Steps to Actively Managing Your Network

These sections describe the steps that you can take to effectively troubleshoot your network when the need arises:

• Designing Your Network for Troubleshooting

• Preparing Devices for Management

• Configuring Transcend NCS

• Knowing Your Network

By designing your network for troubleshooting, you can access key devices on your network when your network is experiencing connectivity or performance problems. Having adequate management access depends on these design criteria:

• Position of the management station so that it can gather the greatest amount of network data through Simple Network Management Protocol (SNMP) polling

• Position of probes for distributed management of critical networks

• Ability to communicate with each device even when your management station cannot access the network

The following sections discuss how to design your network with the preceding criteria in mind:

• Positioning Your SNMP Management Station

• Using Probes

• Monitoring Business-critical Networks

• Using Telnet, Serial Line, and Modem Connections

• Using Communications Servers

• Setting Up Redundant Management

• Other Tips on Network Design

In a typical LAN, locate your management station directly off the backbone where it can conduct SNMP polling and manage network devices. The backbone is usually the optimum location for the management station because:

• The backbone is not subject to the failures of individual subnetworked routers or switches.

• In a partial network outage, the information collected by a backbone management station is probably more accurate than from a station in a routed subnetwork.

• The backbone is usually protected with redundant power and technologies, like Fiber Distributed Data Interface (FDDI), that correct their own problems. This redundancy ensures that the backbone remains operational, even when other areas of the network are having problems.

• The backbone is typically faster and has a higher bandwidth than other areas of your network, making it a more efficient location for a management station.

Make sure that the capacity of your backbone can accommodate the SNMP traffic that the management applications generate.

Figure 2 shows a management station that is set up at the network backbone and polling network devices.

Figure 2 SNMP Management at the Backbone

Although SNMP management from the backbone is a good way to keep track of what is happening on your network, do not rely on it exclusively. Because SNMP management occurs in-band (that is, SNMP traffic shares network bandwidth with data traffic), network troubleshooting using SNMP can become a problem in these ways:

• Very heavy data traffic or a break in the network can make it difficult or impossible for the management station to poll a device.

• Traffic that SNMP polling adds to the network may contribute to networking problems.

To minimize the frequency of SNMP traffic on your network, set up one or more Probes to collect Remote Monitoring (RMON) data from the network devices. In the distributed model illustrated in Figure 3, the management station uses SNMP polling to collect data from the probes rather than from all the network devices. Distributing the management over the network ensures you of some continued data collection even if you have network problems.

Many management applications support data from MIBs other than the RMON MIBs. For this reason, even if you are using RMON probes, some SNMP polling to individual devices from a key management station is always useful for a complete picture of your network.

Figure 3 Management at the Backbone with an Attached Probe

To extend your remote monitoring capabilities, use embedded RMON probes or roving analysis (monitoring one port for a period of time, moving on to another port for a while, and so on). However, with roving analysis, you cannot see a historical analysis of the ports because the probe is moving from one port to another.

Some probes, like 3Com's Enterprise Monitor, are designed to support the large number of interfaces that are found in switched environments. The probe's high port density supports this multi-segmented switched environment. You can also use the probe's interfaces to monitor mirror (or copy) ports on the switch, which means that all data received and transmitted on a port is also sent to the probe.

Probes do not indicate which port has caused an error. Only a managed hub (a hub or switch with an onboard management module) can provide that level of detail. Probes and a hub's own management module complement each other.

Monitoring Business-critical Networks

On business-critical networks, you need to increase your level of management by dedicating probes to the essential areas of your network. For detailed network management, it is not enough to gather raw performance figures - you need to know, at the network and conversation level, what is generating the traffic and when it is being generated. For this type of analysis, use reporting tools, such as Traffix Manager, and low-level, fault diagnostic tools, such as LANsentry Manager^®.

The three critical areas to monitor on this type of network are discussed in these sections and shown in Figure 4:

• FDDI Backbone Monitoring

• Internet WAN Link Monitoring

• Switch Management Monitoring

Figure 4 Probes Monitoring a Business-critical Network

FDDI Backbone Monitoring

On the FDDI backbone, you need to continually monitor whether it is being overutilized, and, if so, by what type of traffic. By placing the SuperStack^® II Enterprise Monitor with an FDDI media module directly at the backbone, you can gather utilization and host matrix information. Traffix Manager uses these data to provide regular segment utilization reports and Top-N host reports. In addition, the probe provides a full range of FDDI performance statistics that LANsentry Manager can record or that SNMP traps can report to the management station.

To ensure management access to the probe, provide a direct connection to the probe from your management station. You can use this connection to access probe data even if the ring is unusable and keeps management traffic off the main ring.

Internet WAN Link Monitoring

The Internet link is a concern for dedicated network management because it:

• Represents an external cost to the company

• Requires budgeting

• Is a possible security problem

In a way that is similar to monitoring the FDDI backbone, Traffix Manager reports can indicate whether you are paying for too much bandwidth or whether you need to purchase more. Traffix Manager can also indicate the level of use on a workgroup basis for internal billing and highlight the top sites that users visit. Similarly, you can monitor for unexpected conversations and protocols.

You also need to know the error rates on this link and whether you are experiencing congestion because of circumstances on the Internet provider's network. LANsentry Manager can record and display these statistics and provide a detailed real-time view.

Switch Management Monitoring

The third area of interest in this network is the large number of switch-to-end station links. When detailed analysis of these devices is required (for example, if one of the ports on the network suddenly reports much higher traffic than normal), you need to track the source of the problem and decide whether you can optimize the traffic path. In this case, you need a way to view the traffic on the switch port at a conversation level.

By placing a Superstack II Enterprise Monitor in a central location, you can easily attach it to the switches that have the most Ethernet ports as the need arises. By using the roving analysis feature of many 3Com devices, you can copy data from a monitored port to the port on the switch that is connected to the SuperStack II. When a problem arises, roving analysis is activated for a particular switch and LANsentry Manager or Traffix Manager collects the data from the SuperStack II Enterprise Monitor. These applications can then monitor the network data for the devices that are connected to that switch.

Using Telnet, Serial Line, and Modem Connections

To minimize your dependency on SNMP management, set up a way to reach the console of your key networking devices. Through the console, you can often view Ethernet, FDDI, Asynchronous Transfer Mode (ATM), and token ring statistics, view routing and bridging tables, and determine and modify device configurations.

Out-of-band (that is, management using a dedicated line to a device) console connections are also key to network troubleshooting. If the network goes down, your console connections are still available.

The types of console connections include:

• Telnet - Out-of-band and in-band access using a network connection. For example, on 3Com's CoreBuilder 6000 switch, using Telnet you can access the management console by using a dedicated Ethernet connection to the management module (out-of-band) and from any network attached to the device (in-band).

• Serial line - Direct, out-of-band access using a terminal connection. This type of connection allows you to maintain your connections to a device if it reboots.

• Modem - Remote, out-of-band access using a modem connection.

Figure 5 shows management of a device through the serial line and modem ports.

Figure 5 Out-of-band Management Using the Serial and Modem Ports

Sometimes, direct access to network devices through out-of-band management is the only way to examine a network problem. For example, if your network connections are down, you can Telnet to one of your key routers and examine its routing table. The routing table lists the devices that the router can reach, allowing you to narrow the area of the problem. You can also Ping from this device to further investigate which areas of the network are down.

Using Communications Servers

Although out-of-band management keeps you in contact with a particular device during a network problem, it does not inform you about all the areas of your network from a central point. You must access each device separately. To manage devices more centrally, you can set up a communications server (often called a comm server). See Figure 6.

Figure 6 Out-of-band Management with a Communications Server

For optimal benefit, provide two management connections to the comm server:

• Connect the comm server to the network (an in-band connection) so that you can access the devices from anywhere on the network using reverse Telnet.

• Connect your management workstation directly to one of the serial ports of the comm server (an out-of-band connection) so that you can access the devices when the network is down.

To ensure that a management station can always access the backbone, set up a redundancy system of management. In this setup, management applications (often different ones) run on separate management workstations, which are connected to the backbone through separate network devices or by using a network card.

This setup allows the management workstations to monitor each other and report any problems with their attached network devices. The redundancy system also provides a backup management connection to your network if one management station loses connectivity.

Other Tips on Network Design

This section provides some additional tips for designing your network for troubleshooting.

Management Station Configuration

• Configure the management station to run without any network connection - including NIS, NFS, and DNS lookups. Do not install Transcend^® on a network drive.

• Have more than one interface available on the management station, an arrangement called dual hosting. Connect vital probes to the second interface to create a private monitoring LAN (one without regular network traffic) on which network problems do not impair communication.

• Do not give the management station privileges on the network, such as the ability to log in with no passwords (rsh). Hackers can easily spot management stations.

• Connect the management station to an uninterruptible power supply (UPS) to protect the station from events that interrupt power, such as blackouts, power surges, and brownouts.

• Regularly back up the management station.

• Provide remote access through a modem to the management station so that you can keep track of your network's activity remotely.

• Use managed hubs to narrow which link is causing an error. Even if your budget does not allow you to manage all hubs, strategically install one managed hub for error tracking.

• Keep copies of all configurations on a file server and on the management station. See "Knowing Your Network's Configuration" for more information.