HP Open View NNM I Eng. Nouran Nawar
Feb 24, 2016
Day 1 SNMP Interaction HP Products HPOVNNM Installation OUR LAB Basic Component on NNM Home Base OVW Home Base Vs. OVW
Introduction Need to make control from single point.OSI specific management functional Areas:
Fault Management.Configuration Management.Accounting Management.Performance management.Security management.
SNMP use a simplest command between Manager and Agent, using UDP/IP. “connection less”
Most of communication start by a manager. Agent communication is response for manager. SNMP Traps: Agent start communication when predetermined
even occur.
Polling
SNMP Agent communication protocol
SNMP MANAGER
AGENT
MIB
SNMP GetResponse
SNMP Set
ResponseTraps
MS MN
MIB : Management Information Base. SNMP agent listen to port 161 UDP. SNMP Manager listen to port 162 UDP “Traps”.
Protocols Msgs of SNMP1. GET2. GET_Next3. Get_Bulk (v2)4. Inform (v2)5. Set6. Response7. Traps
Msgs sent by MS to MN
Msgs sent by MN to MS
SNMP Versions SNMP v1
GET, Get Next, Set, Trap
SNMP V2 Get Bulk, Inform, SNMP V1
SNMP V3 Proxy Agent, Authentication , SNMP V1, SNMP V2
SNMP V2c
MIB Access to device configuration Standard Method to set or get data fro MN MIB: piece of status or configuration MIB object
NAME + Access + Type + Descr.
Access : read + write MIB Tree
MIB Example Symbolic
.iso.org.dod.internet.mgm.mib-2.system.sys.sysDescr.0
= Numeric
.1.3.6.1.2.1.1.1.0 Fully Qualified MIB object name = object ID dot
notation(.)
Instance ID
SNMP community Name Community name to provide a level of security for SNMP. By default: get community name is “public” Set community name: modify configuration.
HP Hewlett Packard HP open view advanced security HP open view Dynamic Net value analyzer HP open view Glance plus HP open view ISP HP open view Internet usage HP open view Network Node manager HP open view Performance manager HP open view performance insight
What does NNM provide? Map to your NW. Discover layer#2 & layer#3 connectivity Event Management and Alarm Browser SNMP data collection, MIB graph for any variable Data ware house, Archive NW data Report Web based GUI Mange HSRP, MPLS “SPI” smart plug in
NNM Product structure NNM Starter Edition “SE”
Small NW, 250 node
NNM Advanced Edition “AE” Discover unlimited nodes, VLANs, MPLS, VPN, WAN
HP NNM-I Certificate HP0-632
HP Open view prerequisites Your machine has a static IP NOTE: “Changing IP Make the HP Stop working” IIS windows Component SNMP Java J2re “Java 2 Runtime Environment, Standard Edition
1.4.2_06 ” min JPI 1.4.2.01 DNS Suffix and restart.
LAB Delete switch configuration. Enable SNMP on “our lab sw”. Give the switch suitable name, IP, GW. Enable SNMP, put community name, SNMP version, Traps, All steps CH:26 Cisco_3560_Guide Save your configuration
1.1.1.1.
Home Base http://1.1.1.1:7510 Dynamic views Node status summary Alarm browser Dynamic summary Discovery progress
Starting OVW Cmd ovw Basic windows Root Internet NW Segment Nodes. “Ipmap” service create IP sub-map hierarchy. Relation between maps and sub-maps like parent and child.
Administrative status
Symbol propertiesOperational status
Dark blue: unknown
Green: normal Cyan: warning Yellow: minor Orange: major Red: down
Unmanaged Testing Restricted disabled
ovw Help Symbol legend View Zoom View Label Map Print “Unix only” Edit find Location an object Access object properties capabilities you can not change
general attributes rarely changed Map Map snapshots cmd ovmapsnap
Dynamic Views
OVW vs. Dynamic viewsOVW Need OS login Edit map NNM be installed on
machine Snapshots Background Quick navigator Edi find
Remote administration
Tomcat alarm Scaled well View find File print preview Poster printing
How IP discovery? MS discover itself, using IP, SM. DGW. Discover DGW. MS discover ARP cache. SNMP community must be known. Every 15 min, repeat polling. “netmon” services run at background use ICMP and SNMP
over UDP to find nodes at network.
Control Netmon discovery Loadhost command Cmd loadhosts –m 255.255.255.0
172.169.1.215 3560
172.19.1.213 nouran-pc
Useful commands: Ovstart –c Ovstart –v Ovstop Ovstatus –c
How to secure Home Base? C:\Program Files\HP OpenView\bin\dvUsersManager.ovpl It will edit in C:\Program Files\HP OpenView\tomcat\jakarta-tomcat-
4.0.4\webapps\topology\WEB-INF\dynamicViewsUsers.xml
If it will not work, C:\Program Files\HP OpenView\tomcat\jakarta-tomcat-4.0.4\
webapps\topology\WEB-INF Uncheck <security-constraint> section.
Out line Launcher Network Presenter Monitor NW Activity Discover your network with Netmon Controlling Netmon discovery
Launcher View your network by Network Presenter “read only”. Start launcher on windows:
Ovw tools hpopenview launcher. http://172.19.1.212/OvCgi/ovlaunch.exe
Start Launcher on Unix: http://172.19.1.212:3443/OvCgi/ovlaunch.exe
Launcher Cont’d Tasks: Access to task operation. Configuration Event Correlation. Configuration web reporting interface. Information & Reports:
MIB Browser. NNM Alarms. Web Reporting interface.
Tools: NW Presenter Alarm Browser Event corrleation SNMP Data presenter SNMP MIB Browser Web Reporting
Launcher Access maps from network presenter. Open a map other than the default map. Network presenter needs ovw map is opened. Any change in ovw reflect in the same time in
Launcher_network presenter.
Network presenter Vs. OVW There are features in NW presenter, and Not available in NNM-
MS. Scoping pane Tabular View Scroll bar in content area
Features in ovw and not in NW presenter: Map description dialog box Sub map and map snapshots
Interaction between OVW and NW presenter
For example: When you add symbol it will be added in NW presenter. Mange/unmanage symbol it will be reflected. Sub map in ovw, nothing happened. Delete submap in OVW, reflected.Note:To make launcher open other than the default map:http://cn_nouran.cisco.com/OvCgi/jovw.exe?mapname=map1
Jovw.exe is NW presenter
Monitor Network Activity Check the network connectivity. Check a node’s network configuration. Check the amount of network activity. Check for alarms.
Remote Ping1. Select a source node (click on the symbol).2. Select a destination node (control-click on the symbol).3. Invoke the Remote Ping dialog box from the Fault: Network
Connectivity: Remote Ping menu item.
Path View Shows the shortest path between any two nodes Extremely useful for troubleshooting It has Graph and table tab.
Other Fault Testing Tools Status Poll Trace Route Capability Poll (Windows only) Event Viewer (Windows only, ovw only) Diagnostics (Windows only, ovw only)
Performance Monitoring Tools Network Activity System utilization such as CPU Load, Disk Space, or the
Windows Performance Monitor Network Polling Statistics
Netmon Discovers network nodes. Ovcapsd Checks for DMI and web capabilities (Windows only) Ovtopmd Maintains the topology and object database.
Default Discovery Process ovstart starts ovspmd. ovspmd starts netmon. netmon queries the NNM management station’s SNMP agent for
configuration information, which includes: IP Address Subnet mask Default Route ARP Cache
For each new IP address found in the ARP Cache or Default Route from the previous step, ping it to make sure it is alive, make an SNMP query to determine the SNMP version supported, then use SNMP to retrieve the configuration information noted in step 3
Controlling Netmon Discovery Tell netmon to discover more by managing nodes.
Edit Manage Object
Loaclhosts command Cmd loadhosts –v –m –p 255.255.255.0 -c 10.1.1.1 -v verify -m subnetmask -p ping host -c start by 1.1.1.1 tell next 99 IP Cmd loadhosts –m 255.255.255.0
1.1.1.1 koko
Controlling Netmon Discovery Ovsuf file: file containing background process, stratup config. Its location “C:\Program Files\HP OpenView\conf” It is a notepad file, read-only file. To modify LRF : Local Registration file:
Ovstop process Backup netmon file Edit netmon Ovdelobj netmon.lrf delete netmon entry from ovsuf Ovaddobj netmon.lrf add netmon entry from ovsuf Ovstart netmon or Ovtopfix –l -i
Controlling Netmon Discovery Giving netmon a seed file to speed up initial discovery.1. Cmd Ovstop netmon2. Create a seed file, give MS the router and gateway, should be
stored in “C:\Program Files\HP OpenView\conf\seed”3. Modify LRF “netmon.lrf” edit the file –s
{pathOVs_YES_START:ovtopmd,pmd,ovwdb:-P -s c\:/seed:OVs_WELL_BEHAVED:15:PAUSE}
4. Cmd cd C:\Program Files\HP OpenView\lrf5. Ovdelobj netmon.lrf6. Ovaddobj netmon.lrf7. Optional Redo Initial Discovery8. Restart netmon cmd ovstart netmon
Redo Initial Discovery Stop NNM
Cmd ovstop –c
Remove folder content, “HP OpenView\databases\eventdb” and “HP OpenView\databases\openview”.
Start NNM Cmd ovstart –c
Definitions Trap : A specific message that is sent by an SNMP agent to UDP
port 162 (the default) of the NNM management station is called a trap, or snmptrap. These messages always originate from outside the NNM process structure. They are received by ovtrapd for processing into NNM.
Event : An internal message format resulting from a trap which has NNM header information added to it, or a message that occurs between two NNM processes. It indicates an incident of interest, regardless of the source of the incident.
Alarm: After an event has been received, processing of the event occurs. The result of the processing is an alarm. Not all events result in alarms, but every alarm is the result of one or more vents.
NNM Event Processing When an incident does occur, the involved NNM process or
SNMP agent generates and sends an event to NNM’s pmd process. Events sent by SNMP agents are called SNMP traps.
NNM services can request information from outside the management station. For example, netmon polls the network for discovery of objects.
Services can send events to each other. For example, the pmd service sends alarms to the ovalarmsrv process to display the alarms in the alarms browser.
NNM Event Processing If the event comes from outside the management station, it is
received by ovtrapd. ovtrapd sends the event on to the postmaster, pmd. pmd sends all events, whether from ovtrapd or another
process, through the Event Correlation System (ECS), where the events are processed.
Some of the events may be sent to processes that have subscribed to them. Other events may be correlated. Sometimes a new event, or alarm, is generated.
Alarm Browser ovalarmsrv subscribes to all alarm events. For example, netmon polls a device to see if it is up and
running. When the device returns an event that says it is up, ovalarmsrv does not get the event. However, if the device does not respond, then an alarm results saying the device is unreachable. This alarm is sent to ovalarmsrv and appears in the alarms browser.
The ECS system correlates some events. For example, netmon continues to poll the device that is not
responding. Each time there is no response, an event occurs. After the first event, ECS correlates the events. In the alarms browser, you only see the first event.
Correlation of events can be turned on or off.
Event Correlation System ECS provides correlations for use with NNM which produce one
of the following actions: Pass Through - The event passes through ECS with no change. Suppression - The event is suppressed within ECS. This event is
not broadcasted to the NNM process. Associated or correlated - The event is correlated with another
event. A parent child relationship is set up with the events. New event - A new event is generated as a result of the original
event.
Configuring Events size To change the Alarm Browser size; ovalarmsrv:ovalarmsrv: OVs_YES_START:pmd:700:OVs_WELL_BEHAVED:120:PAUSE By default: 3500 events
BES BSE: Binary Event Store Log event. By default, incoming events and correlated alarms are
logged to the Binary Event Store. The maximum size of the binary event store can be changed by modifying pmd.lrf. To increase the size of the binary event store from the default of 16 MB to 32MB:
Edit pmd.lrf and add the option shown in the example below: pmd:pmd: OVs_YES_START_::-SOV_EVENT;b32:OVs_WELL_BEHAVED:15:PAUSE: cd OV_LRF (on UNIX) or cd %OV_LRF% (on Windows) ovaddobj pmd.lrf ovstop pmd ovstart -c
Exploring and Using MIB DataDescribe the purpose and structure of a MIB.Distinguish between MIB objects and
instances.Browse a node’s MIB from the GUI, web
interfaces, or command line.Graph a MIB object’s value as it changes.Load additional MIBs for management.
MIB Object Definitions Name. Uniquely defines the MIB object at the current level in
the MIB hierarchy. ACCESS:
read-only. The value of the object may be retrieved (for example, snmpget) but not changed.
read/write. The value of the object may be both retrieved and changed (for example, snmpset).
MIB Object ID, Object and Instance
•Symbolic Representation — used by people
•Numeric Representation — used by computers
Common SNMP-Related CommandsSNMPGET Retrieve a single MIB object value (SNMPv1).SNMPWALK Make multiple requests to retrieve all MIB object values under a certain branch of the MIB hierarchy
(SNMPv1).SNMPSET Set the value of a single MIB object (SNMPv1).
ExrecisesMIB Browser: .iso.org.dod.internet.mgmt.mib-2.at.atTable.atEntry.atPhysicalAddress .iso.org.dod.internet.mgmt.mib-2.ip.ipDefaultTTL .iso.org.dod.internet.mgmt.mib-2.system.sysName Cmd snmpget node_name .iso.org.dod.internet.mgmt.mib-
2.system.sysName MIB_object_ID: .iso.org.dod.internet.mgmt.mib-
2.interfaces.ifTable.ifEntry MIB Instance: 1
Cmd snmpwalk target_node .1.3.6.1.2.1.1 Cmd snmpget target_Node .1.3.6.1.2.1.1
How To Copy Configurations To and From CiscoDevices Using SNMP1. Download MIBs from ftp://ftp.cisco.com/pub/mibs2. Prerequisites MIB:
CISCO−SMI−V1SMI.my SNMPv2−TC−V1SMI.my CISCO−CONFIG−COPY−MIB−V1SMI.my CISCO−FLASH−MIB.my
How To Copy Configurations From Cisco Devices Using SNMP to TFTP Server3. @ MS: cmd snmpset −v 1 −c private <device name>
ccCopyProtocol.<random number> integer 1 ccCopySourceFileType.<Random number> integer 4 ccCopyDestFileType.<Random number> integer 1 ccCopyServerAddress.<Random number> ipaddress "<server ip address>" ccCopyFileName. <Random number> octetstring "<file name>" ccCopyEntryRowStatus.<Random number> integer 4
-v: version -c : community NameInteger 1 : TFTP protocolInteger 4 : Running-Config4. Install TFTP server
How To Copy Configurations From Cisco Devices Using SNMP to TFTP Server
snmpset -v 1 -c cisco 172.19.1.215 ccCopyProtocol.12 integer 1 ccCopySourceFileType.12 integer 4 ccCopyDestFileType.12 integer 1 ccCopyServerAddress.12 ipaddress "172.19.1.212" ccCopyFileName.12 octetstring "backup" ccCopyEntryRowStatus.12 integer 4