I have a Cisco 6509 switch that I'm monitoring with SNMP from a CentOS5 machine. SNMP polls are the only access I have to this device, we are not allowed to log on via telnet.
How can I find out which port on the switch a particular server is connected to? I was hoping that this is somehow possible using the mac address and the data gathered from snmpwalk/snmpget requests but I'm not having much luck. How would you tackle this problem?
Quoting Sean Carolan scarolan@gmail.com:
I have a Cisco 6509 switch that I'm monitoring with SNMP from a CentOS5 machine. SNMP polls are the only access I have to this device, we are not allowed to log on via telnet.
How can I find out which port on the switch a particular server is connected to? I was hoping that this is somehow possible using the mac address and the data gathered from snmpwalk/snmpget requests but I'm not having much luck. How would you tackle this problem?
This might help:
On Tue, Apr 21, 2009 at 11:44:47AM -0500, Sean Carolan wrote:
How can I find out which port on the switch a particular server is connected to? I was hoping that this is somehow possible using the mac address and the data gathered from snmpwalk/snmpget requests but I'm not having much luck. How would you tackle this problem?
My notes: http://wiki.xdroop.com/space/snmp/Switching+Tables
Basically there are at least two places in snmp where this might be stored. The most obvious is the classic MIB-II Bridge. The wrinkle with this MIB is that some switches maintain separate tables for each VLAN, which means in order to query the switch properly, you have to query the MIB for each VLAN.
Newer switches populate the Q-Bridge-MIB instead of or as well as the MIB-II Bridge. This table contains the VLAN that the target MAC is reachable through, which is useful since you don't have to know it ahead of time.
We have a six- or seven- year old cisco 3750 which is running an IOS which doesn't have the newer MIB; for this switch, we must explicitly query the MIB-II Bridge for each VLAN. I would hope that newer relesaes of IOS wouldn't have this limitation.
We have a six- or seven- year old cisco 3750 which is running an IOS which doesn't have the newer MIB; for this switch, we must explicitly query the MIB-II Bridge for each VLAN. I would hope that newer relesaes of IOS wouldn't have this limitation.
This is exactly what I was missing. Thank you, I am now able to track down which port each device is on.
My notes: http://wiki.xdroop.com/space/snmp/Switching+Tables
Hi Dave, so using the example from your site above I tested a mac address against one of our switches:
[scarolan@host:~]$ snmpwalk -v1 -c public@200 10.100.3.6 .1.3.6.1.2.1.17.4.3 | grep `hexmac2decoid 00:B0:D0:E1:BF:52` SNMPv2-SMI::mib-2.17.4.3.1.1.0.176.208.225.191.82 = Hex-STRING: 00 B0 D0 E1 BF 52 SNMPv2-SMI::mib-2.17.4.3.1.2.0.176.208.225.191.82 = INTEGER: 389 SNMPv2-SMI::mib-2.17.4.3.1.3.0.176.208.225.191.82 = INTEGER: 3
Does this mean that the machine is plugged into port 389? I didn't think there were 389 ports on the switch.
On Tue, Apr 21, 2009 at 01:22:07PM -0500, Sean Carolan wrote:
SNMPv2-SMI::mib-2.17.4.3.1.2.0.176.208.225.191.82 = INTEGER: 389
Does this mean that the machine is plugged into port 389? I didn't think there were 389 ports on the switch.
<dry>It'd be a very large switch.</dry>
No, it just means it's reachable through interface number 389. There is a table somewhere which associates interfance names with descriptions or even better, the labels which you have hopefully applied to each interface. (Brief pause while I dig around in my wiki and various script directories.) If you are digging around in your cisco, I'd try starting with something like .1.3.6.1.2.1.2.2.1.2 which on mine returns information like:
nmpwalk -c public -On -v 1 172.30.0.254 1.3.6.1.2.1.2.2 | grep Giga | head .1.3.6.1.2.1.2.2.1.2.10101 = STRING: GigabitEthernet1/0/1 .1.3.6.1.2.1.2.2.1.2.10102 = STRING: GigabitEthernet1/0/2 [...]
In your case I'd look at .1.3.6.1.2.1.2.2.1.2.389 to see what the interface was.
Also possibly useful:
- http://wiki.xdroop.com/space/snmp/Switch+Port+Vlans - http://wiki.xdroop.com/space/snmp/Switch+Port+Labels
Sean Carolan wrote:
I have a Cisco 6509 switch that I'm monitoring with SNMP from a CentOS5 machine. SNMP polls are the only access I have to this device, we are not allowed to log on via telnet.
How can I find out which port on the switch a particular server is connected to? I was hoping that this is somehow possible using the mac address and the data gathered from snmpwalk/snmpget requests but I'm not having much luck. How would you tackle this problem?
Uncomment the Linkd service in service-configuration.xml. Then, at least if the connected device is also monitored the 'View Node Link Detailed Info' link on the node screen will show the connected device.
Les Mikesell wrote:
Sean Carolan wrote:
I have a Cisco 6509 switch that I'm monitoring with SNMP from a CentOS5 machine. SNMP polls are the only access I have to this device, we are not allowed to log on via telnet.
How can I find out which port on the switch a particular server is connected to? I was hoping that this is somehow possible using the mac address and the data gathered from snmpwalk/snmpget requests but I'm not having much luck. How would you tackle this problem?
Uncomment the Linkd service in service-configuration.xml. Then, at least if the connected device is also monitored the 'View Node Link Detailed Info' link on the node screen will show the connected device.
Oops - I was looking at an adjacent message and thought this was for the OpenNMS mail list. The advice still stands - all :-) you have to do is install opennms first (http://www.opennms.org). They have a yum repository that includes a suitable jvm so it isn't that hard to install on Centos.
How can I find out which port on the switch a particular server is connected to? I was hoping that this is somehow possible using the mac address and the data gathered from snmpwalk/snmpget requests but I'm not having much luck. How would you tackle this problem?
Take a look at Netdisco. I seem to remember it's a little tricky to set up on CentOS but I wouldn't live without it now.
Dan
On Tue, Apr 21, 2009 at 10:25:59PM +0100, Daniel Bird wrote:
Take a look at Netdisco. I seem to remember it's a little tricky to set up on CentOS but I wouldn't live without it now.
"A little tricky"?
Last time I looked at it, I described the installation process as only slightly less complicated than building a Saturn-V rocket out of 1960's era TV parts.
Last time I looked at it, I described the installation process as only slightly less complicated than building a Saturn-V rocket out of 1960's era TV parts.
You were not kidding - I some how managed to get netdisco installed using the CentOS installer script but there were several points where I had to install things by hand. Unfortunately it's not discovering my devices properly, I will take that up on the netdisco mailing list.
David.Mackintosh@xdroop.com wrote:
On Tue, Apr 21, 2009 at 10:25:59PM +0100, Daniel Bird wrote:
Take a look at Netdisco. I seem to remember it's a little tricky to set up on CentOS but I wouldn't live without it now.
"A little tricky"?
Last time I looked at it, I described the installation process as only slightly less complicated than building a Saturn-V rocket out of 1960's era TV parts.
I'll repeat my recommendation for OpenNMS. Getting started is as easy as 'yum install' (almost...). And it can do about anything you'd want in a monitoring system - including matching up those switch ports with the connected devices.
I'll repeat my recommendation for OpenNMS. Getting started is as easy as 'yum install' (almost...). And it can do about anything you'd want in a monitoring system - including matching up those switch ports with the connected devices.
Les, at first I didn't heed your advice because I figured it would be another ten hour battle to get opennms installed. I was pleasantly surprised to find that that it installed in ten minutes using yum on my CentOS 5 box. Much slicker interface than netdisco, and it discovered all the ports on my switches on the first try. Thanks for the suggestion!
Sean Carolan wrote:
I'll repeat my recommendation for OpenNMS. Getting started is as easy as 'yum install' (almost...). And it can do about anything you'd want in a monitoring system - including matching up those switch ports with the connected devices.
Les, at first I didn't heed your advice because I figured it would be another ten hour battle to get opennms installed. I was pleasantly surprised to find that that it installed in ten minutes using yum on my CentOS 5 box. Much slicker interface than netdisco, and it discovered all the ports on my switches on the first try. Thanks for the suggestion!
It was somewhat difficult to install on Centos (mostly just getting a Sun JVM installed sanely) until they added the yum repository. It is still somewhat complicated to deal with all of the things it can do so I'd suggest joining the mailing list if you haven't already. It does support many more devices out of the box than netdisco, including hosts as well as network equipment. If you want it to collect snmp data for graphs on the switch ports that don't have addresses you can set collection manually for each one or just change snmpStorageFlag to "all' in datacollection-config.xml.
It was somewhat difficult to install on Centos (mostly just getting a Sun JVM installed sanely) until they added the yum repository. It is still somewhat complicated to deal with all of the things it can do so I'd suggest joining the mailing list if you haven't already. It does support many more devices out of the box than netdisco, including hosts as well as network equipment. If you want it to collect snmp data for graphs on the switch ports that don't have addresses you can set collection manually for each one or just change snmpStorageFlag to "all' in datacollection-config.xml.
OpenNMS is now crawling my network and discovering all the servers. I'm not seeing how to find which switch and port each device is plugged into. If I browse to a node and click on it's network interface, it says this:
-------------------------- Link Node/Interface No link information has been collected for this interface. --------------------------
Is that where the port and switch information is supposed to show up? Or am I looking in the wrong place?
Sean Carolan wrote:
It was somewhat difficult to install on Centos (mostly just getting a Sun JVM installed sanely) until they added the yum repository. It is still somewhat complicated to deal with all of the things it can do so I'd suggest joining the mailing list if you haven't already. It does support many more devices out of the box than netdisco, including hosts as well as network equipment. If you want it to collect snmp data for graphs on the switch ports that don't have addresses you can set collection manually for each one or just change snmpStorageFlag to "all' in datacollection-config.xml.
OpenNMS is now crawling my network and discovering all the servers. I'm not seeing how to find which switch and port each device is plugged into. If I browse to a node and click on it's network interface, it says this:
Link Node/Interface No link information has been collected for this interface.
Is that where the port and switch information is supposed to show up? Or am I looking in the wrong place?
Back to my first email message when I thought you were already using OpenNMS... You have to uncomment the Linkd service in etc/service-configuration.xml, then restart opennms and give it some time to probe. Then it should show from the 'View Node Link Detailed Info' at the top left of a node page. The weakest part of the program is the web admin section. While it does a lot, there is much more that you can control via the xml config files.
Back to my first email message when I thought you were already using OpenNMS... You have to uncomment the Linkd service in etc/service-configuration.xml, then restart opennms and give it some time to probe. Then it should show from the 'View Node Link Detailed Info' at the top left of a node page. The weakest part of the program is the web admin section. While it does a lot, there is much more that you can control via the xml config files.
Thanks again, Les, this is going to be a very useful tool for us!
On Wed, 2009-04-22 at 12:22 -0500, Les Mikesell wrote:
Sean Carolan wrote:
It was somewhat difficult to install on Centos (mostly just getting a Sun JVM installed sanely) until they added the yum repository. It is still somewhat complicated to deal with all of the things it can do so I'd suggest joining the mailing list if you haven't already. It does support many more devices out of the box than netdisco, including hosts as well as network equipment. If you want it to collect snmp data for graphs on the switch ports that don't have addresses you can set collection manually for each one or just change snmpStorageFlag to "all' in datacollection-config.xml.
OpenNMS is now crawling my network and discovering all the servers. I'm not seeing how to find which switch and port each device is plugged into. If I browse to a node and click on it's network interface, it says this:
Link Node/Interface No link information has been collected for this interface.
Is that where the port and switch information is supposed to show up? Or am I looking in the wrong place?
Back to my first email message when I thought you were already using OpenNMS... You have to uncomment the Linkd service in etc/service-configuration.xml, then restart opennms and give it some time to probe. Then it should show from the 'View Node Link Detailed Info' at the top left of a node page. The weakest part of the program is the web admin section. While it does a lot, there is much more that you can control via the xml config files.
---- OK, I've been tracking this conversation, installed/configured/started OpenNMS and have discovered everything and in fact, edited service-configuration.xml as recommended.
I'm sort of comparing this to Zenoss which I had to stop (snmp conflicts) to run OpenNMS.
I can see each port on the 48 port managed switch and go to 'View Node Link Detailed Info' but it doesn't tell me much about the device/computer plugged into a specific port.
While I don't want to be quick to dismiss OpenNMS, it seems to fall way short of Zenoss so I'm thinking that there's a bunch of stuff that probably needs to be tweaked.
I got the impression that NetDisco would actually tell me the IP Address (perhaps reverse the DNS name) of the device connected to specific port on my managed switch. I didn't go for the NetDisco route for install because I didn't like the idea of getting a bunch of CPAN perl modules installed rather than using rpm packages.
Craig
Craig White wrote:
OK, I've been tracking this conversation, installed/configured/started OpenNMS and have discovered everything and in fact, edited service-configuration.xml as recommended.
I'm sort of comparing this to Zenoss which I had to stop (snmp conflicts) to run OpenNMS.
I can see each port on the 48 port managed switch and go to 'View Node Link Detailed Info' but it doesn't tell me much about the device/computer plugged into a specific port.
Let it soak overnight. It goes out of its way not to kill your network and has a long startup delay and times between polls - all tunable in the xml files, of course.
While I don't want to be quick to dismiss OpenNMS, it seems to fall way short of Zenoss so I'm thinking that there's a bunch of stuff that probably needs to be tweaked.
It mostly does the right thing by default, although if you want bandwidth graphs on the non-IP ports on your switches you either need to set it up for each node or change snmpStorageFlag to "all' in datacollection-config.xml
I am interested in a comparison with Zenoss - but wait until you know your way around opennms. Just ask on the opennms list if it doesn't do something you expect.
I got the impression that NetDisco would actually tell me the IP Address (perhaps reverse the DNS name) of the device connected to specific port on my managed switch. I didn't go for the NetDisco route for install because I didn't like the idea of getting a bunch of CPAN perl modules installed rather than using rpm packages.
Assuming it can get the info from the switch, it will - and give you clickable link to the other device's node info.
On Wed, 2009-04-22 at 17:50 -0500, Les Mikesell wrote:
Craig White wrote:
OK, I've been tracking this conversation, installed/configured/started OpenNMS and have discovered everything and in fact, edited service-configuration.xml as recommended.
I'm sort of comparing this to Zenoss which I had to stop (snmp conflicts) to run OpenNMS.
I can see each port on the 48 port managed switch and go to 'View Node Link Detailed Info' but it doesn't tell me much about the device/computer plugged into a specific port.
Let it soak overnight. It goes out of its way not to kill your network and has a long startup delay and times between polls - all tunable in the xml files, of course.
---- yeah, Zenoss seems to default on collecting each device every 12 hours and I never bothered with the timing of it. ----
While I don't want to be quick to dismiss OpenNMS, it seems to fall way short of Zenoss so I'm thinking that there's a bunch of stuff that probably needs to be tweaked.
It mostly does the right thing by default, although if you want bandwidth graphs on the non-IP ports on your switches you either need to set it up for each node or change snmpStorageFlag to "all' in datacollection-config.xml
I am interested in a comparison with Zenoss - but wait until you know your way around opennms. Just ask on the opennms list if it doesn't do something you expect.
---- I was hoping not to subscribe to another list but maybe I will and just monitor the list.
Thus far (and admittedly this is premature), I find Zenoss a lot beefier but I spent a ton of time setting it up the first time until I figured things out whereas I spent comparatively no time setting OpenNMS up. But I have learned things along the way, especially getting SNMP set up on everything I could. ----
I got the impression that NetDisco would actually tell me the IP Address (perhaps reverse the DNS name) of the device connected to specific port on my managed switch. I didn't go for the NetDisco route for install because I didn't like the idea of getting a bunch of CPAN perl modules installed rather than using rpm packages.
Assuming it can get the info from the switch, it will - and give you clickable link to the other device's node info.
---- That's something that I've never been able to do in Zenoss and if it's possible, I don't know. I think Zenoss only has forums and not mail list and I truly don't like forums.
This is a Dell PowerConnect 6248 'managed' switch so I would think it could. I enabled monitoring on all of the ports just in case. That would beat the brains out of the spreadsheets I've been maintaining on interconnects between patch panel, switch and office map to identify but since this is newly rewired, I am not having much trouble.
One thing that is throwing me for a loop is that it says all the Macintosh systems are a 10Mbps SNMP connection but on the Macs themselves, they clearly indicate 1Gbps. This somewhat tracks all of the pain that I have had with SNMP collection on the Macs, which on Zenoss has been less than spectacular. For example, I get installed software list, total installed memory, total hard drive space, free hard drive space on all Linux and Windows systems but only get total hard drive space and total installed memory on Macs. On Zenoss, I have resorted to ssh collection on Macs because snmp collection just sort of sucks.
Craig
Craig White wrote:
Thus far (and admittedly this is premature), I find Zenoss a lot beefier but I spent a ton of time setting it up the first time until I figured things out whereas I spent comparatively no time setting OpenNMS up. But I have learned things along the way, especially getting SNMP set up on everything I could.
Basically, Opennms will auto-discover the ranges you give it, detecting an assortment of services and snmp, then automatically poll what it discovers on 5 minute intervals and report outages. You can configure thresholds levels in the snmp data to generate alarms. You have to add whatever setup you want for external notificatons - they are off by default but you can set up email destinations, a jabber group conference, etc. There are near-infinite other options, of course, but that covers most of what you are likely to want.
I found this pdf with a much nicer overview: http://www.google.com/url?sa=U&start=2&q=http://www.ukuug.org/events...
This is a Dell PowerConnect 6248 'managed' switch so I would think it could. I enabled monitoring on all of the ports just in case.
I wouldn't be too hopeful without some extra work. I have a pair of Dell 5324's and am not getting the link info, but it works on a bunch of different cisco models. It does collect the bandwidth data from the Dells - the rest might be a matter of adding more of the oid trees to the 'included' view but the Dell switch management is kind of weird.
Per http://www.opennms.org/index.php/Linkd you need the .iso.org.dod.internet.mgmt.mib-2.ip.ipNetToMediaTable values.
One thing that is throwing me for a loop is that it says all the Macintosh systems are a 10Mbps SNMP connection but on the Macs themselves, they clearly indicate 1Gbps. This somewhat tracks all of the pain that I have had with SNMP collection on the Macs, which on Zenoss has been less than spectacular.
I hadn't tried a Mac before - the default settings don't look that promising. It should all boil down to getting the oid trees you need exposed, though.
For example, I get installed software list, total installed memory, total hard drive space, free hard drive space on all Linux and Windows systems but only get total hard drive space and total installed memory on Macs. On Zenoss, I have resorted to ssh collection on Macs because snmp collection just sort of sucks.
Might be a good topic for the opennms list.
On Wed, 2009-04-22 at 22:18 -0500, Les Mikesell wrote:
Craig White wrote:
Thus far (and admittedly this is premature), I find Zenoss a lot beefier but I spent a ton of time setting it up the first time until I figured things out whereas I spent comparatively no time setting OpenNMS up. But I have learned things along the way, especially getting SNMP set up on everything I could.
Basically, Opennms will auto-discover the ranges you give it, detecting an assortment of services and snmp, then automatically poll what it discovers on 5 minute intervals and report outages. You can configure thresholds levels in the snmp data to generate alarms. You have to add whatever setup you want for external notificatons - they are off by default but you can set up email destinations, a jabber group conference, etc. There are near-infinite other options, of course, but that covers most of what you are likely to want.
---- having already done Zenoss, this seemed fairly obvious to me ----
I found this pdf with a much nicer overview: http://www.google.com/url?sa=U&start=2&q=http://www.ukuug.org/events...
---- downloaded and will check it out after coffee/breakfast - thanks ----
This is a Dell PowerConnect 6248 'managed' switch so I would think it could. I enabled monitoring on all of the ports just in case.
I wouldn't be too hopeful without some extra work. I have a pair of Dell 5324's and am not getting the link info, but it works on a bunch of different cisco models. It does collect the bandwidth data from the Dells - the rest might be a matter of adding more of the oid trees to the 'included' view but the Dell switch management is kind of weird.
Per http://www.opennms.org/index.php/Linkd you need the .iso.org.dod.internet.mgmt.mib-2.ip.ipNetToMediaTable values.
---- actually, this morning it did indeed show me which device is connected to each port on the switch, which only shows the servers which run 24/7 and the few workstations that users left on but I gather that it will collect the rest during the day today. Curiously, there are printers running that do support snmp that were on all night but didn't register on the switch. Heck, it gave me connected device info from the Linksys managed 8 port GB-POE switch that I use for the WAP's. That is useful and something I can't seem to get done on Zenoss. I don't know if it's a difference of mib's not being in Zenoss or that they haven't attempted to give us that type of information about managed switches. ----
One thing that is throwing me for a loop is that it says all the Macintosh systems are a 10Mbps SNMP connection but on the Macs themselves, they clearly indicate 1Gbps. This somewhat tracks all of the pain that I have had with SNMP collection on the Macs, which on Zenoss has been less than spectacular.
I hadn't tried a Mac before - the default settings don't look that promising. It should all boil down to getting the oid trees you need exposed, though.
For example, I get installed software list, total installed memory, total hard drive space, free hard drive space on all Linux and Windows systems but only get total hard drive space and total installed memory on Macs. On Zenoss, I have resorted to ssh collection on Macs because snmp collection just sort of sucks.
Might be a good topic for the opennms list.
---- perhaps but I suspect that Apple isn't all that supportive of providing mib's for anything other than their servers. I did get mib's off of another site but then you've got the PPC => Intel stuff and the Intel stuff hardly seems to report snmp info at all. I gather that there is a mutual lack of interest between Enterprise and Macintosh.
Craig
Craig White schrieb:
On Wed, 2009-04-22 at 22:18 -0500, Les Mikesell wrote:
I found this pdf with a much nicer overview: http://www.google.com/url?sa=U&start=2&q=http://www.ukuug.org/events...
downloaded and will check it out after coffee/breakfast - thanks
Hm. Now, I'm in for an off-topic question ;-)
Can OpenNMS delegate the administration of certain groups of hosts to different users/groups? (While still allowing everybody a "view" right).
That would be cool.
Rainer
Rainer Duffner wrote:
I found this pdf with a much nicer overview: http://www.google.com/url?sa=U&start=2&q=http://www.ukuug.org/events...
downloaded and will check it out after coffee/breakfast - thanks
Hm. Now, I'm in for an off-topic question ;-)
Can OpenNMS delegate the administration of certain groups of hosts to different users/groups? (While still allowing everybody a "view" right).
No, you basically have write access or you don't. Different users/groups can receive different notifications, though. You can have a passwordless user with read access if you want to make it easier to embed graphs in other web pages or export data through the web interface. You can also create logins that get a 'dashboard only' view that is basically a grid of machines selected by a pair of attributes (like location and server type) where the grid shows the number total number of nodes and the count of nodes with services down, and underneath the grid you can select views with more details for any of the servers in the group. You can't make any changes from the dashboard only logins, though.
Les Mikesell wrote:
Rainer Duffner wrote:
I found this pdf with a much nicer overview: http://www.google.com/url?sa=U&start=2&q=http://www.ukuug.org/events...
downloaded and will check it out after coffee/breakfast - thanks
Hm. Now, I'm in for an off-topic question ;-)
Can OpenNMS delegate the administration of certain groups of hosts to different users/groups? (While still allowing everybody a "view" right).
No, you basically have write access or you don't. Different users/groups can receive different notifications, though. You can have a passwordless user with read access if you want to make it easier to embed graphs in other web pages or export data through the web interface. You can also create logins that get a 'dashboard only' view that is basically a grid of machines selected by a pair of attributes (like location and server type) where the grid shows the number total number of nodes and the count of nodes with services down, and underneath the grid you can select views with more details for any of the servers in the group. You can't make any changes from the dashboard only logins, though.
The about to be released 1.7.3 (unstable branch) version is supposed to add per-user acls to control what devices you can see. If you want to help test this feature, grab a copy in a few days or build from the source trunk.
-- Les Mikesell lesmikesell@gmail.com
Am 27.04.2009 um 22:24 schrieb Les Mikesell:
The about to be released 1.7.3 (unstable branch) version is supposed to add per-user acls to control what devices you can see. If you want to help test this feature, grab a copy in a few days or build from the source trunk.
I will have to check this, thanks. Problem is: I don't decide about go or no-go. Currently, we use "IP-Monitor", which is really a PITA to use and I get mad everytime I have to use it to add another host.
Best Regards, Rainer
On Wed, 2009-04-22 at 17:50 -0500, Les Mikesell wrote:
I am interested in a comparison with Zenoss - but wait until you know your way around opennms. Just ask on the opennms list if it doesn't do something you expect.
---- admittedly, this analysis is less than 24 hours after installation but...
Zenoss and OpenNMS seem to be scratching similar but different itches.
OpenNMS seems to be most useful to large businesses with many remote sites and configuration management (i.e. puppet) of things like managed switches and sophisticated assignment to users/groups for alarms, etc. At this stage, I am only employing snmp for data collection and not for 'write' purposes.
Zenoss seems much more adept at gathering specific information on each device (at least out of the box adept), and it makes it easy for me for an example, to see who has which version of Microsoft Office installed on their computers. It does have alarm/event assignment and multiple method of notification assignment options, probably not quite as comprehensive as OpenNMS but still more than adequate for my uses. One thing that I have come to appreciate about Zenoss is that in addition to having SNMP and WMI data collectors, it also supports SSH collection which as I said, the Macintosh systems (workstations, i.e. iMacs, PowerMac G5, PowerMac Pro) don't seem to provide much useful info via SNMP.
My usage is typically a small business (< 50 users/computers) and I am pretty certain that Zenoss is more useful to me but I am still playing with OpenNMS anyway just to satisfy my curiosity and it has been educational for sure.
It would be hard for me to compare the process of setting both of them up because I already had Sun JDK working, snmp working on all possible devices and my understanding was relatively poor the first time I installed Zenoss. Subsequent installation has been relatively easy and OpenNMS was very easy too but by then, I had pretty a pretty good knowledge of things. Zenoss has a 'stack-installer' which will bundle mysql, python and zenoss, not really necessary on CentOS-5 which you can use CentOS supplied python and mysql-server. Their 'stack-installer' runs mysql-server on port 3307. I installed it by accident on one network and it's running fine so I left it alone. Zenoss has cool feature of automatically upgrading database when you upgrade versions unless you (speaking from experience) jump major versions (i.e. 2.0 => 2.2). You must upgrade to 2.1, start it up, allow it to convert the database, shut it down, upgrade it to 2.2 and repeat. Zenoss is now on version 2.3 which is substantially faster than earlier versions (I don't know why but I like).
I prefer the selection/assignment methods of 'discovered' nodes (zenoss calls them devices, opennms calls them nodes) in Zenoss but that is sort of quibbling and not entirely important. Zenoss also has more 'built-in' categorizations (Location, Group, Network and even the 'Device' category seems to have unlimited subgroup options which I find entirely useful). It is a lot simpler to look at a Device list in Zenoss, select the Devices you want and assign them to a category than the selection/assignment method in OpenNMS=>Admin.
Thanks
Craig
Craig White wrote:
I am interested in a comparison with Zenoss - but wait until you know your way around opennms. Just ask on the opennms list if it doesn't do something you expect.
admittedly, this analysis is less than 24 hours after installation but...
Zenoss and OpenNMS seem to be scratching similar but different itches.
In spite of the S in SNMP there is nothing simple about network management, so the overall goal of the frameworks will be to make sense out of your network and monitor for problems, keeping a history of some of the values and presenting a nice user interface. It is a complex problem so different approaches will probably have different good and bad points.
OpenNMS seems to be most useful to large businesses with many remote sites and configuration management (i.e. puppet) of things like managed switches and sophisticated assignment to users/groups for alarms, etc. At this stage, I am only employing snmp for data collection and not for 'write' purposes.
The only write capability opennms offers is a push button to shut down interfaces - if you have snmp write access. It does have some integration with other tools to 'provision' or add nodes/services explicitly instead of autodiscovery if you already have this information in some other form.
Zenoss seems much more adept at gathering specific information on each device (at least out of the box adept), and it makes it easy for me for an example, to see who has which version of Microsoft Office installed on their computers. It does have alarm/event assignment and multiple method of notification assignment options, probably not quite as comprehensive as OpenNMS but still more than adequate for my uses. One thing that I have come to appreciate about Zenoss is that in addition to having SNMP and WMI data collectors, it also supports SSH collection which as I said, the Macintosh systems (workstations, i.e. iMacs, PowerMac G5, PowerMac Pro) don't seem to provide much useful info via SNMP.
WMI is a new addition to opennms - and it has an assortment of ways to use external programs to send data/events to it (see send-event.pl for one of them). I use ocsinventory-ng to collect/maintain the hardware/software details separately - it would be nice if that were more closely integrated.
My usage is typically a small business (< 50 users/computers) and I am pretty certain that Zenoss is more useful to me but I am still playing with OpenNMS anyway just to satisfy my curiosity and it has been educational for sure.
OpenNMS does start with the premise that you have too many nodes to usefully ever display at once, so it is all about automation, notifications, and collapsing views to summarize the status. Nobody ever wants to scroll through thousands of 'green' indicators to find the thing that's broken. However, the default summary screens probably aren't all that useful to you except for the list of current outages on the left of the home page. You'll need to arrange your own categories and dashboards for the specific layout you want to see, and some KSC report pages that group the graphs you want to see together (I'm not thrilled by the process to create these pages but they work nicely when done and can make it easy to spot problems like memory/cpu issues on one server of a similar group or bandwidth not balanced on your border routers). After you create ksc pages, you'll get a drop down selection on the home page for easy access and the screens auto-refresh (at least in current versions) so you can leave them up.
It would be hard for me to compare the process of setting both of them up because I already had Sun JDK working, snmp working on all possible devices and my understanding was relatively poor the first time I installed Zenoss. Subsequent installation has been relatively easy and OpenNMS was very easy too but by then, I had pretty a pretty good knowledge of things. Zenoss has a 'stack-installer' which will bundle mysql, python and zenoss, not really necessary on CentOS-5 which you can use CentOS supplied python and mysql-server. Their 'stack-installer' runs mysql-server on port 3307. I installed it by accident on one network and it's running fine so I left it alone. Zenoss has cool feature of automatically upgrading database when you upgrade versions unless you (speaking from experience) jump major versions (i.e. 2.0 => 2.2). You must upgrade to 2.1, start it up, allow it to convert the database, shut it down, upgrade it to 2.2 and repeat. Zenoss is now on version 2.3 which is substantially faster than earlier versions (I don't know why but I like).
Openmnms has an 'install' program you have to run even with the RPM installation, and it will take care of upgrading the database to any newer version. The 'Search' feature is nice if you have a lot of nodes and especially if you have naming conventions because you can give it a wildcard for either the name or address and get a list of choices. Things like that may not matter if your whole node list fits on the screen, though.
I prefer the selection/assignment methods of 'discovered' nodes (zenoss calls them devices, opennms calls them nodes) in Zenoss but that is sort of quibbling and not entirely important. Zenoss also has more 'built-in' categorizations (Location, Group, Network and even the 'Device' category seems to have unlimited subgroup options which I find entirely useful). It is a lot simpler to look at a Device list in Zenoss, select the Devices you want and assign them to a category than the selection/assignment method in OpenNMS=>Admin.
Opennms is versatile but somewhat confusing in this respect. There are different types of categories for notifications, polling and views. But for the surveillance view categories at least you should be able to either pick a category for a node or a list of nodes to add the category to. This may depend on the version you are running. I'm using the 'unstable' 1.7.x package. It is also surprisingly easy to build the subversion trunk version considering that it uses a bazillion other java components (hibernate/spring/etc.).
On Thu, 2009-04-23 at 11:46 -0500, Les Mikesell wrote:
Craig White wrote:
I am interested in a comparison with Zenoss - but wait until you know your way around opennms. Just ask on the opennms list if it doesn't do something you expect.
admittedly, this analysis is less than 24 hours after installation but...
Zenoss and OpenNMS seem to be scratching similar but different itches.
In spite of the S in SNMP there is nothing simple about network management, so the overall goal of the frameworks will be to make sense out of your network and monitor for problems, keeping a history of some of the values and presenting a nice user interface. It is a complex problem so different approaches will probably have different good and bad points.
---- OK, I shut down OpenNMS and started up Zenoss again and noticed that the connected devices actually do show up on my 8 port managed Linksys POE switch...hmmm
So I dig a little further with snmpwalk and have come to realize that "IF-MIB::ifAlias" is where these values are returned from snmpwalk which is populated with values from my Linksys switch but not the Dell PowerConnect 6248, where they are all returned as an empty string.
So it occurs to me that OpenNMS is more adept at tracking layer 2 than Zenoss.
One thing that I notice that is different is that the Linksys reports each port with a different sequential MAC address where the Dell switch reports each port with the same MAC address.
I snmpwalk the Dell switch and grep for the IP address or the MAC address of one of my servers and get nothing. ;-(
So I gather that I either have to figure out how to get the Dell switch to capture the data for the connected device so it returns to me via an snmpwalk or wait until Zenoss starts crawling through the various network layers to create the connection link as it currently does in OpenNMS.
Craig