Map Your Network

It won't be much help if you get an alert on your network-management system that a host named XYZ with an IP address 192.168.1.30 is broadcasting excessive traffic on the network, resulting in the slowing down of your network, and if you don't know which machine is that, what sort of applications it is running and where it is physically located.

The way to have this information ready is to create a map of your network and keep a log of all your IT assets. A network map is much like a road map, which shows you various landmarks and tells you where they are located and how to get there.

Similarly, a network map tells you what all hosts are available on your network, where they are located and how they are connected.

Logging IT assets requires keeping track of model numbers, names of vendors and specs of all hardware and software.

Mapping



The easiest way to create a map of your network is to use mapping software. There are any number of software that can do the mapping, such as Network View, LANsurveyor and InterMapper. You will find the first two on this month's PCQEssential CD and can download the demo of the last from www.intermapper.com/binaries/. Even Visio builds in network discovery and mapping capabilities. These tools search deep into the network to first discover the hosts on the network devices and then create a map the network. The discovery of devices in itself is a long process, taking many days to discover a large enterprise network. In the process, it also generates a huge amount of network traffic. Obviously, the more the devices, the longer it will take to discover them and the larger the amount of traffic that will be generated.

We used Intermapper to map the WAN links on our network

Here is what was discovered on our network: 300 nodes, 12 severs, three routers, eight network printers, 15 managed switches and one wireless access point. All the servers, router and switches are on one subnet, all functional the departments are on another and CyberMedia Labs is on a third.

We used two mapping tools, LANsurveyor 8.0 and Intermapper, the former to map the LAN and the latter for the WAN links. LANsuveryor is a Windows-based software, which automatically generates a logical diagram of your network. If your diagram looks cluttered, you can drag and change the placement of the icons to suit yourself. The software also has monitoring capabilities and comes with agents that need to be installed on remote Windows clients. Through these you can remotely manage clients via VNC and even launch applications.

InterMapper keeps an eye on the WAN/LAN links and prepares a diagrammatic representation of them. For example, if a WAN link goes down, it alerts the administrator on the InterMapper diagram chart.

For logging IT assets we used EZaudit, a PC auditing tool

The software comes for various platforms such as Linux, Windows, MAC, Solaris and

FreeBSD.

Logging IT assets



Mapping is important. But, what is equally important is to have an inventory of the connected hosts-the type of hardware/software and its build. This not only helps you to identify problem sources, but also to keep an eye out for bug reports, patches, etc. There are many tools available for this, such as MS Software Inventory Management and EZaudit. Since organizations have many more PCs and servers than switches and routers, asset-management software usually keeps an inventory of the former set. For other equipment, you could do a manual inventory.

We used EZaudit 6, which is a user friendly and powerful PC-auditing tool that gives you the PC configuration, CPU make and model numbers, BIOS information and installed applications. It can be installed on any Win NT or 2000 server and can be accessed by the clients through login scripts.

To run this tool, install EZaudit on the management console (one of the machines from which you are going to do your network management). Then, make the EZaudit folder found under \program files\EZaudit a shared folder. Now create a login script on your authentication server (normally a domain controller). This login script runs a scanner on the every client machine from the shared folder. The login script is a batch file that contains this line

\\myserver\ezaudit\ezstart.exe /auto

Where is the name of the authentication server. Auditing happens when a client logs in. So, in the beginning, you may have to ensure that every machine logs in properly.

For example, if some clients log into a Windows domain and some others into a Netware server, then the login script has to be added on both.

After auditing the clients, EZaudit creates a log file in the Program files\EZaudit\audit folder. The administrator can view the generated logs from the EZaudit console. The software is capable of giving reports in HTML, simple text and Excel.If you have fewer hosts and don't want to use a mapping tool, you can manually prepare the networking diagram.

Once you have mapped your network and logged your inventory, you are ready to start monitoring your network. Our next article talks about monitoring in detail. Meanwhile, do remember that mapping and auditing are not one-time activities. They need to be done at frequent intervals, as you network changes.

SNMP PROTOCOL

SNMP (Simple Network Management Protocol) is used for managing networks. It defines a client-server relationship between agents (the servers) and managers (the clients). A typical agent is a network device (router, computer, printer etc) that maintains information about its current state in a database called MIB (Management Information Base). MIB is a text file consisting of a series of attributes and its corresponding value stored in a standard format. Managers communicate with one or more agents to check their status and/or modify their state. All communication takes place using standard commands and message formats. The three main commands are: read (issued by the manager to read the current value of a variable for an agent), write (issued by the manager to update a variable for an agent) and trap (issued by the agent to report any event, such as the failure of a component, to the manager). Managers use the traversal operation to see which variables a particular agent supports.

The new version of SNMP, SNMPv2, offers many improvements over the initial specification. It includes more data types, such as bit strings, network addresses and counters up to 64-bit. However, one thing it still lacks is security. It does not support any kind of authentication, which is one of the main reasons many vendors prefer to use it for monitoring only (read) and not controlling (write). Work is underway on SNMPv3, which aims to offer enhanced security as well as other improvements.

OPENNMS:TO MAP AND MONITOR

In the Map your Network story we have talked about using software meant specifically for mapping networks. But, software such as OpenNMS, are more broad based and can be deployed for other aspects of network management. OpenNMS does mapping and monitoring, but does not have the alerting functionality. Its front-end Web interface can be accessed through

Tomcat from anywhere in the network. It is an open-source network-management solution that works on

SNMP.

To install, take a PCQLinux 2004 full install and first check that PostgreSQL, JDK 1.4 and Tomcat 4 are installed. If you need assistance in installing them, check our September 2002 issue. The latest OpenNMS can be downloaded from http://public. planetmirror.com/pub/opennms/releases/latest/linux-i386-redhat-8/RPM. You need the following (or newer) files in the /home folder of the Linux machine you are installing Open NMS on. 

rrdtool-1.0.35-0.onms.1.i386.rpm



sharutils-4.2.1-7.i386.rpm


metamail-2.7-25.i386.rpm


opennms-1.1.1-1.i386.rpm


opennms-webapp-1.1.1-1.i386.rpm

Now, open a terminal window.

#cd /home



#rpm —ivh rrdtool-1.0.35-0.onms.1.i386.rpm


#rpm —ivh sharutils-4.2.1-7.i386.rpm


#rpm —ivh metamail-2.7-25.i386.rpm

Check whether PostgreSQL Server is running by issuing:

#/etc/init.d/postgresql status 

If the response is “Postmaster is stopped”, start PostgreSQL server

#/etc/init.d/postgresql start

Now start Tomcat server.

#/etc/init.d/tomcat start

You need to give rights to the PostgreSQL database to create a database. For this open the '/var/lib/pgsql/data/pg_hba.conf' file and remove the '#' symbols before the following lines. 

local all trust



host all 127.0.0.1 255.255.255.255 trust

Now install OpeNMS by issuing: 

#rpm —ivh opennms-1.1.1-1.i386.rpm



#rpm —ivh opennms-webapp-1.1.1-1.i386.rpm

This will automatically create the database in PostgreSQL database.

To run OpenNMS, you have to create the environment for it. To do this, open the file /var/tomcat4/conf/ server.xml and add the following lines below 'Tomcat Examples Context'

reloadable=”true” crossContext=”true”>




homeDir=”/opt/OpenNMS/” />

Now restart Tomcat. 

#/etc/init.d/tomcat4 restart 

Now open the /opt/OpenNMS/etc /discovery-configuration.xml file and add the network subnet range that you want OpenNMS to monitor. For example,

 



172.16.1.1


172.16.1.254

Then go the /opt/OpenNMS/bin directory from a terminal and issue 

#sh opennms.sh start

To access OpenNMS interface, open any browser on the same machine and point it to 127.0.0.1:8080/ opennms (or through the IP address of the machine , from another client). It will prompt you for authentication. Give the username and password of OpenNMS (admin/admin). OpenNMS.>