North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Backbone Monitoring Tools

  • From: Alexei Roudnev
  • Date: Wed Mar 29 12:10:37 2006

Snmpstat was esigned for ISP in Russia, and is used actively by a few ISP. I
modified it for enterprise here in USA and use for entyerprise monitoring as
well. It if _fixed parameter system_ so it imonitors just
routeres/switches/firewalls for a limited set of parameters (interfaes and
ports) but do it very well and have very useful compactt view, tickets,
sopund alerts for opertators, etc.

It uses simple config file which can be easily generated or can be modified
by the web. I use it (Poll.conf file) as a primary documentation (saving it
into CVS on each change). We are using snmpstat in combination with cricket
or mtg (which monitors parameters not covered by snmpstat), and combine it
with CCR - cisco configuration repository (track cisco config changes),
ProBIND2 (control all DNS'es around), acid (snort viewer), inventory
database (shows hardware in the racks), alert aliasing system (just set of
aliases + archive for alerts, warnings and so on), osiris (control server's
changes), and few other tools (you can see short description on the snmpstat
page).

It is not (yes; I have it in TODO but did not had demand so it was not
completed) packed as 'rpm' or well auto-configured (but the only problem we
hais usually _fix small inconsistancy in include files of embeddded snmp
package), but is very fast (we monitor 1,000 - 2,000 interfaces without any
visible impact on our FreeBSD servers) and relatively simple.




----- Original Message ----- 
From: "Jim Trocki" <[email protected]>
To: "Alexei Roudnev" <[email protected]>
Cc: "Ray Burkholder" <[email protected]>; "'Ashe Canvar'"
<[email protected]>; <[email protected]>
Sent: Wednesday, March 29, 2006 5:09 AM
Subject: Re: Backbone Monitoring Tools


> On Wed, 29 Mar 2006, Alexei Roudnev wrote:
>
> >
> > I use snmpstatd - snmpstat.sf.net .
> >
>
> Oooh, looks nice!
>
> >> From: [email protected] [mailto:[email protected]] On Behalf Of
> >> Ashe Canvar
>
> >>  2. actively detect routing changes / failover to redundant paths using
> >> traceroutes
> >>      i.e. alert if  SFO->CHG->NYC changes to SFO->LXE->HOU->NYC
> >>      ( link state protocols suck as far as testing backup paths go)
>
> Ashe,
>
> I've done this using "mon" (http://www.kernel.org/software/mon/). It comes
with
> two traceroute monitors which remember the past paths and alert when that
path
> changes. In fact, one of the monitors can even detect load-balanced
alternate
> paths, e.g. if there are multiple possible intermediate paths during
normal
> operation.
>
> You'll want to look at the latest 1.1 release from CVS:
>
>      http://www.kernel.org/software/mon/development.html
>
> >> 3. actively transfer a fixed file
> >>    i.e. draw a datarate grid between every datacenter and every other
> >> datacenter
>
> In fact, I belive people have done precisely this with mon before.
> Try asking on the mailing list, I'm quite sure someone will respond.
>
> >> I am in a buy vs. build debate with my boss ;)
>
> Build! I think mon gets you at least 90% to where you want to go.
>