Remote Monitoring (RMON) standards provide distributed management architecture for performing traffic analysis, troubleshooting, trend reporting, and proactive network management. Normally, a RMON probe is attached to each segment; however, with the increasing high-performance of switched internetworks, a new standard needed to be developed to handle these technologies such as Virtual LANs (VLANs) and fast Ethernet inter-switch networks. RMON2 adds several key enhancements to the already manager-friendly RMON standard. The main feature is that it extends its reach to the third layer in the OSI reference modelthe Network Layer. It provides network-layer host and matrix tables for monitoring layer three traffic by host, or by conversations for various network protocols. Furthermore, it provides this new layer connectivity without sacrificing the standard RMON attributes such as: bandwidth utilization, packet rate, and rate errors. Application Layer host and matrix tables are also included in this second version, for monitoring layer seven traffic, by host or conversation for various applications. Figure 12-2 shows the coverage provided by RMON.
RMON also provides address mapping for aggregating the statistics by network address as well as MAC addresses for Ethernet and Token Ring networks.
It adds protocol directory and distribution groups for displaying selected protocols and their distribution for each LAN segment. Finally, it provides a user-defined history, which now extends beyond the Link-Layer statistics to include any RMON1&2, or MIB I or II statistics.
The RMON standard was originally created for a distributed computing architecture, in which the agents and probes communicate using a central station, normally the manager, via the SNMP protocol. The RMON standard provides a powerful management tool for performing traffic analysis, troubleshooting, trend reporting, and proactive network management. An RMON probe, or agent, is generally attached to each network segment, thus providing visibility into all network activities. The main benefit when utilizing RMON technology is increased network availability for users and high productivity for network managers.
A basic RMON system can provide the following:
RMON is an extension of the reach of the network managers operation to other networks under his/her control. As probes, or RMON agents, monitor the flow of data on the remote network, they organize that information into a coherent format that the network manager can easily interpret and use to better manipulate the network. Figure 12-3 illustrates the function and routing of information from an RMON probe to the network managers workstation.
The RMON probe monitors and organizes data flow on the remote network, reducing the amount of bandwidth required to transmit the information to the managers station. In doing so, this alleviates the problem associated with SNMPthe significant degradation of lower bandwidth when operating geographically separated networks. The WAN circuit used to connect the separate networks operates at a fraction of the operating rate of a LAN circuitby reducing the potential of saturation on a WAN circuit, the overall network performance is increased.
Every RMON probe includes a MIB that defines each attribute of the object/device being monitored. RFC 1271, published in November 1991, was the first RMON MIB standard. It dealt strictly with Ethernet LANs. It provided network managers with comprehensive network fault tolerance, diagnosis, planning, and performance information. It delivered this information in nine groups of monitored elements. Each group provided specific data sets to meet common monitoring requirements. Following that, RFC 1513, published in September 1993, extended the RMON MIB to include Token Ring networks. Although RMON MIBs define the attributes of objects on the monitored networks, the value and usefulness of this information is dependent on the application the manager is using, and the extent he/she uses that information. The list that follows shows the various groups found within RMON and what they bring to your network.