Figure 1. Router Utilization Graph in Packets Per Second
Figure 2. CPU Utilization Graph
Basic SNMP Configuration On the Router
1. The routers' SNMP process is enabled
2. An SNMP read string is defined on the router
3. The SNMP read string is protected by an Access List for security (Optional)
Basic Configuration On the NMS (Network Management System)
1. The router IP is manually configured or discovered by the NMS creating a router object
2. An SNMP string identical to the one on the router is configured on the NMS router object
3. A polling schedule is configured
4. An SNMP MIB matching the router model is compiled on the NMS (optional)
5. The appropriate router counters are selected and polled by the NMS (optional)
Warning: SNMP is a very common and powerful tool for monitoring. However, it should be noted that SNMPv2 and below send the read and write strings in clear text across the network.
Common applications used to monitor routers include;
Nagios (Open Source)SCOM (Microsoft Corporation)Whats Up Gold (Ipswitch Inc)PRTG (Paessler AG)HP Openview (HP)Statseeker (Statseeker Pty. Ltd)Router Performance Monitoring
Forwarding Capacity
The rate at which a router can forward packets between networks is measured in PPS (Packets per Second).
Packet forwarding can be a limiting factor when it comes to network performance. Figure 1 shows a router utilization graph that seems to level out at approximately 6k packets per second. This is a typical graph from a device that has reached its packet switching limit. Generally speaking, the rate at which a router can forward packets is proportional to the price. Much in the same way that a PC with a faster CPU is expected to be more expensive than one with more modest performance.
Measuring throughput using Packets Per Second is not a precise science. This is because normal network packet sizes are dynamic. For example, in the example above the router may have forwarded a maximum of 6,000 packets x 1500 Bytes per packet. We selected 1500 because it is a common MTU (maximum transmission unit) for ethernet. In the event that every single packet was exactly 1500 bytes (highly unlikely!) the throughput would have been 9M Bytes per second (72M bits per second). In reality, a smaller percentage of the packets would have been the maximum of 1500 Bytes. In my personal experience, average packet size is around 400 Bytes but this is figure will vary from network to network depending on the type of traffic traversing it.
Forwarding capacity becomes particularly important when the router is connected to high speed links.
Figure 3. Availability Graph
ROUTER MONITORING
Network devices are normally configured to accept SNMP requests from monitoring stations and to send SNMP traps to syslog servers. SNMP can be a security risk if requests are not properly restricted.
Network management systems should be the eyes and ears of the network. Configuring basic polling consists of a number of mandatory steps.
The difference between these terms are critically important to network monitoring. How would you respond if a vendor stated that a device had high reliability but the availability was not guaranteed?
Discover the metrics and the features that are important when measuring router performance. Many engineers look at the interface speed as a performance indicator, but interface speed is rarely the bottleneck.
Router availability should not be confused with router uptime. A router may be up but not available because connectivity to the rest of the network has been severely impaired or completely severed. Router availability monitoring can be achieved using a simple PING (ICMP protocol) or by more sophisticated measures such as Cisco's IPSLA, Netflow or SNMP.
CPU
Forwarding capacity and CPU utilization generally go hand in hand. The workload on the router thrashes the CPU which in turn limits the packet switching capacity. Figure 2 shows CPU utilization spiking when the router is unable to cope with the workload.
CPU graphs can be good indicators of whether the router is either struggling to forward the quantity of traffic that it is receiving and/or that it is short on memory (used to create buffers).
Related Information
Discover metrics and tools that can indicate whether your server is coping with demand on its resources.
More information on utilization graphs and the interpretation of the readings.
QOS is a powerful tool for risk management, business continuity and performance monitoring.
Common symptoms and causes of slow broadband.
Memory
Available memory can affect the number of buffers the router is able to allocate for queuing and other critical functions. Just like a PC or a server a router should always have free available memory during operation.
Additional router features that can affect performance
Access Control Lists (ACL) - Router interfaces may support access lists that provide a level of security on incoming or outgoing traffic. The following Cisco IOS based access control list permits only web and email traffic to selected hosts on a network. Access control lists may add additional load on a routers CPU.
Access List Example
ip access-list extended onlywebandemail
10 permit tcp any eq http host 192.168.10.1
20 permit tcp any eq smtp host 192.168.10.2
Encryption - The popular IPSec framework enables a number of different encryption standards to increase data security in transit. Encryption and decryption may place a significant workload on the router CPU. If high throughput hardware encryption is required, specialized hardware should be considered to achieve this task without placing additional burden on the router CPU.
QOS - Quality of Service involves classification, marking and queuing. These functions may place an additional burden on the router CPU.
Compression - Any compression performed by a router can cause additional overhead on the CPU.
Debug - On Cisco routers, debugging actually takes priority over standard processes. Debugging should be used with extreme caution due to the significant impact it may have on the router CPU.
Custom Search
