Highlighted
Absent Member.. Absent Member..
Absent Member..
205 views

DMVPN Network Monitoring - Challenge

We're currently running NNMi 9.10 to monitor Network Devices for Up/Down events.

 

A situation came up where we were unable to detect a large number of our spoke routers fail to connect to our hub router.

The Hub router remained online and thus NNMi never recorded a Hub Router Node Down event.

The spoke routers on our DMVPN network are located in small offices or home offices and are known to be powered off when not in use. We are not monitoring the spoke routers because of this and because the offices they are located in are of low impact to the company if they do go offline. However when large numbers of these locations are offline it would indicate to us that there is an issue with our Hub router.

 

So, how could we detect an event like this without having to monitor all of the spoke routers?

 

 

Tags (3)
0 Likes
5 Replies
Highlighted
Absent Member.. Absent Member..
Absent Member..

Re: DMVPN Network Monitoring - Challenge

I guess that if you only want to monitor the hub router then you need to look at what the hub router can provide you. So just thinking out loud for some places you could look:

 

  1. Can you track - via a custom poller - the number of active VPN connections?
  2. Does each spoke router have a vpn / modem / virtual interface on the hub router that you could monitor so that you can track if a certain number / percentage are down?
  3. Do you get alerts that can be used to indicate the 'creation' of a tunnel? And if so, could you set up some form of correlation / script that alerts if you don't get a certain amount dring  

I guess I'm being quite vague there and just suggesting answers, but without knowing the kit in question, the specifics of the devices and (say) the output of an snmpwalk I'm just throwing a few thoughts your way 🙂

0 Likes
Highlighted
Absent Member.. Absent Member..
Absent Member..

Re: DMVPN Network Monitoring - Challenge

This is all good. I was also thinking along the lines of #2. Our hub router is a Cisco 7204 and our spokes are primarily Cisco 1811 or 891.

I'm not familiar with any alerts that could be sent from that router to indicate a dropped connection or a created tunnel so I'll start with an snmp walk and see if there is anything there that I can use.

0 Likes
Highlighted
Acclaimed Contributor.. Acclaimed Contributor..
Acclaimed Contributor..

Re: DMVPN Network Monitoring - Challenge

Here's another idea.. Do your spoke offices have known business hours (like 9-5 and power can/should be off between 9pm and 7am) ? If you've got a pretty good idea of when they should be up, you can just build a simple script to change the management nmode of the spoke sites to unmanaged or out of service during the expected facility down time and then put them back into service during thier normal business operation hours. This way you'll be able to detect vendor outages at the edge.

 

 

Have a nice day 🙂

Andy Kemp
I've lasted longer in the technology industry than most certifications.
0 Likes
Highlighted
Absent Member.. Absent Member..
Absent Member..

Re: DMVPN Network Monitoring - Challenge

Actually that sounds like a good idea for an ER 🙂

 

Have NNMi be able to poll based on 'time of day' or 'day in week'.

 

For example, have a default setting on all polling that is 24*7*365 but then have the ability to change valid polling times. So have NNMi poll between 8-6 Mon-Fri at 5 min intervals, but outside of that time either polling is off or could be set to less often (hourly) dependent on type of functionality required. And be able to either select from some default time profiles or to have the ability to generate your own - similar to the old 'scheduled maintenance' type functionality that existed in NNM7.

 

Though it is already possible to use some time variables in incident mgmt:

$firstOccurrenceTime and / or $fot to represent the time the alarm was generated.

 

Could you suppress certain alarms alarms / dampen alarms where the time is within a certain range?

0 Likes
Highlighted
Acclaimed Contributor.. Acclaimed Contributor..
Acclaimed Contributor..

Re: DMVPN Network Monitoring - Challenge

Not yet.   If you use my suggested methodology when the nodes are set to unmanaged or out of service no alerts will be sent to NNMI or any north bound destination for those nodes. When they are put back in service they'll be eligible for display and forwarding again.

Have a nice day 🙂

Andy Kemp
I've lasted longer in the technology industry than most certifications.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.