kgt ! $ , august !th, % application note performance ... · ments besides standard link up/down...
TRANSCRIPT
2019-08-15 1/17
— 1KGT151 081, AUGUST 15TH, 2019
Application Note
Performance Monitoring support for
EDS500 switches
2019-08-15 2/17
Table of Content
1 Introduction ................................................................................................................................ 3
1.1 Motivation ..................................................................................................................................... 3 1.2 Supported Protocols ................................................................................................................... 3 1.3 Monitoring Elements .................................................................................................................. 3
2 SNMP Objects ............................................................................................................................. 4 2.1 Interfaces ...................................................................................................................................... 4 2.2 Packet and Octet Counters........................................................................................................5 2.3 Line Quality ................................................................................................................................... 7 2.4 Device and Link Uptime .............................................................................................................. 7 2.5 Device Temperature .................................................................................................................... 7
3 Configuration ............................................................................................................................. 8 3.1 Setup.............................................................................................................................................. 8 3.2 Configuration of SNMP ............................................................................................................. 9 3.3 Configuration File for SNMP v3 .............................................................................................. 12 3.4 Configuration File for SNMP v1/2c ........................................................................................ 12 3.5 Firewall settings required ........................................................................................................ 13
4 Verifying operation .................................................................................................................. 14 4.1 Verification of configuration and operation ....................................................................... 14
5 Ordering Information ............................................................................................................... 15
6 References ................................................................................................................................. 16
2019-08-15 3/17
1 Introduction This document describes the performance monitoring capabilities and interface to arbitrary
standard-based network monitoring solutions. The feature is available on all EDS500 man-
aged Ethernet products, namely 500NMD and 560NMS series of DIN rail and rack mount
Ethernet products.
1.1 Motivation
In modern Ethernet based networks monitoring of performance and equipment is one im-
portant key topic to guarantee availability of service and high availability of the communica-
tion network. For scalable converged networks the early identification of network problems
due to packet loss, bandwidth exhaustion or link quality degradation is one of the critical ele-
ments besides standard link up/down monitoring.
1.2 Supported Protocols
EDS500 supports the querying of statistic data via the Simple Network Management Proto-
col (SNMP) in the versions 1, 2c and 3.
1.3 Monitoring Elements
EDS500 devices allow a set of possibilities to monitor device and link parameters for perfor-
mance monitoring
• Packet counter
Packet counters allow the calculation of incoming and outgoing packet rates as well
as the monitoring of the distribution of the sizes of packets transferred on the Ether-
net level.
• Octet counter
To enable judgment of the bandwidth utilization of each link, octet counters can be
used.
• Line quality and lineloss
Line quality (signal quality) and lineloss can be used to detect anomalies on active
SHDSL or fiber optical links. If anomalies are found these can indicate cable faults or
interference from other services or noise sources.
• Device and link uptime
The devices uptime can be used to verify continuous service without interruption,
e.g. due to power problems.
• Device temperature
The device temperature can be used to detect cooling problems and estimate device
lifetime.
Typically, the listed values are queried in fixed intervals by a monitoring system, used for cal-
culations (e.g. bandwidth, packet rate) and saved in a database. The values can then be used
to create diagrams (values over time) to visualize trends and periodic behavior.
2019-08-15 4/17
2 SNMP Objects EDS500 supports various standard MIBs as well as a vendor-specific MIB covering objects
that have no representation in any standard MIB.
2.1 Interfaces
In order to address SNMP data correctly, an interface index (ifIndex) is used to select the in-
terface evaluated. For the EDS500 interface indices are mapped fixed to the different variants
of the products.
Interface description Remark ifIndex
fastethernet0 Internal CPU interface 1
dsl1 SHDSL interface 1 2
dsl2 SHDSL interface 2 3
system0 Virtual management interface 4
port1 Ethernet Port 1 5
port2 Ethernet Port 2 6
port3 Ethernet Port 3 7
port4 Ethernet Port 4 8
fo1 Fiber optical / SFP interface 1 9
fo2 Fiber optical / SFP interface 2 10
channel0 Virtual port aggregation interface 11
console0 Serial interface 0 12
console1 Serial interface 1 13
tunnel0 Virtual layer 2 tunnel interface 14
backup-group1 Virtual interface for backup group 15
Not all interfaces are present in all products; A 500NMD02 (2 x SHDSL, 4 x Ethernet) device for
example will not report fiber optical ports.
2019-08-15 5/17
For RMON there is the following default mapping of interfaces to the etherStatsIndex (probe
number).
Interface Remark etherStatsIndex
description 50
0N
MD
30
50
0N
MD
40
50
0N
MD
01
50
0N
MD
41
50
0N
MD
02
50
0N
MD
42
50
0N
MD
11
50
0N
MD
43
50
0N
MD
20
50
0N
MD
44
50
0N
MS
34
50
0N
MS
24
dsl1 SHDSL interface 1 1 1 1 1 1
dsl2 SHDSL interface 2 2 2
channel0 Virtual port aggregation int. 3 3
system0 Virtual management interface 1 2 4 2 1 2 4
port1 Ethernet Port 1 2 3 5 3 2 3 5
port2 Ethernet Port 2 3 4 6 4 3 4 6
port3 Ethernet Port 3 4 5 7 5 4 5 7
port4 Ethernet Port 4 5 6 8 6 5 6 8
fo1 Fiber optical / SFP interface 1 7 6
fo2 Fiber optical / SFP interface 2 7
console0 Serial interface 0 6 7 9 8 8 7 9
console1 Serial interface 1 10 9 9 10
tunnel0 Virtual layer 2 tunnel interface 7 8 11 10 10 8 11
backup-group1 Virtual interface backup group 8 9 12 11 11 9 12
2.2 Packet and Octet Counters
Packet and octet counters can be obtained via MIB-2/IF-MIB as well as RMON.
MIB-2/IF-MIB: Incoming counters per interface
Counter description Object ID (OID) Name
Octets 1.3.6.1.2.1.2.2.1.10.ifIndex ifInOctets
Unicast packets 1.3.6.1.2.1.2.2.1.11.ifIndex ifInUcastPkts
Non-unicast packets 1.3.6.1.2.1.2.2.1.12.ifIndex ifInNUcastPkts
Discarded packets 1.3.6.1.2.1.2.2.1.13.ifIndex ifInDiscards
Erroneous packets 1.3.6.1.2.1.2.2.1.14.ifIndex ifInErrors
Multicast packets 1.3.6.1.2.1.31.1.1.1.2.ifIndex ifInMulticastPkts
Broadcast packets 1.3.6.1.2.1.31.1.1.1.3.ifIndex ifInBroadcastPkts
2019-08-15 6/17
MIB-2/IF-MIB: Outgoing counters per interface
Counter description Object ID (OID) Name
Octets 1.3.6.1.2.1.2.2.1.16.ifIndex ifOutOctets
Unicast packets 1.3.6.1.2.1.2.2.1.17.ifIndex ifOutUcastPkts
Non-unicast packets 1.3.6.1.2.1.2.2.1.18.ifIndex ifOutNUcastPkts
Discarded packets 1.3.6.1.2.1.2.2.1.19.ifIndex ifOutDiscards
Erroneous packets 1.3.6.1.2.1.2.2.1.20.ifIndex ifOutErrors
Multicast packets 1.3.6.1.2.1.31.1.1.1.4.ifIndex ifOutMulticastPkts
Broadcast packets 1.3.6.1.2.1.31.1.1.1.5.ifIndex ifOutBroadcastPkts
EDS500 also supports 64-bit counters via IF-MIB, however these are typically not necessary
and are not listed here.
For RMON, EDS500 uses a predefined set of probes which includes one probe for every inter-
face. The set of probes can be changed via SNMP. However, this is usually not required.
RMON: Incoming counters per interface
Counter description Object ID (OID) Name
Octets 1.3.6.1.2.1.16.1.1.1.4.Index etherStatsOctets
Packets 1.3.6.1.2.1.16.1.1.1.5.Index etherStatsPkts
Broadcast packets 1.3.6.1.2.1.16.1.1.1.6.Index etherStatsBroadcastPkts
Multicast packets 1.3.6.1.2.1.16.1.1.1.7.Index etherStatsMulticastPkts
Error packets 1.3.6.1.2.1.16.1.1.1.8.Index etherStatsCRCAlignErrors
Undersize packets 1.3.6.1.2.1.16.1.1.1.9.Index etherStatsUndersizePkts
Oversize packets 1.3.6.1.2.1.16.1.1.1.10.Index etherStatsOversizePkts
Fragments 1.3.6.1.2.1.16.1.1.1.11.Index etherStatsFragments
Jabber 1.3.6.1.2.1.16.1.1.1.12.Index etherStatsJabber
Collisions 1.3.6.1.2.1.16.1.1.1.13.Index etherStatsCollisions
Packets 64 Octets 1.3.6.1.2.1.16.1.1.1.14.Index etherStatsPkts64Octets
Packets 65 to 127 Octets 1.3.6.1.2.1.16.1.1.1.15.Index etherStatsPkts65to127Octets
Packets 128 to 255 Octets 1.3.6.1.2.1.16.1.1.1.16.Index etherStatsPkts128to255Octets
Packets 256 to 511 Octets 1.3.6.1.2.1.16.1.1.1.17.Index etherStatsPkts256to511Octets
Packets 512 to 1023 Octets 1.3.6.1.2.1.16.1.1.1.18.Index etherStatsPkts512to1023Octets
Packets 1024 to 1518 Octets 1.3.6.1.2.1.16.1.1.1.19.Index etherStatsPkts1024to1518Octets
The term “.Index” references the probe number or etherStatsIndex (not the ifIndex). The cor-
responding interface is referenced by etherStatsDataSource (1.3.6.1.2.1.16.1.1.1.2.Index) and
points to the MIB-2/IF-MIB ifIndex. To verify simple interface assignment etherStatsOwner
(1.3.6.1.2.1.16.1.1.1.20.Index) reports the interface name.
The polling interval on the packet and octet counters from the management system should
be no less then 60 seconds in order to allow all counters to synchronize and minimize syn-
chronization differences between counters and interfaces.
2019-08-15 7/17
2.3 Line Quality
Line monitoring is realized via a vendor-specific MIB. The MIB can be obtained via the ABB li-
brary or your local sales contact.
Description Object ID (OID) Name
Line signal quality in dB in Rx
direction
1.3.6.1.4.1.21939.9.2.2.1.12.ifIndex signalQuality
Lineloss in dB in Rx direction 1.3.6.1.4.1.21939.9.2.2.1.14.ifIndex linelossRatio
2.4 Device and Link Uptime
The device uptime (time since powerup or last restart) can be monitored as well as the link
up- and downtime (calculated as actual device uptime - last change time).
Description Object ID (OID) Name
Device uptime 1.3.6.1.2.1.1.3.0 sysUpTime
Interface uptime at last link transition 1.3.6.1.2.1.2.2.1.9.ifIndex ifLastChange
2.5 Device Temperature
The device temperature can be monitored.
Description MIB Object ID (OID) Name
Device temperature in °C EDS500-MIB 1.3.6.1.4.1.21939.9.1.2.1.2.0 actualTempera-
ture
2019-08-15 8/17
3 Configuration
3.1 Setup
To monitor EDS500 devices via SNMP some configuration steps are required to enable com-
munication and unsolicited notifications (traps) to monitoring servers in the case of sponta-
neous events.
Figure 1: Monitoring setup
All communication is done via the IP network. SNMP manager (monitoring system) and de-
vice are not required to be in the same subnet.
2019-08-15 9/17
3.2 Configuration of SNMP
The configuration of SNMP includes selecting the SNMP version and configuring security pa-
rameters as well as target servers for traps.
For security purposes SNMP version 3 should be used only (supporting encryption and
authentication). For completeness a version 3 as well as version 2c example is listed.
Tasks – SNMP Version 3 basic configuration
Description
CLI command Webserver command
Enable SNMP for read access. If read-write access is required omit the ”read-only” attribute.
set system snmp enabled read-only SNMP
→ SNMP agent
→ SNMP agent: enabled (read-only)
Select SNMP version 3 supporting encryption and authentication.
set system snmp version v3-only SNMP
→ SNMP agent
→ SNMP version: SNMPv3 only
SNMP version 3 requires the configuration of users along with authentication and encryption
parameters. Up to 6 individual users can be configured for EDS500. The example below
configures user number 1. For additional users use corresponding user ids.
Tasks – SNMP Version 3 user configuration
Description
CLI command Webserver command
Set username for user 1 to ’simon’
set system snmp user 1 name simon SNMP
→ SNMPv3 users
→ Column User name: simon
Limit user access to read-only. If globally configured access is read-only, this setting is
ignored.
set system snmp user 1 access
read-only SNMP
→ SNMPv3 users
→ Column Access: read-only
Set authentication mode to md5 (alternatively sha) and key ’key45678’. The minimum
keylength required is 8 characters.
set system snmp user 1 auth md5
key45678 SNMP
→ SNMPv3 users
→ Column Auth dropdown: md5
→ Column Auth: key45678
Set encryption mode to aes128 (alternatively des56) and key ’secret78’.
set system snmp user 1 priv aes128
secret78 SNMP
→ SNMPv3 users
→ Column Priv dropdown: aes128
→ Column Priv: secret78
As alternative to SNMP version 3, SNMP version 1 and 2c can be configured.
2019-08-15 10/17
Optional Tasks – SNMP Version 1 and 2c basic configuration
Description
CLI command Webserver command
Enable SNMP for read access. If read-write access is required omit the ”read-only” attribute.
set system snmp enabled read-only SNMP
→ SNMP agent
→ SNMP agent: enabled (read-only)
Allow any SNMP version. Version 3 is disabled if no users are configured.
set system snmp version any SNMP
→ SNMP agent
→ SNMP version: any
Add read community string ’netmon’. Up to 6 community strings can be added. If no
community string is configured the default community string ’public’ is active.
set system snmp read-community
netmon SNMP
→ SNMPv1/SNMPv2c community strings
→ Read community strings: netmon
Optional: If read-write access is desired a write community string can be configured. In this
example the string is ’netmgmt’. If no community string is configured the default community
string ’private’ is active. The write community string is deactivated if the agent is set to read-
only.
set system snmp write-community
netmgmt SNMP
→ SNMPv1/SNMPv2c community strings
→ Write community strings: netmgmt
2019-08-15 11/17
The following configuration enables traps to various monitoring system
Optional Tasks – Configure traps
Description
CLI command Webserver command
Optional: Configure a trap to be sent to the SNMP v1 server at IP 172.23.5.3 using the
community string ’nettrap’. The community string used does not need to be in the global
community string list.
set system snmp trap-target
172.23.5.3 v1 nettrap SNMP
→ SNMP trap servers
→ Column IP address: 172.23.5.3
→ Column SNMP version: SNMPv1
→ Column Community string: nettrap
Optional: Configure a trap to be sent to the SNMP v2c server at IP 172.23.5.51 using the
community string ’nettrap’. The community string used does not need to be in the global
community string list.
set system snmp trap-target
172.23.5.51 v2c nettrap SNMP
→ SNMP trap servers
→ Column IP address: 172.23.5.51
→ Column SNMP version: SNMPv2c
→ Column Community string: nettrap
Optional: Configure a trap to be sent to the SNMP v3 server at IP 192.168.1.135 using the
security settings of user 1.
set system snmp trap-target
192.168.1.135 v3 user 1 SNMP
→ SNMP trap servers
→ Column IP address: 192.168.1.135
→ Column SNMP version: SNMPv3
→ Column User ID: 1
Optional: In a multihomed system (multiple IP addresses configured) the source IP address (or
vlan) for traps should be set. The source address is set to the address of vlan 10 below.
set system snmp trap-source vlan
10 -/-
2019-08-15 12/17
3.3 Configuration File for SNMP v3
The listing below represents the configuration file for SNMPv3 with one user and a trap
server 192.168.1.135.
! version 2.0
! common
set interface vlan 10 gateway 192.168.50.1
set interface vlan 10 ip-address 192.168.50.15 255.255.255.0
set system snmp enable read-only
set system snmp trap-source vlan 10 (optional)
set system snmp trap-target 192.168.1.135 162 v3 user 1 (optional)
set system snmp user 1 auth md5 key45678
set system snmp user 1 name simon
set system snmp user 1 priv aes128 secret78
set system snmp version v3-only
set system web-server enable
! interface state
set interface dsl1 no shutdown
set switch fo1 no shutdown
set switch port1 no shutdown
set switch port2 no shutdown
set switch port3 no shutdown
set switch port4 no shutdown
3.4 Configuration File for SNMP v1/2c
The listing below represents the configuration file for SNMP v1/v2c with trap servers
172.23.5.3 (SNMP v1) and 172.23.5.51 (SNMP v2c).
! version 2.0
! common
set interface vlan 10 gateway 192.168.50.1
set interface vlan 10 ip-address 192.168.50.15 255.255.255.0
set system snmp enable read-only
set system snmp trap-source vlan 10 (optional)
set system snmp trap-target 172.23.5.3 162 v1 nettrap (optional)
set system snmp trap-target 172.23.5.51 162 v2c nettrap (optional)
set system snmp version any (default)
set system web-server enable
! interface state
set interface dsl1 no shutdown
set switch fo1 no shutdown
set switch port1 no shutdown
set switch port2 no shutdown
set switch port3 no shutdown
set switch port4 no shutdown
2019-08-15 13/17
3.5 Firewall settings required
If a firewall is used UDP ports 161 (monitoring system towards device) and 162 (traps, device
towards monitoring system) should be opened for SNMP traffic.
2019-08-15 14/17
4 Verifying operation There are several commands to verify the operation of the serial tunneling.
4.1 Verification of configuration and operation
Description
CLI command
Display SNMP configuration.
show system snmp
Display SNMP statistics.
show system snmp counters
Display the configuration.
show running-configuration
2019-08-15 15/17
5 Ordering Information For order numbers regarding 500NMDxx the table below can be used.
Product Ident no Description
500NMD01 R0002 1KHW025096R0002 4xRJ-45, 1xSHDSL, 1xRS-232
500NMD02 R0002 1KHW025097R0002 4xRJ-45, 2xSHDSL, 2xRS-232
500NMD11 R0002 1KHW027869R0002 4xRJ-45, 1xSHDSL, 1xSFP, 2xRS-232
500NMD20 R0002 1KHW025098R0002 4xRJ-45, 2xSFP, 2xRS-232
500NMD30 R0002 1KGT038890R0002 4xRJ-45, 1xRS-232
500NMD40 R0001 1KGT038891R0001 4xRJ-45, 1xRS-232, POE 280W
500NMD40 R0002 1KGT038891R0002 4xRJ-45, 1xRS-232, POE 36W
500NMD41 R0001 1KGT038892R0001 4xRJ-45, 1xSHDSL, 1xRS-232,
POE 280W
500NMD41 R0002 1KGT038892R0002 4xRJ-45, 1xSHDSL, 1xRS-232,
POE 36W
500NMD42 R0001 1KGT038893R0001 4xRJ-45, 2xSHDSL, 2xRS-232,
POE 280W
500NMD42 R0002 1KGT038893R0002 4xRJ-45, 2xSHDSL, 2xRS-232,
POE 36W
500NMD43 R0001 1KGT038894R0001 4xRJ-45, 1xSHDSL, 1xSFP, 2xRS-232,
POE 280W
500NMD43 R0002 1KGT038894R0002 4xRJ-45, 1xSHDSL, 1xSFP, 2xRS-232,
POE 36W
500NMD44 R0001 1KGT038895R0001 4xRJ-45, 2xSFP, 2xRS-232, POE
280W
500NMD44 R0002 1KGT038895R0002 4xRJ-45, 2xSFP, 2xRS-232, POE 36W
500CAB03 R0001 1KGT038909R0001 Serial configuration cable DB9-F
500CAB05 R0001 1KGT038911R0001 Shielded serial cable DB25-F
500CAB06 R0001 1KGT038912R0001 Shielded serial cable DB9-F
500CAB09 R0001 1KGT038916R0001 RTU500 connection cable RJ-45
500NMA01 R0001 1KGT038909R0001 Configuration stick
2019-08-15 16/17
6 References
Product Reference(s)
500NMDxx Presentation
500NMDxx Brochure
500NMDxx EDS500 MIB file
Contact
Technical questions: [email protected]
Comercial topics, orders: [email protected]
Further information: http://solutions.abb/eds500
—
ABB AG
Power Grids
Postfach 10 03 51
68128 Mannheim
Deutschland
solutions.abb/eds500
—
We reserve the right to at all times make technical changes as well as changes
to the contents of this document without prior notice.
The detailed specifications agreed to at the time of ordering apply to all orders.
ABB accepts no responsibility for possible errors or incompleteness in this
document.
We reserve all rights to this document and the topics and illustrations contained
therein. The document and its contents, or extracts thereof, must not be
reproduced, transmitted or reused by third parties without prior written consent
by ABB.
All rights reserved.