Remote Monitoring Revisited
A thorough treatment of RMON is beyond the scope of this book, but it’s worth discussing the groups that make up RMONv1. RMON probes are typically stand-alone devices that watch traffic on the network segments to which they are attached. Some vendors implement at least some kind of RMON probe in their routers, hubs, or switches. Chapter 9 provides an example of how to configure RMON on a Cisco router.
The RMON MIB defines the following 10 groups:
rmon OBJECT IDENTIFIER ::= { mib-2 16 } statistics OBJECT IDENTIFIER ::= { rmon 1 } history OBJECT IDENTIFIER ::= { rmon 2 } alarm OBJECT IDENTIFIER ::= { rmon 3 } hosts OBJECT IDENTIFIER ::= { rmon 4 } hostTopN OBJECT IDENTIFIER ::= { rmon 5 } matrix OBJECT IDENTIFIER ::= { rmon 6 } filter OBJECT IDENTIFIER ::= { rmon 7 } capture OBJECT IDENTIFIER ::= { rmon 8 } event OBJECT IDENTIFIER ::= { rmon 9 }
RMONv1 provides packet-level statistics about an entire LAN or WAN. The rmon OID is 1.3.6.1.2.1.16 (iso.org.dod.internet.mgmt.mib-2.rmon). RMONv1 is made up of nine groups:
- statistics (1.3.6.1.2.1.16.1)
Contains statistics about all the Ethernet interfaces monitored by the probe
- history (1.3.6.1.2.1.16.2)
Records periodic statistical samples from the statistics group
- alarm (1.3.6.1.2.1.16.3)
Allows a user to configure a polling interval and a threshold for any object the RMON probe records
- hosts (1.3.6.1.2.1.16.4)
Records traffic statistics for each host on the network
- hostTopN (1.3.6.1.2.1.16.5)
Contains host statistics ...
Get Essential SNMP now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.