3 Replies Latest reply on Sep 7, 2012 4:15 PM by Richard Nicholson

    CISCO Inerfaces to monitor

    KLH456

      Question...

       

      What interfaces should I monitor on my Cisco Routers? Previously we had an NTA installation for just our division of the company. I had 3 routers to monitor. Rather easy, I monitored the Serial Connections to the T1 lines and the Gigabit connection to the LAN. After an upgrade I also began seeing MFR0 and MFR1 on our main router so I monitored those as well.

       

      Now that we are rolling out a worldwide system I am getting routers that have over 600 interfaces when it finds the resources. Not all active but a good number are active. There are at least 4 or more Gigabit interfaces and 30 Serial. I want to be sure we are monitoring the correct interfaces in order to report problems quickly when they occur. However, with this many showing I'm not sure which ones are actually critical.

       

      Any help would be appreciated

       

      Karen

        • Re: CISCO Inerfaces to monitor
          Richard Nicholson

          Interfaces can take your polling engine load up really quickly, so you do need to be careful. 

           

          It sounds like you are starting to poll a Hub/Spoke network with T1 Serial Frame Relay links.  I would first make sure I am monitoring the Serial links as these could be links to other branches, or customers that the router is supporting, but only active links of course.

           

          Other interfaces are on a need/want basis in my opinion.  The way I do it is I monitor uplink ports to other routers and switches, and only user ports if they are attached to something that is critical to my business/customer and I need as much viability to that interface/device that I can get.

           

          Also, see if you can work with anyone that manages the router/network so you can bounce questions off the provisioning/engineering group.  If you can't find anyone to help you and no documentation you can always add them all and back polling off a bit to bring the load on your poller down if it can't handle it all.  Then you can start to weed out some interfaces/devices after watching what they are doing for a week or two.

          1 of 1 people found this helpful
            • Re: CISCO Inerfaces to monitor
              KLH456

              Thanks Richard

               

              That gives me a few ideas to work with. The problem is, this NTA is attached to a 250 NPM installation so I am limited to 250 interfaces to monitor. That is where the problem is coming in. Since this is for the worldwide network, I believe we may just need to upgrade the license.

               

              I will get with some of the other network engineers and find out what they would like to monitor. It is difficult because as I said this is worldwide so time differences come into play.

                • Re: CISCO Inerfaces to monitor
                  Richard Nicholson

                  Ya find out what they want you monitoring is a must.. More so since you have a smaller license and each interface/node/volume count against the license. In your case you might need to go to the SLX model for unlimited nodes.

                   

                  Since it's world wide as well make sure your server will be able to hit those network segments that aren't local, and be able to get back to your server.  Remember when polling across WAN links or even Point to Point long haul transit links you can start running into Latency in your polls.  I had the same issue here at my job since we have an world wide MPLS mesh network and our branches are technically local on my LAN, but the transport distance still put me above some default thresholds for polling, and I had to adjust them per our network. 

                   

                  Depending on the size of your network and budget you have to roll this out; you may have good reason to talk management in to deploying SW servers locally in each pop or at least 1 in each major region to cut latency down to the NMS Engine, and control them from the EOC Console for a single point of view for each instance.

                   

                  Sounds like to start out you might just be monitoring the Point 2 Point links between your Points of Presence or (POP) IE transit links.  As well as some of the uplink ports between the respective equipment in each Data Center and your INET Gateway links at each place.  You might be able to do those critical links and stay under 250 objects depending on the size of the network though.

                  1 of 1 people found this helpful