I have a bunch of core routers where I'd like to monitor the health of the interfaces via ping. But somehow I can't seem to find an easy way to do this.
I've seen that the expectation is to rely on the core router to sent traps about interface up/down events. But that has proven to be unreliable.
Another approach is apparently to model each interface as it's own device. That's really cumbersome as we are talking about lot's of devices.
Yet a different approach seems to be using the method describe in http://community.zenoss.org/docs/DOC-2494 and adapting it to create an event on lack of inbound traffic on an interface as an indication that this interface must be down.
But all these approaches seem rather like a workaround to me.
What's the recommended way to accomplish what I'm looking for?
What exactly do you mean by the health of the interfaces ? You wand to know the up/down status or the amount of port errors ?
If you want to be notified on interface status change, you can use snmp trap or you may use the syslog messages generated by router. I had way much better results with the second approach and in my opinion, it is less complex.
Modeling each interface as its own device is not working at all. Up to the v3.1 Zenoss will not allow you to add or will refuse to model a device as soon as it discovers the IP address you're trying to use belongs to a device already monitored. The idea of creating an event class transform didn't work for me, I found myself flooded with events from thousands of interfaces going up and down on my access switches, on top of syslog messages with the same subject.
You are right, they are all workarounds and unfortunately none of them is a good candidate for a final solution.
Let's pray the Zenoss dev team got it right this time and v4 will allow us to see the interface status at all times without any other need for workarounds.
Thanks for the quick reply. What I mean with health of the interface is the following: Some boxes in my network don't behave that well with the status of their IPSec tunnels. Even if you completely take away their peer, they'll report the interface status as UP.
Initially it looked like these boxes would then at least not reply to pings on the local IPSec tunnel address. But replies to ping seems just as broken and random as some of the rest.
The best monitoring method so far and what I've actually done is adapting http://community.zenoss.org/docs/DOC-2494 to create events on lack of inbound traffic for a given interface. That is so far the best indication that something is wrong.
Please keep in mind that interface status has nothing to do with VPN status. As implemented in many devices, a VPN tunnel is at best a virtual interface while interface status as reported by SNMP in Zenoss is the layer 2 status of the physical interface.
So even if your IPSec peer is down or is taken away completely, your interface status is up because at layer 2 it is connected, up and running to the next hop switch or router. Pinging the IP address will not give you anything since it is a static configuration applied to a virtual interface or to a property of your device.
If you really want to detect when your IPSec tunnel si down, see your device capabilities looking for keepalive messages, snmp traps or syslog messages that you might use to be notified when the IPSec tunel is down.
Follow Us On Twitter »
||Latest from the Zenoss Blog »||Community||Products||Services||Customers||About Us|
Copyright © 2005-2011 Zenoss, Inc.