Remote monitoring (RMON) is a kind of
management information base (MIB) defined by Internet Engineering Task Force
(IETF) and is a most important enhancement made to MIB II standards. RMON is
mainly used to monitor the data traffic across a network segment or even the
entire network, and is currently a commonly used network management standard.
An RMON system comprises two parts: the
network management station (NMS) and the agents running on each network device.
RMON agents operate on network monitors or network probes to collect and keep
track of the statistics of the traffic across the network segments to which
their ports connect such as the total number of the packets on a network
segment in a specific period of time and the total number of packets that are
sent to a specific host successfully.
RMON is fully based on simple network management
protocol (SNMP) architecture. It is compatible with the current SNMP, so that
you can implement RMON without modifying SNMP. RMON enables SNMP to monitor
remote network devices more effectively and actively, thus providing a
satisfactory means of monitoring the operation of the subnet. With RMON, the
communication traffic between NMS and agents is reduced, thus facilitating the management
of large-scale internets.
RMON allows multiple monitors. It collects
data in one of the following two ways:
l
Using the dedicated RMON probe. When an system
operates in this way, the NMS directly obtains management information from the
RMON probes and controls the network resources. In this case, all information
in the RMON MIB can be obtained.
l
Embedding RMON agents into network devices (such
as routers, switches and hubs) directly to make the latter capable of RMON
probe functions. When an RMON system operates in this way, the NMS collects
network management information by exchanging information with the SNMP agents using
the basic SNMP commands. However, this way depends on device resources heavily
and an NMS operating in this way can only obtain four groups of information
(instead of all the information in the RMON MIB). The four groups are alarm
group, event group, history group and statistics group.
An S3100-SI series switch implements RMON
in the second way. Through the RMON-capable SNMP agents running on the network
monitors, an NMS can obtain the information about the total traffic, error
statistics and performance statistics of the network segments to which the
ports of the managed network devices are connected. Thus, the NMS can further
manage the networks.
I. Event group
The event group is used to define the
indexes of events and the processing methods of the events. The events defined
in an event group are mainly used in alarm group and extended alarm group to
trigger alarms.
You can specify a network device to act in
one of the following ways in response to an event:
l
Logging the event
l
Sending trap messages to the NMS
l
Logging the event and sending trap messages to
the NMS
l
No processing
II. Alarm group
RMON alarm management enables monitors on
specific alarm variables (such as the statistics of a port). When the value of
a monitored variable exceeds the threshold, an alarm event is generated, which
triggers the network device to act in the set way. Events are defined in event
groups.
With an alarm entry defined in an alarm
group, a network device performs the following operations accordingly:
l
Sampling the defined alarm variables
(alarm-variable) once in each specified period (sampling-time)
l
Comparing the sampled value with the set threshold
and triggering the corresponding events if the sampled value exceeds the threshold
III. Extended alarm group
With extended alarm entry, you can perform
operations on the samples of an alarm variable and then compare the operation
result with the set threshold, thus implement more flexible alarm functions.
With an extended alarm entry defined in an
extended alarm group, the network devices perform the following operations
accordingly:
l
Sampling the alarm variables referenced in the
defined extended alarm expressions once in each specified period
l
Performing operations on sampled values
according to the defined operation formulas
l
Comparing the operation result with the set threshold
and triggering corresponding events if the operation result exceeds the threshold.
IV. History group
After a history group is configured, the Ethernet
switch collects network statistics information periodically and stores the
statistics information temporarily for later retrieval. A history group can
provide the history data of the statistics on network segment traffic, error
packets, broadcast packets, and bandwidth utilization.
With the history data management function,
you can configure network devices, such as collecting history data, collecting
the data of a specific port periodically and saving them.
V. Statistics group
Statistics group contains the statistics of
each monitored port on a network device. An entry in a statistics group is an
accumulated value counting from the time when the statistics group is created.
The statistics include the number of the
following items: collisions, packets with cyclic redundancy check (CRC) errors,
undersize (or oversize) packets, broadcast packets, multicast packets, and
received bytes and packets.
With the RMON statistics management
function, you can monitor the usage of a port and make statistics on the errors
occurred when the ports are being used.
It is required to
configure the history group and the statistics group in port view because they
are port-oriented RMON groups.
Before performing RMON configuration, make
sure the SNMP agents are correctly configured. For the information about SNMP
agent configuration, refer to the “Configuring Basic SNMP Functions”
part in SNMP Configuration Operation Manual.
Table 1-1 Configure RMON
|
Operation
|
Command
|
Description
|
|
Enter
system view
|
system-view
|
—
|
|
Add an
event entry
|
rmon
event event-entry
[ description string ] { log | trap trap-community
| log-trap log-trapcommunity | none
} [ owner text ]
|
Optional
|
|
Add an alarm entry
|
rmon alarm
entry-number alarm-variable sampling-time { delta
| absolute } rising-threshold threshold-value1
event-entry1 falling-threshold threshold-value2
event-entry2 [ owner text ]
|
Optional
Before adding an alarm entry, you need to
use the rmon event command to define the event referenced by the alarm
entry.
|
|
Add an extended alarm entry
|
rmon prialarm entry-number prialarm-formula prialarm-des sampling-timer { delta | absolute | changeratio } rising-threshold
threshold-value1 event-entry1 falling-threshold
threshold-value2 event-entry2 entrytype { forever | cycle
cycle-period } [ owner text ]
|
Optional
Before adding an extended alarm entry,
you need to use the rmon event command to define the event referenced
by the extended alarm entry.
|
|
Enter Ethernet port view
|
interface interface-type interface-number
|
—
|
|
Add a history entry
|
rmon history entry-number buckets number interval
sampling-interval [ owner text ]
|
Optional
|
|
Add a statistics entry
|
rmon statistics entry-number [ owner text ]
|
Optional
|
l
The rmon alarm and rmon prialarm
commands take effect on existing nodes only.
l
For each port, only one RMON statistics entry
can be created. That is, if an RMON statistics entry is already created for a
given port, creation of another entry with a different index for the same port
will not succeed.
After the above configuration, you can
execute the display command in any view to display the RMON running
status, and verify the effect of the configuration.
Table 1-2 Display
RMON
|
Operation
|
Command
|
Description
|
|
Display
RMON statistics
|
display
rmon statistics [ interface-type interface-number
| unit unit-number ]
|
The display
command can be executed in any view
|
|
Display
RMON history information
|
display
rmon history [ interface-type interface-number
| unit unit-number ]
|
|
Display
RMON alarm information
|
display
rmon alarm [ entry-number ]
|
|
Display
extended RMON alarm information
|
display
rmon prialarm [ prialarm-entry-number ]
|
|
Display
RMON events
|
display
rmon event [ event-entry ]
|
|
Display
RMON event logs
|
display
rmon eventlog [ event-entry ]
|
I. Network requirements
l
Ensure that the SNMP agents are correctly
configured before performing RMON configuration.
l
The switch to be tested has a configuration
terminal connected to its console port and is connected to a remote NMS through
Internet. Create an entry in the Ethernet statistics table to make statistics
on the Ethernet port performance for network management.
II. Network diagram
Figure 1-1 Network diagram for RMON configuration
III. Configuration procedures
# Configure RMON.
<H3C> system-view
[H3C] interface Ethernet1/0/1
[H3C-Ethernet1/0/1] rmon statistics 1
owner user1-rmon
# Display RMON configuration.
[H3C-Ethernet1/0/1] display rmon
statistics Ethernet1/0/1
Statistics entry 1 owned by
user1-rmon is VALID.
Interface :
Ethernet1/0/1<ifIndex.4227626>
etherStatsOctets : 0 ,
etherStatsPkts : 0
etherStatsBroadcastPkts :
0 , etherStatsMulticastPkts : 0
etherStatsUndersizePkts :
0 , etherStatsOversizePkts : 0
etherStatsFragments :
0 , etherStatsJabbers : 0
etherStatsCRCAlignErrors :
0 , etherStatsCollisions : 0
etherStatsDropEvents (insufficient
resources): 0
Packets received according to
length:
64 : 0 , 65-127 :
0 , 128-255 : 0
256-511: 0 , 512-1023:
0 , 1024-1518: 0
