Download syslog

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
Document related concepts

Intelligent maintenance system wikipedia , lookup

Prognostics wikipedia , lookup

Transcript 
Remote Monitoring (RMON)
• RMON specification is primarily a definition of a
•
•
•
MIB
RFC 1757/2819 Remote network monitoring
management information base
RFC 2021 Remote network monitoring
management information base II
RFC 2074 Remote network monitoring MIB
identifier
Goals (RFC1757)
• Off-line operation
– reduce polling from manager
• Proactive monitoring
– Monitor can run diagnostics and log network
performance (if sufficient resources)
• Problem detection and reporting
– Active probing of the network
– The consumption of network resources
– Passively recognize certain error conditions such as
congestion on the traffic that it observes
– Log the condition and attempt to notify the
management station
Goals (RFC1757) con’t
• Value-added-data
– Monitor can perform analyses specific to the
data collected on its subnetwork
– Analyse subnetwork traffic to determine which
hosts generate the most traffic or errors on
the subnetwork
• Multiple managers
– Support more than one manager
– To improve reliability, to perform different
functions
• Fig 8.1
Control of remote monitors
• RMON MIB contains features that support
extensive control from the management
station
• 2 categories of RMON MIB features
– Configuration
– Action invocation
Configuration & Active
invocation
• Configuration
– Each MIB group consists of one or more
control tables and data tables
• Control table – read/write contains parameter that
describe the data in data table
• Data table – read only contains information that is
defined by control table
• Action invocation
– Use SET operation to issue a command
– RMON MIB defines objects to be represented
several commands
Multiple Manager - Problems
• Concurrent requests for resources could
exceed the capability of the monitor to
supply those resources
• A management station could capture and
hold monitor resources for long period of
time
• Resources could be assigned to
management station that crashes without
releasing the resources
Multiple Manager – Solution
• Ownership label is used for a particular row of
the table
– A management station may recognize resources it
owns and no longer need
– A network operator can identify and negotiate the
management station to free the resources
– A network operator may have the authority
unilaterally to free resources another network
operator has reserved
– If a management station experiences a reinitialization
, it can recognize resources it had reserved in the
past and free those it no longer needs
Ownership concept
• Ownership label contains one or more of the
following:
– IP address, management station name, network
manager’s name, location or phone number
• However, the ownership label does not act as
a password or access-control mechanism
• Therefore, a row can be read-write by the
management station who does not own the
row
• Fig 8.3
Good and Bad Packets
• RFC 2819
• Good packets are error-free packets that
have a valid frame length.
• For example, on Ethernet, good packets are
error-free packets that are between 64
octets long and 1518 octets long.
• Bad packets are packets that have proper
framing and are therefore recognized as
packets, but contain errors within the
packet or have an invalid length.
• For example, on Ethernet, bad packets
have a valid preamble and SFD, but have
a bad CRC, or are either shorter
The RMON MIB
• RMON (v1) MIB is incorporated into MIB-II
with a subtree identifier of 16 (10 groups)
• statistics: maintains low-level utilization
and error statistics for each subnetwork
monitored by the agent
• History: record periodic statiscal samples
from information available in the statistic
group
RMON MIB Group
• alarm: allow the management console user
to set a sampling interval and alarm
threshold for any counter or integer
recorded by the RMON probe
• host:contains counter for various types of
traffic to and from hosts attached to the
subnetwork
• hostTopN: contains sorted host statistics
that report that top a list based on some
parameter in the host table
• matrix: show error and utilization information in
•
•
•
•
matrix form
filter:allow the monitor to observe packet that
match a filter
(Packet) capture: governs how data is sent to a
management console
event: gives a table of all events generated by
RMON probe
tokenRing:maintains statistics and configuration
information for token ring subnetworks
Important note 1
• All groups in the RMON MIB are optional
but there are some dependencies
• The alarm group require the
implementation of the event group
• The hostTopN group requires the
implementation of the host group
• The packet capture group require the
implementation of the filter group
Important note 2
• Collection of traffic statistics for one or
more subnetworks
– statistics, history, host, hostTopN, matrix,
tokenRing
• Various alarm conditions and filtering with
user-defined
– alarm, filter, capture, event
Statistics Group (1)
• Fig 8-6
Statistics Group (2)
• Table 8.2
Statistics Group (3)
Statistics Group (4)
• The statistics group provides useful
information about the load and overall
health of the subnetwork
• Various error conditions are counted such
as CRC or alignment error, collision,
undersized and oversized packets
History Group
• The history group is used to define
sampling functions for one or more of the
interfaces of the monitor
• 2 tables
• historyControltable – specify the interface
and detail of sampling function
• etherHistorytable – record data
• Fig 8.7
historyControlTable
• historyControlIndex: index of entry which is the same
•
•
•
•
number as used in etherhistoryTable
historyControlDataSource: identify interface to be
sampled
historyControlBucketsRequested: the requested
number of discrete sampling interval, a default value
is 50
historyControlBucketsGranted: the actual number of
discrete sampling interval
historyControlInterval: interval in second, maximum
is 3600 (1 hour) ,default value is 1800
Sampling scheme
• Consider by historyControlBucketGranted
and historyControlInterval
• Ex. Use the default value of both
– the monitor would take a sample once every
1800 seconds ( 30 min) each sample is stored
in a row of etherHistoryTable
– The most 50 rows are retained
Utilization
• It calculates on the two counters
:ehterStatsOctets and etherStatsPkts
• Utilization=100% x [(Packets x
(96+64)))+(Ocetsx8)/interval x 107]
• 64 bit – preamble
• 96 bit – interframe gap
• Assume data rate 10Mbps
• Fig8.8
Host Group
• To gather statistics about specific hosts on
the LAN by observing the source and
destination MAC addresses in good packets
• Consists of 3 tables:
– one control table (HostControlTable)
– two data tables (hostTable,hostTimeTable) same
information but index differently
hostControlTable
• hostControlIndex:
– identify a row in the hostControlTable ,refering to a
unique interface of the monitor
• hostControlDatasource:
– identify the interface (the source of the data)
• hostControlTablesize:
– the number of rows in hostTable (hostTimeTable)
• hostControlLastDeleteTime: the last time that an
entry (hostTable) was deleted
• Fig 8.9
A simple RMON configuration
• Fig8.10
hostTable
• hostAddress: MAC address of this host
• hostCreationOrder: an index that defines
the relative ordering of the creation time
of hosts (index takes on a value 1-N)
• hostIndex : the same number as
hostControlIndex
Counter in hostTable
• Table 8.3
• Fig 8.11
hostTopN Group
• To maintain statistics about the set of
hosts on one subnetwork that top a list
based on some parameters
• Statistics that are generated for this group
are derived from data in the host group
• The set of statistics for one object
collected during one sampling interval is
referred as report
hostTopNControlTable (1)
• hostTopNControlIndex :
– identify row in hostTopNControlTable,defining
one top-N report for one interface
• hostTopNHostIndex:
– match the value of hostControlIndex ,specifying
a particular subnetwork
• hostTopNRateBase:
– specify one of seven variables from hostTable
hostTopNControlTable (2)
• Variable in hostTopNRate
– INTEGER { hostTopNInPkts (1),
hostTopNOutPkts (2),
hostTopNInOctets (3),
hostTopNOutOctets (4),
hostTopNOutErrors (5),
hostTopNOutBroadcastPkts (6),
hostTopNOutMulticastPkt (7),
}
hostTopNControlTable (3)
• hostTopNTimeRemaining:
– time left during report currently being collected
• hostTopNDuration:
– sampling interval
• hostTopNRequestedSize:
– maximum number of requested hosts for the top-N
report
• hostTopNGrantedSize:
– maximum number of hosts for the top-N report
• hostTopNStartTime:
– the last start time
hostTopNTable
• hostTopNReport:
– same value as hostToNControlIndex
• hostTopNIndex:
– uniquely identify a row
• hostTopNAddress:
– MAC address
• hostTopNRate:
– the amount of change in selected variable
during sampling interval
Report preparation (1)
• A management station creates a row of the
control table to specify a new report.
• This control entry instructs the monitor to
measure the difference between the beginning
and ending values of a particular host group
variable over a specific sampling period
• The sampling period value is stored in both
hostTopNDuration and
hostTopNTimeRemaining
Report preparation (2)
• The value in hostTopNDuration is static and the
•
•
value in hostTopNTimeRemaining counts second
down while preparing report
When hostTopNTimeRemaining reaches 0 The
monitor calculates the final results and creates a
set of N data rows
To generate additional report for a new time
period, get the old report and reset
hostTopNTimeRemaining to the value of
hostTopNDuration
• Fig 8.12
• Fig 8.13
Matrix group
• To record information about the traffic
between pairs of hosts on a subnetwork
• The information is stored in the form of a
matrix
• Consists of 3 tables
– One control table - matrixControlTable
– Two data table – matrixSDTable (traffic from
one host to all others) , matrixDSTable (traffic
from all hosts to one particular host
matrixControlTable
• matrixControlIndex:
– identify a row in the matrixControlTable
• matrixControlDataSource:
– identify interface
• matrixControlTableSize:
– the number of rows in the matrixSDTable
• matrixControlLastDeleteTime:
– the last time that an entry was deleted
• Fig 8.14
matrixSDTable (matrixDSTable)
•
•
•
•
•
•
matrixSDSourceAddress: the source MAC Address
matrixSDDestAddress: the destination MAC Address
matrixSDIndex: same value as matrixControlIndex
matrixSDPkts: number of packets transmitted from
this source add. to destination add. including bad
packet
matrixSDOctets: number of octets contained in all
packets
matrixSDErrors:number of bad packets transmitted
from this source add. to destination add.
matrixSDTable - operation
• Indexed first by matrixSDIndex then
source address then by destination
address ,for matrixDSTable the source
address is the last
• The matrixSDTable contains 2 rows for
every pair of hosts
– One row per direction
Related documents
inse7120-lec8
inse7120-lec8
Impact of Computers on Society
Impact of Computers on Society
Chapter 7 - Chabot College
Chapter 7 - Chabot College
Basic Ingredients of Network Management
Basic Ingredients of Network Management
Remote+Monitoring+and+DMI
Remote+Monitoring+and+DMI
CPSC 155a Lecture 3
CPSC 155a Lecture 3
226_Rev3
226_Rev3
SP15_Review2_226
SP15_Review2_226
CPSC 155a Lecture 3
CPSC 155a Lecture 3
W 10/1
W 10/1
Web Services Using Visual .NET
Web Services Using Visual .NET
A Transactional Approach to Configuring Telecommunications
A Transactional Approach to Configuring Telecommunications