Remote Monitoring (RMON) is a standard monitoring specification that enables various network monitors and console systems to exchange network-monitoring data. RMON provides network administrators with more freedom in selecting network-monitoring probes and consoles with features that meet their particular networking needs. This chapter provides a brief overview of the RMON specification, focusing on RMON groups.
The RMON specification defines a set of statistics and functions that can be exchanged between RMON-compliant console managers and network probes. As such, RMON provides network administrators with comprehensive network-fault diagnosis, planning, and performance-tuning information.
RMON was defined by the user community with the help of the Internet Engineering Task Force (IETF). It became a proposed standard in 1992 as RFC 1271 (for Ethernet). RMON then became a draft standard in 1995 as RFC 1757, effectively obsoleting RFC 1271.
Figure 51-1 illustrates an RMON probe capable of monitoring an Ethernet segment and transmitting statistical information back to an RMON-compliant console.
Figure 51-1: An RMON probe can send statistical information to an RMON console.
Table 51-1: RMON Monitoring Groups
The RMON specification defines a set of statistics and functions that can be exchanged between RMON-compliant console managers and network probes. As such, RMON provides network administrators with comprehensive network-fault diagnosis, planning, and performance-tuning information.
RMON was defined by the user community with the help of the Internet Engineering Task Force (IETF). It became a proposed standard in 1992 as RFC 1271 (for Ethernet). RMON then became a draft standard in 1995 as RFC 1757, effectively obsoleting RFC 1271.
Figure 51-1 illustrates an RMON probe capable of monitoring an Ethernet segment and transmitting statistical information back to an RMON-compliant console.
Figure 51-1: An RMON probe can send statistical information to an RMON console.
RMON Groups
RMON delivers information in nine RMON groups of monitoring elements, each providing specific sets of data to meet common network-monitoring requirements. Each group is optional so that vendors do not need to support all the groups within the Management Information Base (MIB). Some RMON groups require support of other RMON groups to function properly. Table 51-1 summarizes the nine monitoring groups specified in the RFC 1757 Ethernet RMON MIB.Table 51-1: RMON Monitoring Groups
| RMON Group | Function | Elements |
|---|---|---|
| Statistics | Contains statistics measured by the probe for each monitored interface on this device. | Packets dropped, packets sent, bytes sent (octets), broadcast packets, multicast packets, CRC errors, runts, giants, fragments, jabbers, collisions, and counters for packets ranging from 64-128, 128-256, 256-512, 512-1024, and 1024-1518 bytes. |
| History | Records periodic statistical samples from a network and stores them for later retrieval . | Sample period, number of samples, item(s) sampled. |
| Alarm | Periodically takes statistical samples from variables in the probe and compares them with previously configured thresholds. If the monitored variable crosses a threshold, an event is generated. | Includes the alarm table and requires the implementation of the event group. Alarm type, interval, starting threshold, stop threshold. |
| Host | Contains statistics associated with each host discovered on the network. | Host address, packets, and bytes received and transmitted, as well as broadcast, multicast, and error packets. |
| HostTopN | Prepares tables that describe the hosts that top a list ordered by one of their statistics. The available statistics are samples of one of their base statistics over an interval specified by the management station. Thus, these statistics are rate-based. | Statistics, host(s), sample start and stop periods, rate base, duration. |
| Matrix | Stores statistics for conversations between sets of two addresses. As the device detects a new conversation, it creates a new entry in its table. | Source and destination address pairs and packets, bytes, and errors for each pair. |
| Filters | Enables packets to be matched by a filter equation. These matched packets form a data stream that might be captured or might generate events. | Bit-filter type (mask or not mask), filter expression (bit level), conditional expression (and, or, not) to other filters. |
| Packet Capture | Enables packets to be captured after they flow through a channel. | Size of buffer for captured packets, full status (alarm), number of captured packets. |
| Events | Controls the generation and notification of events from this device. | Event type, description, last time event sent. |
No comments:
Post a Comment