Explanation of the remote network monitoring proxy for GE Ethernet Switches

Explanation of the remote network monitoring proxy for a Gigabit Ethernet switch the explanation of the remote network monitoring proxy for the Gigabit Ethernet switch is very interested in the problem of the Gigabit Ethernet switch RMON proxy.
Before giving you a detailed description of how to use remote network monitoring proxy, let's first understand the basic knowledge of RMON and then compare the advantages and disadvantages of the following methods. Remote network monitoring (RMON) is the most important enhancement to SNMP. This article introduces the implementation of a Gigabit Ethernet switch RMON agent in the real-time embedded operating system of Nucleus us. The architecture of network management software for Gigabit Ethernet switches is discussed. The hardware and software platform of RMON proxy is briefly introduced, the task processes of the four groups of functions including statistics, history, events, and alarms of the rmon agent are discussed in detail.
Currently, the most widely used Network Management Protocol in computer networks is Simple Network Management Protocol (SNMP. Remote network monitoring RMON is the most important enhancement to SNMP. It adopts a typical client/server model. The client is a network manager (management station), and The RMON proxy plays the role of the server. The management site collects and configures data on the RMON agent. The agent collects data on this site and reports important information and events to the management site. There are two ways to implement the www.2cto.com RMON Proxy:
Use an independent device with a complete hardware and software system as a remote monitor. embedded into key devices in the network, such as hubs and Gigabit Ethernet switches, is called an embedded proxy. As a part of system functions, embedded proxy uses processor and memory resources dedicated to monitoring.
At present, the computer network is growing and widely used, and the network manageability requirements are getting higher and higher. Network administrators must have a comprehensive and timely grasp of network activities. Therefore, it is very important to arrange the RMON agent that can intelligently collect data on important network nodes. More and more network devices are now added to the embedded RMON Agent module to provide powerful support for network management. The Design and Implementation of the embedded RMON agent in the Gigabit Ethernet switch are discussed below.
I. system interface the embedded RMON agent designed in this article is a module of network management software for Gigabit Ethernet switches. It needs to work collaboratively with the following modules from the bottom up.
◆ The underlying Ethernet driver RMON agent is used to monitor packets on the network segment. The underlying work of the network is completed by the port control chip. The underlying Driver provides two interfaces for the upper-layer software: obtaining data packets and obtaining the Ethernet statistical count.
◆ SNMP, UDP, and IPRMON are only enhancements to SNMP. A basic SNMP proxy and each layer protocol under SNMP are essential. RMON interacts with SNMP through MIB. The management site configures the RMON agent and obtains the data collected by the agent through SNMP. When some exceptions occur, the agent must report to the Management site. Therefore, SNMP also provides an interface for sending SNMP Trap messages.
◆ To implement the RMON function, the management information library should contain all objects defined by MIBII. The MIB used by RMON must be identified by SNMP. The Management Information Library provides read/write interfaces for SNMP and RMON.
Ii. underlying hardware support and operating system RFC1757 define nine functions and corresponding MIB structure of RMON. In this paper, the embedded RMON agent is designed to achieve the four functions of statistics, history, alarm and event. It is a Gigabit Ethernet Switching port control chip GT-48320A using Galileo Techniology, developed on the embedded operating system Nucleus Plus.
The GT-48320A provides support for the four basic functions of RMON, and maintains a 32-bit MIB counter on its Ethernet, which counts the Ethernet traffic passing through the port. These counters are in the read-only Port Counter Block of the GT-48320A at 0x0100-0x0163. The read counter request can be sent to the GT-48320A through the LW-Wire message defined by the chip based on the address, and the GT-48320A returns the requested counter value with the Block-Write message. The underlying driver is used to obtain the counter value.
The GT-48320A provides two Data Reading modes, which are set through the MIBCrMode bit (Global-Control <23>) of the chip register Global-Control: when the position is 0, the data is read and cleared; if this parameter is set to 1, data is not cleared after being read. Considering the limitation of counter capacity, we adopt the clearing method. In this way, you can regularly read the values of these counters and accumulate them to obtain the data required for the statistical, historical, event, and alarm functions.
Nucleus Plus is a real-time multi-task operating system specially designed for embedded system development. In addition to task scheduling with preemptive mechanisms, Nucleus Plus also provides inter-task communication, task synchronization, timing, and memory management. Usually as a C library, Nucleus Plus links real-time applications developed on it to the library and downloads the generated objects to the target host to become an embedded system.
From the perspective of software development, Nucleus Plus reduces the dependencies between tasks, enhances modularity, and shortens development time. It is very suitable for operating system platforms as embedded RMON proxies. The functions of the RMON agent are composed of several Nucleus tasks. Each task and its required system resources, such as event groups and message queues, are created during application initialization. Www.2cto.com
Iii. Implementation of RMON functions for each group ◆ the function of the statistical group is to maintain the basic statistics of each subnet of proxy monitoring, and the statistical count value of the port chip Register needs to be regularly obtained. Therefore, a timer and a Nucleus event group are required for the statistics group. The timer period is the period of the read register. When the timer expires, execute the timer to complete the function. Use the system function NU-Set-Events () to send an event to the Event Group, notifying the statistics task to start collecting data for this period.
A group task performs the following operations: During task initialization, set the register Global-Control to 0, and perform a read operation on all counters to clear them. During task initialization, you also need to create the required timer. the system function for creating the timer is NU-CreateTimer (). Then, perform the following operations cyclically:
◆ Call the NU-Retrieve-Events () function of the system to receive Events from the event group. If no event exists, the task blocks the operation. ◆ Read the etherStatsDataSource value of each row in the MIB statistical table to learn which ports to monitor. ◆ Call the underlying driver interface function to read the MIB counter value in the required monitored port register. ◆ Accumulate data into the corresponding MIB statistical group variables. Since the MIB counter of the GT-48320A is 32 bits, the counter that counts Ethernet traffic can only count 232 bytes, that is, 32 Gbit. For a gigabit port, if the port traffic reaches 1 Gbit/s, the counter will overflow in 32 seconds. Therefore, the default value of the time interval between reading MIB Counters is 30 seconds.
◆ The historical group function is to periodically sample the statistical samples of one or more Ethernet ports to obtain network information for each time period and save the historical statistics. The MIB defined in RFC1757 are composed of two tables: The History control table. Each row defines a function to sample a specific port at a specific sampling interval, it is used to record the sampled data. After each same copy is collected, it is stored in a new row of the historical data table.
The historical data table uses a bucket structure. When the number of rows of historical data that have been saved reaches the maximum value, the new data will overwrite the oldest row. In specific implementation, the management site uses SNMP to set the required historical sampling function in the history control table. What the RMON agent does is to sample the statistical data according to the historical control table, save the result to the historical data table. Use the linked list of the following data structure as the historical parameter table to save information about each historical statistical task that has been defined. Struct HISTORY-TEMP {www.2cto.com struct HISTORY-TEMP * next; UNSIGNED history-indes;/* this historical serial number */UNSIGNED sample-indes;/* Last sample serial number */unwiggned buckets-requested; /* Number of row samples stored in the historical Request */UNSIGNED time-start;/* record the sampling interval start time (seconds) */UNSIGNED octets; /* record the statistical data at the beginning of the sampling interval */UNSIGNED pkts; UNSIGNED broadcastpkts; UNSIGNED rollback; UNSIGNED crcerror; UNSIGNED rollback; UNSIGNED fragment; UNSIGNED jabbers; UNSIGNED collisions; UNSIGNED timer;/* timer used for this history */
The history group consists of two tasks: historical control tasks and Historical monitoring tasks. When the SNMP agent accepts the management site request to perform operations on the MIB, an event is generated, which activates the history control task. The history control task completes the following cyclic operations: ◆ get the event. If no event exists, the operation is blocked. ◆ Check whether a new history statistics task is added to the control table. If yes, you need to set and save parameters for the new historical statistics task and create a timer. The scheduled period is the value of HistoryControlInterval in the history control table. A message is sent to the Message Queue of the history group after the scheduled completion. The message value is the index value of the history group.
◆ Check whether historyXontrolBucketsRequested in the History defined in the history control table has been modified by the management site. If any, you need to adjust the bucket size. ◆ Check whether the historical statistics defined in the history control table are deleted by the management site. If any, delete the historical statistics in the following order: Delete the corresponding data rows in the historical data table, delete the timer, and delete the corresponding nodes in the parameter table. The history group monitoring task performs the following cyclic operations: www.2cto.com ◆ receives timer messages from the message queue. If there is no message, this operation is blocked. The system function for receiving messages is NUReceive-From-Queue ().
◆ Obtain the port to be monitored from the message content, read the ten data items required in the Statistics Group from the port, and subtract from the data read last time saved in the parameter table, the following formula calculates etherHistoryUtilization: Utilization = Pkts * (9.6 + 6.4) + (Octets *. 8)/Interval * 10,000 where Interval is a sampling period (in seconds ). ◆ Write the above results to the corresponding location of the historical data table, and then replace the original data in the parameter table with the statistical data read this time for use in the next cycle. Reads the current time and replaces the original time record time-strart.
◆ The Event Group determines whether to use logs or generate SNMP trap messages when the monitoring variable exceeds the upper limit. This group is implemented together with the alert group and does not have a dedicated event group task. ◆ Alarm groups use alarm groups and event groups to manage network alerts. Network administrators can set thresholds for sensitive network parameters based on network application requirements, such as utilization rate and error rate. When the threshold is obsolete, the agent will record the situation or send an SNMP trap Message to the registered management site to notify the management site that an exception occurs to a certain network parameter, further processing is required.
The MIB defining alert groups in RFC1757 are composed of an alert table. The management site defines an alarm task by setting this table. The alarm group is used to compare parameters specified by the periodic inspection management site with the given threshold. There are two comparison methods: Compare with absolute values or compare with difference values. If the threshold is exceeded, an event is generated, and the log record or report is made to the management site based on the event group settings. An alarm group also uses a linked list as the state parameter table to save intermediate results. The data structure is as follows: struct ALARM_TEMP {struct ALARM_TEMP * next; UNSIGNED alarm_index;/* This alert serial number */UNSIGNED samlpe_type;/* compare with absolute value (0) or use difference (1) compare */UNSIGNED alarm_status;/* alarm status: increase (1) or decrease (2 ). The initial value is 0 */UNSIGNED sample0;/* the value of the last sample, which is used to calculate the difference value. The initial value is 0 */NU_TIMER timer;/* timer used for this alarm */}; the alarm group consists of two tasks: One alarm control task and one alarm monitoring task. When the SNMP agent performs operations on the MIB, an event is generated, which activates the alarm control task. The history group www.2cto.com consists of two tasks: historical control tasks and Historical monitoring tasks. When the SNMP agent accepts the management site request to perform operations on the MIB, an event is generated, which activates the history control task. The history control task completes the following cyclic operations: ◆ get the event. If no event exists, the operation is blocked.
◆ Check whether a new history statistics task is added to the control table. If yes, you need to set and save parameters for the new historical statistics task and create a timer. The scheduled period is the value of HistoryControlInterval in the history control table. A message is sent to the Message Queue of the history group after the scheduled completion. The message value is the index value of the history group. ◆ Check whether historyXontrolBucketsRequested in the History defined in the history control table has been modified by the management site. If any, you need to adjust the bucket size.
◆ Check whether the historical statistics defined in the history control table are deleted by the management site. If any, delete the historical statistics in the following order: Delete the corresponding data rows in the historical data table, delete the timer, and delete the corresponding nodes in the parameter table. The history group monitoring task performs the following cyclic operations: ◆ receives timer messages from the message queue. If there is no message, this operation is blocked. The system function for receiving messages is NUReceive-From-Queue ().
◆ Obtain the port to be monitored from the message content, read the ten data items required in the Statistics Group from the port, and subtract from the data read last time saved in the parameter table, the following formula calculates etherHistoryUtilization: Utilization = Pkts * (9.6 + 6.4) + (Octets *. 8)/Interval * 10,000 where Interval is a sampling period (in seconds ). ◆ Write the above results to the corresponding location of the historical data table, and then replace the original data in the parameter table with the statistical data read this time for use in the next cycle. Reads the current time and replaces the original time record time-strart.
◆ The Event Group determines whether to use logs or generate SNMP trap messages when the monitoring variable exceeds the upper limit. This group is implemented together with the alert group and does not have a dedicated event group task. ◆ Alarm groups use alarm groups and event groups to manage network alerts. Network administrators can set thresholds for sensitive network parameters based on network application requirements, such as utilization rate and error rate. When the threshold is obsolete, the agent will record the situation or send an SNMP trap Message to the registered management site to notify the management site that an exception occurs to a certain network parameter, further processing is required.
The MIB defining alert groups in RFC1757 are composed of an alert table. The management site defines an alarm task by setting this table. The alarm group is used to compare parameters specified by the periodic inspection management site with the given threshold. There are two comparison methods: Compare with absolute values or compare with difference values. If the threshold is exceeded, an event is generated, and the log record or report is made to the management site based on the event group settings. Www.2cto.com
An alarm group also uses a linked list as the state parameter table to save intermediate results. The data structure is as follows: struct ALARM_TEMP {struct ALARM_TEMP * next; UNSIGNED alarm_index;/* This alert serial number */UNSIGNED samlpe_type;/* compare with absolute value (0) or use difference (1) compare */UNSIGNED alarm_status;/* alarm status: increase (1) or decrease (2 ). The initial value is 0 */UNSIGNED sample0;/* the value of the last sample, which is used to calculate the difference value. The initial value is 0 */NU_TIMER timer;/* timer used for this alarm */}; the alarm group consists of two tasks: One alarm control task and one alarm monitoring task. When the SNMP agent performs operations on the MIB, an event is generated, which activates the alarm control task.
This article is from the fat shark network.