這周一直在忙公司的無線網絡,和其他的技術人員一起安裝wlc,ap,ise,配置ca,交換機,ha等等。這個過程中出現了一些問題,比如之前的wlc沒有配置agressive load balance,結果導緻某些ap超負荷運轉,一個ap連接配接了40個使用者導緻速度奇慢無比。為了預防再次出現類似問題,老闆讓我把監控ap連接配接的功能加入nagios系統中。
簡單的介紹一下公司的無線網絡環境,我們使用的都是思科的裝置。2台wireless controller(wlc)互相ha,wlc連接配接了約50個ap接入點,不同的ssid通過cisco ise進行證書和ad驗證和授權。
經過測試,ap已經連在了wlc,是以不允許我直接對ap裝置進行snmp的查詢。所有的snmp查詢都需要從wlc上擷取。wlc的mib可以從這裡下載下傳或者在思科官網查詢。
<a href="http://www.oidview.com/mibs/14179/airespace-switching-mib.html" target="_blank">http://www.oidview.com/mibs/14179/airespace-switching-mib.html</a>
<a href="http://www.oidview.com/mibs/14179/airespace-wireless-mib.html" target="_blank">http://www.oidview.com/mibs/14179/airespace-wireless-mib.html</a>
<a href="http://tools.cisco.com/support/snmp/do/browseoid.do?objectinput=1.3.6.1.4.1.14179.2.2.1.1.3&translate=translate&submitvalue=submit" target="_blank">http://tools.cisco.com/support/snmp/do/browseoid.do?objectinput=1.3.6.1.4.1.14179.2.2.1.1.3&translate=translate&submitvalue=submit</a>
對于我的要求而已,最重要的資訊有2個,擷取ap的oid以及他對應的用戶端連接配接數目的oid
ap的oid 如下
1
<code>1.3.6.1.4.1.14179.2.2.1.1.3</code>
比如說我可以擷取wlc連接配接的ap的oid号碼
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
<code>snmpwalk -v 2c -o x -c public 10.2.1.17 1.3.6.1.4.1.14179.2.2.1.1.3</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.24.139.157.244.252.208 = hex-string: 53 59 44 4c 33 41 50 39</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.24.156.93.48.115.96 = hex-string: 53 59 44 4c 34 41 50 33</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.24.156.93.48.139.48 = hex-string: 53 59 44 4c 33 41 50 37</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.84.162.116.28.209.240 = hex-string: 53 59 44 4c 33 41 50 35</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.88.10.32.13.204.224 = hex-string: 53 59 44 4c 30 41 50 34</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.88.151.189.7.198.240 = hex-string: 53 59 44 4c 34 41 50 32</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.88.151.189.12.130.192 = hex-string: 53 59 44 4c 34 41 50 31 31</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.88.151.189.12.183.144 = hex-string: 53 59 44 4c 33 41 50 31</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.88.151.189.12.197.80 = hex-string: 53 59 44 4c 33 41 50 32</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.88.151.189.12.197.240 = hex-string: 53 59 44 4c 33 41 50 34</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.88.151.189.58.209.16 = hex-string: 53 59 44 4c 34 41 50 35</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.88.151.189.58.209.32 = hex-string: 53 59 44 4c 34 41 50 31</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.88.151.189.205.243.240 = hex-string: 53 59 44 4c 33 41 50 38</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.100.233.80.107.97.160 = hex-string: 53 59 44 4c 30 41 50 33</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.100.233.80.107.147.224 = hex-string: 53 59 44 4c 33 41 50 32 2d 50 31 30</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.100.233.80.125.222.192 = hex-string: 53 59 44 4c 33 41 50 36</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.100.233.80.209.233.224 = hex-string: 53 59 44 4c 34 41 50 36</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.108.80.77.43.25.224 = hex-string: 4d 4c 42 4c 47 41 50 31 2d 50 38</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.108.80.77.43.66.192 = hex-string: 4d 4c 42 4c 31 41 50 32 2d 50 37</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.108.80.77.43.107.208 = hex-string: 53 59 44 4c 4d 41 50 32 2d 50 31</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.108.80.77.43.116.160 = hex-string: 53 59 44 4c 30 41 50 35</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.108.80.77.43.141.192 = hex-string: 4d 4c 42 4c 47 41 50 33 2d 50 39</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.108.80.77.43.152.192 = hex-string: 4d 4c 42 4c 32 41 50 32 2d 50 31</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.108.80.77.43.167.144 = hex-string: 4d 4c 42 4c 31 41 50 33 2d 50 35</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.128.224.29.189.85.48 = hex-string: 53 59 44 4c 34 41 50 39</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.128.224.29.189.87.96 = hex-string: 53 59 44 4c 34 41 50 37</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.128.224.29.203.47.32 = hex-string: 53 59 44 4c 30 41 50 32</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.128.224.29.215.216.80 = hex-string: 53 59 44 4c 33 41 50 31 30</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.128.224.29.229.129.128 = hex-string: 53 59 44 4c 33 41 50 33</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.132.184.2.87.64.80 = hex-string: 53 59 44 4c 34 41 50 31 30</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.176.170.119.68.220.160 = hex-string: 53 59 44 4c 34 41 50 34</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.232.101.73.4.138.144 = hex-string: 53 59 44 4c 34 41 50 38</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.232.101.73.4.140.16 = hex-string: 53 59 44 4c 30 41 50 31</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.232.186.112.157.89.144 = hex-string: 4d 4c 42 4c 32 41 50 31 2d 50 34</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.232.186.112.157.91.16 = hex-string: 4d 4c 42 4c 47 41 50 32 2d 50 36</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.232.186.112.157.100.192 = hex-string: 4d 4c 42 4c 32 41 50 33 2d 50 33</code>
<code>snmpv2-smi::enterprises.14179.2.2.1.1.3.232.186.112.194.240.160 = hex-string: 4d 4c 42 4c 31 41 50 31 2d 50 32</code>
用戶端的連接配接數目對應的oid如下所示
1.3.6.1.4.1.14179.2.2.13.1.4
例如,我在nagios伺服器(centos 7)上執行snmpwalk,結果如下
<code>snmpwalk -v 2c -o x -c public 10.2.1.17 1.3.6.1.4.1.14179.2.2.13.1.4</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.24.139.157.244.252.208.0 = integer: 3</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.24.139.157.244.252.208.1 = integer: 19</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.24.156.93.48.115.96.0 = integer: 2</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.24.156.93.48.115.96.1 = integer: 4</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.24.156.93.48.139.48.0 = integer: 2</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.24.156.93.48.139.48.1 = integer: 15</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.24.156.93.108.13.0.0 = integer: 1</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.24.156.93.108.13.0.1 = integer: 3</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.84.162.116.28.209.240.0 = integer: 1</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.84.162.116.28.209.240.1 = integer: 3</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.88.10.32.13.204.224.0 = integer: 0</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.88.10.32.13.204.224.1 = integer: 4</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.88.151.189.7.198.240.0 = integer: 1</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.88.151.189.7.198.240.1 = integer: 6</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.88.151.189.12.130.192.0 = integer: 5</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.88.151.189.12.130.192.1 = integer: 5</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.88.151.189.12.183.144.0 = integer: 0</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.88.151.189.12.183.144.1 = integer: 6</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.88.151.189.12.197.80.0 = integer: 1</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.88.151.189.12.197.80.1 = integer: 11</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.88.151.189.12.197.240.0 = integer: 1</code>
<code>snmpv2-smi::enterprises.14179.2.2.13.1.4.88.151.189.12.197.240.1 = integer: 7</code>
和第一個指令對比,可以看見中間那一大串從14179.2.2.13.1.4後面開始的就是代表ap的位址,注意有的ap出現了兩個子位址,分别是0和1結尾,這是因為ap可以在兩個radio下工作 802.11a/n/ac 和 802.11/b/g/n, 如果我們把一個ap的兩個值相加,得到的就是總共連接配接的數目,這個數目和wlc圖像界面下看見的是一樣的。
知道基本原理了,okay,可以開始配置了。豆子的配置主要參考了這個腳本。可以下載下傳之後,根據自己實際情況修改。腳本本身很簡單,基本思路是手動配置給ap的oid指定一個号碼(1到50),然後查詢對應的用戶端連接配接數目,根據數目進行輸出
<a href="https://exchange.icinga.org/inventory/check-plugins/network/cisco-ap-client-number" target="_blank">https://exchange.icinga.org/inventory/check-plugins/network/cisco-ap-client-number</a>
測試腳本是否工作,查詢代号15的ap,顯示ap名稱和連接配接數目
<code>[root</code><code>@sydnagios</code> <code>libexec]</code><code># ./check_ap.pl 10.2.1.17 public 2c 15 10 15</code>
<code>ok: </code><code>"sydlmap2-p1"</code> <code>- number of clients: 7 | clients: 7;10;15;0;25</code>
腳本工作了,那麼修改一下我的nagios的配置檔案
nagios上添加一個command
<code>define command{</code>
<code>command_name check_ap_clients</code>
<code>command_line /usr/local/nagios/libexec/check_ap.pl 10.2.1.17 public 2c $arg1$ 15 20</code>
<code>}</code>
定義一個host
<code>define host{</code>
<code> </code><code>use generic-ap ; inherit default values from a template</code>
<code> </code><code>host_name sydl3ap8 ; the name we're giving to this switch</code>
<code> </code><code>alias sydl3ap8 ; a longer name associated with the switch</code>
<code> </code><code>address 10.2.1.166 ; ip address of the switch</code>
<code> </code><code>hostgroups ap ; host groups this switch is associated with</code>
<code> </code><code>parents ddbsyd6509</code>
<code> </code><code>}</code>
定義一個service
<code>define service {</code>
<code> </code><code>use generic-service</code>
<code> </code><code>host sydl3ap8</code>
<code> </code><code>servicegroups network-services</code>
<code> </code><code>service_description ap client information</code>
<code> </code><code>check_interval 5</code>
<code> </code><code>check_command check_ap_clients!</code>
重新開機nagios服務,看看結果如何
成功!
參考資料:
<a href="https://supportforums.cisco.com/document/9869811/cisco-wlc-snmp-historical-user-statistics-monitoring-w-syslog-or-splunk" target="_blank">https://supportforums.cisco.com/document/9869811/cisco-wlc-snmp-historical-user-statistics-monitoring-w-syslog-or-splunk</a>
<a href="http://awesomeadmin.blogspot.com.au/2009/11/monitoring-cisco-wireless-controller.html" target="_blank">http://awesomeadmin.blogspot.com.au/2009/11/monitoring-cisco-wireless-controller.html</a>