequested: the requested number of discrete sampling interval, a default value is 50 historyControlBucketsRequested: the requested number of discrete sampling interval, a default value is 50 historyControlBucketsGranted: the actual number of discrete sampling interval historyControlBucketsGranted: the actual number of discrete sampling interval historyControlInterval: interval in second, maximum is 3600 (1 hour),default value is 1800 historyControlInterval: interval in second, maximum is 3600 (1 hour),default value is 1800

27 Sampling scheme Consider by historyControlBucketGranted and historyControlInterval Consider by historyControlBucketGranted and historyControlInterval Ex. Use the default value of both Ex. Use the default value of both –the monitor would take a sample once every 1800 seconds ( 30 min) each sample is stored in a row of etherHistoryTable –The most 50 rows are retained

28 Utilization It calculates on the two counters :ehterStatsOctets and etherStatsPkts It calculates on the two counters :ehterStatsOctets and etherStatsPkts Utilization=100% x [(Packets x (96+64)))+(Ocetsx8)/interval x 10 7 ] Utilization=100% x [(Packets x (96+64)))+(Ocetsx8)/interval x 10 7 ] 64 bit – preamble 64 bit – preamble 96 bit – interframe gap 96 bit – interframe gap Assume data rate 10Mbps Assume data rate 10Mbps

29 Fig8.8 Fig8.8

30 Host Group To gather statistics about specific hosts on the LAN by observing the source and destination MAC addresses in good packets To gather statistics about specific hosts on the LAN by observing the source and destination MAC addresses in good packets Consists of 3 tables: Consists of 3 tables: –one control table (HostControlTable) –two data tables (hostTable,hostTimeTable) same information but index differently

31 hostControlTable hostControlIndex: hostControlIndex: –identify a row in the hostControlTable,refering to a unique interface of the monitor hostControlDatasource: hostControlDatasource: –identify the interface (the source of the data) hostControlTablesize: hostControlTablesize: –the number of rows in hostTable (hostTimeTable) hostControlLastDeleteTime: the last time that an entry (hostTable) was deleted hostControlLastDeleteTime: the last time that an entry (hostTable) was deleted

32 Fig 8.9 Fig 8.9

33

34 A simple RMON configuration Fig8.10 Fig8.10

35 hostTable hostAddress: MAC address of this host hostAddress: MAC address of this host hostCreationOrder: an index that defines the relative ordering of the creation time of hosts (index takes on a value 1-N) hostCreationOrder: an index that defines the relative ordering of the creation time of hosts (index takes on a value 1-N) hostIndex : the same number as hostControlIndex hostIndex : the same number as hostControlIndex

36 Counter in hostTable Table 8.3 Table 8.3

37 Fig 8.11 Fig 8.11

38 hostTopN Group To maintain statistics about the set of hosts on one subnetwork that top a list based on some parameters To maintain statistics about the set of hosts on one subnetwork that top a list based on some parameters Statistics that are generated for this group are derived from data in the host group Statistics that are generated for this group are derived from data in the host group The set of statistics for one object collected during one sampling interval is referred as report The set of statistics for one object collected during one sampling interval is referred as report

39 hostTopNControlTable (1) hostTopNControlIndex : hostTopNControlIndex : –identify row in hostTopNControlTable,defining one top-N report for one interface hostTopNHostIndex: hostTopNHostIndex: – match the value of hostControlIndex,specifying a particular subnetwork hostTopNRateBase: hostTopNRateBase: –specify one of seven variables from hostTable

40 hostTopNControlTable (2) Variable in hostTopNRate Variable in hostTopNRate –INTEGER { hostTopNInPkts (1), hostTopNOutPkts (2), hostTopNOutPkts (2), hostTopNInOctets (3), hostTopNInOctets (3), hostTopNOutOctets (4), hostTopNOutOctets (4), hostTopNOutErrors (5), hostTopNOutErrors (5), hostTopNOutBroadcastPkts (6), hostTopNOutBroadcastPkts (6), hostTopNOutMulticastPkt (7), hostTopNOutMulticastPkt (7),}

41 hostTopNControlTable (3) hostTopNTimeRemaining: hostTopNTimeRemaining: –time left during report currently being collected hostTopNDuration: hostTopNDuration: –sampling interval hostTopNRequestedSize: hostTopNRequestedSize: –maximum number of requested hosts for the top-N report hostTopNGrantedSize: hostTopNGrantedSize: –maximum number of hosts for the top-N report hostTopNStartTime: hostTopNStartTime: –the last start time

42 hostTopNTable hostTopNReport: hostTopNReport: –same value as hostToNControlIndex hostTopNIndex: hostTopNIndex: –uniquely identify a row hostTopNAddress: hostTopNAddress: –MAC address hostTopNRate: hostTopNRate: –the amount of change in selected variable during sampling interval

43 Report preparation (1) A management station creates a row of the control table to specify a new report. A management station creates a row of the control table to specify a new report. This control entry instructs the monitor to measure the difference between the beginning and ending values of a particular host group variable over a specific sampling period This control entry instructs the monitor to measure the difference between the beginning and ending values of a particular host group variable over a specific sampling period The sampling period value is stored in both hostTopNDuration and hostTopNTimeRemaining The sampling period value is stored in both hostTopNDuration and hostTopNTimeRemaining

44 Report preparation (2) The value in hostTopNDuration is static and the value in hostTopNTimeRemaining counts second down while preparing report The value in hostTopNDuration is static and the value in hostTopNTimeRemaining counts second down while preparing report When hostTopNTimeRemaining reaches 0 The monitor calculates the final results and creates a set of N data rows When hostTopNTimeRemaining reaches 0 The monitor calculates the final results and creates a set of N data rows To generate additional report for a new time period, get the old report and reset hostTopNTimeRemaining to the value of hostTopNDuration To generate additional report for a new time period, get the old report and reset hostTopNTimeRemaining to the value of hostTopNDuration

45 Fig 8.12 Fig 8.12

46 Fig 8.13 Fig 8.13

47 Matrix group To record information about the traffic between pairs of hosts on a subnetwork To record information about the traffic between pairs of hosts on a subnetwork The information is stored in the form of a matrix The information is stored in the form of a matrix Consists of 3 tables Consists of 3 tables –One control table - matrixControlTable –Two data table – matrixSDTable (traffic from one host to all others), matrixDSTable (traffic from all hosts to one particular host

48 matrixControlTable matrixControlIndex: matrixControlIndex: – identify a row in the matrixControlTable matrixControlDataSource: matrixControlDataSource: –identify interface matrixControlTableSize: matrixControlTableSize: –the number of rows in the matrixSDTable matrixControlLastDeleteTime: matrixControlLastDeleteTime: –the last time that an entry was deleted

49 Fig 8.14 Fig 8.14

50 matrixSDTable (matrixDSTable) matrixSDSourceAddress: the source MAC Address matrixSDSourceAddress: the source MAC Address matrixSDDestAddress: the destination MAC Address matrixSDDestAddress: the destination MAC Address matrixSDIndex: same value as matrixControlIndex matrixSDIndex: same value as matrixControlIndex matrixSDPkts: number of packets transmitted from this source add. to destination add. including bad packet matrixSDPkts: number of packets transmitted from this source add. to destination add. including bad packet matrixSDOctets: number of octets contained in all packets matrixSDOctets: number of octets contained in all packets matrixSDErrors:number of bad packets transmitted from this source add. to destination add. matrixSDErrors:number of bad packets transmitted from this source add. to destination add.

51 matrixSDTable - operation Indexed first by matrixSDIndex then source address then by destination address,for matrixDSTable the source address is the last Indexed first by matrixSDIndex then source address then by destination address,for matrixDSTable the source address is the last The matrixSDTable contains 2 rows for every pair of hosts The matrixSDTable contains 2 rows for every pair of hosts –One row per direction

Download ppt "Remote Monitoring (RMON) RMON specification is primarily a definition of a MIB RMON specification is primarily a definition of a MIB RFC 1757/2819 Remote."

Similar presentations

Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Chapter 8 RMON Chapter 8 Network Management: Principles and Practice © Mani Subramanian 2000 8-1.

Chapter 8 RMON Chapter 8 Network Management: Principles and Practice © Mani Subramanian
1 ICS 156: Lecture 2 (part 2) Data link layer protocols Address resolution protocol Notes on lab 2.

1 ICS 156: Lecture 2 (part 2) Data link layer protocols Address resolution protocol Notes on lab 2.
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
Introduction to Network Analysis and Sniffer Pro

Introduction to Network Analysis and Sniffer Pro
1 Fall 2005 Hardware Addressing and Frame Identification Qutaibah Malluhi CSE Department Qatar University.

1 Fall 2005 Hardware Addressing and Frame Identification Qutaibah Malluhi CSE Department Qatar University.
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Simple Network Management Protocol (SNMP) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.

Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Simple Network Management Protocol (SNMP) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.
REMOTE MONITORING RMON1 (RFC 1757 - DRAFT) TOKEN RING EXTENSIONS TO RMON (RFC 1513 - PROPOSED) RMON2 (RFC 2021 - PROPOSED) SMON (RFC 2613 - PROPOSED) Copyright.

REMOTE MONITORING RMON1 (RFC DRAFT) TOKEN RING EXTENSIONS TO RMON (RFC PROPOSED) RMON2 (RFC PROPOSED) SMON (RFC PROPOSED) Copyright.
Oct 21, 2004CS573: Network Protocols and Standards1 IP: Addressing, ARP, Routing Network Protocols and Standards Autumn 2004-2005.

Oct 21, 2004CS573: Network Protocols and Standards1 IP: Addressing, ARP, Routing Network Protocols and Standards Autumn
1 Pertemuan 08 Remote Monitoring Matakuliah: H0372/Manajemen Jaringan Tahun: 2005 Versi: 1/0.

1 Pertemuan 08 Remote Monitoring Matakuliah: H0372/Manajemen Jaringan Tahun: 2005 Versi: 1/0.
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Simple Network Management Protocol (SNMP) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.

Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Simple Network Management Protocol (SNMP) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.
1 Jim Binkley Remote Monitoring (RMON) Network Manglement.

1 Jim Binkley Remote Monitoring (RMON) Network Manglement.
Chapter 8 RMON Chapter 8 Network Management: Principles and Practice © Mani Subramanian 2000 8-1.

Chapter 8 RMON Chapter 8 Network Management: Principles and Practice © Mani Subramanian
MJ07/07041 Session 07 RMON Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used for Network Management course.

MJ07/07041 Session 07 RMON Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used for Network Management course.
Chapter 8  Remote Monitoring (RMON1) 1 Chapter 8 Overview  RMON1 is a MIB o Also known as RMON  Recall that mib-2 gives info on devices  RMONs provide.

Chapter 8  Remote Monitoring (RMON1) 1 Chapter 8 Overview  RMON1 is a MIB o Also known as RMON  Recall that mib-2 gives info on devices  RMONs provide.
COMP4690, by Dr Xiaowen Chu, HKBU

COMP4690, by Dr Xiaowen Chu, HKBU
NETWORK MANAGEMENT Semester 4, Chapter 7. The Administrative Side of Network Management.

NETWORK MANAGEMENT Semester 4, Chapter 7. The Administrative Side of Network Management.
Remote Network Monitoring (RMON)

Remote Network Monitoring (RMON)
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
Nov 9, 2006 IT 4333, Fall 20061 IT 4333 – Network Admin & Management RMON From: Byte Magazine, Javvin.com, Cisco.com, Wikipedia, and IETF.

Nov 9, 2006 IT 4333, Fall IT 4333 – Network Admin & Management RMON From: Byte Magazine, Javvin.com, Cisco.com, Wikipedia, and IETF.

Similar presentations

Ads by Google