Cisco Switching/Routing :: 494810ge - Counters Detail By SNMP?
Dec 5, 2012
Ive got a 494810ge switch, and this parameters are important for me:
sh int gi 1/4 counters detail
Port InBytes InUcastPkts InMcastPkts InBcastPkts
Gi1/4 252819467437788 173264735013 10827 760
Port OutBytes OutUcastPkts OutMcastPkts OutBcastPkts
Gi1/4 36657317030233 280590958051 5248439 5443194
Port InPkts 64 OutPkts 64 InPkts 65-127 OutPkts 65-127
Gi1/4 558420918 205564441592 2627477631 60865368994
Some parameters i can get by snmp (InBytes,InUcastPkts,InMcastPkts, and so on from out), but how can i take other parameters? I would like to do it by snmp but i did not find proper oids. Now I making a sheme like this: eem every 90 seconds takes this info and writes it down to file into nvram and then send it by scp to server, where file is processed by monitoring system script. It is not very good, cause cisco system cpu sometimes spikes of this and i dont know a resourse of nvram, how much times can i write to it?
I am attempting to monitor bandwidth utilization of the WAN port for the RV180 via SNMP and I am getting strange results. If a 256MB file is transferred from a remote server (without compression), the ifInOctets counter doesn't increment by anything resembling 256MB:
I'm reasonably certain that the .5 interface is the WAN port based on the value of ipAdEntIfIndex.X.X.X.X, but even if that were not the case, none of the other interfaces increment by a value close to the amount of data transfered. SNMP monitoring of a WAP121 on the same subnet returns expected results. I can only assume that SNMP on the RV180 is completely broken.
The router has the latest firmware available (184.108.40.206). There is only one network connection and the RV180 is the default gateway for all internal hosts.
I've got an SG300-10 connected back to back (trunked) with a Cisco 3560X switch, across a fibre link and am seeing some big inconsistencies in terms of unicast data transferred across the ports between them.
During a night time window of 4am - 6am I run backups which involves a large copy of files, that almost saturates a GigE link - we can see from the 3560X end that the link is running at a bit over 800MBit/sec of throughput, sustained. The duration of this transfer is consistent with the size of the files being transferred (ie just over an hour, and is what I'd expect for a data transfer of about that amount). Back-of-the-envelope calculations indicate that the 3560X is measuring this data throughput correctly.
However on the SG300 end of the link, which is also being polled by the same application (Cacti), I'm observing spikey counts of only around 20MBit/sec during that window. These counters are very obviously incorrect - there's a huge amount more data moving across the port than that. The incorrect calculations are showing on both the trunk port out of the SG300 (uplink) as well as the interface where the NAS is connected in (which is an access port).
Cacti is polling the OID: .220.127.116.11.18.104.22.168.1.16.57 which translates to IF-MIB::ifOutOctets.57 = Counter32.I'm running version 22.214.171.124 but this problem is not new to this release - previous releases and 1.2 based releases also had this problem.
It looks like multicast traffic may be being counted correctly (that's only a suspicion though), however what I am certain of is that there is a very large discrepancy with the unicast traffic counts.Is this OID the correct one to be using for this switch?
which models of HP ProCurve or Dell PowerConnect support 64-bit IF-MIB counters, or for that matter any other manufacturer (Zyxel?) (snmpv2 or v3, OID .126.96.36.199.188.8.131.52.1.1.6)I believe pretty much any Cisco Catalyst above a 2950 do, however don't believe any of the SG series do. I realize I could pick up a 2960G for $1500-2k and be good to go, but I forsee a larger switch purchase in the future, but still could use a switch in the meantime that was able to allow accurate monitoring of closet uplink bandwidth?
Any chance of one or preferably both of these before I flash the router to a more competent firmware?Rather ridiculous that there's no interface counters and no SNMP server. I prefer keeping stock firmware where possible but I need this functionality, it really isn't a big ask.That said I have an E4200 v1, which already looks like abandonware given it's been 6 months since the last firmware update - not amused and no intention of swapping a high performance router for one that sacrifices performance for better NAS functionality.
I have a question about SNMP OIDs for the command "show counters interface intx/y delta" on Catalyst6500. The customer wants to create graphs for the following values:Overruns, qos0Outlost, InErrors, OutErrors, InDiscards, OutDiscards etc..Is possible to get these values using SNMP?
I notice strange input rates on the interfaces of a 881 router:
show int fa4 .. MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec .. 30 second input rate 85000 bits/sec, 11 packets/sec 30 second output rate 16000 bits/sec, 9 packets/sec 221434 packets input, 287889736 bytes .. .. 142286 packets output, 15683576 bytes, 0 underrun
How can 11 packets/sec be 85000 bits/sec -- average packet size of 8KB?. The total packets input (221434 packets versus 287+ MB) also shows this kind of a 10KB+ average packet size. There is ahardly any traffic through the router when the above snapshot was taken so 11 packets/sec sounds right, but not the 85Kbits/sec.
The router is running c880data-universalk9-mz.151-4.M4.bin and config is simple with a single Vlan (inside NAT) with a public IPs on fa4 and a couple of IPs for dynamic NAT. Everything works fine except for these interface counters that look worng.
This is a continuation of my last post in which I need to apply ACLs to the physical ports within Etherchannels. The switch is a Catalyst 2970 running IOS 12.2. These Etherchannels are configured as trunks with 2 VLANS allowed on each trunk.I have applied an inbound ACL on the physical ports that filters based on layer 3 and layer 4 traffic. The issue that I am seeing is that the counters for the ACL are not increasing even though the ACL is clearly doing its job. At the end of the ACL I have an entry of "permit ip any any". Removing this from the list causes connectivity problems to the server on this port. Adding it back and everything is back to normal. However the counters don't increase. At first I thought maybe this wasn't supported on this switch but then I noticed the counter had increased to "2 matches" later in the day. What is the normal behavior is for this switch and does it support logging on an ACL entry as well.
I have been reading the postings on this site trying to retrieve the MAC address for the client devices (computers, printers) attached to our switches. We have approximately 500 switches and I need to map the mac address to the switch. It appears the OID information is for SNMP v2. We are restricted to using only SNMP v3. I have tried using the Cisco SNMP Object Navigator without any success.
Env: Configured Cat3560's L3 port and vlan port, enable OSPF routing, SNMP server, etc. The routing info can be shown by CLI show ip route. But, using SNMP MIB broswer to read IpRouteTable(OID.184.108.40.206.220.127.116.11.1, MIB-II, RFC1213), nothing returned, seems IpRouteTable is empty.I would like to know:
1. Cat3560 works as L3 switch, if it support SNMP IpRouteTable, RFC1213?
2. Where is the Routing table of SNMP, is there specific routing table OID?
3. All the L3 switch has this behavior, or just Cat3560 works like this?
Is there anyway to pull the usernames and passwords from a switch via SNMP or write a new username and password to switch via SNMP. I have switch that was apparently misconfigured and i am not feeling like driving all the way down there to console in.
I would like to test the possibility to reload devices via SNMP for new switches like 2960, 3560 and so on.I know that the command "snmp-server system-shutdown" has to be configured, then I need to send the set query to the device via SNMP.
I have found on the net the OID 18.104.22.168.22.214.171.124.9.9.0 but it belongs to an old MIB and doesn't seem to work with new switch models.
we are seeing network latency problems and our cpu on the 6509e is spiking and have a above average % for the past week or so. When we do see these spikes it seems that snmp and apr input is high
CPU utilization for five seconds: 75%/53%; one minute: 17%; five minutes: 14% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 9 1636168 95505 17131 4.19% 0.36% 0.34% 0 Check heaps =======> 12 478096 1011864 472 3.07% 0.12% 0.12% 0 ARP Input =====> 52 30420 436000 69 0.07% 0.07% 0.07% 0 Per-Second Jobs 53 317496 7789 40762 0.87% 0.10% 0.06% 0 Per-minute Jobs 220 55380 87807 630 0.07% 0.06% 0.07% 0 Compute load avg
we recently upgraded our 3560 switches to the new 12.2-55 ios version but have not upgraded our 6509 because its ios is on 12.2(33)SXJ1. Not sure if this is related or not but it seems that after we upgraded to the later ios that the latency started.over the last 24 hours the spike is several times an hour and at least one a day that it hits the 90 - 100 % mark.is there a way that we can limit what snmp view but would not effect functionality or network?
We have a stack setup with 2 C3750x-12s and 5 C3750x-48p switches. We have two of these stacks. One is working and responding with snmp just fine. Our second one is showing the errors in the logThe only difference i see between the two stacks right now are the sw versions.
i want use CACTI for monitor my bandwidth so i have a question how can i enable snmp for a switch port ? or i shoudl just enable snmp from configuratiopn terminal and then in CACTI i will choose which port will be monitor? can i do something that CACTI connect to my switch with a encryption key ? i have cisco 2960 48 port switch
Cisco LMS 4.0: Is able to forward SNMP traps (ver. 2c) received from device registered with it to a configurable IP address? • Traps contain the original Device Agent IP to identify the source (Not the IP of LMS)?• Is possible to configure one logical IP address or Domain Name for redundant LMS:Cisco Security Manager 4.1:Is able to forward SNMP traps (ver. 2c) received from device registered with it to a configurable IP address?• Traps contain the original Device Agent IP to identify the source (Not the IP of Security Manager)? • Is possible to configure one logical IP address or Domain Name for redundant Security Manager?