Configuring RMON

This chapter describes how to configure Remote Network Monitoring (RMON) on the Catalyst 3750-X or 3560-X switch. Unless otherwise noted, the term switch refers to a Catalyst 3750-X or 3560-X standalone switch and to a Catalyst 3750-X switch stack.

RMON is a standard monitoring specification that defines a set of statistics and functions that can be exchanged between RMON-compliant console systems and network probes. RMON provides you with comprehensive network-fault diagnosis, planning, and performance-tuning information.


Note For complete syntax and usage information for the commands used in this chapter, see the “System Management Commands” section in the Cisco IOS Configuration Fundamentals Command Reference, Release 12.4.


Understanding RMON

RMON is an Internet Engineering Task Force (IETF) standard monitoring specification that allows various network agents and console systems to exchange network monitoring data. You can use the RMON feature with the Simple Network Management Protocol (SNMP) agent in the switch to monitor all the traffic flowing among switches on all connected LAN segments as shown in Figure 1-1.

Figure 1-1 Remote Monitoring Example

 

The switch supports these RMON groups (defined in RFC 1757):

  • Statistics (RMON group 1)—Collects Ethernet statistics (including Fast Ethernet and Gigabit Ethernet statistics, depending on the switch type and supported interfaces) on an interface.
  • History (RMON group 2)—Collects a history group of statistics on Ethernet ports (including Fast Ethernet and Gigabit Ethernet statistics, depending on the switch type and supported interfaces) for a specified polling interval.
  • Alarm (RMON group 3)—Monitors a specific management information base (MIB) object for a specified interval, triggers an alarm at a specified value (rising threshold), and resets the alarm at another value (falling threshold). Alarms can be used with events; the alarm triggers an event, which can generate a log entry or an SNMP trap.
  • Event (RMON group 9)—Specifies the action to take when an event is triggered by an alarm. The action can be to generate a log entry or an SNMP trap.

Because switches supported by this software release use hardware counters for RMON data processing, the monitoring is more efficient, and little processing power is required.


Note 64-bit counters are not supported for RMON alarms.


Configuring RMON

Default RMON Configuration

RMON is disabled by default; no alarms or events are configured.

Configuring RMON Alarms and Events

You can configure your switch for RMON by using the command-line interface (CLI) or an SNMP-compatible network management station. We recommend that you use a generic RMON console application on the network management station (NMS) to take advantage of the RMON network management capabilities. You must also configure SNMP on the switch to access RMON MIB objects. For more information, see Chapter1, “Configuring SNMP”


Note 64-bit counters are not supported for RMON alarms.


Beginning in privileged EXEC mode, follow these steps to enable RMON alarms and events. This procedure is required.

 

Command
Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

rmon alarm number variable interval { absolute | delta } rising-threshold value [ event-number ]
falling-threshold value [ event-number ]
[
owner string ]

Set an alarm on a MIB object.

  • For number, specify the alarm number. The range is 1 to 65535.
  • For variable, specify the MIB object to monitor.
  • For interval, specify the time in seconds the alarm monitors the MIB variable. The range is 1 to 4294967295 seconds.
  • Specify the absolute keyword to test each MIB variable directly. Specify the delta keyword to test the change between samples of a MIB variable.
  • For value, specify a number at which the alarm is triggered and one for when the alarm is reset. The range for the rising threshold and falling threshold values is -2147483648 to 2147483647.
  • (Optional) For event-number, specify the event number to trigger when the rising or falling threshold exceeds its limit.
  • (Optional) For owner string, specify the owner of the alarm.

Step 3

rmon event number [ description string ] [ log ] [ owner string ] [ trap community ]

Add an event in the RMON event table that is associated with an RMON event number.

  • For number, assign an event number. The range is 1 to 65535.
  • (Optional) For description string, specify a description of the event.
  • (Optional) Use the log keyword to generate an RMON log entry when the event is triggered.
  • (Optional) For owner string, specify the owner of this event.
  • (Optional) For trap community, enter the SNMP community string used for this trap.

Step 4

end

Return to privileged EXEC mode.

Step 5

show running-config

Verify your entries.

Step 6

copy running-config startup-config

(Optional) Save your entries in the configuration file.

To disable an alarm, use the no rmon alarm number global configuration command on each alarm you configured. You cannot disable at once all the alarms that you configured. To disable an event, use the no rmon event number global configuration command. To learn more about alarms and events and how they interact with each other, see RFC 1757.

You can set an alarm on any MIB object. The following example configures RMON alarm number 10 by using the rmon alarm command. The alarm monitors the MIB variable ifEntry.20.1 once every 20 seconds until the alarm is disabled and checks the change in the variable’s rise or fall. If the ifEntry.20.1 value shows a MIB counter increase of 15 or more, such as from 100000 to 100015, the alarm is triggered. The alarm in turn triggers event number 1, which is configured with the rmon event command. Possible events can include a log entry or an SNMP trap. If the ifEntry.20.1 value changes by 0, the alarm is reset and can be triggered again.

Switch(config)# rmon alarm 10 ifEntry.20.1 20 delta rising-threshold 15 1 falling-threshold 0 owner jjohnson
 

The following example creates RMON event number 1 by using the rmon event command. The event is defined as High ifOutErrors and generates a log entry when the event is triggered by the alarm. The user jjones owns the row that is created in the event table by this command. This example also generates an SNMP trap when the event is triggered.

Switch(config)# rmon event 1 log trap eventtrap description "High ifOutErrors" owner jjones

Collecting Group History Statistics on an Interface

You must first configure RMON alarms and events to display collection information.

Beginning in privileged EXEC mode, follow these steps to collect group history statistics on an interface. This procedure is optional.

 

Command
Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

interface interface-id

Specify the interface on which to collect history, and enter interface configuration mode.

Step 3

rmon collection history index
[ buckets bucket-number ] [ interval seconds ] [ owner ownername ]

Enable history collection for the specified number of buckets and time period.

  • For index, identify the RMON group of statistics The range is 1 to 65535.
  • (Optional) For buckets bucket-number, specify the maximum number of buckets desired for the RMON collection history group of statistics. The range is 1 to 65535. The default is 50 buckets.
  • (Optional) For interval seconds, specify the number of seconds in each polling cycle. The range is 1 to 3600. The default is 1800 seconds.
  • (Optional) For owner ownername, enter the name of the owner of the RMON group of statistics.

Step 4

end

Return to privileged EXEC mode.

Step 5

show running-config

Verify your entries.

Step 6

show rmon history

Display the contents of the switch history table.

Step 7

copy running-config startup-config

(Optional) Save your entries in the configuration file.

To disable history collection, use the no rmon collection history index interface configuration command.

Collecting Group Ethernet Statistics on an Interface

Beginning in privileged EXEC mode, follow these steps to collect group Ethernet statistics on an interface. This procedure is optional.

 

Command
Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

interface interface-id

Specify the interface on which to collect statistics, and enter interface configuration mode.

Step 3

rmon collection stats index [ owner ownername ]

Enable RMON statistic collection on the interface.

  • For index, specify the RMON group of statistics. The range is from 1 to 65535.
  • (Optional) For owner ownername, enter the name of the owner of the RMON group of statistics.

Step 4

end

Return to privileged EXEC mode.

Step 5

show running-config

Verify your entries.

Step 6

show rmon statistics

Display the contents of the switch statistics table.

Step 7

copy running-config startup-config

(Optional) Save your entries in the configuration file.

To disable the collection of group Ethernet statistics, use the no rmon collection stats index interface configuration command.

This example shows how to collect RMON statistics for the owner root :

Switch(config)# interface gigabitethernet2/0/1
Switch(config-if)# rmon collection stats 2 owner root

Displaying RMON Status

 

Table 1-1 Commands for Displaying RMON Status

Command
Purpose

show rmon

Displays general RMON statistics.

show rmon alarms

Displays the RMON alarm table.

show rmon events

Displays the RMON event table.

show rmon history

Displays the RMON history table.

show rmon statistics

Displays the RMON statistics table.

For information about the fields in these displays, see the “System Management Commands” section in the Cisco IOS Configuration Fundamentals Command Reference, Release 12.4.