Overview of network monitoring development at AMRES Slavko Gajin.

40
Overview of network monitoring development at AMRES Slavko Gajin

TAGS:

Transcript of Overview of network monitoring development at AMRES Slavko Gajin.

Page 1: Overview of network monitoring development at AMRES Slavko Gajin.

Overview of network monitoring development at AMRES Slavko Gajin

Page 2: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009 Akademska mreža Srbijewww.amres.ac.yu

Content

Past, present and future:Why we started?How we started?What are the major development milestones?What we have now?What are we planning for further development?

Page 3: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

How we started?Back to ’90s...

low level routers and modem technology up to 2mbps, many different vendors, no interoperabilityinstable links - problems with quality of wires (around cities and inside racks)

multi-domain network (and still is)many institutions and network administratorsunable to access far-end equipment

NOCset of individuals

limited resources access to knowledge (RFC only)equipment toolsmoney

Page 4: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

Motivation

Network monitoring:not HOW to monitor, but WHAT to monitor !

First stepto collect all relevant information

Result huge single table with:

links, institutions, local and far end routers, modes, admin contacts...

not only a peace of paper...

Page 5: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

Motivation

Page 6: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

Motivation

Page 7: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

Motivation

Page 8: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

Motivation

“Version 0” was born

Page 9: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

Monitoring startup

MRTG - Multi Router Traffic Grapherfree easy-to-use web toolinnovative time-chartslive traffic statisticsany SNMP OID is available for monitoring

but...fixed time frames - daily, weekly, monthly, yearlynot easy-to-configure

unhandled syntax errorsinterfaces’ IDs changies - inconsistent resultsnot scalable

Other solutionsCacti, Nagios, SmokePing, OpenNMS...

Page 10: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

Own approach - NetISNetIS - Network Information and Monitoring SystemInformation system

equipment and links inventorynetadmin address booktopology databasesimple IP database

Monitoring systemSNMP - traffic and port statusping responseweb interface for generating MRTG config filealerts and event loglooking glass – remote execution of show commands

Page 11: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V1

Page 12: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V1

Page 13: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V1

Page 14: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V1

Page 15: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V1

Page 16: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V1

Page 17: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V1

Page 18: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V1

Page 19: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V1

Page 20: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V1

DrawbacksMRTG

time frames were staticintegration was artificial

lack of configurable SNMP monitoringpure HTTP

“hard core” programming low level of usability

manual configurationhard wordcould not follow frequent network changes inconsistency

Page 21: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V2 – NetIIS Main improvements

auto-discoverysystem parametersinterface details

SNMP ID (index) for consistency and accuracy description

topology - neighboring links learned by CDPconnected hosts learned by ARP

separate GUI client drag-and-drop between windowsimproved usabilitytopology editor

advanced multi-user permissionsDNS querynew lookup...

Page 22: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V2

Page 23: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V2

Page 24: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V2

Page 25: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V2

Page 26: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

Troubleshooting examplesConnection break: 100% packet loss

check the throughputhow long it lastcheck SNMP statusrun “show interface” commandcall the other sidecall the carrier provider (Telecom)

Page 27: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

Troubleshooting examplesConnection break: less than 100% packet loss

Check router performancesCheck link utilizationtraceroute command

Page 28: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetIS V3

Technological improvementfully java based – JSP and java GUI client

Many new features:MRTG is fully replaced by own RRD-like solution (own grapher, database instead of RRD files)configurable SNMP monitorsimproved alarms: email, SMSevent-log, syslog, looking glass nagios supportSLA reportsimproved usability

Lates version know as ICMyNet.IS (separate presentation is following)

Page 29: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetFlow tool

initial work:cflow - caida’s netflow collector and visualization perl tooladapted to support additional requests:

more configurable options – traffic patters !dynamic time frame based on RRDgraphs for subnets, protocols and servicessimple web interface for row data dump

filtering, grouping, sortingbased on complex criteriauseful but slow

Page 30: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetFlow tool – old version

Page 31: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetFlow tool – old version

Page 32: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

NetFlow tool – old version

Page 33: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

ICmyNet.Flow - current version

Own java web base solution:collectoraggregatorarchivergrapherconfigurator...

Main featuerstraffic patternsnetflow v5 and V9 supportconfigurable

Separate presentation is following...

Page 34: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

ICmyNet.Flow - current version

Page 35: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

ICmyNet.Flow - current version

Page 36: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

Syslog viewer

Web-base java software NetIIS module standalone server application

Featurescollector for syslog messagessimple processingSQL database archiving data filtering

Page 37: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

Syslog viewer

Page 38: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

Syslog viewer

Page 39: Overview of network monitoring development at AMRES Slavko Gajin.

GN3/NA3/T4 - Network monitoring workshopBelgrade, 20-21 October, 2009

ICmyNet toolset – ongoing work and plans

Current positionunderstand users’ needs accumulated know-howdeep technology experience

Further plansICmyNet - Integrated platform for several networking tools:

.IMS – Information and monitoring system

.Flow – NetFlow analyzer

.MIB – MIB browser

.LOG – Log analyzer

.Config – Configuration manager

.Explorer – network discovery tool

Page 40: Overview of network monitoring development at AMRES Slavko Gajin.

Questions...


Atlantic Scholarly Information Network Portal Slavko Manojlovich Memorial University of Newfoundland (ASIN Portal Project Manager) and Memorial University.

Atlantic Scholarly Information Network Portal Slavko Manojlovich Memorial University of Newfoundland (ASIN Portal Project Manager) and Memorial University.

Fr Slavko Talks 1986

Fr Slavko Talks 1986

Connect communicate collaborate Eduroam debugging Gurvinder Singh and Gunnar Bøe, Campus Networks and Systems, UNINETT AMRES Wireless workshop Belgrade,

Connect communicate collaborate Eduroam debugging Gurvinder Singh and Gunnar Bøe, Campus Networks and Systems, UNINETT AMRES Wireless workshop Belgrade,

Traffic filtering: Experience and Recommendations of AMRES Security WG

Traffic filtering: Experience and Recommendations of AMRES Security WG

Monographs published in the International Encyclopaedia of ... · Peru Alfredo BULLARD 2017 Poland Ewa Joanna GALEWSKA 2014 Romania Georgeta DINU 2015 Serbia Dragan GAJIN 2018 Singapore

Monographs published in the International Encyclopaedia of ... · Peru Alfredo BULLARD 2017 Poland Ewa Joanna GALEWSKA 2014 Romania Georgeta DINU 2015 Serbia Dragan GAJIN 2018 Singapore

Fr Slavko Talks 1985

Fr Slavko Talks 1985

Gajin Fujita: Warriors, Ghosts and Ancient Gods of the Pacific · new L.A. Louver exhibition, “Warriors, Ghosts, and Ancient Gods of the Pacific,” teems with figures from the

Gajin Fujita: Warriors, Ghosts and Ancient Gods of the Pacific · new L.A. Louver exhibition, “Warriors, Ghosts, and Ancient Gods of the Pacific,” teems with figures from the

Public Relations Slavko Kovacevic

Public Relations Slavko Kovacevic

Collaboration tools and services Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 19. Jun 2014.

Collaboration tools and services Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 19. Jun 2014.

Copyright © Starsoft Inc, 2000 1 Data Warehouse Architecture By Slavko Stemberger.

Copyright © Starsoft Inc, 2000 1 Data Warehouse Architecture By Slavko Stemberger.

Connect communicate collaborate DRAFT ON NETWORK MANAGEMENT ARCHITECTURE Esad Saitovic, Ivan Ivanovic AMRES Network monitoring workshop for GN3/NA3/T4.

Connect communicate collaborate DRAFT ON NETWORK MANAGEMENT ARCHITECTURE Esad Saitovic, Ivan Ivanovic AMRES Network monitoring workshop for GN3/NA3/T4.

Biochar – an ancient knowledge for a sustainable future · Biochar – an ancient knowledge for a sustainable future Bojca Januš - Gajin vrt WEB: BLOG: CONTACT: bojcajanus@gmail.com

Biochar – an ancient knowledge for a sustainable future · Biochar – an ancient knowledge for a sustainable future Bojca Januš - Gajin vrt WEB: BLOG: CONTACT: [email protected]

Prof. dr. sc. Slavko Krajcar, UNIZG - POLO-Cro28 · Prof. dr. sc. Slavko Krajcar, UNIZG Hrvatska – predvodnica ili slijednica na putu prema +2C? „Today’s energy transition is

Prof. dr. sc. Slavko Krajcar, UNIZG - POLO-Cro28 · Prof. dr. sc. Slavko Krajcar, UNIZG Hrvatska – predvodnica ili slijednica na putu prema +2C? „Today’s energy transition is

Internal Audit and the Compliance Function Slavko Rakocevic.

Internal Audit and the Compliance Function Slavko Rakocevic.

AMRES NOC - tfnoc - Athens · PDF fileICmyNet.Flowserver. It is used by AMRES NOC/CSIRT team for monitoring AMRES network traffic structure, for correlation and checking of the abuse

AMRES NOC - tfnoc - Athens · PDF fileICmyNet.Flowserver. It is used by AMRES NOC/CSIRT team for monitoring AMRES network traffic structure, for correlation and checking of the abuse

1. ICV Kongres controllera Srbije 2013, Slavko Kastelić, senior sales manager, Tagetik

1. ICV Kongres controllera Srbije 2013, Slavko Kastelić, senior sales manager, Tagetik

Identity Federation Policy Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 20. Jun 2014.

Identity Federation Policy Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 20. Jun 2014.

perpetuum-mobile.netperpetuum-mobile.net/etc/mirko-i-slavko/nikadrobom-001-mirko-i-slavko-nikad-robom.pdfHOW/ MUPZO agro 00 oeranu two ea 04EM HEMAU OUR MA0KY.P nomo MA,7en MH HO xuB

perpetuum-mobile.netperpetuum-mobile.net/etc/mirko-i-slavko/nikadrobom-001-mirko-i-slavko-nikad-robom.pdfHOW/ MUPZO agro 00 oeranu two ea 04EM HEMAU OUR MA0KY.P nomo MA,7en MH HO xuB

Slavko Šipec O PROŽENJU SNEŽNIH

Slavko Šipec O PROŽENJU SNEŽNIH

Misa Duhu Svetomu, Slavko Topić (partitura)

Misa Duhu Svetomu, Slavko Topić (partitura)