Discovery in NNMi
Discovery is an activity which takes care that the nodes included in
discovery boundaries are discovered by NNMi and loaded into the NNMi
database, with detailed information about the inventory and
configuration of the discovered device. It also takes care that the
detailed node configuration is discovered, which is the key for
topology map drawing and overall further monitoring.
The very first step when the management tool is installed
is to discover your network. It's very important to have a
well-designed and configured discovery, as it directly affects the
system performance, licensing costs, and monitoring efficiency
How discovery works
NNMi uses a list of protocols and techniques to discover the
network. It discovers nodes and their configuration, including
interfaces and connection information (including Layer 2 and Layer 3
information). This spiral discovery accurately checks for new devices
in a network, their configuration, and configuration changes. It also
gathers object status information and tracks their changes. It also
places them on an NNMi map, which is stored in an NNMi database.
Layer 2 (the Data Link Layer) is the protocol layer, which transfers
data between adjacent network nodes in a wide area network (http://en.wikipedia.org/wiki/Wide_area_network) or between nodes on the same local area network (http://en.wikipedia.org/wiki/Local_area_network) segment. The Data Link Layer provides the functional and procedural means to transfer (http://en.wikipedia.org/wiki/Transfer)
data between network entities, and it may provide the means to detect
and possibly correct errors that may occur in the Physical Layer (http://en.wikipedia.org/wiki/Physical_Layer). Examples of data link protocols are Ethernet (http://en.wikipedia.org/wiki/Ethernet) for local area networks (multi-node), and the Point-to-Point Protocol (PPP) (http://en.wikipedia.org/wiki/Point-to-Point_Protocol), HLDC (http://en.wikipedia.org/wiki/HDLC), and ADCCP (http://en.wikipedia.org/wiki/ADCCP) for point-to-point (dual-node) connections.
Layer3 (the Network Layer) is responsible for routing packets delivery (http://en.wikipedia.org/wiki/Packet_forwarding) including routing (http://en.wikipedia.org/wiki/Routing) through intermediate routers, whereas the Data Link Layer (http://en.wikipedia.org/wiki/Data_Link_Layer) is responsible for Media Access Control, Flow Control, and Error Checking (Layer 2 and Layer 3 definition source: Wikipedia).
This process is continuous. Discovery is never completed. If
anything changes in a network, NNMi spiral discovery updates these
changes instantly. Change notification accuracy depends on configured
polling cycles.
There are two discovery modes in NNMi:
- List-based discovery:
This mode uses seeds to tell NNMi exactly which nodes should be
discovered. This is a seed file replacement from NNM 7.x and earlier
versions.
- Rule-based discovery: This mode uses rules for node discovery, such as IP address range, system object ID range, excluded IPs, and so on.
A combination of these two modes can be used as well. Initial
discovery adds seed nodes into the topology database and spiral
discovery takes care of the accuracy of the network discovery.
As soon as a node is discovered, the following actions are taken by NNMi automatically:
- Layer 3 data is discovered:
Information such as node identification (IP address and hostname) is
determined. Detailed node information discovery is made. The following
protocols are used to determine the node's inventory and configuration:
ARP, BGP, OSPF, HSRP, and VRRP.
- Layer 2 data is discovered:
Discovery protocols, such as Cisco, Enterasys, Foundry, and Cabletron
are used. Link aggregation groups are determined and Forwarding data is
collected. Group information is collected as well, such as FDB and VLAN.
The following diagram graphically describes how spiral discovery works:
If any changes in the node configuration appear, NNMi automatically
initiates a device and device's neighbor rediscovery. There is only one
exception—node rediscovery is not initiated if some internal device
data has changed (that is, contact information or firmware version).
The administrator can set rediscovery intervals, which can vary from
one hour to few days. By default, it's 24 hours. A rediscovery interval
should be chosen according to network dynamics (how often network
changes). If the network is pretty stable, rediscovery can be set to 24
or even 48 hour cycles. If your network is dynamic, consider lower
rediscovery cycles.
To change the rediscovery interval, complete the following steps:
- Select Discovery Configuration in the Configuration workspace.
- Enter a new value in the Rediscovery interval field.
- Click Save and close.
The following list shows the advantages and disadvantages of list-based and rule-based discoveries:
- List-based discovery:
- Strictly defined list of nodes
- Good for stable networks
- NNMi does not discover new nodes if they are added into the network
- Easy to control node amount against a license
- Rule-based discovery
- Not strictly defined list of nodes
- Good for dynamic networks, often with new node installation
- Easy to control node amount against a license
SNMP is a key protocol for accurate discovery of nodes and their
connections. As soon as a node is discovered, sysObjectID (which is a
key for further device discovery) is retrieved from a device. Devices
are profile based on their sysObejctID, which is queried using SNMP
(SNMP OID 1.3.6.1.2.1.1.2).
NNMi has over 3600 device profiles at the time of release. NNMi
admin can create a new device profile based on the new sysObjectID.
NNMi does not perform any out of the box discovery, unless the
system administrator configures what needs to be discovered. Also, it
is important to know that by default, only routers and switches are
discovered. Each discovered node counts against license, no matter what
state it is in. In other words, even if the node is set as not managed,
it is counted against license. If you are short on license, please make
sure that you monitor only important devices. All others should be
deleted.
To see how many nodes are discovered and how are you doing against a license, complete the following steps:
- Select Help | About HP Network Node Manager i from the main menu.
- The
window with the main NNMi status information opens, and it also
provides information about the number of discovered nodes and license
capacity.
To check nodes, which are discovered, complete the following steps:
- Select Inventory workplace.
- Select Nodes.
- Investigate nodes, which are already discovered.
Before you
delete a node, you should modify your discovery rules accordingly.
The discovered node name is selected using the following sequence:
- Short DNS name is used
- If this name cannot be resolved using DNS, short sysObjectID name is used
- If this name is not provided on the device, then IP address is used as a node name
If you don't have DNS, or for some reason you don't want or are not
allowed to make records in DNS server, you can use hosts files. A host
file is an alternative to DNS and makes name resolution inside a node.
It is still recommended to use DNS, if available. This is because the
hosts file only resolves names for requests from a node where the hosts
file is. If there are many records in the hosts file (hundreds or even
thousands), it makes an impact on the system performance.
Note
If you have thousands of devices, the hosts file may decrease name resolution performance.
Example of hosts file syntax: Assume we need to add box1 and box2 nodes into a hosts file, which are in testlab.local domain. The hosts file records would look like this:
10.10.1.1 box1.testlab.local box1
10.10.1.2 box2.testlab.local box1
The hosts file is located in following path:
Unix: /etc/hosts
Windows: c:\Windows\System32\drivers\etc\hosts
Note
NNMi version 8.0x has selected the highest loopback address as a
primary management address. Starting from NNMi 8.10, the lowest IP
address is taken as a primary management address. An exception is Cisco
devices, which loopback IP address with the lowest IP selected as a
primary management address.
How node configuration is discovered:
- If a device supports SNMP, then the interface table is read and all interfaces of that node are represented on a map.
- If
a device does not support SNMP, then DNS (or hosts file) is queried and
such a node is loaded into the inventory database. If a node with the
same node name, but different IP address, is already in inventory
database, then the discovered interface is added into the already
discovered node. The following screenshot represents the discovery
configuration window:
Discovery configuration was improved since NNM7.x and the earlier
versions. NNMi has a more intuitive configuration, which is placed on
one window instead of several windows and configuration files.
Discovery can be configured using the Discovery
Configuration Form. A Communication Configuration Form is used to
configure communication about how devices should be polled or queried.
The discovery engine uses discovery rules and/or seeds. All discovered
data is stored in RDBMS. Previous NNM versions have had several binary
databases. The following diagram represents the main discovery
configuration elements:
