评分并提供意见反馈 :
华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言,希望能帮助您更容易理解此文档的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 华为对于翻译的准确性不承担任何责任,并建议您参考英文文档(已提供链接)。
配置RMON示例
组网需求
如图2-1所示,现有一段子网通过Switch的接口GE1/0/1接入网络中,需要网管NMS对子网进行监控,包括:
流量和各种类型包数量的实时和历史统计信息。
当每分钟的流量超过设定值时,记录日志。
监控此子网的广播和组播信息流量,当超过设定值时,主动向NMS上报告警信息。
配置思路
通过配置RMON统计功能可以实现流量和各种类型包数量的实时和历史统计信息的监控。配置RMON告警功能可以实现当流量超过设定值时,记录日志和主动向NMS上报告警信息的功能。
采用如下的思路配置RMON:
- 配置Switch接口的IP地址。
- 配置Switch和网管端路由可达。
配置向NMS发送Trap报文。
使能统计功能并配置统计表和历史控制表,实现RMON统计功能。
配置事件表、告警表及扩展告警表,实现RMON告警功能。
操作步骤
- 配置Switch接口的IP地址
<Quidway> system-view [Quidway] sysname Switch [Switch] vlan batch 20 30 [Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] port hybrid pvid vlan 30 [Switch-GigabitEthernet1/0/1] port hybrid untagged vlan 30 [Switch-GigabitEthernet1/0/1] quit [Switch] interface vlanif 30 [Switch-Vlanif30] ip address 10.1.30.1 24 [Switch-Vlanif30] quit [Switch] interface gigabitethernet 1/0/2 [Switch-GigabitEthernet1/0/2] port hybrid pvid vlan 20 [Switch-GigabitEthernet1/0/2] port hybrid untagged vlan 20 [Switch-GigabitEthernet1/0/2] quit [Switch] interface vlanif 20 [Switch-Vlanif20] ip address 10.1.20.1 24 [Switch-Vlanif20] quit
- 配置Switch和网管端路由可达
[Switch] ospf [Switch-ospf-1] area 0 [Switch-ospf-1-area-0.0.0.0] network 10.1.20.0 0.0.0.255 [Switch-ospf-1-area-0.0.0.0] network 10.1.30.0 0.0.0.255 [Switch-ospf-1-area-0.0.0.0] quit [Switch-ospf-1] quit
- 配置向NMS发送Trap报文
# 配置Switch可以接收和响应网管请求报文的接口。
[Switch] snmp-agent protocol source-interface vlanif 20# 配置交换机的SNMP版本为SNMPv3。
[Switch] snmp-agent sys-info version v3# 使NMP发送Trap的功能。
[Switch] snmp-agent trap enable feature-name rmon# 配置用户组。
[Switch] snmp-agent group v3 admin privacy# 配置用户。
[Switch] snmp-agent usm-user v3 nms-admin group admin# 对用户报文进行认证,认证密码为Authe@1234。
[Switch] snmp-agent usm-user v3 nms-admin authentication-mode sha2-256 Please configure the authentication password (8-64) Enter Password: //输入认证密码,本例的认证密码为:Authe@1234。 Confirm Password: //输入认证密码,本例的认证密码为:Authe@1234。# 对用户报文进行加密,加密密码为Priva@1234。
[Switch] snmp-agent usm-user v3 nms-admin privacy-mode aes128 Please configure the privacy password (8-64) Enter Password: //输入加密密码,本例的加密密码为:Priva@1234。 Confirm Password: //输入加密密码,本例的加密密码为:Priva@1234。# 配置向指定的网管发送Trap。
[Switch] snmp-agent target-host trap address udp-domain 10.1.10.1 params securityname nms-admin v3 privacy - 配置RMON统计功能
# 使能RMON接口统计功能。
[Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] rmon-statistics enable
# 配置统计表。
[Switch-GigabitEthernet1/0/1] rmon statistics 1 owner Test300
# 配置历史控制表,设置RMON对子网中的流量信息采样,采样间隔为30秒钟,并保存最近10次数据。
[Switch-GigabitEthernet1/0/1] rmon history 1 buckets 10 interval 30 owner Test300 [Switch-GigabitEthernet1/0/1] quit
- 配置RMON告警功能
# 配置事件表,设置RMON的1号事件处理方式为记录日志,2号事件处理方式为向网管站发送Trap消息。
[Switch] rmon event 1 log owner Test300 [Switch] rmon event 2 description forUseofPrialarm trap public owner Test300
# 配置告警表,设置采样间隔时间和触发告警事件1(告警OID为1.3.6.1.2.1.16.1.1.1.6.1)的阈值。
[Switch] rmon alarm 1 1.3.6.1.2.1.16.1.1.1.6.1 30 absolute rising-threshold 500 1 falling-threshold 100 1 owner Test300# 配置扩展告警表,设置RMON对统计表中广播和组播总数每30秒钟进行1次采样,当采样变化值高于最大阈值1000或低于最小阈值0时触发事件2,向网管站发送Trap信息。
[Switch] rmon prialarm 1 .1.3.6.1.2.1.16.1.1.1.6.1+.1.3.6.1.2.1.16.1.1.1.7.1 sumofbroadandmulti 30 delta rising-threshold 1000 2 falling-threshold 0 2 entrytype forever owner Test300 - 检查配置结果
# 查看配置效果。可以随时查看子网的数据流量信息。
[Switch] display rmon statistics gigabitethernet 1/0/1 Statistics entry 1 owned by Test300 is valid. Interface : GigabitEthernet1/0/1<ifIndex.58> Received : octets :142915224 , packets :1749151 broadcast packets :11603 , multicast packets:756252 undersize packets :0 , oversize packets :0 fragments packets :0 , jabbers packets :0 CRC alignment errors:0 , collisions :0 Dropped packet (insufficient resources):1795 Packets received according to length (octets): 64 :150183 , 65-127 :150183 , 128-255 :1383 256-511:3698 , 512-1023:0 , 1024-1518:0
# 查看配置效果。
[Switch] display rmon history gigabitethernet 1/0/1 History control entry 1 owned by Test300 is valid Samples interface : GigabitEthernet1/0/1<ifIndex.58> Sampling interval : 30(sec) with 10 buckets max Last Sampling time : 0days 22h:42m:56s.01th Latest sampled values : octets :74539 , packets :966 broadcast packets :1 , multicast packets :36 undersize packets :0 , oversize packets :0 fragments packets :0 , jabbers packets :0 CRC alignment errors :0 , collisions :0 Dropped packet :0 , utilization :0 History record: Record No.1 (Sample time: 0days 22h:40m:56s.50th) octets :73926 , packets :963 broadcast packets :0 , multicast packets :36 undersize packets :0 , oversize packets :0 fragments packets :0 , jabbers packets :0 CRC alignment errors :0 , collisions :0 Dropped packet :0 , utilization :0
# 查看RMON事件的配置信息。
[Switch] display rmon event Event table 1 owned by Test300 is valid. Description: null. Will cause log when triggered, last triggered at 0days 00h:24m:10s.05th. Event table 2 owned by Test300 is valid. Description: forUseofPrialarm. Will cause snmp-trap when triggered, last triggered at 0days 00h:26m:10s.05th.
# 查看RMON告警的配置信息。
[Switch] display rmon alarm 1 Alarm table 1 owned by Test300 is valid. Samples absolute value : 1.3.6.1.2.1.16.1.1.1.6.1<etherStatsBroadcastPkts.1> Sampling interval : 30(sec) Rising threshold : 500(linked with event 1) Falling threshold : 100(linked with event 1) When startup enables : risingOrFallingAlarm Latest value : 1975
# 查看RMON扩展告警的配置信息。
[Switch] display rmon prialarm 1 Prialarm table 1 owned by Test300 is valid. Samples delta value : .1.3.6.1.2.1.16.1.1.1.6.1+.1.3.6.1.2.1.16.1.1.1.7.1 Sampling interval : 30(sec) Rising threshold : 1000(linked with event 2) Falling threshold : 0(linked with event 2) When startup enables : risingOrFallingAlarm This entry will exist : forever Latest value : 16
# 查看事件日志信息。
[Switch] display rmon eventlog Event table 1 owned by Test300 is valid. Generates eventLog 1.1 at 0days 00h:39m:30s.01th. Description: The 1.3.6.1.2.1.16.1.1.1.6.1 defined in alarm table 1, less than or equal to 100 with alarm value 0. Alarm sample type is absolute.
配置文件
Switch的配置文件
# sysname Switch # vlan batch 20 30 # interface Vlanif20 ip address 10.1.20.1 255.255.255.0 # interface Vlanif30 ip address 10.1.30.1 255.255.255.0 # interface GigabitEthernet1/0/1 port hybrid pvid vlan 30 port hybrid untagged vlan 30 rmon-statistics enable rmon statistics 1 owner Test300 rmon history 1 buckets 10 interval 30 owner Test300 # interface GigabitEthernet1/0/2 port hybrid pvid vlan 20 port hybrid untagged vlan 20 # ospf 1 area 0.0.0.0 network 10.1.20.0 0.0.0.255 network 10.1.30.0 0.0.0.255 # snmp-agent snmp-agent local-engineid 800007DB0300259E0370C3 snmp-agent sys-info version v3 snmp-agent group v3 admin privacy snmp-agent target-host trap address udp-domain 10.1.10.1 params securityname nms-admin v3 privacy snmp-agent usm-user v3 nms-admin group admin snmp-agent usm-user v3 nms2-admin authentication-mode sha2-256 cipher %^%#odaJ7R)/O7k$pwQx0qfD0\`u*'GI1(|;ZQXHtzrN%^%# snmp-agent usm-user v3 nms2-admin privacy-mode aes128 cipher %^%#f*K3/|E6d"SJes9)5naXPIqCTpR"}BUC=yW;!(f9%^%# snmp-agent trap enable feature-name RMON snmp-agent protocol source-interface Vlanif20 # rmon event 1 description null log owner Test300 rmon event 2 description forUseofPrialarm trap public owner Test300 rmon alarm 1 1.3.6.1.2.1.16.1.1.1.6.1 30 absolute rising-threshold 500 1 falling-threshold 100 1 owner Test300 rmon prialarm 1 .1.3.6.1.2.1.16.1.1.1.6.1+.1.3.6.1.2.1.16.1.1.1.7.1 sumofbroadandmulti 30 delta rising-threshold 1000 2 falling-threshold 0 2 entrytype forever owner Test300 # return
