HP Network Node Manager 9 : Discovering and Monitoring Your Network - How discovery works

2/18/2015 2:20:50 AM

Discovery in NNMi

Discovery is an activity which takes care that the nodes included in discovery boundaries are discovered by NNMi and loaded into the NNMi database, with detailed information about the inventory and configuration of the discovered device. It also takes care that the detailed node configuration is discovered, which is the key for topology map drawing and overall further monitoring.

The very first step when the management tool is installed is to discover your network. It's very important to have a well-designed and configured discovery, as it directly affects the system performance, licensing costs, and monitoring efficiency

How discovery works

NNMi uses a list of protocols and techniques to discover the network. It discovers nodes and their configuration, including interfaces and connection information (including Layer 2 and Layer 3 information). This spiral discovery accurately checks for new devices in a network, their configuration, and configuration changes. It also gathers object status information and tracks their changes. It also places them on an NNMi map, which is stored in an NNMi database.

Layer 2 (the Data Link Layer) is the protocol layer, which transfers data between adjacent network nodes in a wide area network (http://en.wikipedia.org/wiki/Wide_area_network) or between nodes on the same local area network (http://en.wikipedia.org/wiki/Local_area_network) segment. The Data Link Layer provides the functional and procedural means to transfer (http://en.wikipedia.org/wiki/Transfer) data between network entities, and it may provide the means to detect and possibly correct errors that may occur in the Physical Layer (http://en.wikipedia.org/wiki/Physical_Layer). Examples of data link protocols are Ethernet (http://en.wikipedia.org/wiki/Ethernet) for local area networks (multi-node), and the Point-to-Point Protocol (PPP) (http://en.wikipedia.org/wiki/Point-to-Point_Protocol), HLDC (http://en.wikipedia.org/wiki/HDLC), and ADCCP (http://en.wikipedia.org/wiki/ADCCP) for point-to-point (dual-node) connections.

Layer3 (the Network Layer) is responsible for routing packets delivery (http://en.wikipedia.org/wiki/Packet_forwarding) including routing (http://en.wikipedia.org/wiki/Routing) through intermediate routers, whereas the Data Link Layer (http://en.wikipedia.org/wiki/Data_Link_Layer) is responsible for Media Access Control, Flow Control, and Error Checking (Layer 2 and Layer 3 definition source: Wikipedia).

This process is continuous. Discovery is never completed. If anything changes in a network, NNMi spiral discovery updates these changes instantly. Change notification accuracy depends on configured polling cycles.

There are two discovery modes in NNMi:

  • List-based discovery: This mode uses seeds to tell NNMi exactly which nodes should be discovered. This is a seed file replacement from NNM 7.x and earlier versions.
  • Rule-based discovery: This mode uses rules for node discovery, such as IP address range, system object ID range, excluded IPs, and so on.

A combination of these two modes can be used as well. Initial discovery adds seed nodes into the topology database and spiral discovery takes care of the accuracy of the network discovery.

As soon as a node is discovered, the following actions are taken by NNMi automatically:

  • Layer 3 data is discovered: Information such as node identification (IP address and hostname) is determined. Detailed node information discovery is made. The following protocols are used to determine the node's inventory and configuration: ARP, BGP, OSPF, HSRP, and VRRP.
  • Layer 2 data is discovered: Discovery protocols, such as Cisco, Enterasys, Foundry, and Cabletron are used. Link aggregation groups are determined and Forwarding data is collected. Group information is collected as well, such as FDB and VLAN.

The following diagram graphically describes how spiral discovery works:

How discovery works

If any changes in the node configuration appear, NNMi automatically initiates a device and device's neighbor rediscovery. There is only one exception—node rediscovery is not initiated if some internal device data has changed (that is, contact information or firmware version).

The administrator can set rediscovery intervals, which can vary from one hour to few days. By default, it's 24 hours. A rediscovery interval should be chosen according to network dynamics (how often network changes). If the network is pretty stable, rediscovery can be set to 24 or even 48 hour cycles. If your network is dynamic, consider lower rediscovery cycles.

To change the rediscovery interval, complete the following steps:

  1. Select Discovery Configuration in the Configuration workspace.
  2. Enter a new value in the Rediscovery interval field.
  3. Click Save and close.

The following list shows the advantages and disadvantages of list-based and rule-based discoveries:

  • List-based discovery:
    • Strictly defined list of nodes
    • Good for stable networks
    • NNMi does not discover new nodes if they are added into the network
    • Easy to control node amount against a license
  • Rule-based discovery
    • Not strictly defined list of nodes
    • Good for dynamic networks, often with new node installation
    • Easy to control node amount against a license

SNMP is a key protocol for accurate discovery of nodes and their connections. As soon as a node is discovered, sysObjectID (which is a key for further device discovery) is retrieved from a device. Devices are profile based on their sysObejctID, which is queried using SNMP (SNMP OID

NNMi has over 3600 device profiles at the time of release. NNMi admin can create a new device profile based on the new sysObjectID.

NNMi does not perform any out of the box discovery, unless the system administrator configures what needs to be discovered. Also, it is important to know that by default, only routers and switches are discovered. Each discovered node counts against license, no matter what state it is in. In other words, even if the node is set as not managed, it is counted against license. If you are short on license, please make sure that you monitor only important devices. All others should be deleted.

To see how many nodes are discovered and how are you doing against a license, complete the following steps:

  1. Select Help | About HP Network Node Manager i from the main menu.
  2. The window with the main NNMi status information opens, and it also provides information about the number of discovered nodes and license capacity.

To check nodes, which are discovered, complete the following steps:

  1. Select Inventory workplace.
  2. Select Nodes.
  3. Investigate nodes, which are already discovered.

Before you delete a node, you should modify your discovery rules accordingly.

The discovered node name is selected using the following sequence:

  • Short DNS name is used
  • If this name cannot be resolved using DNS, short sysObjectID name is used
  • If this name is not provided on the device, then IP address is used as a node name

If you don't have DNS, or for some reason you don't want or are not allowed to make records in DNS server, you can use hosts files. A host file is an alternative to DNS and makes name resolution inside a node. It is still recommended to use DNS, if available. This is because the hosts file only resolves names for requests from a node where the hosts file is. If there are many records in the hosts file (hundreds or even thousands), it makes an impact on the system performance.


If you have thousands of devices, the hosts file may decrease name resolution performance.

Example of hosts file syntax: Assume we need to add box1 and box2 nodes into a hosts file, which are in testlab.local domain. The hosts file records would look like this: box1.testlab.local box1 box2.testlab.local box1

The hosts file is located in following path:

Unix: /etc/hosts

Windows: c:\Windows\System32\drivers\etc\hosts


NNMi version 8.0x has selected the highest loopback address as a primary management address. Starting from NNMi 8.10, the lowest IP address is taken as a primary management address. An exception is Cisco devices, which loopback IP address with the lowest IP selected as a primary management address.

How node configuration is discovered:

  • If a device supports SNMP, then the interface table is read and all interfaces of that node are represented on a map.
  • If a device does not support SNMP, then DNS (or hosts file) is queried and such a node is loaded into the inventory database. If a node with the same node name, but different IP address, is already in inventory database, then the discovered interface is added into the already discovered node. The following screenshot represents the discovery configuration window:
    How discovery works

Discovery configuration was improved since NNM7.x and the earlier versions. NNMi has a more intuitive configuration, which is placed on one window instead of several windows and configuration files.

Discovery can be configured using the Discovery Configuration Form. A Communication Configuration Form is used to configure communication about how devices should be polled or queried. The discovery engine uses discovery rules and/or seeds. All discovered data is stored in RDBMS. Previous NNM versions have had several binary databases. The following diagram represents the main discovery configuration elements:

How discovery works

  •  Commercial Backup Utilities : Reduction in Network Traffic
  •  Commercial Backup Utilities : Data Requiring Special Treatment, Storage Management Features
  •  Commercial Backup Utilities : Simultaneous Backup of Many Clients to One Drive, Disk-to-Disk-to-Tape Backup, Simultaneous Backup of One Client to Many Drives
  •  Commercial Backup Utilities : Backup of Very Large Filesystems and Files, Aggressive Requirements
  •  The HP Virtual Server Environment : Virtual Partition Example Scenario (part 8) - Using a Script to Migrate CPUs
  •  The HP Virtual Server Environment : Virtual Partition Example Scenario (part 7) - Configuring an nPartition and Virtual Partitions for Auto-Booting
  •  The HP Virtual Server Environment : Virtual Partition Example Scenario (part 6) - Creating the Second Virtual Partition, Booting the Second Virtual Partition
  •  The HP Virtual Server Environment : Virtual Partition Example Scenario (part 5) - Virtual Partition States, Booting the First Virtual Partition
  •  The HP Virtual Server Environment : Virtual Partition Example Scenario (part 4) - Installation of Virtual Partitions
  •  The HP Virtual Server Environment : Virtual Partition Example Scenario (part 3) - Planning for Virtual Partitions
    Most View
    Dell Vostro 3560 - A Chunky, Well-Specified Laptop
    Most Favorite Miscellaneous Apps For Your Smartphone – November 2012 (Part 1)
    How To Protect Your Camera Lens From Fungus
    Windows 7 : Maintaining Your Hard Drive
    Windows 7 : Organizing, Fixing, and Sharing Digital Photos - Photo Management in Windows XP and Vista
    Moving into SAP Functional Development : Gaining Control of Change Control - Change Control and the SAP Solution Stack
    Windows 8 Explorer : Diagnosis and Recovery - The Performance and App History Tabs
    A Malware Primer
    Digitize Music, Video And Photos For Free (Part 1)
    Windows Tip Of The Month – October 2012 (Part 1)
    Popular Tags
    Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8 BlackBerry Android Ipad Iphone iOS
    Top 10
    Review : Acer Aspire R13
    Review : Microsoft Lumia 535
    Review : Olympus OM-D E-M5 Mark II
    TomTom Runner + MultiSport Cardio
    Timex Ironman Run Trainer 2.0
    Suunto Ambit3 Peak Sapphire HR
    Polar M400
    Garmin Forerunner 920XT
    Sharepoint 2013 : Content Model and Managed Metadata - Publishing, Un-publishing, and Republishing
    Sharepoint 2013 : Content Model and Managed Metadata - Content Type Hubs