We know that SNMP is a Simple Network Management Protocol. SNMP can also play a major role in the monitoring of vswitches. Next, let's explain how to use SNMP to monitor switches: it is easy to solve switch faults. in the Internet era, we often encounter troubleshooting methods for SNMP monitoring switches, the following describes how to use SNMP to query a vswitch.
Use SNMP to query vswitches
The most effective way to diagnose a switch network fault is to directly ask the switch to view the network status. This can be achieved through the SNMP monitoring switch or the control port connected to the switch. Obviously, it is not ideal to directly connect to the control port of a vswitch, because it requires physical connections to each vswitch in the network. An ideal alternative is to build a terminal server that connects to the switch control port.
Anheng SNMP monitoring switch is a better choice. It can be queried anywhere in the switching network without additional hardware. If you have deployed a network management system, you can also configure an SNMP Trap When the utilization rate, error, or other parameters exceed the threshold. Then, we use network management or monitoring tools to find out why the threshold has exceeded.
In fact, almost all switches provide the SNMP monitoring switch function, even the cheapest switch. The main difference between them is the information provided. Some low-priced vswitches only provide simple SNMP monitoring switch information, which is for the entire vswitch. Those expensive vswitches can also provide detailed information about each port of the vswitch.
The SNMP monitoring switch may be the most common and least interfering method for monitoring the exchange network. The SNMP monitoring switch Console does not need to be very close to the device to be monitored, as long as there is a route reachable, and the security configuration of the switch allows the console to communicate with the switch proxy.
Although the switch can identify errors, but the switch itself does not report errors on a regular basis, it is best to use SNMP to monitor switch queries. The support for SNMP monitoring switch has different MIB libraries (Management Information Library ). Each type of MIB is different. In addition to some private MIB that support your vswitch, the standard MIB library is also very useful for monitoring the switching network. The following are some MIB libraries that are useful for fault diagnosis.
- RFC 1213 ?C MIB II
- RFC 1643 ?C Ethernet-Like Interface MIB
- RFC 2819 ?C RMON Ethernet
- RFC 2021 ?C RMON 2
- RFC 2613 ?C SMON
Many RFC versions are constantly updated and enhanced. Therefore, we need to check the latest RFC. For example, RFC1213 has updated and enhanced at least five times and generated five new RFC (2665, and ). In addition to defining utilization and incorrect RFC, MIB (RFC1493) for bridging are also very useful.
When using SNMP to monitor the vswitch network, you must pay attention to security. If there are no limits on the SNMP proxy, anyone potentially anywhere can monitor your network dynamics or modify switch configurations. SNMP is enabled by default when the vswitch is sold and a common password is used.
The SNMP password is called a communication string and transmitted in plain text, which brings potential risks. SNMP V3 encrypts communication strings to reduce this risk, but it is not widely used yet. The most common communication string is public. Currently, many SNMP monitoring switches on the Internet can be connected using public.
We should modify the communication string immediately. The SNMP agent should configure different access levels for different strings. Different IP addresses and subnets also have different access levels. Or you can use other configurations to limit the access level. Access to the SNMP agent through a vro may have some impact on SNMP restrictions.
The firewall may also block SNMP completely. Even if you can access the agent through SNMP, the agent is required to support the MIB library you want to query. Most manufacturers fully support the standard MIB library. However, some manufacturers do not support it. To support the expected MIB, you must upgrade the switch operating system first.
There is another problem with this method. If the MIB executed by the SNMP agent is incorrect, the response is completely incorrect. Although this does not happen frequently, sometimes program design errors may cause incorrect responses. The switch does not respond to SNMP queries for many reasons. Once these problems are solved, SNMP monitors the switch and trend analysis.
Conclusion: a common method for fault diagnosis is to wait for user complaints. This method is simple but very effective. Users can perceive the normal network performance. Once performance declines, the Network Support Center will soon receive complaints from customers. With a user complaint, you should start fault diagnosis from the Access Point.
The disadvantage of this method is that it is completely passive and not forward-looking. The ideal method is to use proactive monitoring. This includes regularly querying each vswitch, monitoring the traffic and traffic trends of each switching port, and detecting other related CIDR blocks. Resolve the problem from fault diagnosis to fault prevention.