Nms Lab2 Omd

HELSINKI METROPOLIA UNIVERSITY OF APPLIED SCIENCES
Network Management in IP Networks
Lab 2: Open Monitoring Distribution (OMD)
Topology
SNMP Agent
Router2 DCE
Serial 0/0/0 Serial 0/0/1
DCE
Serial 0/0/0 Serial 0/0/1
SNMP Agent SNMP Agent
Router1 Router3
Fa 0/0 Fa 0/0 10.10.10.0/24

192.168.10.0/24
Fa 0/24 Fa 0/24
SNMP Agent SNMP Agent
SW1 SW2
Fa 0/5 Fa 0/6 Fa 0/18
PC 3
OMD
PC 1 PC 2
VM
Page 1 of 18
Addressing Table
Device Interface IP Address Subnet Mask Gateway
PC1 NIC 192.168.10.10 255.255.255.0 192.168.10.254
PC2 NIC 192.168.10.11 255.255.255.0 192.168.10.254
OMD VM NIC 192.168.10.12 255.255.255.0 192.168.10.254
PC3 NIC 10.10.10.10 255.255.255.0 10.10.10.254
SW1 VLAN1 192.168.10.253 255.255.255.0 192.168.10.254
SW2 VLAN1 10.10.10.253 255.255.255.0 10.10.10.254
R1 Fa 0/0 192.168.10.254 255.255.255.0 NA
Serial 0/0/0 172.16.10.1 255.255.255.252 NA
R2 Serial 0/0/0 172.16.10.2 255.255.255.252 NA
Serial 0/0/1 172.16.10.5 255.255.255.252 NA
R3 Fa 0/0 10.10.10.254 255.255.255.0 NA
Serial 0/0/1 172.16.10.6 255.255.255.252 NA
Objective
The objective of this lab is to get practical view of network monitoring with Open Monitoring
Distribution (OMD) software, understanding and experience on securing SNMP traffic,
availability and service monitoring using open source applications.
Page 2 of 18
Equipment and Tools
The following equipment and tools are needed to perform the laboratory exercises:
3 SNMP manageable routers (Cisco 2811)
2 SNMP manageable switches (Cisco 2960)
3 PCs
cables
Open Monitoring Distribution software running on a virtual machine on PC2
Apache HTTP Server
Working
Network Setup and SNMP Configuration
1. Set up a network as shown in the picture. Make sure that the start-up configuration file
is empty on each device. Copy the device configurations provided at the end of this
document. Verify end-to-end network connectivity (for example, ping between PC1
from PC3).
2. Start the virtual machine Ubuntu OMD on PC2.

User is "student", password is "student123".
The virtual machine running Ubuntu is a management station. The network adapter of
the virtual machine should be set to bridged mode (Player > Manage > Virtual Machine
Settings > Network Adapter). Check that only one Intel network adapter is chosen by
clicking on the Configure Adapter under the Network connection. Uncheck the check
box on the other network adapter(s). Make sure that it has correct IP settings (Ubuntu
Network Connections). Set the correct IP address if needed and check the addressing
table for IP addresses. Verify connectivity from the virtual machine using ping
command to other end devices.
3. Configure all the networking devices (switches and routers) to support SNMP v 1 with
the default community string "public" (the same way as you did in Lab 1).
Use snmpwalk to verify the SNMP configuration of each device from the management
device.
For example, you can use the following command to request the device name via SNMP
snmpwalk -v 1 -c public <IP address> 1.3.6.1.2.1.1.5
Page 3 of 18
Do not proceed, if you do not get a correct reply. Verify your configuration and make
sure that you get correct replies from each switch and router.
4. In this lab, we will use Check_MK monitoring software. Install the monitoring agent on
all the Windows PCs. You can find the application from the Desktop > NMS folder >
Soft > check-mk-agent-1.2.3il.exe. Follow the installation wizard and accept all the
default settings.
Familiarization with OMD and Initial Setup
"Open Monitoring Distribution (OMD) is a distribution with several monitoring cores and add-
ons. It makes open source monitoring easier while at the same time keeping all the flexibility."
[Mattias Kettner web site]
5. Open a browser in any of the lab PCs and access

http://192.168.10.12/mysite
You should be prompted with a username and password dialog box.
The default username is omdadmin and password is omd.
Once logged in successfully, you should be logged into the homepage of OMD.
Check_MK is an extension to the Nagios monitoring system, which is contained in OMD. You can
find different extensions to the OMD from this page. But for this lab purpose, we will be using the
Check_MK Multisite extension only. Click on Check_MK Multisite extension and it will take you
to the homepage of check_mk. WATO (Web Administration Tool) is Check_MK's new graphical
administration tool. It is a web based user interface for managing hosts and services to be monitored
using Check_MK.
6. To start with, we need to add hosts into the system for monitoring.
Scroll down to WATO Configuration. Click on Hosts & Folders at the bottom of the
menu from the left side under WATO Configuration.
Add all the Windows PCs using their names and IP addresses (New Host > add the
Hostname of the PCs under General Properties > check the box next to IP address and
give the IP address of the PC under the Basic settings)
Click "Save and go to Services". Here, you find all the available checks for this device.
By default, all checks are selected and will be applied. You can uncheck some of the
marked services to play around with the system that you think arent necessary. If you
do so make sure that you save the new check by clicking on "Save manual check
configuration" at the top left side.
Page 4 of 18
From the WATO Configuration > Hosts & folders you should see the highlighted button
"Changes". Click on it and Activate changes.
Make sure that status of the configuration was successfully activated.
From the left Menu go to Views > Services > All Services and make sure that the host with new
services appears there. Right after creating the new services, the devices will be in a pending mode.
If you want to see the result of the check immediately, in the Icons column, click the icon
"Reschedule an immediate check of the Check_MK service".
7. Add all the network devices except for R3 in a similar way to adding PCs, but choose
the Agent type under Host tags as "SNMP (Networking device, Appliance)".
Activate changes. After devices have been added to the system, wait for polling to be
executed.
From the left Menu go to Views > Hosts > All hosts and make sure that all devices are
present there, the state should be "UP".
Go to All services and make sure that the scheduled checks are performed successfully.
You might need to wait for a minute or two for a polling to be executed.
Explore the information available for each device.
Securing SNMP Traffic
SNMPv3 addresses the security issues of SNMP protocol. SNMPv3 provides three security levels:
noAuthNoPriv, authNoPriv, and authPriv. authPriv is the most secure level which enables
authentication and allows you to encrypt SNMP packets.
8. Configure the router R3 to support SNMPv3 level authPriv.
First, create a group ("mygroup"), select v3 security model and AuthPriv security level:
snmp-server group mygroup v3 priv
Next, create a user account and assign it to the "mygroup" group. We use SNMPv3 as a
security model and SHA for authentication. This user will use "authpass" as the
password. The encryption algorithm is AES 128-bit and the encryption key is
"privpass":
snmp-server user netadmin mygroup v3 auth sha authpass
priv aes 128 privpass
Verify SNMPv3 configuration of R3 by using

Page 5 of 18
R3# show snmp user
R3# show snmp group
Run this following command in console on the virtual machine to verify SNMP v3
snmpwalk v 3 -l authpriv -a sha -x aes -A authpass -X
privpass -u netadmin <IP address> 1.3.6.1.2.1.1.5
Do not proceed if you do not get the correct response (the device name).
Configure Check_MK to support SNMPv3:
Open Check_MK configuration file:

sudo nano /omd/sites/mysite/etc/check_mk/main.mk
Add the following lines after the very last line:
snmp_communities = [
#This host uses SNMPv3:
( ( "authPriv", "sha", "netadmin", "authpass", "aes",
"privpass"), [ "R3" ] ),
]
Nano commands: exit Ctrl x, save changes Y.
Go to Hosts & Folders, add the router R3. Make sure to choose "SNMP (Networking
device, Appliance)" as Agent type. Follow the same procedure as for other devices and
add services for R3. Activate changes.
Parent/child host relationships
Check_mk is a general purpose Nagios-plugin. Nagios web interface is mostly read-only, there are
several different configuration files that need to be created and /or edited. OMD provides the easy
way to configure Nagios. Nagios configuration is generated automatically based on Check_MK
configuration.
Page 6 of 18
9. Run the following commands to generate Nagios configuration and reload Nagios from
the command line of the Ubuntu OMD VM.
(Write out this command, copy and paste will not work!)
sudo su - mysite
(Enter a Student's password if asked)
check_mk O
Open the Nagios web interface (http://192.168.10.12/mysite/omd)

Click on Classic Nagios GUI.
Tip: It might be more convenient not to close Check_MK window. Open a new tab
Nagios has the same configuration as Check_MK. You can see all the host and services on the
corresponding pages
Current Status > Hosts
Current Status > Services
One of the Nagios features which are not available in Check_MK is a host map.
Go to Current Status > Map.
The map does not display the correct network state because we did not configure parent
relationships.
"In order for Nagios to be able to distinguish between DOWN and UNREACHABLE states for the
hosts that are being monitored, you'll need to tell Nagios how those hosts are connected to each
other from the standpoint of the Nagios daemon." [Nagios Core Documentation]
10. In Check_MK, you can define a list of parents in the host settings.
Go to Check_MK mysite > Hosts & Folders. Assign parents for each host. In the Action
column click the icon "Edit the properties of this host" (place the cursor over the icon to
see the pop-up text).
After setting the parent for the host, click "Save & Finnish".
The parent for SW1 is PC2 (because Nagios is run on the VM on PC2). The parent for
R1 and PC1 is SW1, for R2 is R1, etc.
Go back to Nagios web interface and open the map (Current Status > Map). You should
see the map of the network similar to the own shown below. If the displayed map is not
correct, check the parent settings in the host properties in Check_MK.
Page 7 of 18
"When hosts change state (i.e. from UP to DOWN), the host reachability logic in Nagios will
initiate parallel checks of the parents and children of whatever hosts change state. This allows
Nagios to quickly determine the current status of your network infrastructure when changes occur."
[Nagios Core Documentation]
Page 8 of 18
11. Disconnect the cable between R1 and R2. Monitor the map. Soon you will see the
change of the hosts status in the map. Notice that R2 is "down" and all the hosts behind
it are "unreachable". Host is only reachable if at least one of its parent hosts is reachable.
Plug in cable between R1 and R2.
Service monitoring
Network monitoring software can also perform service monitoring. It might be important to monitor
the status of a certain service and receive alerts if the service goes down. In this lab we will monitor
the Apache HTTP server.
12. Install Apache on PC3 from (C:\Users\Student\Desktop\NMS\Soft > httpd-2.0.65-

win32-x86-no_ssl.msi
Use the following parameters:

Network domain: localhost
Server Name: localhost
Administrator's Email Address: admin@localhost
Leave the rest settings as default. Apache will be started automatically after installation.
Verify Apache installation. Open a browser on PC3 and type http://localhost in the
address bar. You should see the page confirming that the installation of the Apache web
server software was successful. Do not proceed if you cannot see this page.
Create a new check for HTTP server running on PC3.

In Check_MK mysite go to WATO Configuration > Host & Service Parameters >
Active Checks (HTTP, TCP, etc.) > Check HTTP service > Create rule in folder.
The rule can be applied for a certain computer or group of computers). For simplicity,
we will apply the rule directly to PC3.
Mark the checkbox next to "Specify explicit host names" under Conditions > Explicit
hosts and enter PC3.
Give the name (for example, Web server) under the Value to the check.
Set Expected response time: Warning at 260 ms, Critical at 350 ms.
Save the rule and activate changes.
Go to Views > Services > All Services and find the newly created check under PC3 and
check the state of the service. Make the necessary changes to insure that the check status
is "OK".
Page 9 of 18
On PC3, open Apache Monitor (from the Task Bar) and stop Apache service. Go back to
All Services and notice the warning "HTTP Web server - Connection refused".
Start Apache again and make sure that HTTP check returns HTTP OK status.
Response time monitoring
It is often not enough to know that the service is up. The response time affects the service
performance.
13. Go to Views > Services > All Services. From the Icons column open the graphs for your
HTTP Web server service. The first one shows response time. Notice the average value.
You might need to wait for a couple of minutes for a graph to be formed.
Changing the clock rate of the serial interfaces on R1 and/or R2 can as well make a
difference on response time of the service running on PC3. There is only one network
route between PC3 and the virtual machine, so increase the clock rate at one of the
router interfaces will affect the whole connection speed.
Set the clock rate to 128000.
Notice the change in the average response time of the HTTP server.
Go back to All Services. You should see the warning if the response time is more than
100 ms.
You can also try to set the clock rate to 64000. This action should produce the critical
error alert if the response time is set to 100 ms. Change the values and see the different
response time.
References
Check_MK
http://mathias-kettner.com/check_mk.html
OMD
http://mathias-kettner.de/checkmk_install_with_omd.html
Nagios
http://www.nagios.org/
Page 10 of 18
Device Configuration
R1
hostname R1
!
no ip domain-lookup
!
interface f0/0
ip address 192.168.10.254 255.255.255.0
no sh
!
interface Serial0/0/0
ip address 172.16.10.1 255.255.255.252
clock rate 64000
no sh
!
router ospf 1
network 172.16.10.0 0.0.0.3 area 0
network 192.168.10.0 0.0.0.255 area 0
!
line con 0
logging synchronous
!
End
Page 11 of 18
R2
hostname R2
!
no ip domain lookup
!
ip address 172.16.10.2 255.255.255.252
no sh
!
ip address 172.16.10.5 255.255.255.252
clock rate 64000
no sh
!
router ospf 1
network 172.16.10.0 0.0.0.3 area 0
network 172.16.10.4 0.0.0.3 area 0
!
line con 0
logging synchronous
!
end
Page 12 of 18
R3
!
hostname R3
!
no ip domain lookup
!
interface f0/0
ip address 10.10.10.254 255.255.255.0
no sh
!
ip address 172.16.10.6 255.255.255.252
no sh
!
router ospf 1
network 10.10.10.0 0.0.0.255 area 0
network 172.16.10.4 0.0.0.3 area 0
!
line con 0
logging synchronous
!
end
Page 13 of 18
SW1
hostname SW1
!
no ip domain-lookup
!
interface FastEthernet0/1
shutdown
!
shutdown
!
shutdown
!
shutdown
!
!
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
Page 14 of 18
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
!
interface GigabitEthernet0/1
shutdown
!
Page 15 of 18
shutdown
!
interface Vlan1
ip address 192.168.10.253 255.255.255.0
!
ip default-gateway 192.168.10.254
!
!
line con 0
logging synchronous
!
end
SW2
hostname SW2
!
no ip domain-lookup
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
Page 16 of 18
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
!
shutdown
!
Page 17 of 18
shutdown
!
shutdown
!
shutdown
!
shutdown
!
!
shutdown
!
shutdown
!
interface Vlan1
ip address 10.10.10.253 255.255.255.0
ip default-gateway 10.10.10.254
!
line con 0
logging synchronous
!
end
Page 18 of 18

Nms Lab2 Omd

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Nms Lab2 Omd

Uploaded by

Copyright:

Available Formats

HELSINKI METROPOLIA UNIVERSITY OF APPLIED SCIENCES

Network Management in IP Networks

Lab 2: Open Monitoring Distribution (OMD)

SNMP Agent SNMP Agent

Fa 0/0 Fa 0/0 10.10.10.0/24

SNMP Agent SNMP Agent

Fa 0/5 Fa 0/6 Fa 0/18

Device Interface IP Address Subnet Mask Gateway

PC1 NIC 192.168.10.10 255.255.255.0 192.168.10.254

PC2 NIC 192.168.10.11 255.255.255.0 192.168.10.254

OMD VM NIC 192.168.10.12 255.255.255.0 192.168.10.254

PC3 NIC 10.10.10.10 255.255.255.0 10.10.10.254

SW1 VLAN1 192.168.10.253 255.255.255.0 192.168.10.254

SW2 VLAN1 10.10.10.253 255.255.255.0 10.10.10.254

R1 Fa 0/0 192.168.10.254 255.255.255.0 NA

Serial 0/0/0 172.16.10.1 255.255.255.252 NA

R2 Serial 0/0/0 172.16.10.2 255.255.255.252 NA

Serial 0/0/1 172.16.10.5 255.255.255.252 NA

R3 Fa 0/0 10.10.10.254 255.255.255.0 NA

Serial 0/0/1 172.16.10.6 255.255.255.252 NA

Equipment and Tools

Network Setup and SNMP Configuration

2. Start the virtual machine Ubuntu OMD on PC2.

Familiarization with OMD and Initial Setup

5. Open a browser in any of the lab PCs and access

Make sure that status of the configuration was successfully activated.

Securing SNMP Traffic

8. Configure the router R3 to support SNMPv3 level authPriv.

Verify SNMPv3 configuration of R3 by using

Configure Check_MK to support SNMPv3:

Open Check_MK configuration file:

Add the following lines after the very last line:

Nano commands: exit Ctrl x, save changes Y.

Parent/child host relationships

Open the Nagios web interface (http://192.168.10.12/mysite/omd)

12. Install Apache on PC3 from (C:\Users\Student\Desktop\NMS\Soft > httpd-2.0.65-

Use the following parameters:

Create a new check for HTTP server running on PC3.

Response time monitoring

You might also like