Guest

Network Monitoring

RMON on the Workgroup Catalyst Series

Document ID: 10675

Updated: Oct 26, 2005

   Print

Introduction

This document introduces you to the Workgroup Catalyst RMON (Remote Monitoring). The information presented here includescapabilities and limitations, answers to frequently asked questions, solutions to known problems, and descriptions of common error messages. For information about the TrafficDirector software, refer to the documents in the Related Information section of this document and release notes.

Here are some helpful terms:

  • RMON client—the TrafficDirector RMON software running on the Management System (for example, Sun SPARC)

  • RMON Agent—the Workgroup Catalyst Simple Network Management Protocol (SNMP) stack

Workgroup Catalyst RMON Capabilities

Catalyst switch Device Management Protocol (DMP) and Network Management Processor (NMP) software version 3.1 or later support the RMON Management Information Base (MIB) RFC1271. This means that the Catalyst switch can act as an RMON probe for any of its Ethernet segments. The RMON agent is not supported on the FDDI port, but FDDI can be managed with SNMP.

Each Ethernet interface on the Workgroup Catalyst can be configured as an RMON probe with RMON client software such as TrafficDirector. The Catalyst switch has limited resources for RMON and SNMP processing. These resources comprise both memory buffer space and CPU cycles. The Workgroup Catalyst is not a dedicated RMON agent, so the first priority is to switch network traffic or route,if configured to do so.

  • The Cisco Catalyst 1200 switch supports nine RMON groups: Statistics, History, Hosts, Traffic Matrix, Top N, Filters, Events, Data Capture and Alarms. This support is only accomplished through TrafficDirector. HP Openview and other SNMP managers can only poll for the statistics and history groups of the RMON MIB.

  • The Catalyst 5000 switch supports mini-RMON: Statistics, History, Alarms, and Events.

The Catalyst switch also responds to MIB browse queries such as generic SNMP MIB Browser. These queries represent SNMP GetRequest PDUs that the Catalyst is able to process and respond to, as long as the IP layer is configured properly and the community string is valid.

In addition to the RMON MIB, the Catalyst switch supports various other MIBS. For more information, refer to the MIB Support Lists.

The Cisco Catalyst 1200 switch can support up to eight interfaces (ports 3 through 10).

The Workgroup Catalyst 1200 has 768K bytes of memory reserved for RMON usage. Memory that is not used by one group can be used by other groups. When you configure probes and install domains, keep these numbers in mind:

Group Definition Space Used Notes
Statistics 100 bytes ---
Short History 5K 50 buckets max*
Long History 5K 50 buckets max*
Host Table 25K <= 256 hosts
Matrix (conversations) 30K <= 1024 conversations
Full domain 75K upper limit
Filters **    
Events **    

Note: * A bucket is one sample of data collection.

Note:  ** Do not worry about memory for this activity.

Dynamic memory usage for mini-RMON in Catalyst 5000 series:

Group Definition Space Used Notes
Statistics 140 bytes per port
History 3K for 50 buckets each additional bucket uses 56 bytes
Alarm & Event 1.3K per alarm per port

There is a single pool of DRAM for dynamic allocation. Every feature draws from this pool. Use the formulas presented in order to determine use for RMON.

Use the show version command in order to see the amount of Used and Free DRAM in Release 3.1 and later.

On the Cisco Catalyst 1200, Data Capture consumes flexible free buffers (between 64K and 256K), so keep these combinations in mind:

  • Full RMON on all ports + multiple alarms and events + one 256K data capture on one port

  • 1-6 domains with only Statistics and History on all interfaces + multiple alarms and events + one 512K data capture on one interface

  • 1-6 domains with only Statistics and History on all interfaces + multiple alarms and events + two 256K data captures on two interfaces

  • 1-6 domains with only Statistics and History on all interfaces + multiple alarms and events + four 128K data captures on four interfaces

  • 1-6 domains with only Statistics and History on all interfaces + multiple alarms and events + eight 64K data captures on all interfaces

Use this formula in order to calculate memory usage for RMON by the Catalyst switch:

Memory Usage = # logical agents defines * [(75k for all agents)+(short
term hist. = 5k)+(long term hist. = 5k)+(host table = 25k)+(matrix table
= 30K)+(statistics = 100 bytes = 0.1k)+(data capture =[64-512]k)] <=
768k bytes

For more information on document conventions, refer to the Cisco Technical Tips Conventions.

General Questions

Q. Can I use a conventional SNMP Manager, HP OpenView for example, in order to poll RMON (RFC 1271) objects from the Workgroup Catalyst switch?

A. No, not with version 3.1 of the Workgroup Catalyst switch DMP and NMP software; you need version 3.2 in order to do this. With version 3.2 installed, run this command in order to reset the Workgroup Catalyst and poll for RMON MIB objects:

set RMON default_groups enable

Q. Does the Workgroup Catalyst switch also support MIB II objects?

A. Yes, the Workgroup Catalyst supports MIB II objects as well as the RMON MIB.

Q. Do I need any special hardware upgrade in order to use the RMON features of the Workgroup Catalyst?

A. No, the Workgroup Catalyst switch does not need any special hardware upgrades in order to utilize full RMON functionality.

Q. Can I define an agent on the FDDI port of the Workgroup Catalyst switch?

A. No, the Workgroup Catalyst does not support RMON for the FDDI port.

Q. How can I use the Workgroup Catalyst RMON switch feature in order to monitor more than one segment?

A. You need to define a separate agent for each interface through the TrafficDirector software. Insert the proper interface number based on the port or segment that you want to monitor every time you define a new agent.

Q. Can I define RMON agents, on the Workgroup Catalyst switch ports, that are in different route groups than my RMON client?

A. Yes, SNMP is a routable protocol. Therefore, SNMP requests for RMON objects are routed to the proper destination route group.

Q. How is the SUM port used?

A. The SUM port is a regular Ethernet port that allows you to manage the Workgroup Catalyst switch out-of-band. This method is designed in order to separate management traffic from production traffic on all ten Cisco Catalyst 1200 ports. The SUM port gives you access to RMON data on all interfaces.

Q. What command can I use in order to make sure RMON is enabled on the Workgroup Catalyst switch?

A. In enable mode, issue the show snmp command in order to see if RMON is enabled. RMON is enabled by default.

Q. Is there a way to find out how much bandwidth the RMON traffic consumes from a network?

A. Indirectly, yes. With a regular MIB browser, you can poll the Workgroup Catalyst for SNMP traffic. SNMP traffic statistics fall under the SNMP group, under standard MIB II.

Q. Do I absolutely need TrafficDirector?

A. Yes, if you use the 3.1 NMP or DMP software; no, if you use 3.2 or a later version of DMP or NMP software. If you use the 3.2 or later code, you can use this command on the Workgroup Catalyst ports which allows conventional and other RMON clients to enable default groups.

set rmon default_groups enable

Then, you can use any SNMP MIB browser in order to query the Workgroup Catalyst switch.

Q. Can I manage the Workgroup Catalyst across the FDDI ring, or do I have to be on one of the Ethernet ports?

A. Yes, you can manage the Workgroup Catalyst switch from any port, including the FDDI. However, you must have IP connectivity.

Q. What do I need to do in order to get RMON to work on the Workgroup Catalyst switch?

A. Follow this procedure in order to enable RMON on the Workgroup Catalyst switch:

  1. Configure the IP layer information on the device properly, including the IP address, netmask and broadcast address.
  2. Issue the set rmon enable command in order to enable RMON. RMON is enabled by default.
  3. Issue the show snmp command in order to view the RMON configuration.
  4. Enable default groups if you plan to use RMON with clients other than the TrafficDirector software. Issue the set rmon default_groups enable command to do this.
  5. Issue the show snmp command in order to view the RMON configuration.

Q. Which traps are supported?

A. SNMP traps (PDU Type 4) are fully supported on the Workgroup Catalyst switch and comply with the SNMP standard. LinkUp and LinkDown Traps are also supported. Make sure that traps are enabled and a trap destination is defined. The trap destination must be the IP address of a device that is able to receive and interpret traps, HP OpenView, NetView 6000, or SunNET Manager for example.

Q. How does authentication work?

A. All SNMP PDU types (GetRequest, GetNextRequest, SetRequest, GetResponse, and Trap) are authenticated with a community string field. If you use any of the Get requests, you must have at least read-only access rights. If you use SetRequest, you need to have READ-WRITE access and you must set a writable object. Objects are defined in the MIB document for your reference. Issue the show snmp command in order to view the community strings in the Workgroup Catalysts. You can also change the community string to any desirable string. By default, the Workgroup Catalyst switch uses "public" for read-only, "private" for read-write, and "secret" for read-write-all.

Q. Can I use the admin port in order to obtain RMON information?

A. No, the admin port is a serial interface and is strictly used in order to enter console commands.

Q. Why does the TrafficDirector software need to have an agent group?

A. Some networks have a large number of agents. An agent group simplifies the administrator's job and minimizes network overhead.

Known Problems and Solutions

Q. I cannot poll RMON information from the Workgroup Catalyst switch. The Workgroup Catalyst switch reports "no such name" back to my SNMP Manager.How do I reslove this?

A. You need to upgrade your DMP and NMP software on the Workgroup Catalyst switch to version 3.2 or later. Version 3.1 does not allow you to poll RMON data from conventional SNMP managers. This version is designed to work only with the TrafficDirector software.

If you already use a later version of the DMP and NMP software, issue the show snmp command at the console prompt of the Workgroup Catalyst switch. Ensure the RMON section at the bottom says enabled [default_groups]. If this is not the case, issue the set rmon default_groups enable command and issue the show snmp command again in order to make sure that the default groups are turned on..

Q. What can I do if the Workgroup Catalyst switch does not respond to SNMP requests at all?

A. Ping the Workgroup Catalyst switch in order to make sure that the IP stack is configured correctly. . If the switch does not respond, make sure that the IP address, netmask, and broadcast addresses are set properly, and that IP forwarding is enabled if you have defined several route groups. Finally, check and make sure the proper community string and instance value is used. Usually, if you do not define an instance value, all possible instances are polled. Check the community strings on the Catalyst switch with the show snmp command.

Q. Why do some of the application buttons in the TrafficDirector software not work?

A. Not all applications are supported by the Workgroup Catalyst switch, such as Token Ring Monitor, Resource Manager, and Remote Login). These applications are only supported on the RMON probes.

Q. When I create a new agent with the TrafficDirector software, why do I receive indication that there is an error in the agent?

A. When you define an agent, you are asked for an interface number. If you enter "1", the agent reports an error because port 1 is an FDDI port and is not supported for RMON data collection. In this case, you need to specify a valid port number. Vvalid numbers are 3-10.

Q. Why are traps that come from the Workgroup Catalyst switch agent occasionally corrupted and garbled when sent to the client software?

A. This is the result of a known buffer allocation problem and is fixed in version 3.2 of the Workgroup Catalyst switch.

Error Messages for the TrafficDirector Software

Q. What does the error message Invalid domain Name mean?

A. If you enter functions at the command line, this error can result. The Domain Manager can also cause this message, due to improper name syntax.

Q. What does the error message Domain not present in Agent mean?

A. This error comes from the command line, and can result when you construct a command line string. The Domain Manager is unable to reach a domain that was de-installed by another Management station.

Q. What does the error message Invalid Agent Name mean?

A. This error comes from the command line, usually from constructing a command line string. The agent name is not present in the file "agent.lst."

Q. What does the error message Cannot open SNMP session with Agent mean?

A. You could see this error if there is a problem with the TCP or IP stack. This error can also occur when there is a problem with the stack on the client, or when out-ofsocket descriptors are run. The agent can be configured without an IP address, or the agent name couldbe missing from the host file.

Q. What does the error message Entry or group not present in Agent mean?

A. This error can occur when the Workgroup Catalyst Switch tries to get to a domain in the domain list which someone has de-installed but is still included..

Q. What does the error message No Memory Available mean?

A. This message means that there is no memory available in order to run the application at the client end. It usually happens in the Windows PC version.

Q. What does the error message Max Agents already in use mean?

A. This message comes from the client application only when you try to add more than 100 PC or 500 UNIX agents into agent.lst.

Q. What does the error message Cannot communicate with Agent mean?

A. This is an SNMP error. The agent can really be dead, there can be duplicate IP addressing, or retransmits within the structure of communication with the agent were exceeded without reply.

Q. What does the error message Unexpected SNMP/API error. See Console window for details. mean?

A. This message results when you use the Config key from the main screen when the agent is running out of resources. This message also occurs if the client passes bad values to the agent.

Q. What does the error message Entry is already present in Agent mean?

A. This message means exactly what it says; you cannot duplicate domains in the agent.

Q. What does the error message No resources in Agent. See Console window for details. mean?

A. This message means that one or more resources are exhausted in the agent, memory, or control entries used by the domains.

Related Information

Updated: Oct 26, 2005
Document ID: 10675