Remote Monitoring Revisited

A thorough treatment of RMON is beyond the scope of this book, but it’s worth discussing the groups that make up RMONv1. RMON probes are typically stand-alone devices that watch traffic on the network segments to which they are attached. Some vendors implement at least some kind of RMON probe in their routers, hubs, or switches. Chapter 9 provides an example of how to configure RMON on a Cisco router.

The RMON MIB defines the following 10 groups:

rmon              OBJECT IDENTIFIER ::= { mib-2 16 }
statistics        OBJECT IDENTIFIER ::= { rmon 1 }
history           OBJECT IDENTIFIER ::= { rmon 2 }
alarm             OBJECT IDENTIFIER ::= { rmon 3 }
hosts             OBJECT IDENTIFIER ::= { rmon 4 }
hostTopN          OBJECT IDENTIFIER ::= { rmon 5 }
matrix            OBJECT IDENTIFIER ::= { rmon 6 }
filter            OBJECT IDENTIFIER ::= { rmon 7 }
capture           OBJECT IDENTIFIER ::= { rmon 8 }
event             OBJECT IDENTIFIER ::= { rmon 9 }

RMONv1 provides packet-level statistics about an entire LAN or WAN. The rmon OID is 1.3.6.1.2.1.16 (iso.org.dod.internet.mgmt.mib-2.rmon). RMONv1 is made up of nine groups:

statistics (1.3.6.1.2.1.16.1): Contains statistics about all the Ethernet interfaces monitored by the probe

history (1.3.6.1.2.1.16.2): Records periodic statistical samples from the statistics group

alarm (1.3.6.1.2.1.16.3): Allows a user to configure a polling interval and a threshold for any object the RMON probe records

hosts (1.3.6.1.2.1.16.4): Records traffic statistics for each host on the network

hostTopN (1.3.6.1.2.1.16.5): Contains host statistics ...

Get Essential SNMP now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Essential SNMP by

Remote Monitoring Revisited

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly