RE: [nv-l] Unmanaged interfaces
2004-03-16 08:50:44
I think you've left out an important
assumption. You are talking about managing routers, and possibly
switches, and other large, multi-interface devices. If you have a
different monitoring need, say monitoring hundreds or even thousands of
individual single-interface devices, then ping is the way to go. It
is simpler, cheaper in terms of bandwidth, and quicker. That's why
NetView offers both methods.
James Shanks
Level 3 Support for Tivoli NetView for UNIX and Windows
Tivoli Software / IBM Software Group
"Barr, Scott"
<Scott_Barr AT csgsystems DOT com>
Sent by: owner-nv-l AT lists.us.ibm DOT com
03/16/2004 12:04 AM
|
To
| <nv-l AT lists.us.ibm DOT com>,
<nv-l AT lists.us.ibm DOT com>
|
cc
|
|
Subject
| RE: [nv-l] Unmanaged interfaces |
|
I believe it is. There are many reasons why - just a few
here....
1. It checks all the interfaces with one status poll.
The status poll not only contains the status (up or down) of each interface
but the intended status (Admin status).
2. SNMP is directed at one target address. This results
in Network management network traffic sticking to one path instead of pinging
all over the place. In most shops, (or at least many shops) the default
route for the company is out the internet gateway to the internet. If you
have any devices in your network that you SNMP discover but ping for status
poll, you will run into devices with address ranges they shouldn't ought
to be using. (Such as IBM SP2 which often uses 1.1, 2.2, 3.3 and 4.4 networks).
Well, since those are internal segments (thus non pingable) but you found
them via discovery, guess what... your default route carries those pings
out to the internet and pretty soon the actual owners of those addresses
get mighty annoyed with you trying to manage the internet for them.
3. Fewer security "exceptions". Only one exchange
of data necessary - pings would have to hit every interface and thus be
open via firewall to each interface. Very messy and in some cases dangerous.
4. ICMP packets are inherently the target of hacker attacks
(ICMP echo reply explotation). SNMP has it's vulnerabilties as well, but
it's darn easy to shut off an snmp agent then compared plugging every place
a ping can get through.
5. Some devices that are non-functional (Solaris in particular)
can be pingable but dead. SNMP requires a little CPU power so if the box
can't answer SNMP it probably isn't working but it might well answer pings.
In all fairness, SNMP is very expensive on bandwidth and
on resource consumption. But to be honest, if you do your homework, set
rational limits and optimize for it, you get much better views of your
network than with pings. I think they are more reliable and paint a more
realistic picture of the health of things.
-----Original Message-----
From: owner-nv-l AT lists.us.ibm DOT com on behalf of Christopher J Petrina
Sent: Mon 3/15/2004 2:55 PM
To: nv-l AT lists.us.ibm DOT com
Cc:
Subject: RE: [nv-l] Unmanaged interfaces
If all my devices are SNMP enabled and capable what would be the reason
to ever bother with PING'ing these devices vs. always SNMP polling them.
And is SNMP polling a more robust ( most reliable) method for devising
if a device is trully "up" or not?
-Chris Petrina
|
<Prev in Thread] |
Current Thread |
[Next in Thread> |
- RE: [nv-l] Unmanaged interfaces, Barr, Scott
- [nv-l] Unmanaged interfaces, Klingensmith, Debra L.
- RE: [nv-l] Unmanaged interfaces, Barr, Scott
- RE: [nv-l] Unmanaged interfaces, Klingensmith, Debra L.
- RE: [nv-l] Unmanaged interfaces, Christopher J Petrina
- RE: [nv-l] Unmanaged interfaces, Barr, Scott
- RE: [nv-l] Unmanaged interfaces,
James Shanks <=
|
|
|