qvfps
asked on
Questions on Custom SNMP monitoring of a switch
I am trying to resolve an issue we are having with a remote site. They are convinced it is a network issue but I am not seeing anything. I have monitored the logs on the firewalls, I am running a ping monitor to the remote location and only seeing the occasional lost packet (single). I have setup MRTG to monitor throughput on the switches and routers. MRTG is configured to run every 5 minutes. When I am watching the firewalls directly I see spikes in traffic which only last for a short time and are not reflected in MRTG.
I want to be able to get more detailed information on the throughput of specific ports. I looked through the mib file and found ifInOctets (1.3.6.1.2.1.2.2.1.10.Port
It is my understanding that these show the cumulative octect count on the port so to get the throughput would do two gets, subtract them and divide by the amount of time between them. When I do this it is not matching what MRTG is showing for the same period.
Mrtg is showing average incoming at 24.46 and average outgoing 1.95 Mbps with the current in at ~28Mbps and current out at ~8Mbps
ifInOctets ifOutOctets
Value 3039619268 Value 2954776350
Value 3049468308 Value 2954776350
Value 3058557347 Value 2957324205
Value 3058557347 Value 2957324205
Value 3067486056 Value 2964854252
Value 3067486056 Value 2964854252
Value 3067486056 Value 2967502819
Value 3076914478 Value 2967502819
Value 3076914478 Value 2967502819
Value 3086236228 Value 2969702486
Value 3086236228 Value 2969702486
Value 3086236228 Value 2971971805
Am I using the wrong mib or am I calculating the throughput wrong?
What is the smallest increment of time I should be able to reliably use? I tried to run this every second and multiple times I received the same value back. Port 1 is used as an uplink so there should be traffic on it all the time.
I am currently testing this with an Avaya VSP switches and will be adding a Cisco firewall once I have this working
I want to be able to get more detailed information on the throughput of specific ports. I looked through the mib file and found ifInOctets (1.3.6.1.2.1.2.2.1.10.Port
It is my understanding that these show the cumulative octect count on the port so to get the throughput would do two gets, subtract them and divide by the amount of time between them. When I do this it is not matching what MRTG is showing for the same period.
Mrtg is showing average incoming at 24.46 and average outgoing 1.95 Mbps with the current in at ~28Mbps and current out at ~8Mbps
ifInOctets ifOutOctets
Value 3039619268 Value 2954776350
Value 3049468308 Value 2954776350
Value 3058557347 Value 2957324205
Value 3058557347 Value 2957324205
Value 3067486056 Value 2964854252
Value 3067486056 Value 2964854252
Value 3067486056 Value 2967502819
Value 3076914478 Value 2967502819
Value 3076914478 Value 2967502819
Value 3086236228 Value 2969702486
Value 3086236228 Value 2969702486
Value 3086236228 Value 2971971805
Am I using the wrong mib or am I calculating the throughput wrong?
What is the smallest increment of time I should be able to reliably use? I tried to run this every second and multiple times I received the same value back. Port 1 is used as an uplink so there should be traffic on it all the time.
I am currently testing this with an Avaya VSP switches and will be adding a Cisco firewall once I have this working
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I will continue to monitor the logs and see if I can identify the issue. I am leaning away from a network issue but since we just recently resolved one which was causing issues I need to prove its not so they don't just keep blaming the network.