November 27, 2012 at 09:40Monitoring Cisco, D-Link, 3Com, Zyxel Switches on a Zabbix System
Monitoring is one of the pillars of ensuring high availability of IT systems.
As a rule, system administrators, when installing a monitoring system, first of all configure it to check server parameters and detect the inaccessibility of services running on these servers. Of course, this is a priority, but do not forget about other equipment: UPS, air conditioning, network equipment.
In this topic, I will show how to solve the problem of monitoring active network equipment (i.e. switches, routers, etc.) in the Zabbix system using a couple of useful tools in half an hour. As a result, you can get a complete picture of what is happening on the network.
I think I will not be mistaken if I say that most system administrators have to work with the legacy "zoo" of equipment of various models and vendors. Fortunately, most models support the open SNMP protocol . It is through it that we will receive information about the status of network interfaces.
Suppose you already have Zabbix installed. To use SNMP you need:
Considering that each network port can have several monitored parameters, a typical switch has 24 or even 48 ports, and there can be dozens of switches in a network, manual configuration is too time-consuming.
To facilitate the task, you must use templates. The template contains all the necessary items, triggers and graphs - all that remains is to start a host and connect a template to it.
There are already many ready-made templates for Zabbix that you can either google or see in the manual .
If you didn’t find the right template, do not be discouraged: as a rule, manufacturers use standard OIDs from RFC1213 and RFC2233:
In addition, you can read the interface name, MTU, speed and other parameters. See the full list on the Cisco website .
Cisco Catalyst, as a rule, is supported additionally:
.1.3.6.1.4.1.9.9.109.1.1.1.1.5.1 - percentage of CPU load
.1.3.6.1.4.1.9.9.48.1.1.1.5.1 - used memory (in bytes)
.1.3.6.1.4.1.9.5.1.2.13.0 - temperature status (1 - normal, 2 - high, 3 - critical)
Noticing that the identifiers are standardized, I wrote a simple PHP script that allows you to generate an XML template for Zabbix with the necessary OIDs for all ports. We tested it on Cisco equipment (500G, 2960. 3550 and 3750), 3Com (2426, 2924, 2948), a pair of D-Link and Zyxel 4012. (Anyone who wants can download the source ).
The generator creates templates that can:
After you have generated and saved a template for the device, export it: go to Configuration → Templates and click the Import button in the upper right . Create a new Host or edit an existing one - bind your template to it.
If you want to change any parameters (for example, SNMP community), then this can be done directly in Zabbix: go to the template in Configuration → Templates , select the necessary elements with checkmarks in Items and select Mass update from the drop-down list .
As a result, you get nice graphics:
If a few minutes have passed after the template was added to the device, and the data from SNMP did not appear, you need to check whether the Zabbix server can read data from the device. This is done with the snmpget utility:
For example, we get the number of bytes sent on the first gigabit port for Cisco:
For non-Cisco hardware:
If you receive a message
The message
To read the complete list of parameters from the device, follow these steps:
GUI lovers can use programs such as MIB Browser to read SNMP data from the device.
The map will have to be painstakingly hand-drawn. Here you need to know a couple of tricks. To show speed above connecting lines between equipment, add a call to the corresponding item in curly brackets to the signature. For example:
Record 02-CS-42-3750: ifOutOctets.10112.last (0) means to get from the host 02-CS-42-3750 the last-time value of the ifOutOctets parameter (byte sent).
Also, in the Link properties, you can configure the line to display in red if the port falls down.
Unfortunately, Zabbix does not have a convenient tool for viewing the status of individual device ports, so I had to write it. Information is imported from Zabbix and displayed to the administrator in a convenient way: The
gray color of the port indicates that it is in down. The color from green to red changes depending on the port load. Gigabit ports are outlined.
The minus of the script is that it was written "for yourself", so the installation is rather clumsy (-: Download the sources and read readme. UPD 13.03.13 ( Version for Zabbix 2.0 )
We cannot but mention a possible problem with the performance of the zabbix server. Suppose that once a minute you get information about 11 parameters of each port of 50 24-port switches. The zabbix server database will be loaded with an average of 220 entries per second. For a weak machine, it can be unbearable. Therefore, it is recommended to limit the number of items or increase the inspection interval. We consider it sufficient to request port status, traffic, errors and broadcast packets every 60 seconds.
In the next version of the template generator, I would like to add the ability to get the rest of the interface parameters, the choice of line colors for graphs, the ability to specify port speeds for non-Cisco devices. Suggestions are welcome.
As a rule, system administrators, when installing a monitoring system, first of all configure it to check server parameters and detect the inaccessibility of services running on these servers. Of course, this is a priority, but do not forget about other equipment: UPS, air conditioning, network equipment.
In this topic, I will show how to solve the problem of monitoring active network equipment (i.e. switches, routers, etc.) in the Zabbix system using a couple of useful tools in half an hour. As a result, you can get a complete picture of what is happening on the network.
Turn on monitoring
I think I will not be mistaken if I say that most system administrators have to work with the legacy "zoo" of equipment of various models and vendors. Fortunately, most models support the open SNMP protocol . It is through it that we will receive information about the status of network interfaces.
Suppose you already have Zabbix installed. To use SNMP you need:
- enable SNMP support on the network device (commands vary by manufacturer)
- add the corresponding item to Zabbix - one for each parameter; to do this, specify the version of SNMP being used, the correct SNMP OID and SNMP community identifier (something like a username)
- add triggers to track unwanted item values
Considering that each network port can have several monitored parameters, a typical switch has 24 or even 48 ports, and there can be dozens of switches in a network, manual configuration is too time-consuming.
To facilitate the task, you must use templates. The template contains all the necessary items, triggers and graphs - all that remains is to start a host and connect a template to it.
There are already many ready-made templates for Zabbix that you can either google or see in the manual .
If you didn’t find the right template, do not be discouraged: as a rule, manufacturers use standard OIDs from RFC1213 and RFC2233:
| sysName.0 | node name | |
| .1.3.6.1.2.1.1.3.0 | uptime | |
| .1.3.6.1.2.1.2.2.1.8.X | port status: 1 (up) / 2 (down) | X is the port number; Cisco has a five-digit port number: 100XX for 100 Mbit ports, 101XX for 1 Gbit / s |
| .1.3.6.1.2.1.2.2.1.16.X | byte sent | |
| .1.3.6.1.2.1.2.2.1.10.X | byte received | |
| .1.3.6.1.2.1.31.1.1.1.5.X | broadcast packets sent | |
| .1.3.6.1.2.1.31.1.1.1.3.X | received broadcast packets | |
| .1.3.6.1.2.1.31.1.1.1.4.X | multicast packets sent | |
| .1.3.6.1.2.1.31.1.1.1.2.X | accepted multicast packages | |
| .1.3.6.1.2.1.2.2.1.17.X | unicast packets sent | |
| .1.3.6.1.2.1.2.2.1.11.X | accepted unicast packages | |
| .1.3.6.1.2.1.2.2.1.20.X | sending errors | |
| .1.3.6.1.2.1.2.2.1.14.X | errors in receiving |
Cisco Catalyst, as a rule, is supported additionally:
.1.3.6.1.4.1.9.9.109.1.1.1.1.5.1 - percentage of CPU load
.1.3.6.1.4.1.9.9.48.1.1.1.5.1 - used memory (in bytes)
.1.3.6.1.4.1.9.5.1.2.13.0 - temperature status (1 - normal, 2 - high, 3 - critical)
Template generator
Noticing that the identifiers are standardized, I wrote a simple PHP script that allows you to generate an XML template for Zabbix with the necessary OIDs for all ports. We tested it on Cisco equipment (500G, 2960. 3550 and 3750), 3Com (2426, 2924, 2948), a pair of D-Link and Zyxel 4012. (Anyone who wants can download the source ).
The generator creates templates that can:
- monitor interface parameters (see table above) and display them on the graph;
- set a trigger for a port drop;
- set a trigger to exceed the error growth rate on the port;
- Track CPU utilization, memory, and temperature for Cisco.
After you have generated and saved a template for the device, export it: go to Configuration → Templates and click the Import button in the upper right . Create a new Host or edit an existing one - bind your template to it.
If you want to change any parameters (for example, SNMP community), then this can be done directly in Zabbix: go to the template in Configuration → Templates , select the necessary elements with checkmarks in Items and select Mass update from the drop-down list .
As a result, you get nice graphics:
Debugging
If a few minutes have passed after the template was added to the device, and the data from SNMP did not appear, you need to check whether the Zabbix server can read data from the device. This is done with the snmpget utility:
snmpget -v версия_протокола -c комьюнити адрес_устройства OIDFor example, we get the number of bytes sent on the first gigabit port for Cisco:
snmpget -v 2c -c qwerty 192.168.1.1 .1.3.6.1.2.1.2.2.1.16.10101IF-MIB::ifOutOctets.10101 = Counter32: 2044250092For non-Cisco hardware:
snmpget -v 2c -c qwerty 192.168.1.2 .1.3.6.1.2.1.2.2.1.16.1IF-MIB::ifOutOctets.1 = Counter32: 1691279168If you receive a message
Timeout: No Response from ..., you need to make sure that SNMP is enabled on the device and the server is allowed to connect to the switch port 161 / UDP. The message
No Such Object available on this agent at this OIDindicates that the requested parameter is not supported. To read the complete list of parameters from the device, follow these steps:
snmpwalk -v версия_протокола -c комьюнити адрес_устройстваGUI lovers can use programs such as MIB Browser to read SNMP data from the device.
Network map
The map will have to be painstakingly hand-drawn. Here you need to know a couple of tricks. To show speed above connecting lines between equipment, add a call to the corresponding item in curly brackets to the signature. For example:
↑ {02-CS-42-3750:ifOutOctets.10112.last(0)}{02-CS-42-3750:ifInOctets.10112.last(0)} ↓Record 02-CS-42-3750: ifOutOctets.10112.last (0) means to get from the host 02-CS-42-3750 the last-time value of the ifOutOctets parameter (byte sent).
↑and ↓these are just ↑ and ↓ arrow codes for beauty. Also, in the Link properties, you can configure the line to display in red if the port falls down.
Port Status Monitoring
Unfortunately, Zabbix does not have a convenient tool for viewing the status of individual device ports, so I had to write it. Information is imported from Zabbix and displayed to the administrator in a convenient way: The
gray color of the port indicates that it is in down. The color from green to red changes depending on the port load. Gigabit ports are outlined.
The minus of the script is that it was written "for yourself", so the installation is rather clumsy (-: Download the sources and read readme. UPD 13.03.13 ( Version for Zabbix 2.0 )
Performance
We cannot but mention a possible problem with the performance of the zabbix server. Suppose that once a minute you get information about 11 parameters of each port of 50 24-port switches. The zabbix server database will be loaded with an average of 220 entries per second. For a weak machine, it can be unbearable. Therefore, it is recommended to limit the number of items or increase the inspection interval. We consider it sufficient to request port status, traffic, errors and broadcast packets every 60 seconds.
Plans
In the next version of the template generator, I would like to add the ability to get the rest of the interface parameters, the choice of line colors for graphs, the ability to specify port speeds for non-Cisco devices. Suggestions are welcome.