Comware

 View Only
last person joined: yesterday 

Back to discussions
Expand all | Collapse all

HP 5500EI Vlan-interface SNMP monitoring

This thread has been viewed 1 times

  • 1.  HP 5500EI Vlan-interface SNMP monitoring

    Posted Jul 06, 2016 09:13 AM

    Hi everyone,

    We have an issue monitoring Vlan-interfaces traffic via SNMP on an HP 5500EI (JD377A).

    Recently, at one of our branch offices, we have set up an HP 5500EI with Vlan-interfaces as gateways for the different LAN services (vlans namely, USERS, GUESTS, VOICE, MGMT, DMZ).
    It replaced a Cisco ISR 2921 which was the former LAN services gateway, with the HP 5500EI just as aggregation switch not playing any L3 role.

    We use PRTG Network Monitor to monitor traffic for WAN links and LAN services for each of our branch offices.

    When adding the HP 5500EI to PRTG, all the Vlan-interfaces were correctly discovered, status OK with green icon, but in regards to traffic, there was 'NO DATA' collected for any of them.

    First thought was: we need to import a specific HP/H3C MIB to PRTG, but before going any further on this way, I decided to check other options to narrow down the issue, and found that:

    - Command display counters rate inbound interface only shows GigabitEth and Ten-GigabitEth physical interfaces. No Bridge-Aggregation interfaces and Vlan-interfaces are shown, but BAGG interfaces can be monitored via SNMP just fine anyway. No conclusion from here.

    - Then decided to use Interface Real-Time Monitoring from IMC PLAT 7.1 and sadly IMC also shows zero traffic for any Vlan-interface, same as PRTG.

    So, is Vlan-interface SNMP monitoring just not supported on HP 5500EI?
    Might there be any workaround that is worth to try to monitor individual VLANs traffic reaching the 5500?

    For further topology information, LAN services VLANs spreads over several Bridge-Aggregations to edge switches and some access ports for local directly connected servers, so traffic monitoring over single physical interfaces is not an option at this time.

    Thanks in advance for your thoughts and advices.
    Regards,
    Pablo.


    #snmp
    #5500
    #Vlan-interface


  • 2.  RE: HP 5500EI Vlan-interface SNMP monitoring

    Posted Jul 07, 2016 03:41 AM

    Hi Pablo,

    Your case is common. This is related for most vendors, Cisco also :-) and L3 switches. I mean there is hardware difficulties receiving the stats from L3 Vlan interfaces.

    My advice is to use sFlow instead of pure SNMP as stat protocol for L3 vlan interfaces. PRTG software fully supports sFlow for Comware devices and tagged vlans. HP 5500EI (JD377A) switch also supports it.

    Cheers!

    Michal



  • 3.  RE: HP 5500EI Vlan-interface SNMP monitoring

    Posted Jul 07, 2016 07:44 PM

    Mike is right!

    I recommend the use of IMC + NTA (HPE Products) for monitoring using sFlow.



  • 4.  RE: HP 5500EI Vlan-interface SNMP monitoring

    Posted Jul 13, 2016 12:30 PM

    Hi everyone, thanks for your advices.

    I finally managed to graph accurate WAN links utilisation differenciated by source LAN subnets on our PRTG server, exporting flows from the switch.

    The switch won't let me especify a sflow collector over any L3 Vlan-interface or uplinks L2 BAGG interfaces (same story as with SNMP), so I had to enable it on each of the four physical interfaces aggregated on the uplink BAGG interfaces.

    #
interface GigabitEthernet1/0/23
 port link-mode bridge
 description BAGG1 Member
 port access vlan 100
 stp edged-port enable
 lldp compliance admin-status cdp txrx
 sflow sampling-rate 1000
 sflow flow collector 2
 port link-aggregation group 1
#
interface GigabitEthernet1/0/24
 port link-mode bridge
 description BAGG2 Member
 port access vlan 100
 stp edged-port enable
 lldp compliance admin-status cdp txrx
 sflow sampling-rate 1000
 sflow flow collector 2
 port link-aggregation group 2
#
#
interface GigabitEthernet2/0/23
 port link-mode bridge
 description BAGG1 Member
 port access vlan 100
 stp edged-port enable
 lldp compliance admin-status cdp txrx
 sflow sampling-rate 1000
 sflow flow collector 2
 port link-aggregation group 1
#
interface GigabitEthernet2/0/24
 port link-mode bridge
 description BAGG2 Member
 port access vlan 100
 stp edged-port enable
 lldp compliance admin-status cdp txrx
 sflow sampling-rate 1000
 sflow flow collector 2
 port link-aggregation group 2
#

     

    Then, PRTG enabled me to define sensors with different "SourceIP" / "DestinationIP" filter rules, based on the same exported flow.

    Cheers,
    Pablo.



  • 5.  RE: HP 5500EI Vlan-interface SNMP monitoring

    Posted Nov 10, 2016 03:49 AM

    Hi Pablo,

    I have the same issue, I found that this is possible on Procurve/Aruba switches but not on Comware.
    The problem with sflow is that it has difficulties with seeing VPN traffic.
    So if, VPN traffic goes over you're switch you won't see it.

    Is their anyone who has another solution?

    Kind regards
    Kevin

     



  • 6.  RE: HP 5500EI Vlan-interface SNMP monitoring

    Posted Nov 10, 2016 09:53 AM

    Hi Kevin,

    Unfortunately I have no experience getting switches sFlow collect VPN traffic, since our switches are inside branches, and we only have IPSEC VPN between border internet routers on branches and headquarters.

    May be it is a good idea to open a new topic explaining your difficulties regarding VPN traffic and sFlow, your sFlow/collectors configuration and the tools you use to show/report those flows.

    Best regards,
    Pablo.