Beruflich Dokumente
Kultur Dokumente
Network Monitoring
J. Won-Ki Hong Dept. of Computer Science and Engineering POSTECH Tel: 054-279-2244 Email: jwkhong@postech.ac.kr
Table of Contents
Introduction Monitored Types of Information Network Monitoring Configurations Network Monitoring Methods Performance Monitoring
Performance Indicators Performance Monitoring Functions
Fault Monitoring
Problems of Fault Monitoring Fault Monitoring Functions
Accounting Monitoring
2
Introduction
Network monitoring is concerned with observing and analyzing the status and behavior of the end systems, intermediate systems, and subnetworks that make up the network to be managed Issues in network monitoring
what to monitor?
define what is to be monitored
how to monitor?
how to obtain information from managed resources
Dynamic information
changes frequently information related to events in the network
e.g., change of state, transmission/reception of packets
Statistical information
derived from dynamic information
e.g., average number of packets transmitted per unit time
4
manager function
performs the basic monitoring function of retrieving information
agent function
gathers and records management information for one or more network elements and delivers the information to the monitor
managed objects
mgmt information that represents resources and their activities
monitoring agent
generates summaries and statistical analysis of mgmt information
6
...
Subnetwork or internet
Subnetwork or internet
Subnetwork or internet Agent function LAN observed traffic (c) External monitor
Event Reporting
information flow is initiated from the agent to manager an agent may generate report periodically to give the manager its current status or whenever a significant event (e.g., change of a state) or an unusual event (e.g., fault) occurs good for detecting problems as soon as they occur
9
Performance Monitoring
Measuring the performance of the network (or performance monitoring) is absolutely required in NM
to detect & fix problems that cause performance degradation to better plan network upgrades
Efficiency-oriented
Throughput: the rate at which application-oriented events (e.g.,
file transfers) occur
Network
SO WI TI RT = TI + WI + SI + CPU + WO + SO + TO WO CPU
RT = response time TI = inbound terminal delay WI = inbound queuing time SI = inbound service time
CPU = CPU process delay WO = outbound queuing time SO = outbound service time TO = outbound terminal delay
12
Performance Analysis
analyzing the gathered data and presenting it e.g., total, average, min, max, histogram
Fault Monitoring
To detect faults as quickly as possible after they occur and to identify the cause of the fault so that correctional action may be taken Problems of Fault Monitoring
Fault Detection Problems
Unobservable faults: e.g., deadlock, device not monitorable Partially observable faults: insufficient to pinpoint the problem Uncertainty in observation: not clear what the problem is
Client
Router
Router
Server
MUX
T1
MUX
PBX
PBX
802.3
16
Transport failure
Client Server Data link failure Transmission Mux Mux break Router Router 17
Event Reporting
sending events, errors to managers sending alarms to manager to warn possible problems
Diagnostic Functions
connectivity test (e.g., traceroute) response-time test liveness test (e.g., ping) protocol integrity test loopback test
18
Accounting Monitoring
Keeping track of users usage of network resources
communication facilities computer hardware software and systems services
Usage may need to be broken down by account, by project, or by individual user for appropriate accounting purposes
19
Summary
Network monitoring is the most basic aspect of NM The purpose of network monitoring is to gather information about the status and behavior of network elements Information to be gathered include
static, dynamic and statistical information