Applies To:

Show Versions Show Versions

Manual Chapter: BIG-IP® Network and System Management Guide version 9.2.3: Configuring SNMP - 15
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>


15

Configuring SNMP


Introducing SNMP administration

Simple Network Management Protocol (SNMP) is an industry-standard protocol that gives a standard SNMP management system the ability to remotely manage a device on the network. One of the devices that an SNMP management system can manage is a BIG-IP system. The SNMP versions that the BIG-IP system supports are: SNMP v1, SNMP v2c, and SNMP v3. The BIG-IP system implementation of SNMP is based on a well-known SNMP package, Net-SNMP, which was formerly known as UCD-SNMP.

Reviewing an industry-standard SNMP implementation

A standard SNMP implementation consists of an SNMP manager, which runs on a management system and makes requests to a device, and an SNMP agent, which runs on the managed device and fulfills those requests. SNMP device management is based on the standard management information base (MIB) known as MIB-II, as well as object IDs and MIB files.

  • The MIB defines the standard objects that you can manage for a device, presenting those objects in a hierarchical, tree structure.
  • Each object defined in the MIB has a unique object ID (OID), written as a series of integers. An OID indicates the location of the object within the MIB tree.
  • A set of MIB files resides on both the SNMP manager system and the managed device. MIB files specify values for the data objects defined in the MIB. This set of MIB files consists of standard SNMP MIB files and enterprise MIB files. Enterprise MIB files are those MIB files that pertain to a particular company, such as F5 Networks, Inc.

Typical SNMP tasks that an SNMP manager performs include polling for data about a device, receiving notifications from a device about specific events, and modifying writable object data.

Reviewing the BIG-IP system SNMP implementation

To comply with the standard SNMP implementation, the BIG-IP system includes both an SNMP agent, a set of standard SNMP MIB files, and a set of enterprise MIB files (those that are specific to the BIG-IP system). The enterprise MIB files typically reside on both the BIG-IP system and system running the SNMP manager. Fortunately, you can use the browser-based Configuration utility to download the enterprise MIB files to your SNMP manager.

Using the BIG-IP system implementation of SNMP, the SNMP manager can perform these distinct functions:

  • Poll for information (such as performance metrics)
  • Receive notification of specific events that occur on the BIG-IP system
  • Set data for SNMP objects that have a read/write access type

The last item in the list refers to the ability of an SNMP manager system to enable or disable various BIG-IP system objects such as virtual servers and nodes. Specifically, you can use SNMP to:

  • Enable or disable a virtual server
  • Enable or disable a virtual address
  • Enable or disable a node
  • Enable or disable a pool member
  • Set a node to an up or down state
  • Set a pool member to an up or down state
  • Reset statistical data for all BIG-IP objects

Summarizing SNMP configuration on the BIG-IP system

Before an SNMP manager system can manage a BIG-IP system remotely, you must perform a few configuration tasks on the BIG-IP system, using the BIG-IP system's Configuration utility. After you have performed these configuration tasks, you can use standard SNMP commands on the remote manager system to manage the BIG-IP system.

The configuration tasks you perform are:

  • Configuring the SNMP agent
    There are a number of things you can do to configure the SNMP agent on the BIG-IP system. For example, you can allow client access to information that the SNMP agent collects, and you can configure the way that the SNMP agent handles SNMP traps. Traps are definitions of unsolicited notification messages that the BIG-IP alert system and the SNMP agent send to the SNMP manager when certain events occur.
  • Downloading MIB files
    You can download two sets of MIB files to your remote manager system: the standard SNMP MIB files and the enterprise MIB files.

Configuring the SNMP agent

To configure the SNMP agent on the BIG-IP system, you can use the Configuration utility. Configuring the SNMP agent means performing the following tasks:

  • Configuring BIG-IP system information
    Specify a system contact name and the location of the BIG-IP system.
  • Configuring client access to the SNMP agent
    Configure the BIG-IP system to allow access to the SNMP agent from an SNMP manager system.
  • Controlling access to SNMP data
    Assign access levels to SNMP communities or users, to control access to SNMP data.
  • Configuring Traps
    Enable or disable traps and specify the destination SNMP manager system for SNMP traps.

An alternative way to configure the SNMP agent is by editing certain BIG-IP system configuration files directly. These files are:

  • /config/snmp/snmpd.conf
    This file contains most of the configuration information for the SNMP agent, including trap information.
  • /config/net-snmp/snmpd.conf
    Required for SNMP v3 only, this file contains SNMP user names.
    Important: You must stop the snmpd service prior to editing this file.
  • /etc/hosts.allow
    This file contains the IP addresses and netmasks for the manager systems that are allowed access to the BIG-IP system.
Warning

You should attempt to edit these files directly only if you are an advanced BIG-IP system administrator. Also, do not attempt to configure any bigdbTM database keys that correspond to SNMP. Doing so could harm your system.

Configuring BIG-IP system information

You can use the Configuration utility to configure the following information:

  • Contact Information
    The contact information is a MIB-II simple string variable defined by almost all SNMP boxes. The contact name usually contains a user name, as well as an email address.
  • Machine Location
    The machine location is a MIB-II variable that almost all machines support. It is a simple string that defines the location of the machine.

To configure system information

  1. On the Main tab of the navigation pane, expand System, and click SNMP.
    This opens the SNMP Agent Configuration screen.
  2. In the Global Setup area, fill in the boxes.
    For more information, see the online help.
  3. Click Update.

Configuring client access

An SNMP client refers to any system running the SNMP manager software for the purpose of remotely managing the BIG-IP system. To set up client access to the BIG-IP system, you specify the IP or network addresses (with netmask as required) from which the SNMP agent can accept requests. (By default, SNMP is enabled only for the BIG-IP system loopback interface, 127.0.0.1.)

To allow client access to the SNMP agent

  1. On the Main tab of the navigation pane, expand System, and click SNMP.
    This opens the SNMP Agent Configuration screen.
  2. For the Client Allow List Type setting, select Host or Network, depending on whether the IP address you specify is a host system or a subnet.
  3. Type the following information:
    • In the Address box, type an IP address or network address from which the SNMP agent can accept requests.
    • If you selected Network in step 3, type the netmask in the Mask box.
  4. Click the Add button to add the host or network address to the list of allowed clients.
  5. Click Update.

Controlling access to SNMP data

To better control access to SNMP data, you can assign an access level to an SNMP v1 or v2c community, or to an SNMP v3 user.

There is a default access level for communities, and this access level is read-only. This means that you cannot write to an individual data object that has a read/write access type until you change the default read-only access level of the community or user.

The way to modify this default access level is by using the Configuration utility to grant read/write access to either a community (for SNMP v1 and v2c) or a user (SNMP v3), for a given OID.

When you set the access level of a community or user to read/write, and an individual data object has a read-only access type, access to the object remains read-only. In short, the access level or type that is the most secure takes precedence when there is a conflict. Table 15.1 illustrates this point.

Table 15.1 Access control for SNMP data
If the access type of an object is...
And you set the access level of a community or user to...
Then access to the object is...
Read-only
Read-only
Read-only
Read/write
Read-only
Read/write
Read-only
Read-only
Read/write
Read/write

 

To grant community access to SNMP data (v1 or v2c only)

  1. On the Main tab of the navigation pane, expand System, and click SNMP.
    This opens the SNMP Agent Configuration screen.
  2. From the Agent menu, choose Access (v1, v2c).
    This displays the SNMP Access screen.
  3. In the upper-right corner of the screen, click Create.
    This displays the New Access Record screen.
  4. Select the type of address to which the access record applies, either IPv4 or IPv6.
  5. In the Community box, type the name of the SNMP community for which you are assigning an access level (in step 9).
  6. In the Source box, type the source IP address.
  7. In the OID box, type the OID for the top-most node of the SNMP tree to which the access applies.
  8. For the Access setting, select an access level, either Read Only or Read/Write. (This access level applies to the community name you specified in step 6.)
  9. Click Finished.

To grant access to SNMP data (v3 only)

  1. On the Main tab of the navigation pane, expand System, and click SNMP.
    This opens the SNMP Agent Configuration screen.
  2. From the Agent menu, choose Access (v3).
    This displays the SNMP Access screen.
  3. In the upper-right corner of the screen, click Create.
    This displays the New Access Record screen.
  4. In the User Name box, type a user name for which you are assigning an access level (in step 9).
  5. For the Authentication setting, select a type of authentication to use, and then type and confirm the user's password.
  6. For the Privacy setting, select a privacy protocol, and then do one of the following:
    • Type and confirm the user's password.
    • Click the Use Authentication Password box.
  7. In the OID box, type the object identifier (OID) for the top-most node of the SNMP tree to which the access applies.
  8. For the Access setting, select an access level, either Read Only or Read/Write. (This access level applies to the user name that you specified in step 5.)
  9. Click Finished.

When you use the Configuration utility to assign an access level to a community or user, the utility updates the snmpd.conf file, assigning only a single access setting to the community or user. There might be times, however, when you want to configure more sophisticated access control. To do this, you must edit the /config/snmp/snmpd.conf file directly, instead of using the Configuration utility.

For example, Figure 15.1 shows a sample snmpd.conf file when you use the Configuration utility to grant read/write access to a community.

Figure 15.1 Sample access-control assignments in the snmpd.conf file
rocommunity public default
rwcommunity public1 127.0.0.1  .1.3.6.1.4.1.3375.2.2.10.1

 

In this example, the string rocommunity identifies a community named public as having the default read only access level (indicated by the strings ro and default). This read only access level prevents any allowed SNMP manager in community public from modifying a data object, even if the object has an access type of read/write.

The string rwcommunity identifies a community named public1 as having a read/write access level (indicated by the string rw). This read/write access level allows any allowed SNMP manager in community public1 to modify a data object under the tree node.1.2.6.1.4.1.3375.2.2.10.1 (ltmVirtualServ) on the local host 127.0.0.1, if that data object has an access type of read/write.

For more information, see the man page for the snmpd.conf file.

Configuring traps

On the BIG-IP system, traps are definitions of unsolicited notification messages that the BIG-IP alert system and the SNMP agent send to the SNMP manager when certain events occur on the BIG-IP system. Configuring SNMP traps on a BIG-IP system means configuring the way that the BIG-IP system handles traps, as well as setting the destination for notifications that the alert system and the SNMP agent send to an SNMP manager.

The BIG-IP system stores traps in two specific files:

  • /etc/alertd/alert.conf
    Contains default SNMP traps.

    Important: Do not add or remove traps from the /etc/alertd/alert.conf file.
  • /config/user_alert.conf
    Contains user-defined SNMP traps.

You use the Configuration utility to configur e traps, that is, enable traps and set trap destinations. When you configure traps, the BIG-IP system automatically updates the alert.conf and user_alert.conf file.

Enabling traps for specific events

You can configure the SNMP agent on the BIG-IP system to send, or refrain from sending, notifications when the following events occur:

  • The SNMP agent on the BIG-IP system stops or starts. By default, this trap is enabled.
  • The BIG-IP system receives an authentication warning, generated when a client system attempts to access the SNMP agent. By default, this trap is disabled.
  • The BIG-IP system receives any type of warning. By default, this trap is enabled.

To enable traps for specific events

  1. On the Main tab of the navigation pane, expand System, and click SNMP.
    This opens the SNMP Agent Configuration screen.
  2. From the Traps menu, choose Configuration.
    This displays the SNMP Trap Configuration screen.
  3. To send traps when someone starts or stops the SNMP agent, verify that the Agent Start/Stop box is checked.
  4. To send notifications when authentication warnings occur, click the Agent Authentication box.
  5. To send notifications when certain warnings occur, verify that the Device box is checked.
  6. Click Update.

Setting the trap destination

In addition to enabling certain traps for certain events, you must specify the destination SNMP manager to which the BIG-IP system should send notifications. For SNMP versions 1 and 2c only, you specify a destination system by providing the community name to which the BIG-IP system belongs, the IP address of the SNMP manager, and the target port number of the SNMP manager.

Important

If you are using SNMP V3 and want to configure a trap destination, you do not use the SNMP screens within the Configuration utility. Instead, you configure the snmpd.conf file. For more information, see the man page for the snmpd.conf file.

To specify a trap destination

  1. On the Main tab of the navigation pane, expand System, and click SNMP.
    This opens the SNMP Agent Configuration screen.
  2. From the Traps menu, choose Destination.
    This displays the SNMP Destination screen.
  3. In the upper-right corner of the screen, click Create.
    This displays the New Trap Record screen.
  4. For the Version setting, select an SNMP version number.
  5. In the Community box, type the community name for the SNMP agent running on the BIG-IP system.
  6. In the Destination box, type the IP address of the SNMP management system.
  7. In the Port box, type the SNMP management system port number that is to receive the traps.
  8. Click Finished.

Working with SNMP MIB files

As described earlier, MIB files define the SNMP data objects contained in the SNMP MIB. There are two sets of MIB files that typically reside on the BIG-IP system and the SNMP manager system: enterprise MIB files (that is, F5-specific MIB files) and standard SNMP MIB files.

Both sets of MIB files are already present on the BIG-IP system, in the directory /usr/share/snmp/mibs. However, you still need to download them to your SNMP manager system. You can download these MIB files from the Welcome screen of the browser-based Configuration utility. For more information, see Downloading SNMP MIB files on this page.

The implementation of the Packet Velocity® ASIC (PVA) feature affects the ability for users to use MIB-II to gather certain kinds of data. For example, with a PVA system, you can use MIB-II to collect statistics on physical system interfaces, but not on logical interfaces (that is, VLANs).

To make MIB-II as clear as possible, we have implemented the SNMP feature so that you use MIB-II for gathering standard Linux data only. You cannot use MIB-II to gather data that is specific to the BIG-IP system and instead must use the F5 enterprise MIB files. All OIDS for BIG-IP system data are contained in the F5 enterprise MIB files, including all interface statistics (1.3.6.1.4.1.3375.2.1.2.4 (sysNetwork.sysInterfaces)).

Note

All BIG-IP system statistics are defined by 64-bit counters. Thus, because only SNMP v2c supports 64-bit counters, your management system needs to use SNMP v2c to query BIG-IP system statistics data.

Downloading SNMP MIB files

The enterprise MIB files that you can download to the SNMP manager system are:

  • F5-BIGIP-COMMON-MIB.txt
    This MIB file contains common information and all notifications (traps). For more information, see Using the F5-BIGIP-COMMON-MIB.txt file .
  • F5-BIGIP-LOCAL-MIB.txt
    This is an enterprise MIB file that contains specific information for properties associated with specific BIG-IP system features related to local traffic management (such as virtual servers, pools, and SNATs). For more information, see Using the F5-BIGIP-LOCAL-MIB.txt file .
  • F5-BIGIP-SYSTEM-MIB.txt.
    The F5-BIGIP-SYSTEM-MIB.txt MIB file includes global information on system-specific objects. For more information, see Using the F5-BIGIP-SYSTEM-MIB.txt file .

To view the set of standard SNMP MIB files that you can download to the SNMP manager system, list the contents of the BIG-IP system directory /usr/share/snmp/mibs.

To download MIB files

  1. On the Main tab of the navigation pane, expand Overview, and click Welcome.
    This opens the Welcome screen.
  2. Scroll to the Downloads section, and locate the SNMP MIBs section.
  3. Click the type of MIB files to download.
    The two MIB file types are F5 MIB files and Net-SNMP MIB files.
  4. Follow the instructions on the screen to complete the download.

Understanding the enterprise MIB files

Once you have downloaded all of the necessary MIB files, you should familiarize yourself with the contents of the enterprise MIBs, for purposes of managing the BIG-IP system and troubleshooting BIG-IP system events.

Note

To manage a BIG-IP system with SNMP, you need to use the standard set of SNMP commands. For information on SNMP commands, consult your favorite third-party SNMP documentation, or visit the web site http://net-snmp.sourceforge.net.

As mentioned in Downloading SNMP MIB files , the BIG-IP system includes a set of enterprise MIB files:

  • F5-BIGIP-COMMON-MIB.txt
  • F5-BIGIP-LOCAL-MIB.txt
  • F5-BIGIP-SYSTEM-MIB.txt

These MIB files contain information that you can use for your remote management station to: poll the SNMP agent for BIG-IP system-specific information, receive BIG-IP system-specific notifications, or set BIG-IP system data.

Using the F5-BIGIP-COMMON-MIB.txt file

The F5-BIGIP-COMMON-MIB.txt file is an enterprise MIB file that contains objects pertaining to any common information, as well as the F5-specific SNMP traps.

All F5-specific traps are contained within this MIB file. You can identify the traps within this MIB file by viewing the file and finding object names that show the designation NOTIFICATION-TYPE.

When an F5-specific trap sends a notification to the SNMP manager system, the SNMP manager system receives a text message describing the event or problem that has occurred. For troubleshooting assistance regarding F5-specific traps, see Appendix A, Troubleshooting SNMP Traps .

To see all available MIB objects in this MIB file, you can view the F5-BIGIP-COMMON-MIB.txt file in the directory /usr/share/snmp/mibs on the BIG-IP system.

Using the F5-BIGIP-LOCAL-MIB.txt file

The F5-BIGIP-LOCAL-MIB.txt file is an enterprise MIB file that contains information that an SNMP manager system can access for the purpose of managing local application traffic. For example, you can:

  • View the maximum number of entries that a node can have open at any given time.
  • Get a pool name.
  • View the current active members for a load balancing pool.
  • Reset pool statistics
  • Get profile information such as the total number of concurrent authentication sessions.

In general, you can use this MIB file to get information on any local traffic management object (virtual servers, pools, nodes, profiles, SNATs, health monitors, and iRules). You can also reset statistics for any of these objects.

To see all available enterprise MIB objects for local traffic management, you can view the F5-BIGIP-LOCAL-MIB.txt file in the directory /usr/share/snmp/mibs on the BIG-IP system.

Using the F5-BIGIP-SYSTEM-MIB.txt file

The F5-BIGIP-SYSTEM-MIB.txt file is an enterprise MIB file that describes objects representing common BIG-IP system information. Examples of information in this MIB file are global statistic data, network information, and platform information. Some of the data in this MIB file is similar to that defined in MIB-II, but is not exactly the same.

Table 15.2 shows standard MIB-II objects and the F5-specific objects that approximately correspond to them.

Table 15.2 F5-BIGIP-SYSTEM-MIB objects and their relationship to MIB-II objects
MIB-II Category or Object
F5-BIGIP-SYSTEM-MIB Object Name
MIB-II
f5.bigipSystem
interfaces
sysNetwork.sysInterfaces.sysInterface
sysNetwork.sysInterfaces.sysInterfaceStat
sysNetwork.sysInterfaces.sysInterfaceMediaOptions
ip
sysGlobalStats.sysGlobalIpStat
ip.AddrTable
sysNetwork.sysSelfIp
ip.RouteTable
sysNetwork.sysRoute
ip.ipNetToMediaTable
sysNetwork.sysArpNdp
icmp
sysGlobalStats.sysGlobalIcmpStat
tcp
sysGlobalStats.sysGlobalTcpStat
udp
sysGlobalStats.sysGlobalUdpStat
transmission/dot3.dot3StatTable
transmission/dot3.dot3CollTable
sysNetwork.sysTransmission.sysDot3Stat
dot1dBridge.dot1dBase
sysNetwork.sysDot1dBridge
dot1dBridge.dot1dStp
sysNetwork.sysSpanningTree.sysStpBridgeStat
sysNetwork.sysSpanningTree.sysStpBridgeTreeStat
sysNetwork.sysSpanningTree.sysInterfaceStat
sysNetwork.sysSpanningTree.sysInterfaceTreeStat
dot1dBridge.dot1dTp
sysGlobalAttr.VlanFDBTimeout
dot1dBridge.dot1dTpFdbTable
sysNetwork.sysL2
dot1dTpPortTable
sysNetwork.sysInterfaces.sysInterfaceStat
dot1dStaticTable
Not supported.
ifMIB/ifMIBObjects.ifXTable
sysNetwork.sysInterfaces.sysIfxStat

 

To see all available enterprise MIB system objects, you can view the F5-BIGIP-SYSTEM-MIB.txt file in the directory /usr/share/snmp/mibs on the BIG-IP system.

Using the RMON-MIB.txt file

One of the MIB files that the BIG-IP system provides is the Remote network Monitoring (RMON) MIB file, RMON-MIB.txt. This file is the standard RMON MIB file. However, the implementation of RMON on the BIG-IP system differs slightly from the standard RMON implementation, in these ways:

  • The BIG-IP system implementation of RMON supports four of the nine RMON groups. The four supported RMON groups are: statistics, history, alarms, and events.
  • The RMON-MIB.txt file monitors the BIG-IP system interfaces (that is, sysIfIndex), and not the standard LINUX interfaces.
  • For hardware reasons, the packet-length-specific statistics in the RMON statistics group offer combined transmission and receiving statistics only. This behavior differs from the behavior described in the definitions of the corresponding object IDs.

To understand how RMON operates for a BIG-IP system, you can view the RMON-MIB.txt file in the directory /usr/share/snmp/mibs on the BIG-IP system.

Collecting performance data

The Configuration utility on the BIG-IP system displays graphs showing performance metrics for the system. However, you can also use SNMP to collect the same information.

The types of performance metrics that you can gather using SNMP are:

  • Memory use
  • Number of active connections
  • Number of new connections
  • Throughput in bits per second
  • Number of HTTP requests
  • Ram Cache use
  • CPU use
  • Number of SSL transactions

Each type of metric has one or more SNMP object IDs (OIDs) associated with it. To gather performance data, you specify these OIDs with the appropriate SNMP command.

For example, the following SNMP command collects data on current memory use, where public is the community name and bigip is the host name of the BIG-IP system:

snmpget -c public bigip sysGlobalStat.sysStatMemoryUsed.0

For some types of metrics, such as memory use, simply issuing an SNMP command with an OID gives you the information you need. For other types of metrics, the data that you collect with SNMP is not useful until you perform a calculation on it to interpret the data.

For example, to determine the throughput rate of client bits coming into the BIG-IP system, you must you must use the relevant OID (sysStatClientBytesIn (.1.3.6.1.4.1.3375.2.1.1.2.1.3)) to take two polls at a certain interval (such as ten seconds), calculate the delta of the two polls, and then perform the following calculation on that delta value:

( <DeltaStatClientBytesIn>*8 ) / <interval>

Important

For calculations that include a polling interval, the interval can be any amount of time that you choose, as long as you use that same number as the value for <interval> in your calculations. Note that the performance graphs that the Configuration utility displays are based on a polling interval of ten seconds.

The following sections contain tables that list:

  • The OIDs that you can use to collect the performance data
  • The calculations that you must perform to interpret the performance data that you collect (not required for interpreting data on memory use and active connections).

Collecting data on memory use

You can use an SNMP command with OIDs to gather data on the number of bytes of memory currently being used on the BIG-IP system. Table 15.3 shows the OIDs that you need to specify to gather data on current memory use. To interpret data on memory use, you do not need to perform a calculation on the collected data.

Table 15.3 Required OIDs for collecting metrics on memory use
Performance Graph
(Configuration utility)
Graph Metric
Required SNMP OIDs
Memory Used
TMM Mem Usage
sysStatMemoryUsed (.1.3.6.1.4.1.3375.2.1.1.2.1.45)
Host Mem Usage
sysHostMemoryUsed (.1.3.6.1.4.1.3375.2.1.7.2)

 

Collecting data on active connections

You can use SNMP commands with various OIDs to gather data on the number of active connections on the BIG-IP system. Table 15.4 shows the OIDs that you need to specify to gather data on active connections. To interpret data on active connections, you do not need to perform any calculations on the collected data.

Table 15.4 Required OIDs for collecting metrics on active connections
Performance Graph
(Configuration utility)
Graph Metrics
Required SNMP OIDs
Active Connections
(summary graph)
Connections
sysStatClientCurConns (.1.3.6.1.4.1.3375.2.1.1.2.1.8)
Active Connections
(detailed graph)
client
sysStatClientCurConns (.1.3.6.1.4.1.3375.2.1.1.2.1.8)
server
sysStatServerCurConns (.1.3.6.1.4.1.3375.2.1.1.2.1.15)
pva client
sysStatPvaClientCurConns (.1.3.6.1.4.1.3375.2.1.1.2.1.22)
pva server
sysStatPvaServerCurConns (.1.3.6.1.4.1.3375.2.1.1.2.1.29)
ssl client
sysClientsslStatCurConns (.1.3.6.1.4.1.3375.2.1.1.2.9.2)
ssl server
sysServersslStatCurConns (.1.3.6.1.4.1.3375.2.1.1.2.10.2)

 

Collecting data on new connections

You can use SNMP commands with various OIDs to gather and interpret data on the number of new connections on the BIG-IP system.

To gather and interpret the data for each of these metrics, you must perform some polling and calculations:

  • First, for each OID, you must perform two separate polls, at a time interval of your choice.
  • Next, you calculate the delta of the two poll values.
  • Finally, for each graph metric, you perform a calculation on those OID deltas.

Table 15.5 shows the individual OIDS that you must poll to retrieve two separate poll values for each OID.

Table 15.5 Required OIDs for polling for data on new connections
Performance Graph
(Configuration utility)
Graph Metrics
Required SNMP OIDs
New Connections
(summary graph)
Client Connects
sysStatClientTotConns (.1.3.6.1.4.1.3375.2.1.1.2.1.7)
Client Accepts
sysTcpStatAccepts (.1.3.6.1.4.1.3375.2.1.1.2.12.6)
Server Connects
sysTcpStatConnects (.1.3.6.1.4.1.3375.2.1.1.2.12.8)
Total New Connections
(detailed graph)
Client Connects
sysStatClientTotConns (.1.3.6.1.4.1.3375.2.1.1.2.1.7)
Server Connects
sysStatServerTotConns (.1.3.6.1.4.1.3375.2.1.1.2.1.14)
New PVA Connections
(detailed graph)
pva client
sysStatPvaClientTotConns (.1.3.6.1.4.1.3375.2.1.1.2.1.21)
pva server
sysStatPvaServerTotConns (.1.3.6.1.4.1.3375.2.1.1.2.1.28)
New Client SSL Profile Connections
(detailed graph)
SSL Client
sysClientsslStatTotNativeConns (.1.3.6.1.4.1.3375.2.1.1.2.9.6) sysClientsslStatTotCompatConns (.1.3.6.1.4.1.3375.2.1.1.2.9.9)
SSL Server
sysServersslStatTotNativeConns (.1.3.6.1.4.1.3375.2.1.1.2.10.6) sysServersslStatTotCompatConns (.1.3.6.1.4.1.3375.2.1.1.2.10.9)
New Accepts/Connects
(detailed graph)
Client Accepts
sysTcpStatAccepts (.1.3.6.1.4.1.3375.2.1.1.2.12.6)
Server Connects
sysTcpStatConnects (.1.3.6.1.4.1.3375.2.1.1.2.12.8)

 

For example, for the Client Accepts graph metric:

  1. Poll OID sysTcpStatAccepts (.1.3.6.1.4.1.3375.2.1.1.2.12.6) twice, at a 10-second interval.
    This results in two values, <sysTcpStatAccepts1> and <sysTcpStatAccepts2>.
  2. Note: Although this example uses an interval of ten seconds, the interval can actually be any duration that you choose.

     

  3. Calculate the delta of the two poll values:

<DeltaTcpStatAccepts> = <sysTcpStatAccepts2> - <sysTcpStatAccepts1>

  1. Calculate the value of the Client Accepts graph metric using the calculation shown in Table 15.6 (<DeltaTcpStatAccepts> / <interval>), where the value of <interval> is 10.
    Table 15.6 Required calculations for interpreting metrics on new connections
    Performance Graph
    (Configuration utility)
    Graph Metrics
    Required calculations for new connection metrics
    New Connections
    (summary graph)
    Client Connections
    <DeltaStatClientTotConns> / <interval>
    Client Accepts
    <DeltaTcpStatAccept> / <interval>
    Server Connects
    <DeltaTcpStatConnects> / <interval>
    Total New Connections
    (detailed graph)
    Client Connections
    <DeltaStatClientTotConns> / <interval>
    Server Connections
    <DeltaStatServerTotConns> / <interval>
    New PVA Connections
    (detailed graph)
    pva client
    <DeltaStatPvaClientTotConns> / <interval>
    pva server
    <DeltaStatPvaServerTotConns> / <interval>
    New SSL Connections
    (detailed graph)
    SSL Client
    ( <DeltaClientsslStatTotNativeConns> + <DeltaClientsslStatTotCompatConns>) / <interval>
    SSL Server
    (<DeltaServersslStatTotNativeConns> + <DeltaServersslStatTotCompatConns>) / <interval>
    New Accepts/Connects
    (detailed graph)
    Client Accepts
    <DeltaTcpStatAccepts> / <interval>
    Server Connects
    <DeltaTcpStatConnects> / <interval>

Collecting data on throughput rates

You can use SNMP commands with various OIDs to gather and interpret data on the throughput rate on the BIG-IP system, in terms of bits per second.

To gather and interpret the data for each of these metrics, you must perform some polling and calculations:

  • First, for each OID, you must perform two separate polls, at an interval of your choice.
  • Next, you calculate the delta of the two poll values.
  • Finally, for each graph metric, you perform a calculation on those OID deltas.

Table 15.7 shows the individual OIDS that you must poll, retrieving two separate poll values for each OID.

Table 15.7 Required OIDs for polling for data on throughput rates
Performance Graph
(Configuration utility)
Graph Metrics
Required SNMP OIDs
Throughput
(summary graph)
Client Bits
sysStatClientBytesIn (.1.3.6.1.4.1.3375.2.1.1.2.1.3) sysStatClientBytesOut (.1.3.6.1.4.1.3375.2.1.1.2.1.5)
Server Bits
sysStatServerBytesIn (.1.3.6.1.4.1.3375.2.1.1.2.1.10) sysStatServerBytesOut (.1.3.6.1.4.1.3375.2.1.1.2.1.12)
Throughput
(detailed graph)
Client Bits In
sysStatClientBytesIn (.1.3.6.1.4.1.3375.2.1.1.2.1.3)
Client Bits Out
sysStatClientBytesOut (.1.3.6.1.4.1.3375.2.1.1.2.1.5)
Server Bits In
sysStatServerBytesIn (.1.3.6.1.4.1.3375.2.1.1.2.1.10)
Server Bits Out
sysStatServerBytesOut (.1.3.6.1.4.1.3375.2.1.1.2.1.12)

 

For example, for the Server Bits In graph metric:

  1. Poll OID sysStatServerBytesIn (.1.3.6.1.4.1.3375.2.1.1.2.1.10) twice, at a 10-second interval.
    This results in two values, <sysStatServerBytesIn1> and <sysStatServerBytesIn2>.
  2. Note: Although this example uses an interval of ten seconds, the interval can actually be any duration that you choose.  
  3. Calculate the delta of the two poll values:

<DeltaStatServerBytesIn> = <sysStatServerBytesIn2> - <sysStatServerBytesIn1>

  1. Calculate the value of the Server Bits In graph metric using the calculation shown in Table 15.8 (<DeltaStatServerBytesIn> / <interval>), where the value of <interval> is 10.
    Table 15.8 Required calculations for interpreting metrics on throughput rates
    Performance Graph
    (Configuration utility)
    Graph Metrics
    Required calculations for throughput rates
    Throughput
    (summary graph)
    Client Bits
    ( (<DeltaStatClientBytesIn> + <DeltasysStatClientBytesOut> )*8 ) / <interval>
    Server Bits
    ( (<DeltaStatServerBytesIn> + <DeltasysStatServerBytesOut> )*8 ) / <interval>
    Throughput
    (detailed graph)
    Client Bits In
    ( <DeltaStatClientBytesIn>*8 ) / <interval>
    Client Bits Out
    ( <DeltaStatClientBytesOut>*8 ) / <interval>
    Server Bits In
    ( <DeltaStatServerBytesIn>*8 ) / <interval>
    Server Bits Out
    ( <DeltaStatServerBytesOut>*8 ) / <interval>

Collecting data on HTTP requests

You can use SNMP commands with an OID to gather and interpret data on the number of current HTTP requests on the BIG-IP system, in terms of requests per second.

To gather and interpret the data for this metric, you must perform some polling and calculations:

  • First, you must use the OID to perform two separate polls, at an interval of your choice.
  • Next, you calculate the delta of the two poll values.
  • Finally, you perform a calculation on the OID delta.

Table 15.9 shows the OID that you must poll, retrieving two separate poll values for this OID.

Table 15.9 Required OIDs for polling for data on HTTP requests
Performance Graph
(Configuration utility)
Graph Metric
Required SNMP OIDs
HTTP Requests
HTTP Requests
sysStatHttpRequests (.1.3.6.1.4.1.3375.2.1.1.2.1.56)

 

For example, for the HTTP Requests graph metric:

  1. Poll OID sysStatHttpRequests (.1.3.6.1.4.1.3375.2.1.1.2.1.56) twice, at a 10-second interval.
    This results in two values, <sysStatHttpRequests1> and <sysStatHttpRequests2>.
  2. Note: Although this example uses an interval of ten seconds, the interval can actually be any duration that you choose.  
  3. Calculate the delta of the two poll values:

<DeltaStatHttpRequests> = <sysStatHttpRequests2> - <sysStatHttpRequests1>

  1. Calculate the value of the HTTP Requests graph metric using the calculation shown in Table 15.10 , where the value of <interval> is 10.
    Table 15.10 Required calculations for interpreting metrics on HTTP requests
    Performance Graph
    (Configuration utility)
    Graph Metric
    Required calculations for HTTP requests
    HTTP Requests
    HTTP Requests
    <DeltaStatHttpRequests> / <interval>

Collecting data on RAM Cache use

You can use an SNMP command with various OIDs to gather and interpret data on RAM cache use.

To gather and interpret the data for each of these metrics, you must perform some polling and calculations. First, for each OID, you must poll for data. Then, for each graph metric, you perform a calculation using the OID data.

Table 15.11 shows the individual OIDS that you must use to poll for Ram Cache data.

Table 15.11 Required OIDs for polling for data on RAM Cache use
Performance Graph
(Configuration utility)
Graph Metric
Required SNMP OID
RAM Cache Utilization
Hit Rate
sysHttpStatRamcacheHits (.1.3.6.1.4.1.3375.2.1.1.2.4.46) sysHttpStatRamcacheMisses (.1.3.6.1.4.1.3375.2.1.1.2.4.47)
Byte Rate
sysHttpStatRamcacheHitBytes (.1.3.6.1.4.1.3375.2.1.1.2.4.49) sysHttpStatRamcacheMissBytes (.1.3.6.1.4.1.3375.2.1.1.2.4.50)
Eviction Rate
sysHttpStatRamcacheEvictions (.1.3.6.1.4.1.3375.2.1.1.2.4.54) sysHttpStatRamcacheHits (.1.3.6.1.4.1.3375.2.1.1.2.4.46) sysHttpStatRamcacheMisses (.1.3.6.1.4.1.3375.2.1.1.2.4.47)

 

For example, for the Hit Rate graph metric:

  1. Poll the OID sysHttpStatRamcacheHits (.1.3.6.1.4.1.3375.2.1.1.2.4.46). This results in a value of <sysHttpStatRamcacheHits1>.
  2. Poll the OID sysHttpStatRamcacheMisses (.1.3.6.1.4.1.3375.2.1.1.2.4.47). This results in a value of <sysHttpStatRamcacheMisses1>.
  3. Calculate the value of the Hit Rate graph metric using the calculation shown in Table 15.12 (<sysHttpStatRamcacheHits1> / (<sysHttpStatRamcacheHits1> + <sysHttpStatRamcacheMisses1>) *100).
    Table 15.12 Required calculations for interpreting metrics on RAM Cache use
    Performance Graph
    (Configuration utility)
    Graph Metric
    Required SNMP OID
    RAM Cache Utilization
    Hit Rate
    <sysHttpStatRamcacheHits1> / (<sysHttpStatRamcacheHits1> + <sysHttpStatRamcacheMisses1>) *100
    Byte Rate
    <sysHttpStatRamcacheHitBytes1> / (<sysHttpStatRamcacheHitBytes1> + <sysHttpStatRamcacheMissBytes1> ) *100
    Eviction Rate
    <sysHttpStatRamcacheEvictions1> / (<sysHttpStatRamcacheHits1> + <sysHttpStatRamcacheMisses1>) *100

Collecting data on CPU use

You can use SNMP commands with various OIDs to gather and interpret data on CPU use on the BIG-IP system. Specifically, you can gather and interpret data for two different graph metrics: TMM CPU Usage and CPU[0-n].

To gather and interpret the data for this metric, you must perform some polling and calculations:

  • First, you must use the OID to perform two separate polls, at an interval of your choice.
  • Next, you calculate the delta of the two poll values.
  • Finally, you perform a calculation on the OID delta.

Table 15.13 shows the individual OIDS that you must poll, retrieving two separate poll values for each OID.

.

Table 15.13 Required OIDs for polling for data on CPU use
Performance Graph
(Configuration utility)
Graph Metric
Required SNMP OIDs
CPU Usage
CPU[0-n]
sysHostCpuUser (.1.3.6.1.4.1.3375.2.1.7.2.2.1.3)
sysHostCpuNice (.1.3.6.1.4.1.3375.2.1.7.2.2.1.4)
sysHostCpuSystem (.1.3.6.1.4.1.3375.2.1.7.2.2.1.5)
sysHostCpuUser (.1.3.6.1.4.1.3375.2.1.7.2.2.1.3)
sysHostCpuNice (.1.3.6.1.4.1.3375.2.1.7.2.2.1.4)
sysHostCpuIdle (.1.3.6.1.4.1.3375.2.1.7.2.2.1.5)
sysHostCpuSystem (.1.3.6.1.4.1.3375.2.1.7.2.2.1.6)
sysHostCpuIrq (.1.3.6.1.4.1.3375.2.1.7.2.2.1.7)
sysHostCpuSoftirq (.1.3.6.1.4.1.3375.2.1.7.2.2.1.8)
sysHostCpuIowait (.1.3.6.1.4.1.3375.2.1.7.2.2.1.9)
TMM CPU Usage
sysStatTmTotalCycles (.1.3.6.1.4.1.3375.2.1.1.2.1.41)
sysStatTmIdleCycles (.1.3.6.1.4.1.3375.2.1.1.2.1.42)
sysStatTmSleepCycles (.1.3.6.1.4.1.3375.2.1.1.2.1.43)

 

For example, for the CPU[0-n] graph metric:

  1. Poll the OID sysHostCpuUser (.1.3.6.1.4.1.3375.2.1.7.2.2.1.3) twice, at a 10-second interval.
    This results in two values, <sysHostCpuUser1> and <sysHostCpuUser2>.
  2. Note: Although this example uses an interval of ten seconds, the interval can actually be any duration that you choose.  
  3. Calculate the delta of the two poll values:
  4. <DeltaCpuUser = sysHostCpuUser2 - sysHostCpuUser1
  5. Repeat steps one and two for each OID pertaining to the CPU[0-n] graph metric.
  6. Calculate the value of the CPU[0-n] graph metric using the calculation shown in Table 15.14 .
    Table 15.14 Required calculations for interpreting metrics on CPU use
    Performance Graph
    (Configuration utility)
    Graph Metric
    Required calculations for CPU use
    CPU Usage
    CPU[0-n]
    (<DeltaCpuUser> + <DeltaCpuNice> + <DeltaCpuSystem>) / (<DeltaCpuUser> + <DeltaCpuNice> + <Delta CpuIdle> + <DeltaCpuSystem> + <DeltaCpuIrq> + <DeltaCpuSoftirq> + <DeltaCpuIowait>) *100
    TMM CPU Usage
    ((<DeltaTmTotalCycles> - (<DeltaTmIdleCycles> + <DeltaTmSleepCycles>)) / <DeltaTmTotalCycles>) *100

Collecting data on SSL transactions per second

You can use SNMP commands with an OID to gather and interpret data on SSL performance, in terms of transactions per second.

To gather and interpret the data for this metric, you must perform some polling and calculations:

  • First, you must use the OID to perform two separate polls, at an interval of your choice.
  • Next, you calculate the delta of the two poll values.
  • Finally, you perform a calculation on the OID delta.

Table 15.15 shows the OID that you must poll, retrieving two separate poll values for this OID.

Table 15.15 Required OIDs for polling for data on SSL TPS
Performance Graph
(Configuration utility)
Graph Metrics
Required SNMP OIDs
SSL TPS
SSL TPS
sysStatClientTotConns (.1.3.6.1.4.1.3375.2.1.1.2.1.7)

 

For example, for the SSL TPS graph metric:

  1. Poll the OID sysStatClientTotConns (.1.3.6.1.4.1.3375.2.1.1.2.1.7) twice, at a 10-second interval.
    This results in two values, <sysStatClientTotConns1> and <sysStatClientTotConns2>.
  2. Note: Although this example uses an interval of ten seconds, the interval can actually be any duration that you choose.  
  3. Calculate the delta of the two poll values:

<DeltaStatClientTotConns> = <sysStatClientTotConns2> - <sysStatClientTotConns1>

  1. Calculate the actual value of the SSL TPS graph metric using the calculation shown in Table 15.16 , where the value of <interval> is 10.
    Table 15.16 Required calculations for interpreting metrics on SSL TPS
    Performance Graph
    (Configuration utility)
    Graph Metric
    Required calculations for SSL TPS
    SSL TPS
    SSL TPS
    <DeltaStatClientTotConns> / <interval>



Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)