Cisco - SNMP Management from the Mainframe

208 downloads 683 Views 862KB Size Report

This content was uploaded by our users and we assume good faith they have the permission to share this book. If you own the copyright to this book and it is wrongfully on our website, we offer a simple DMCA procedure to remove your content from our site. Start by pressing the button below!

Report copyright / DMCA form

DOWNLOAD PDF

702 0874_04F9_c1

1

© 1999, Cisco Systems, Inc.

SNMP Management From the Mainframe Session 702

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

2

1

Session Overview Introduction Installation Operation Miscellaneous 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

3

Tutorial: Experiences with the NetView/SNMP Interface

• The samples described in this session are provided by IBM TCP/IP for MVS version 3, release 2, level 0 • Tivoli’s TME 10 NetView for OS/390 was used for the testing 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

4

2

Documentation Resources

• IBM TCP/IP V3R2 for MVS: customization and admin. • IBM TCP/IP V3R2 for MVS: users guide • Managing TCP/IP Networks using NetView and the SNMP interface (GG24-3690) • SNMPREXX in TCPIP.SEZAINST 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

5

Terminology Used in this Presentation • SNMP—Simple Network Management Protocol • TCP/IP—Transmission Control Protocol/Internet Protocol • MIB—Management Information Base • ASN.1—Abstract Syntax Notation One(1.3.6.1.2.1.1…) 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

6

3

Terminology Used in this Presentation (Cont.)

• PING—ICMP Echo Application • hlq.—high level qualifier • CLIST—REXX or NetView CLIST • ISM—Internetwork Status Monitor

702 0874_04F9_c1

7

© 1999, Cisco Systems, Inc.

TCP/IP, SNMP and NetView Interface Address Space=NetView

Address Space=SNMPQE

1

7

SNMP CMD 2 8

Address Space=TCPIP

3

SNMPIUCV Task

SQESERV Socket Interface

6

Platform MVS

4

5

Internet to SNMP Agents 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

8

4

SNMP Installation

702 0874_04F9_c1

9

© 1999, Cisco Systems, Inc.

Samples Provided by IBM hlq.SEZAINST

Procedures Instructions MIB Table

hlq.SEZADSIM

SNMP Messages

hlq.SEZADSIP

SNMPARMS

hlq.SEZANPNL

Panels(122)

hlq.SEZADSIL

Load Modules

hlq.SEZANCLS

CLISTS (66) Code Point Tables(4)

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

10

5

Steps to Configure SNMP • Specify SNMP configuration statements in PROFILE.TCPIP • Specify SNMP port numbers in ETC.SERVICES data set • Configure the SNMP query engine • Configure the NetView interface as an SNMP monitor • Configure the SNMP agent (SNMPD) 702 0874_04F9_c1

11

© 1999, Cisco Systems, Inc.

PROFILE.TCPIP AUTOLOG SNMPQE SNMPD ENDAUTOLOG

; SNMP Query Engine ; SNMP Agent

OBEY IBMUSER SNMPD SNMPQE ENDOBEY PORT 161 UDP SNMPD 162 UDP SNMPQE 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

; SNMP Agent ; SNMPQE Agent 12

6

PROFILE.TCPIP (Cont.) SYSCONTACT Hal Liberty, extension 1234 ENDSYSCONTACT SYSLOCATION 7025 Kit Creek Road, Edgewater 2nd floor, room 298 ENDSYSLOCATION 702 0874_04F9_c1

13

© 1999, Cisco Systems, Inc.

Update ETC.SERVICES

snmp

161/udp

snmp-trap 162/udp

702 0874_04F9_c1

# snmp request port # snmp monitor trap port

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

14

7

Configure the SNMP Query Engine

Update SNMP Query Engine: Use procedure hlq.SEZAINST(SNMPPROC) Create MIB Data set: Copy hlq.SEZAINST(MIBDESC) into hlq.MIBDESC.DATA 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

15

SNMP Query Engine Parameters • MSSNMPMS—Optional data set for NLS support; it specifies the SNMP message repository Sample: hcl.SEZAINT(MSSNMP)

• SYSTCPD—Explicitly identifies which data set is to be used to obtain the TCPIP.DATA parameters Sample: hcl.SEZAINST(TCPDATA) 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

16

8

Configure NetView as an SNMP Monitor • Add: SNMP Task SNMP Command SNMPARMS SNMP Messages SNMP CLISTs SNMP PANELS SNMP Load Modules SNMP Automation Table SNMP Autotasks 702 0874_04F9_c1

17

© 1999, Cisco Systems, Inc.

NetView Updates • Add SNMP Task: SNMP TASK

MOD=SNMPIUCV,TSKID=SNMPIUCV, PRI=5,INIT=Y

• Add SNMP Command: SNMP CMDMDL MOD=SNMP,ECHO=Y,TYPE=R,RES=Y

• Add SNMP Messages DSIMSG

hlq.SDSIMSG1 hlq.SEZADSIM

• Add SNMP CLISTs DSICLD

hlq.USER.SEZANCLS hlq.DSICLD

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

18

9

NetView Updates (Cont.) • Add SNMP PANELS CNMPNL1

hlq.USER.SEZANPNL hlq.CNMPNL1

• Add SNMP load modules Steplib or add to linklist

• Add SNMP Automation Table Use hcl.SEZANCLS(SNMPAUTO)

• Add SNMP Autotasks 702 0874_04F9_c1

19

© 1999, Cisco Systems, Inc.

Sample SNMP Parameter Data Set (SNMPARMS) Member name: SNMPARMS * * SNMPQE SNMPQE

* Userid of SNMP Query Engine

SNMPQE OESNMQD1

* Userid of SNMP Query Engine

SNMPQERT 60

* Retry timer (seconds) for IUCV CONNECT

SNMPRCNT 2

* Retry count for sending SNMP requests

SNMPRITO 10

* Retry initial timeout (10ths of a second)

SNMPRETO 2

* Retry backoff exponent (1=linear,2=exponential)

SNMPMMLL 80

* Line length for Multiline Messages 38/44

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

20

10

Configure the SNMP Agent (SNMPD) • To configure the SNMP agent, perform the following tasks: Create a trap destination data set Create a community name data set Update the SNMPD cataloged procedure

Use Procedure hlq.SEZAINST(SNMPPROC) 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

21

SNMP Command Operation

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

22

11

SNMP Command SNMP GET host_name comm_name var_name1… SNMP GETNext host_name comm_name var_name1… SNMP SET host_name comm_name var_name1 var_value1 SNMP TRAPson net_mask desired _net SNMP TRAPSOFf filter_id SNMP MIBvname asn.1_name SNMP PING host_name 702 0874_04F9_c1

23

© 1999, Cisco Systems, Inc.

Sample: SNMP GET Command: netvasis SNMP GET 172.18.55.14 public 1.3.6.1.2.1.1.1.0 Response: SNM040I SNMP Request 9405 from HAL2 Returned the following response: SNM042I Variable name: 1.3.6.1.2.1.1.1.0 SNM043I Variable value type: 9 SNM044I Variable value: Sysname: OS/390 Nodename: MVSD Release: 05.00 Version: SNM044I Variable value: 2 Machine: 9672 SNM049I SNMP Request 9405 End of response 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

24

12

SNMP Command Notes

• GET, GETNext and SET can have up to ten variables • Total command restricted to 256 characters • Command is case sensitive 702 0874_04F9_c1

25

© 1999, Cisco Systems, Inc.

REXX Coding Considerations

• NetView CGLOBAL names will be uppercase Sample: tmiba.sysDescr becomes TMIBA.SYSDESCR

• Use “address netvasis” to execute SNMP Sample: address netvasis, “SNMP cmd” HOST COMM vvar1 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

26

13

Sample: SNMP PING

Command: SNMP PING 172.18.55.14 Response: SNM040I SNMP Request 9407 from HAL2 Returned the following response: SNM042I Variable name: 1.3.6.1.4.1.2.2.1.3.2.172.18.55.14 SNM043I Variable value type: 1 SNM044I Variable value: 2 SNM049I SNMP Request 9407 End of response 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

27

Comments on Samples

• Written in 1990 and unchanged • Simple usability changes suggested • May be dropped from TCP/IP • Samples: not supported

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

28

14

SNMPMGMT Samples

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

29

SNMPMGMT Provides: • • • • • • • • 702 0874_04F9_c1

PING function Group function Traps filters query/on/off Poll hosts Poll variables GET/GETN function SET function Trap to NPDA alert function

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

30

15

Output from TCP/IP Samples (SNMPMGMT)

702 0874_04F9_c1

31

© 1999, Cisco Systems, Inc.

PF4—Groups

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

32

16

PF4 Groups—#1 Output

702 0874_04F9_c1

33

© 1999, Cisco Systems, Inc.

PF5—Trap Support

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

34

17

PF-7 Poll Hosts

702 0874_04F9_c1

35

© 1999, Cisco Systems, Inc.

Selected Host 3

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

36

18

Index 3—Interface Details

702 0874_04F9_c1

37

© 1999, Cisco Systems, Inc.

PF8—Poll Variables

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

38

19

PF9 Get/Getnext

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

39

PF9 Get/Getnext output

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

40

20

Usability Changes (Suggestions)

• Change PF12 to PF3 • Change color from blue to turquoise • Change SNMP calls

702 0874_04F9_c1

41

© 1999, Cisco Systems, Inc.

PFK Usage

Change: keys.panel01="PF1 PF12

ENTER"

rout.panel01="HLP RETURN

GETINTF”

To: keys.panel01="PF1 PF3

PF12

rout.panel01="HLP RETURN

RETURN GETINTF"

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

ENTER"

42

21

Screen Color

Change: interpret "$IX"||i '="FA IN CB HD UN"' /* set disp attributes*/ To: interpret "$IX"||i '="FA IN CT HD UN"' /* set disp attributes*/ 702 0874_04F9_c1

43

© 1999, Cisco Systems, Inc.

Message Processing Change: jan="SNMP GET" HOST COMMUN mibsys1 mibsys2 mibsys3 'GLOBALV PUTT JAN'

/* put cmd in common global

*/

'TRAP AND SUPPRESS MESSAGES SNM040I' /* trap MLWTO message */ 'ISSCMD'

/* preserve upper or lower case*/

To: 'TRAP AND SUPPRESS MESSAGES SNM040I' /* trap MLWTO message address netvasis 'SNMP GET' HOST COMMUN mibsys1 mibsys2 mibsys3 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

44

22

SNMP Monitoring

• One can to the following: Periodically poll hosts Collect MIB variables Set trap filters

702 0874_04F9_c1

45

© 1999, Cisco Systems, Inc.

Performance Hints • • • • •

Use IP address to query hosts Put copy of MIB in NetView Build MIB table in NetView storage Use ASN.1 notation in commands Use NetView to find MIBvname, not TCP/IP Example: snmp get 172.18.55.14 public 1.3.6.1.2.1.1.1.0

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

46

23

Performance Experiences RUNCMD vs. SNMP Function: Collect Router CPU and MEM details and archive Router

RUNCMD

SNMP

A

.760 seconds

.08 seconds

B

.810 seconds

.08 seconds

C

.580 seconds

.08 seconds

Show Version/sysDesc Router

RUNCMD

SNMP

B

.17 seconds

.09 seconds

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

47

Security Considerations • NetView provides first level of security • Security is based on SNMP rules Target host must support SNMP Community names are used to control GET and SET

• Suggestions: Do not allow “SET” option Always suppress community name Always control security from the target host 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

48

24

Conclusions • SNMP management from main frame is viable • Performance can be excellent • TCP/IP samples are a good starter kit • Save TCP/IP samples before they are lost • Watch for future solutions 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

49

Why Is Cisco Looking at this Function?

• Provide the ability to mange Cisco products from the main frame • Provide alternate to the service point interface • Provide the ability to manage more than routers 702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

50

25

Questions?

702 0874_04F9_c1

51

© 1999, Cisco Systems, Inc.

Please Complete Your Evaluation Form Session 702

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

52

26

702 0874_04F9_c1

© 1999, Cisco Systems, Inc.

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

53

27