Remote Monitoring (RMON)

Previous page
Table of content
Next page


Like SNMP, RMON (Remote Monitoring) was developed by the IETF. Originally proposed in 1992, RMON was officially adopted as a draft standard in 1995, as RFC 1757. At its core, RMON is an SNMP MIB, which defines a set of objects available to an RMON probe.

RMON works on a manager/agent basis, but while SNMP retrieves information about a specific network device’s status, RMON polls probes for information about network segments. One of the biggest advantages of RMON probes is what is referred to as offline operation, whereby a probe can continuously monitor a network segment in lieu of the RMON console device. This is especially beneficial when the segment is not in continual contact with the console device, such as when a link on the network has failed. This also can substantially reduce overhead CPU usage for the NMS itself, because the probe can handle the segment-specific monitoring duties.

Groups

RMON defines a number of statistics (referred to as groups), each of which delivers specific sets of data. Each group is optional, and vendors can support as many or as few of the groups as they like. Currently, there are two versions of RMON defined by the IETF: RMON1 and RMON2. RMON1 includes 10 groups, and RMON2 adds 9 more. RMON2 does not replace RMON1; instead, it adds onto it. RMON1 is limited to data-link visibility, that is, it only sees Layers 1 and 2 of the OSI model. RMON2 gives visibility into upper layer protocols for better visibility in application and protocol-monitoring situations.

Let’s take a look at the RMON1 and RMON2 groups.

RMON1

RMON1 contains the following groups:

Statistics The Statistics group contains statistics measured by the probe for each monitored interface on the network, for example, broadcast packets, multicast packets, CRC errors, etc.

History The History group records periodic statistical samples and stores them for later analysis.

Alarm The Alarm group periodically collects statistical samples from variables in the probe and compares them with previously configured thresholds. If these variables cross a threshold, an event is generated. (See also the description of the Events group.)

Host The Host group collects information about each host on the network, for example, host MAC address, packets received and transmitted, etc.

HostTopN The HostTopN group is used to prepare reports that describe the hosts that top a list ordered by one of their statistics.

Matrix The Matrix group stores statistics for conversations between sets of two addresses. As the probe detects new conversations, new table entries are created.

Filters The Filters group allows packets to be matched by a filter equation. These matched packets from a data stream may be captured for later analysis, or they may generate events. Associated with each filter is a channel, a specific path along which data flows.

Packet Capture The Packet Capture group allows packets to be captured after they flow through a channel.

Events The Events group controls the generation and notification of events from the probe. An event can generate an SNMP trap, or generate a log entry, or both.

Token Ring The Token Ring group contains Token Ring extensions, including ring station, ring station order, and source routing information.

RMON2

RMON2 contains the following groups:

Protocol Directory The Protocol Directory group provides a list of protocols supported by the RMON device.

Protocol Distribution The Protocol Distribution group contains the traffic statistics for each Layer 3 and above supported protocol.

Address Mapping This group contains the mappings of Network layer addresses to Layer 2 or MAC addresses.

Network Layer Host The Network Layer Host group contains information on Network layer traffic to and from individual hosts.

Network Layer Matrix This group contains statistics for Network layer conversations between pairs of hosts.

Application Layer Host The Application Layer Host group contains statistics on the Application layer traffic to or from individual hosts.

Application Layer Matrix The Application Layer Matrix group contains statistics for Application layer conversations between pairs of hosts.

User History Collection This group contains periodic samples of user-specified variables.

Probe Configuration This group allows for probe configuration issues, such as trap destinations or OBM (out-of-band management).


Previous page
Table of content
Next page
CCDA. Cisco Certified Design Associate Study Guide
CCDA: Cisco Certified Design Associate Study Guide, 2nd Edition (640-861)
ISBN: 0782142001
EAN: 2147483647
Year: 2002
Pages: 201
Authors: Todd Lammle, Andy Barkl
BUY ON AMAZON
Interprocess Communications in Linux: The Nooks and Crannies
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Building Web Applications with UML (2nd Edition)
Cisco CallManager Fundamentals (2nd Edition)
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
Programming .Net Windows Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy