Although RMON has worked miracles with many enterprise networks, it still has several issues surrounding its operation that need to be worked out. With the advent of high-performance switched internetworks, new RMON instrumentation solutions were required to counter the dramatically increased number of segments, and the development of Virtual LANs (VLANs) plus fast Ethernet inter-switched links. The two main drawbacks to RMON are:
This just goes to show that nothing answers 100% of the questions surrounding Enterprise networks. RMON2RMON2 overcomes these problems in several different ways. To begin with, by using RMON2-based probes, all RMON2 groups map into the major network-layer protocols such as IP, Novells IPX, OSI, AppleTalk, Banyan VINES, and DECnet, giving a complete start-to-finish view of all network traffic. Also, RMON2 includes the specifications for monitoring application-layer traffic. This enables the network managers to monitor network applications such as Lotus Notes, Telnet, and Microsoft Mail. This newly developed capability, to monitor application-layer traffic, enables network managers to be proactive in troubleshooting key application-layer traffic within the network. The RMON alarms, statistics, history, and host/conversation groups in the RMON MIB can now be utilized for troubleshooting and maintaining network functionality based upon application-layer traffic. RMON2 adds the following key enhancements:
The list that follows shows the various MIB groups found within RMON2 and what each brings to your network.
RMON Configuration ExampleThis section provides a brief example of how to configure RMON using Ciscos IOS 11.1. It will detail the required IOS and provide a real life example for a 2500 series router. Required Software All IOS 11.1 or later software includes RMON alarms and events groups. In addition, full 9-group RMON support is available on the Ethernet port of 2500 series routers running the images detailed in Table 12-1.
Basic Configuration To enable full RMON support on an Ethernet interface of a 2500 series router, enter the following: interface Ethernet 0 rmon {native | promiscuous} snmp-server community <community> RW snmp-server host <ip address> <community> In native mode, RMON reports only on traffic through the router. In promiscuous mode, it reports on all traffic, including the traffic not destined for transmission through the router. Promiscuous mode is very CPU intensive. A performance hit of at least 20 percent per monitored Ethernet is not uncommon. SNMP Read-Write access is necessary if you use an RMON console (such as Netscout). The default size of the queue that holds the packets for analysis by RMON is 64 packets. To change the size of the RMON queue, type: rmon queuesize <size> When you run in promiscuous mode, you will almost certainly have to increase the queuesize to prevent drops in the RMON input queue. There is a hidden command to change the (default low) priority of the rmon process: rmon priority ( low | normal | high }
|