NMIS - Network Management Information System

Table of Contents

Announcements
Sample Screens
FAQ
Latest Changes
Supported Platforms
Introduction
Features and Benefits
Installation
Required Packages
To Do
GNU License

NB: NMIS is still under development and that development is limited by fulltime work and life commitments. I have released it earlier then originally intended as I wanted to contribute something back to the Network Management Community which has helped me.

NMIS Version 0.8c is written and maintained by Keith Sinclair keith@sinclair.org.au

It is available @ SINS - Sinclair InterNetworking Services

The software has been released to the Public Domain under the GNU License. This means that it is free if you agree to the terms of the GNU License. If you would like the software under a different agreement please contact Keith Sinclair.

Download NMIS 0.9a Now!

ANNOUNCEMENT - Last updated 10 February 2001

NMIS 0.9a is available NOW! This includes several minor fixes to the logic and some more considerable changes like using SNMPv2 for collection on Routers and Switches. New options in the config file.
NMIS now produces a single metric which summarises the network.
FAQ's added.
The PING routine seems to be the biggest problem and I am working on a better cross platform fix but for now Linux users will have to apply there own patch as there seems to be some vast differences to PING across Solaris and Linux.
NMIS has been tested and updated to work with RRDTool 1.0.27, I found some unexplained core dumps with 1.0.28 so have decided to go back one and investigate those further.
Thanks to Gary Veum, Dave Packham, Stephane Monnier and Wade Miller for finding some of the problems and providing the feedback to fix them or help fix them.

Sample Screens - these "screen shots" are output from a production system but edited to protect the innocent. Some of the hyperlinks have been removed. A real system would have many hyperlinks to itself.

FAQ - Frequently Asked Questions. The questions and answers which people have asked. Please read before asking for help.

Supported Platforms - NMIS is written in Perl so theoretically if your toaster runs Perl and has an IP address it can run NMIS. Nearly all the development of NMIS has taken place on Solaris for Sparc and i386. NMIS should work on all versions of Unix, and if you have any feedback on how the install went, problems please let me know on feedback@sins.com.au so I can make some more permanent changes for future releases.

Introduction

NMIS stands for Network Management Information System. It is a Network Management System which performs multiple functions from the OSI Network Management Functional Areas, those being, Performance, Configuration, Fault.

It started as a SNMP polling and statistics viewer front-end to Tobi Oetiker's RRDTool. RRDTool replaces MRTG but doesn't include a front end and backend to handle SNMP polling and display resulting web pages etc. The original NMIS evolved quite rapidly to meet demands of production environments. The backend, polling engine, uses SNMP to collect interface and health statistics for Cisco Routers, certain Cisco Catalyst Switches and Generic SNMP devices every 5 minutes.

The backend stores the statistics in RRD's (Round Robin Databases) and ensures that devices are up, issues alerts, etc. The front end accesses the information stored in the RRD's and displays statistics the resulting graphs, reports, etc.

Both the front and back ends are highly extensible and features are easy to add as the structure is learnt. For example the backend was just collecting interface statistics every poll cycle, it was easy to add collection of health (cpu, memory, buffer, etc) and response time, availability.

I will continue to spell out more about NMIS but for now, have a look at the Features and Benefits, Install it and see what it can do.

NMIS is released as GNU software, please ensure that you read the license as by using this software you are bound by it.

Features and Benefits

Features

The entire network is summarised into a single metric, which indicates reachability, availability and health of all network devices being managed by NMIS.

Summary page for entire network with reachability, availability, health, response time metrics

Summary pages of devices including device information, health graph, and interface summary

Color coded events, status for at a glance interpretation.

Graphing of Interface, CPU, Memory stats for Cisco Routers and Switches.

Graphs can be drilled into.

Graphs produced on the fly.

Graphs can have varying lengths from 2hours to 1 year

Interface statistics are returned in Utilisation not just bits per second

Response time graphed and metrics for health and availability generated from statistics collected

Integrated Fault and Performance Management

Threshold engine which send alerts on certain thresholds.

Alert events are issued for device down or interface down

Event levels are set according to how important the device is

Events are "State full" including thresholds, meaning that an event is only issued once.

Notification engine can be expanded to handle any "command line" notification method, including email, paging, signs, speakers, etc

A list of current events is available and there is an escalation level and time the event has been active.

Events are logged

Outage time calculated for each down event

Planned outages can be put in so alerts are not issued

Reports for utilisation, outages, etc

Find functions which search based on strings in interface types and descriptions.

Dynamic handling of ifIndex changes and difficult SNMP interface handling

Integrated logging facility to view events and syslog messages.

Installation

The packages listed in the required packages first following the instructions for each of these packages, some of these packages will have there own dependencies.

After the required packages are installed you will need to unpack (if you already haven't) the NMIS distribution. The base directory <BASE> is up to you a Solaris way is to use /opt/<PROGRAM> like /opt/nmis. I use /data/nmis myself. The file system which has the database is going to need a lot of space. You can have the program and library files stored in one file system or directory and the data files stored in another directory.

File locations are controlled with the config.dat file, this is the link for the program files to read your configuration you can modify the source to have a different config file but all other directories and control files are stored in this files the default is /data/nmis/files/config.dat

Extract the distribution from the compressed tar file

Uncompress the distribution

gunzip <nmis distribution gz file>

Pick a base directory for the NMIS distribution like /data or /opt and untar the files

tar xvf <nmis distribution tar file>

Directory Structure

The basic directory structure is:

Directory	Required Size	Type	Description
<BASE>/bin	small	Program	directory for all program files - these will change with later releases
<BASE>/cgi-bin	small	Program	directory for CGI program files - these will change with later releases
<BASE>/files	small	Program	configuration files and some data files - these won't change
<BASE>/lib	small	Proram	library files - these will change
<BASE>/mibs	small	Program	mib files used by the program - these may or may not change
<BASE>/web	medium	Data	files which are generated for the web pages
<BASE>/system	medium	Data	system files - generated
<BASE>/database	LARGE	Data	database files are stored here - generated
<BASE>/logs	medium	Data	log files

At the moment you should make all directories listed in this file, might automate this later on. Might be a good idea to decide on a location for the data files and keep it separate from the program files as you are likely to upgrade to new program versions.

Create nmis users and groups

Not a bad idea to have someone own nmis from the unix permissions point of view, I create a NMIS user and group and put my own userid the HTTPD user and whoever else in the group of nmis and then administration becomes a little easier. I have already set the distribution to be owned by userid 4200 and groupid 4200.

For Solaris:

groupadd -g 4200 nmis 
useradd -u 4200 -g nmis -c "NMIS User" nmis

Setting the location of Perl in the scripts

So that NMIS runs properly you will need to edit all the perl scripts and change the top line which tells the script which shell to use currently this line would read:

#!/usr/local/bin/perl

This should work for 99% of people as this is the usuall location of Perl. If your executable lives somewhere else then you would need to change this ie:

#!/usr/bin/perl5

This should be done in nmis.pl, nmiscgi.pl, reports.pl, logs.pl and admin.pl.

Setting up Ping

Currently you must edit the ping subroutine to point to your platforms ping program, I am working on fixing this.

For Linuks a user suggested the following patch:

host$ diff NMIS.pm NMIS2.pm 
2444,2445c2445,2446
<       my $ping = "/usr/sbin/ping";
<       my $result = `$ping $node $timeout 2>/dev/null`;
---
>       my $ping = '/bin/ping -c 1 -w 10';
>       my $result = `$ping $node 2>/dev/null`;
2447c2448
<       if ( $result =~ /alive/i ) { $result = 100 } 
---
>       if ( $result =~ /time=/i ) { $result = 100 }

Adding devices to the device list

The nodes.dat file lists all the devices you want to manage, this is a CSV file where each line defines node,community,net,type,role,group,collect.

Where:

node = The Node
community = SNMP Community String
net = Network Type lan or wan
node type = switch or router
role = core, distribution or access
group = Nominal Location Group or the like
collect = true,false do or don't do stats collection

Adding links to the links list

More on this later, working on generating a lisk of Point to Point Links automatically.

Running NMIS

<nmis base dir>/bin/nmis.pl type=collect

Minimum! Runs collection for all nodes in the node list.

<nmis base dir>/bin/nmis.pl type=collect node=router debug=true

Will run NMIS for gw only doing a health collection and a interface collection with debuging on. Very handy for figuring out problems.

You can look at error messages in the file <nmis base dir>/log/nmis.log

Setting up web access

Apache should already be working, easiest thing to do is add aliases for the relevant directories ie:

Alias /nmis/ "<BASE>/web/"
ScriptAlias /cgi-nmis/ "<BASE>/cgi-bin/"

Add these entries to the apache configuration generally /usr/local/apache/conf/httpd.conf and restart apache either with the command or a kill -HUP on the daemon PID. Keep in mind file permissions for the HTTPD daemon and NMIS, I usually create a group called nmis and put myself and the HTTPD user into it.

Now all the CGI scripts and base docs and style sheets will be linked in. You should be able to see something at http://<HOST>/cgi-nmis/nmiscgi.pl and wallah you should have something there.

Event Management and SNMP Tools

The NET-SNMP nee UCD-SNMP has a bunch of great SNMP tools, obtaining and setting up this package compliments NMIS quite well. Some work is being done to investigate the use of the NET-SNMP Perl SNMP module in place of the current SNMP API. More info on NET-SNMP and setting it up is here.

Setting up SYSLOG for Cisco SYSLOG

Add the following entry to syslog

local7.debug /var/log/cisco.log

If the log matches the one in logs.pl you will be able to browse the cisco syslog messages and see what is happening.

Setting up LOG

Log is a tool which allows viewing of the logs which NMIS and syslog generate. It color codes and allows searching, filtering of the log files.

The config file is /data/files/logs.dat, A sample is included in the NMIS distribution.

Automate the whole lot with CRON

Add the following entries to run NMIS bits and pieces.

######################################################
# Run the Reports Weekly Monthly Daily
######################################################
54 23 * * * /data/nmis/bin/run-reports.sh day health
55 23 * * 0 /data/nmis/bin/run-reports.sh week health
5 0 1 * * /data/nmis/bin/run-reports.sh month health
0 18 * * * /data/nmis/bin/run-reports.sh day response
57 23 * * 0 /data/nmis/bin/run-reports.sh week outage
######################################################
# Run Statistics Collection
5,10,15,20,25,30,35,40,45,50,55 * * * * /data/nmis/bin/nmis.pl type=collect
######################################################
# Run the update twice a day
30 7,20 * * * /data/nmis/bin/nmis.pl type=update
# Run the interfaces once and hour with Thresholding on!!!
10 * * * * /data/nmis/bin/nmis.pl type=threshold

Required Packages

The following packages and versions are what NMIS was built on, it is highly likely that other versions of the same programs will work but I have not performed the regression tests.

The following MOD needs to be made to SNMP_MIB sub_loadoids.html this code can be added to the SNMP_MIB.pm file in the SNMP Simple Package.

Package	Version	Currently Testing	Author	Download
Perl	5.005_02 +	5.6.0	Larry Wall	http://www.cpan.org/ports/index.html
RRDTool	1.0.27	1.0.28	Tobi Oetiker	http://ee-staff.ethz.ch/~oetiker/webtools/rrdtool/download.html
SNMP Session	0.77	0.77	Simon Leinen	ftp://ftp.switch.ch/software/sources/network/snmp/perl/
SNMP Simple		N/A	Alan Nichols	http://www.sins.com.au/public/SNMP_Simple.tar.gz http://www.sins.com.au/public/SNMP_Simple_NMIS.tar.gz (already patched)
Time::ParseDate	99.111701	99.111701	David Muir Sharnoff	Time-modules-99.111701.tar.gz
Apache	1.3.11	1.3.12	Apache Project	http://www.apache.org/dist/
Image Info	0.04	0.04	Gisle Aas	http://www.perl.com/CPAN/authors/id/GAAS/Image-Info-0.04.tar.gz

To Do

Write installation script.
Make polling engine multi-threaded.
Enhance documentation.