152
You are also given the option to walk a subtree. This option will attempt to retrieve all the object values for leaves under the current node. This can be quite lengthy depending on where you are in the
tree. Figure 7-11
shows the last few entries under ip. Most of the values have scrolled off the window.
Figure 7-11. Walk for IP
SNMP Tree provides a nice visual display, but it can be a little easier to move around with the MIB Browser. Take your choice.
7.2.3.4 Monitoring SNMP objects
In much the same way you monitor devices, you can monitor SNMP objects. First, you will need to identify the object you want to monitor. This can be done using the techniques just described. With
MIB Browser you can select monitoring at a leaf. Alternately, you can select SNMP-Monitor Monitor Variable. This is a little easier if you already know the name of the object you want to
monitor. A pop-up box will request the name of the object to monitor. Type in the name of the object and click on Start. Dont forget to select a system first. A stripchart will be created on your map
displaying the values for the monitored object.
7.2.3.5 Other commands
Tools SNMP Trouble installs the SNMP-Trouble menu. The name is somewhat misleading.
Generally, the SNMP-Trouble menu provides quick ways to collect common, useful information. First, it can be used to locate SNMP-aware devices on your network. By selecting multiple devices on the
map and then choosing SNMP-Trouble SNMP Devices, tkined will poll each of the devices. The
output for the test network is shown in Figure 7-12
.
Figure 7-12. SNMP devices
153
Please note that noResponse does not necessarily mean that the device is down or that it doesnt support SNMP. For example, it may simply mean that you are not using the correct community string.
The SNMP-Trouble menu also provides menu options that will return some of the more commonly needed pieces of information such as system information, ARP tables, IP routing tables, interface
information, or TCP connections. A few of these reports are shown in Figure 7-13
.
Figure 7-13. SNMP-Trouble reports
7.2.3.6 Caveats
tkined is a fine program, but it does have a couple of problems. As noted in the last chapter, it will let you exit without saving changes. Another problem is that it doesnt recover well from one particular
type of user error. When you are through with a window or display, you should shrink the window rather than closing it. If you close the window, tkined will not automatically reopen it for you. When
you later use a command that needs the closed window, it will appear that tkined has simply ignored your command. Usually, you can simply unload and then reload the menu that contains the selection
used to initially create the window. Typically, the last item on a menu for example, see
Figure 7-4 and
Figure 7-7 will remove or delete the menu and unload the subsystem. Then go to the Tools menu
and reload the menu. The appropriate subsystem will be reloaded, correcting the problem. This can be very frustrating when you first encounter it, but it is easy to work around or avoid once you know to
look for it.
154
One other problem with tkined is that it uses a single community string when talking with devices. This can be changed with Set SNMP Parameters, which is available on several menus. But if you are
using different community strings within your network or prefer using read-only strings most of the time but occasionally need to change something, changing the community string can be a nuisance.
Overall, these few problems seem to be minor inconveniences for an otherwise remarkably useful program. The program has a number of additional features—such as sending reports to the syslog
system—that were not discussed here. You should, however, have a pretty good idea of how to get started using tkined from this discussion.
7.3 Non-SNMP Approaches
Of course, SNMP is not the only way to retrieve information or monitor systems. For example, a number of devices now have small HTTP servers built in that allow remote configuration and
management. These can be particularly helpful in retrieving information. With Unix, it is possible to remotely log on to a system using telnet or ssh over a network connection and reconfigure the host.
There is probably very little I can say about using these approaches that you dont already know or that isnt obvious. There is one thing that you undoubtedly know, but that is all too easy to forget—dont
make any changes that will kill your connection.
[4] [4]
One precaution that some administrators use is connecting the console port of crucial devices to another device that should remain reachable—a port on a terminal server, a modem, or even a serial
port on a nearby server. If you take this milking-machine approach, be sure this portal is secure.
Some remote-access programs provide a greater degree of control than others. In a Microsoft Windows environment, where traditionally there is only one user on a system, a remote control
program may take complete control of the remote system. On a multiuser system such as a Unix-based system, the same software may simply create another session on the remote host. Although these
programs are not specifically designed with network management in mind, they work well as management tools.
While these approaches will allow you to actively retrieve information or reconfigure devices, the remote systems are basically passive entities. There are, however, other monitoring tools that you
could consider. Big Brother bb is one highly regarded package. It is a web-based, multiplatform monitor. It is available commercially and, for some uses, noncommercially.
7.4 Microsoft Windows
SNMP is implemented as a Win32 service. It is available for the more recent versions of Windows but must be installed from the distribution CD-ROM. Installation and setup is very straightforward but
varies from version to version.
7.4.1 Windows SNMP Setup
With NT, SNMP is installed from the Network applet under the Control Panel. Select Add under the Services tab, then select SNMP Services from the Select Network Service pop-up box. You will then
be prompted for your distribution CD-ROM. Once it is installed, a pop-up box called Microsoft
