Solstice Enterprise Manager 4.1 Managing Your Network

Chapter 3

Discovering Network Components

Network Discovery is an automated tool for finding the components on your network and creating a managed object database representing those components on an MIS. The database created by Network Discovery is stored on a local or remote MIS as either a logical or topological (hierarchical) map that you can view with the Network Views tool. After using Network Discovery, you can use the Network Monitor tool to automatically update your managed object databases at intervals you specify.

See Section 3.1 Overview for more information on Network Discovery and Network Monitor. Step-by-step instructions for using these tools begin from Section 3.2 Getting Started With Network Discovery. Detailed command-line reference information is provided in Section 3.9 Reference.

This chapter comprises the following topics:

• Section 3.2 Getting Started With Network Discovery
• Section 3.3 Loading and Saving Discovery Rules
• Section 3.4 Deciding Which Components to Discover
• Section 3.5 Viewing Network Discovery Progress
• Section 3.6 Stopping a Network Discovery in Progress
• Section 3.7 Creating a New MIS Managed Object Database
• Section 3.8 Keeping Data Current With Network Monitor

3.1 Overview

Before you can use Solstice Enterprise Manager (Solstice EM) to manage the various components on your network, you must first determine what those components are. More specifically, before you perform any management tasks in Solstice EM, you must populate at least one Solstice EM Management Information Server (MIS) database in your Solstice EM environment with a map of your network components.

You can use the Network Discovery tool to perform two types of functions:

• Discovery - The primary means of finding network components and populating the MIS with managed objects representing those network components; can be initiated from the GUI or from the command line. Numerous options are available for defining the scope and range of the Network Discovery process, and for defining the way managed objects are represented in the MIS. Refer to Section 3.9 Reference for more information about these options.
• Monitoring - Provides the means to conveniently schedule through the GUI automated periodic updates to MIS entries for specific subsets of network components. The Monitor function uses the settings you specify for the Discover function, and also provides options for specifying what and when you want to monitor; refer again to Section 3.9 Reference for more information.

3.1.1 Agents and Stations

The Network Discovery tool uses the industry-standard agent/station model to provide a simple, automated way to find the hosts, workstations, PCs, routers, networks, subnetworks, links, and other SNMP devices on your network. When Network Discovery finds a network component, it creates a managed object to represent the component in an MIS database.

In the agent/station model of network management, network components run locally, or are accessible by, software agents. These agents make available to network management station applications information about the network component with which the agent is associated. Station applications request information from one or more agents, and return this information either directly to the user or to other network management applications.

3.1.2 Methods Used by Network Discovery

By default, Discover and Monitor use a combination of Ping, SNMP, and RPC methods to find SNMP network components. You can modify these methods directly through the Network Discovery tool, and add support in your MIS for other protocols using the various MIS tools described in the Customizing Guide. More information about Network Discovery Tool methods is provided later in this chapter, in Section 3.9 Reference.

3.1.3 Network Views

Network components discovered by Network Discovery are stored as managed objects in the MIS under a root container or view you specify, in either a hierarchical or logical format. Briefly, these two formats are as follows:

• Hierarchical - Network components are represented in a topographical format, based on physical parent/child relationships. For example, a hierarchical view of a network may progress, tree-style, from networks, to routers, to subnetworks, to hosts. This is the default format created by Network Discovery.
• Logical - Network components are all represented at the same level under the root (or other specified) container in the MIS. This format is not recommended for large networks.

When running Network Discovery on your network, you can specify the name of the root container object under which you want to store your discovery results in the MIS, as well as the format in which you want to store the object data. This format--that is, hierarchical or logical--is important, because it affects the basic way in which your object data is recorded in the MIS, and you cannot change the format after the network discovery is completed. The default container is "Root." If you use a container other than Root, the container you specify is created at the root level, and new objects are created in logical format.

---

Caution-By default, Network Discovery only adds objects to the MIS for newly discovered network components--that is, if an object reference to a network component already exists in the MIS, Network Discovery will not overwrite it. If you save the results of your network discovery first in, say, hierarchical format, and then do a subsequent discovery saving the results in logical format, you will create a condition in which you will not see all your components in a given view--for example, some components will be visible in your logical views, but not in your hierarchical views. The only way to recreate your MIS database, and thereby be assured that you will later be able to see all your components in a given view, is to start the MIS services with a new database. Instructions for doing this are provided later in Section 3.7 Creating a New MIS Managed Object Database.

---

See Chapter 4" for more information on creating and working with Network Views. Refer to the Management Information Server (MIS) Guide for more information on working directly with the MIS.

3.1.4 Network Monitor

The Network Discovery Monitor function provides a convenient set of controls for automatically updating some or all of your MIS at periodic intervals. Use the Monitor function instead of, or in addition to, any script-based automation you may already use to maintain updated object data in your MIS.

For example, you may use a cron script that runs Network Discovery to completely rebuild your MIS every two weeks. Depending on your goals for this rebuild, you may find that the Monitor function adequately suits your needs, is faster than a complete rebuild and, at the same time, is simpler and more straightforward to use.

See Section 3.8 Keeping Data Current With Network Monitor for more information about using Network Monitor.

3.1.5 Related Tasks

Before using Network Discovery, you must:

• Install or configure network agent software as needed on or for the network components you want to discover--Solstice EM installation may or may not have installed such agent software automatically for you. See the Installation Guide for more information.
• Use the em_services command to start the MIS daemons on the host that manages the MIS you want to populate. See the Management Information Server (MIS) Guide for more information.

If your network uses CiscoWorks, Optivity, or other components, you must add managed object definitions for such devices to your MIS before running a Network Discovery. See the Management Information Server (MIS) Guide for information about adding object definitions to your MIS.

After using the Discover tool to create a managed object database of the components on your network, you may want to:

• Use the Monitor function to automate updates to your MIS. Refer to Section 3.8 Keeping Data Current With Network Monitor for more information.
• Use the Network Views tool to view and manage the components on your network. See Chapter 4 " for more information.
• Use the various object viewing tools to view detailed information about the objects in your MIS. See Chapter 9" for more information.
• Use the Alarms tool to configure or respond to alerts and alarms generated by one or more network components. See Chapter 5" for more information.

3.1.6 Related Files

• $EM_HOME/config/discover.conf - Network Discovery configuration file
• /tmp/em_discover_pid.log - Discover log file
• /tmp/em_discover_pid.log - Monitor log file

3.1.7 Further Reading

Refer to the Solstice EM Customizing Guide for more information about configuring network agents and your MIS. Also refer to the Management Information Server (MIS) Guide for more information about MIS configuration options.

3.2 Getting Started With Network Discovery

Network Discovery can be run from either a simple graphical interface or from the command line. The command-line interface is particularly useful if you want to run Network Discovery as part of an automated script. This is important, because the Discovery process can be more or less time-consuming depending on the number of network components being discovered.

---

Note – By default, the Network Discovery process starts from the machine on which it is run, not the machine on which the MIS is located. While you can tell Network Discovery to locate whatever components you want, this default behavior could be significant if the machine on which Network Discovery is run and the machine on which the MIS is located are on different subnetworks.

---

Refer to Section 3.8 Keeping Data Current With Network Monitor, for instructions on using Network Monitor.

The following procedures provide information about:

• Starting the Network Discovery tool
  
• Starting a Network Discovery using default settings
  
• Initiating a Network Discovery using rules from a file
  
• Stopping a Network Discovery

To Start the Network Discovery Tool

Start the Network Discovery tool in one of the following ways:

• In the Network Tools window, click Network Discovery.

  

  FIGURE 3-1   Network Discovery Button

• Using other Solstice EM tools, click Tools->Network Discovery.
• Using the UNIX command-line, type:

  em_discover -options

  Refer to TABLE 3-1 for a complete list of Network Discovery command-line options. After starting Network Discovery from either the Network Tools window or the Tools->Network Discovery menu item, the Network Discovery window is displayed. The Network Discovery window is not displayed when you use the command-line interface unless you specify the -T option.

  ---

  Note – Network Discovery cannot be run from the command line by any user other than root if Solstice EM is installed in a directory other than the default (/opt). Non-root users can still run Network Discovery from the Network Tools window even if Solstice EM is installed in a non-default location. The command-line restriction only exists when Solstice EM is installed in a non-default location.

  ---

To Start a Network Discovery Using Default Settings

• In the Network Discovery window, click Start to initiate the Network Discovery process using the default settings.

To Start a Network Discovery Using Saved Settings

1. Click Actions->Discover Network to display the Discover Network dialog box.

2. Select the various Discover options you want to use, or load an existing Network Discovery rules file.

Refer to the subsequent procedures in this chapter, and to Section 3.9 Reference, for complete information about these options.

3. Click Start to initiate the discover process.

To Stop a Network Discovery

• When the discovery process is complete, click File->Exit to close the Network Discovery window.

3.3 Loading and Saving Discovery Rules

When you use the Network Discovery graphical interface (but not when you use the command-line interface), you can save and load all your settings--components to discover, discovery methods, and logging options--in a Network Discovery rules file. Rules files are plain ASCII text, and provide a convenient means for recalling your Network Discovery settings for use at a later time or by another person.

To Load an Existing Discovery Rules File

1. In the Network Discovery window, click Actions->Discover Network to display the Discover Network dialog box.

2. Click Load, and then enter the name of the rules file you want to use.

3. Click Start to start the Network Discovery process.

To Save a Discovery Rules File

1. In the Network Discovery window, click Actions->Discover Network to display the Discover Network dialog box.

2. Specify your Network Discovery settings, as described in the subsequent procedures in this chapter.

3. Click Save.

4. Enter a name and location for your rules file.

3.4 Deciding Which Components to Discover

The Network Discovery tool lets you specify:

• Types of components to discover--Specify multiple or single networks, a specific list of IP addresses, a single device, specific object types, and so forth. You can also specify how you want discovered components to be represented in the MIS.
• Ports to use for discovery--Select from a list of available ports to use for discovery.
• Discover by--Specify whether to discover by services, topotypes, or both. Choose the services to discover for.
• Discover methods--Specify settings for Ping, SNMP, RPC, and SunNet Manager agents and proxies.
• Logging options--Enable and disable logging, and specify location of log files generated by the Network Discovery process.

  ---

  Note – The procedures below describe how to specify Network Discovery options using the graphical Network Discovery window. If you are using the command-line interface, simply enter the desired options at the command line. Refer to TABLE 3-1 for complete descriptions of Network Discover command-line options.

  ---

To Select Components to Discover

1. In the Network Discovery window, click Actions->Discover Network to display the Discover Network dialog box.

2. Select the Network Discovery tab, if it is not already selected.

3. Select the type of discovery you want to perform from the Types of Discovery group.

The selection you make here constrains most of the other options on this tab.

4. In the Display of Newly Discovered Objects group, specify how you want discovered objects to be represented in the MIS.

You can specify the name of the default view to use when representing the results of your discovery in the Network Views window, and whether you want these results saved in the MIS in topographical (hierarchical) or logical formats. The default is Root. If you use a container other than Root, the container you specify is created at the root level, and new objects are created in logical format.

---

Note – When a discover is completed, the time and date stamp, number of objects discovered, in addition to the time required for discovery are printed on the discovery report.

---

5. On machines with multiple network interfaces, you can select which interfaces to use for discovery.

6. Continue on to specify a discovery method, as described in the next procedure.

To Select Interface(s) for Discovery

1. On the Network Discovery tab, select any interfaces from the list of Selected Ports to add or remove the interface from the discovery.

2. Click Remove or Restore to set the interfaces for discovery.

To Specify Discovery by Services and TopoTypes

1. In the Discover Network dialog, select the Services/TopoTypes tab.

2. Set the Discover by Services option to Off.

All services will be grayed out.

or

2. Set the Discover by Services option to On.

This action makes the available services active.

3. Click to select available service protocols or you can enter a new service.

4. Click the All Topotypes checkbox to select the topotypes to discover.

By default, all topotypes are discovered.

5. Select the topotype from the list.

6. Click Add to add selections to the discovery list.

7. Click Remove to remove selections from the discovery list.

To Specify Discovery Methods

1. In the Discover Network dialog, select the Ping/SNMP/RPC tab.

2. Specify Ping and SNMP optimization parameters, depending on the characteristics of your network.

3. Specify if you want to discover agents.

---

Note – If there are any agents, this will significantly increase the discovery time.

---

4. Type the names of any SNMP read community strings to use.

You can specify up to five read community strings, separating each string with a colon, no spaces; for example, public:floor2. The default read string is public.

5. Type the name of an SNMP write community string to use, if desired.

You can only specify one write community string. The default write community string name is private. Note that this setting only affects the recording of object data in the MIS; that is, it does not issue any SNMP SET requests.

6. Specify whether you want to use automatic RPC configuration.

7. Specify any specific RPC agents you want to use in addition to those used by the automatic RPC configuration option.

8. Click Start to initiate the Discover process, or continue on to specify Logging options, as described in the next procedure.

To Specify Logging Options

1. In the Discover Network dialog box, select the Logging tab.

2. Specify whether you want to turn logging on or off.

If you choose to enable logging, select the name of a log file to use. If desired, specify one or more addresses to which you want to email the log file. Separate multiple addresses with a semicolon.

3. Specify the level of detail you want to capture in the log file.

---

Note – Executing Debug in verbose mode will process a multitude of data that is unnecessary for most users.

---

4. Click Start to initiate the Discover process.

The Network Discovery window displays the status of the discovery process, and this output is also directed to the log file you specified. If you want to save your settings in a Network Discover rules file, refer to Section 3.3 Loading and Saving Discovery Rules.

3.5 Viewing Network Discovery Progress

The Network Discovery window displays a running log and progress counter of the Network Discovery currently in progress. This information remains available after the Discovery process has been completed, but is lost when you close the Network Discovery window--that is, if you close and restart Network Discovery, this information will be lost. Use a log file to view progress information after Network Discovery has been completed and you have closed the Network Discovery window. Creating Network Discovery log files is described in the preceding procedure, To Specify Logging Options.

To View a Network Discovery in Progress

• Look in the Network Discovery window.

  You can print the text in this window, or select text and paste it into another application, such as a text editor. Note that you cannot insert text into the Network Discovery window.

3.6 Stopping a Network Discovery in Progress

You can stop a Network Discovery in progress without causing any damage to your existing MIS. Network Discovery only adds new objects to your MIS, and does not overwrite any existing objects.

To Stop a Network Discovery in Progress

• Click Stop in the Network Discovery window.

3.7 Creating a New MIS Managed Object Database

By default, as described in Section 3.1.3 Network Views, Network Discovery only adds object references to your MIS for newly discovered objects. If an object reference already exists in the MIS, Network Discovery does not overwrite it.

There will likely be occasions when you want to recreate your MIS database from scratch. For example, you may want to recreate the database for periodic maintenance purposes, or to change the object format from logical to hierarchical or vice versa.

Recreating your MIS is accomplished by an MIS services command-line option, and not by any specific option in Network Discovery. While most MIS commands are beyond the scope of this guide, the command to create a new MIS database is fundamental to using Network Discovery, and so it is described here. For complete information about working with MIS object data, refer to the Management Information Server (MIS) Guide.

---

Caution- Use extreme caution when creating a new MIS database! Creating a new MIS database destroys all data in the old MIS database. Refer to the Management Information Server (MIS) Guide for information about using the Topology Import/Export tool to save and restore MIS topology information. See the Management Information Server (MIS) Guide for information about creating and restoring backups of your MIS database.

---

To Create a New MIS Managed Object Database

1. On the host on which you want to create the new MIS, stop the currently running MIS services, if any, by executing the following command at an UNIX command prompt:

em_services -stop

2. Start (or restart) the MIS services by executing the following command:

em_services -init

You are warned that proceeding will destroy all data in the current MIS.

3. Enter y to continue, or n to cancel.

A new MIS database is created, and the MIS services are reinitialized.

4. Run Network Discovery to create a new MIS database.

3.8 Keeping Data Current With Network Monitor

The Network Discovery Monitor function provides a convenient set of controls for automatically updating some or all of your MIS at periodic intervals. Specifically, Network Monitor updates the MIS with managed objects for newly discovered network components, and marks as down components that are unreachable. Use the Monitor function instead of, or in addition to, any script-based automation you may already use to maintain the currency of object data in your MIS.

For example, you may use a cron script that runs Network Discovery to completely rebuild your MIS every two weeks. Depending on your goals for this rebuild, you may find that the Monitor function adequately suits your needs, is faster than a complete rebuild and, at the same time, is simpler and more straightforward to use.

The Monitor function uses the current settings specified for the Discover function. In addition, Monitor provides options for specifying what you want to monitor, and for scheduling when you want Monitor to run.

To Use Network Discovery Monitor

1. Start the Network Discovery tool in one of the following three ways:

• From the Network Tools window, click Network Discovery.
• From the Network Views window, click Tools->Network Discovery.
• From an UNIX command prompt, execute:

  em_discover -M options

  See TABLE 3-2 for a complete list of Network Discovery Monitor command-line options.

  After starting Network Discovery from either the Network Tools window or the Tools->Network Discovery menu, the Network Discovery window is displayed. The Network Discovery window is not displayed when you use the command-line interface unless you specify the -T option.

2. From the Network Discovery window, click Actions->Monitor Network to display the Monitor Network dialog box.

3. Select the various Monitor options you want to use, or load an existing discovery rules file.

4. In the Network Monitor window, click Start to start the Monitor process.

Make sure that you are in the Network Monitor window when you click Start; clicking Start in the main Network Discovery window starts the Discover process, not the Monitor process.

5. Click File->Exit to close the Network Discovery window.

To Load an Existing Monitor Rules File

1. In the Network Discovery window, click Actions->Monitor Network to display the Monitor Network dialog box.

2. Click Load.

3. Enter the name of the rules file you want to use.

4. Click Start to start the Network Monitor process.

To Save a Monitor Rules File

1. In the Network Discovery window, click Actions->Monitor Network to display the Monitor Network dialog box.

2. Specify your Network Monitor settings, as described in the subsequent procedures in this section.

3. Click Save.

4. Enter a name for your rules file.

To Specify Which Objects to Monitor

1. In the Network Discovery window, click Actions->Monitor Network to display the Monitor Network dialog box.

2. Select the Monitor tab, if it is not already selected.

3. Specify the container names for objects you want to monitor from the Objects to Monitor group.

The container names you specify here are those that you have defined with the Network Views tool.

4. Specify the objects you want to exclude from the monitor process.

You can specify device names or IP addresses.

5. Specify Time Between Cycles.

This setting refers to the frequency of Monitor cycles; the default is 15 minutes.

6. Specify a Holding Container to use for newly discovered objects.

The default is "Root," which means that newly discovered objects are added to the topology in the Root container. If you use a container other than Root, the container you specify is created at the root level, and new objects are created in logical format.

7. Select a Generate Event if Object is Down option--that is, whether a communications alarm of a specified perceivedSeverity should be generated if an object is unreachable.

By default, this option is set to No. If you select Yes, you can then also specify a severity level for the alarm. Choose from Critical, Major, Minor, or Warning. When a previously unreachable host becomes reachable, Monitor generates an alarm with perceivedSeverity set to "Cleared."

8. Select the Ping/SNMP/RPC tab, and then specify discovery methods to use in the Monitor process, if desired.

The discovery methods you can specify here are exactly the same as those described earlier in this chapter for the Discover process, in To Start the Network Discovery Tool.

9. Click Start to start the Monitor process, or continue on to specify Schedule/Logging options, as described in the next procedure.

To Set Up Monitor Schedules and Logging

1. In the Monitor tab of the Monitor Network dialog box, select the Schedule tab.

2. Specify Start Time and Stop Time.

If you specify a start time that is in the future, Network Monitor will not start automatically; you must then click Start to start the process after completing the other fields on this tab.

3. Specify Start Date and Stop Date.

The start and stop dates indicated takes affect only if the daily or weekly option is selected.

4. Select if you want Monitor to run daily or weekly, and if weekly, on what day.

Monitors daily / weekly (day of the week) for the specified time interval given by start time & stop time.

5. Select the Logging tab.

6. Specify whether you want to enable logging.

Logging is Off by default.

7. Specify the name of the file in which you want to save logging information.

8. Specify one or more email addresses to which you want to send log information at the end of each Monitor cycle.

9. Click Start to start the Monitor process.

3.9 Reference

The remainder of this chapter provides detailed reference information about Network Discovery and Monitor command-line options, and conceptual background material to help you understand more about how Network Discovery works. This section covers the following topics:

• Command-Line Options
• More About Network Discoveries
• More About Hop Counts
• More About Ping/SNMP Optimization
• More About RPC Agents and SunNet Manager Proxies

For detailed information about dialogs, menus, and other user interface elements, refer to the Solstice EM Online Help. To access Online Help, click the Help button on any dialog box or select options from the Help menu located in the upper right corner of each Solstice EM tool window.

3.9.1 Command-Line Options

TABLE 3-1 describes the Network Discovery command line options, and TABLE 3-2 describes the Network Discovery Monitor options.

3.9.1.1 Network Discovery Options

The general form for the Network Discovery command line is:

 em_discover -options

The various Network Discovery command-line options are described in the following table. Step-by-step instructions for using the Network Discovery graphical interface begin in Section 3.2 Getting Started With Network Discovery.

---

Note – Network Discovery cannot be run from the command line by any user other than root if Solstice EM is installed in a directory other than the default (/opt). Non-root users can still run Network Discovery from the Network Tools window even if Solstice EM is installed in a non-default location. The command-line restriction only exists when Solstice EM is installed in a non-default location.

---

TABLE 3-1   Network Discovery Command-line Options 

Option	Description
-agent [:agent]	Specify the name(s) of a SunNet Manager (SNM/RPC) agent to configure (for example, snmp, diskinfo, or hostperf). The following example would configure the device augusta to be manageable by diskinfo: em_discover -agent diskinfo -device augusta. Separate multiple agent names with a colon (:).
-contain container	Put discovered objects in the specified container. If you use a container other than Root, the container you specify is created at the root level, and new objects are created in logical (flat) format.
-cr string [:string]	Specify up to five SNMP read community strings. This limits the discovery to only those devices that have the specified community names. The default is "public." Use a colon, no spaces, to separate multiple community strings. Using multiple community strings can significantly increase the time of the discovery process.
-cw string	Enter one SNMP write community string. The default string is private. Note that the SNMP Write Community string is used to configure an option in the MIS that can be used by other Solstice EM tools; Network Discovery itself does not use this string to send SNMP SET requests.
-D e|n	Debugging options, expert or novice. Refer to TABLE 3-4 for more information.
-D c|s|t	Component-level debugging options config, snmp, tracer. Refer to TABLE 3-4 for more information.
-device device_name	Discover only the specified device; use a device name or IP address.
-file [include|exclude] hosts_file	Discover/exclude specified hosts in the specified hosts_file.
-flat	Create objects in a logical hierarchy. See Section3.1.3 Network Views for more information.
-g [only] gateways	Specify the gateway(s) to be used in the discovery process. You can enter multiple gateway names, separated by a colon. If the keyword "only" is entered, only the networks found at the listed gateways are probed.
-help	Display command-line help for Network Discovery.
-hop n	Specify the maximum number of hops from the manager that Network Discovery will extend. The default is 0, which restricts the discovery to the local subnetwork. Enter -1 to instruct Network Discovery to not limit its discovery. See Section3.9.3 More About Hop Counts for more information.
-host hostname	Specify the name of the host machine on which the MIS is running.
- int <name>	Interface to use for discovery on a multi-homed machine.
-lf file	Direct output to a log history file.
-lh	Direct output to log history.
-M	Start Network Discovery Monitor.
-m name	Email log history file to specified name.
-mask n	Specify the netmask to be used in the discovery.
-nc [b|r|t][+|-]	Specify network characteristics for purposes of discovery optimization. See Section3.9.4 More About Ping/SNMP Optimization for more information.
-net network	Specify a network address or name to start a discover from. Defaults to the net/subnet where discover is currently run from.
-objects objects	Specify the types of objects you want to discover. Valid values are: snmp, host, network, router, and link. Separate multiple values with a colon. By default, Network Discovery finds all types of objects. Certain types of objects are necessarily discovered in conjunction with other types.
-of [i|w|e|d]	Output filter to display only the selected types of messages.
-pb	Use a broadcast method of pinging subnetworks. This option creates a heavy network load and is not recommended for use with Monitor or for discoveries with -hop greater than 0.
-pfn num	Specify the maximum number of outstanding simultaneous fast pings per interval specified by the -pft option. The default value is 10.
-pfr num	Specify the number of times Network Discovery tries to contact a device using ICMP (ping) when the fast ping method is used.
-pft seconds	Specify the frequency between transmissions of ICMP echo requests (in seconds) when the fast ping method is used.
-pr num	Specify the number of times an attempt is made to contact a device using ICMP (ping). Increase this value for very busy or long-haul networks. However, increasing this value slows down the discovery process.
-ps	Use serial ping to discover components.
-r from:to	Specify a range of host addresses to ping for each network/subnet specified, for example 1:2048. The `from' range should be >=1 and the `to' range should be >=inverse of netmask -1. This option should be used with -net option for a specific subnet/non-subnet network.
-rc device | array | container	Create unmapped routers as RouterArray, RouterContainer, or Device.
-Sr n	Specify the number of tries when sending SNMP requests to devices. Increase this value for a very busy or long-haul network.
-St n	Specify the timeout value in seconds when sending SNMP requests to devices.
-T	Bring up the Network Discovery graphical user interface; use with the -M option to display the Monitor Network window.
-tune fping|ping|ssnmp|csnmp|rpc|port|trace:min|max|ret:n: tune timeout parameters	Tune timeout parameters, depending on your network environment.
-v	Verbose output.
-wait	Wait for a platform connection at startup.
-www	Notify when discovered device is a WWW server (uses ports 80 and 8080).

3.9.1.2 Network Discovery Monitor Options

The general form for the Network Discovery Monitor command line is:

 em_discover -M -options

The various Network Discovery Monitor command-line options are described in the following table. Step-by-step instructions for using the Network Discovery Monitor graphical interface begin in Section 3.8 Keeping Data Current With Network Monitor.

TABLE 3-2   Network Discovery Monitor Command-line Options  

Option	Description
-ct time	Specify the amount of time (in minutes) between each time Monitor is run.
-dw day	Specify the day of the week to run Monitor. Valid values are sun, mon, tue, wed, thu, fri, and sat.
-w week	Specify to run Monitor weekly.
-h holding_area	Specify the name of the holding area into which all newly discovered objects are placed.
-fc container	Limit Monitor's discovery operations and reach ability testing to devices in the container(s) specified. Separate multiple container names with a colon.
-i device-name	Ignore the devices specified in device-name. Separate multiple device names with a colon. Use this option to instruct Monitor not to ping for devices that have been taken down or removed from the network, but which are still in the MIS database.
-mevt	Monitor generate event.
-sev event_severity	Monitor event severity.
-start hh:mm	Specify the start time in the format hh:mm.
-stop hh:mm	Specify the stop time in the format hh:mm.
-startd mm:dd:yy	Specify the start date in the format mm:dd:yy.
-stopd mm:dd:yy	Specify the stop date in the format mm:dd:yy.
-t n	Monitor non-response timeout.
-w	Run Monitor weekly.

3.9.2 More About Network Discoveries

Network Discovery interrogates the network using the following Internet protocols:

• Simple Network Management Protocol (SNMP)
• Internet Control Message Protocol (ICMP)

To Select an Interface for a Discovery

1. On the Network Discovery tab, select any interfaces from the list of Selected Ports to add or remove the interface from the discovery.

2. Click Remove or Restore to set the interfaces for discovery.

After identifying the local configuration--network and subnet, netmask, host interfaces, and routing table--Network Discovery interrogates the network in a two-stage process: Query and Probe.

3.9.2.1 Network Discovery Query Stage

During the Query stage, Network Discovery builds an internal hierarchical model of the network topology and adds one entry for each Class A, B, or C network it discovers. Each entry contains a list of subnets and a list of directly connected networks. If the network has no subnets, then each entry contains a list of directly connected hosts.

To build the hierarchical model of the network topology, Network Discovery:

• Accesses the local routing table to find the location of the subnetwork's default router.
• Retrieves the default router's interface table using SNMP.
• Retrieves the interface tables from all next hop gateways.
• Jumps from gateway to gateway as it retrieves the interface table from each "next hop" gateway.
• Continues to retrieve interface tables of "next hop" gateways until the Hop Count set in the Discover Network dialog box is reached (by default, Hop Count is set to 0 and the discovery process is limited to the local subnetwork).

In all the discovery methods, the routers and the hosts found within the hop count are added to the MIS. The only difference is in the way they ping the entire subnet to find the rest of the hosts.

• Default - The pings are sent in batches and get the responses by waiting for the specified timeout value. The batch number and timeout value can be changed using the pfn and pft command line options.
• Serial Ping - The pings are sent one after another in series for the entire subnet range. The timeout value to wait for the response can be specified using the command-line icmp timeout. Note that this option is only available from the command line with the em_discover -ps command; it is not available through the Network Discovery graphical interface.
• Broadcast Ping - This can be specified only through a command line. Here the pings for the entire subnet range are sent at the same time. This method is recommended only for the local subnets, since the routers do not forward broadcast pings. Note that this option is only available with the em_discover -pb command; it is not available through the Network Discovery graphical interface.

  ---

  Note – It is only possible to explicitly specify these three Ping methods from the Network Discovery command line, as described in TABLE 3-1. The Ping/SNMP optimization settings on the Discover Network Ping/SNMP/RPC tab can automatically configure optimal Ping and timeout parameters based on the characteristics of your network. Refer to Section 3.9.4 More About Ping/SNMP Optimization.

  ---

3.9.2.2 Network Discovery Probe Stage

For the devices found in the Query stage, above, Network Discovery attempts to obtain relevant information by:

• Sending an ICMP echo request (ping) to check for reachability of the device
• Determining if the object is an SNMP device and, if so, find out its interfaces, system table, iftable, and ifstatus.
• Using the ipAddrTable to determine the number of interfaces, determining the data link protocol of these interfaces (Ethernet, FDDI, Token Ring), and obtaining the MAC addresses.
• Testing for a match in the OID to object mapping table in discover.conf.
• Testing for a match in the sysDescr to object mapping table in discover.conf.

Once the above tests are completed and the relevant information is obtained, Network Discovery classifies and creates an object for the device in the MIS, if one does not already exist. The information obtained from the tests is used to set the attributes of the object.

3.9.2.3 More About Classifying Devices

The discover.conf file allows you to classify devices based on Object ID (OID), and then further classify each device based on system description. The OID must be specified using the keyword "OID" and subsequent lines should contain the system description and device type. The format is as follows:

OID sysobject_id_of_the_device system_desc_1 device_type_1 system_desc_2 device_type_2 system_desc_3 device_type_3

The discover.conf file is located at $EM_HOME/config/discover.conf. A line beginning with the "#" character designates a comment and is therefore not processed.

The format for Probe_OIDs is as follows:

PROBE_OID IIMCCISCO-MIB 1.3.6.1.4.1.9 PROBE_OID IIMCECSV2-MIB 1.3.6.1.4.1.43 PROBE_OID IIMCRETIX-MIB 1.3.6.1.4.1.72 PROBE_OID IIMCSUN-MASTER-AGENT-MIB 1.3.6.1.4.1.42.2.15 PROBE_OID IIMCHOST-RESOURCES-MIB 1.3.6.1.2.1.25 MIB Bridge IIMCCISCO-MIB MIB Bridge IIMCECSV2-MIB MIB Bridge IIMCRETIX-MIB MIB Host IIMCSUN-MASTER-AGENT-MIB

The following table lists the definitions associated with a Probe_OID.

TABLE 3-3   Discover.conf Definitions 

Term	Description
Probe OID	Discover term for Object Identifier (OID) that identifies a MIB.
MIB	Management Information Base; contains the structural definition of all information stored by an agent about a device type.
Object Identifier	Sequence of numbers that identifies a particular MIB.

Another feature is the "_ALL_ROUTER_" keyword which can be used in the system description field. This feature sets all routers that match the OID to be the device type specified OID in the device type field. This saves you the trouble of having to list all the different system descriptions for each router, assuming that they are all intended to be classified as the same device type.

Additionally, you can use wildcard characters such as "*" in the system description field for mapping objects with the specified OID.

3.9.2.4 Discover and Network Security

By default, Network Discovery probes the network by using the following ports:

• 161 - Network Discovery uses this port to communicate with the SNMP daemon (snmpd) on a remote device.
• 32768+666 - Network Discovery uses this port to determine the hop distance to a device. If the Gateway as Boundary List option is used, port 32768+666 is not probed.
• 80, 8080 - If the command line option, -www, is used, Discover probes these ports to determine whether or not a WWW server is running on the machine.

When discovering a device based on its supported services, ANY port number specified by the user can be probed.

3.9.2.5 Recovering From a Failed Discovery

The Network Discovery debugging options are only available when running Network Discovery from the command line. Use these debugging options if you experience difficulties in completing the discovery process, or if you are receiving a large number of error messages.

Two categories of Network Discovery debugging options are available:

• Current Detail - Run and receive information about the current, "real" discovery process; part of this process includes connecting to and updating the MIS.
• Component Detail - Debug specific software modules that are components of Network Discovery; does not establish an MIS connection or make any changes to the MIS.

Network Discovery debugging information is always printed to standard output--that is, in most cases, to your screen.

To Use Network Discovery Debugging Options

• Start Network Discovery from the command line with the following parameters:

  em_discover -D [options]

  The table below lists Network Discovery debugging options.

  TABLE 3-4   Network Discovery Debugging Options  

  Option	Description
  Current Detail (connection made to MIS)
  -D e	Prints debugging information in a format that assumes Internet-specific expertise.
  -D n	Prints debugging information in a format that is understandable to the average user.
  Component Detail (no connection made to MIS)
  -D c	Starts Network Discovery Configuration module, which prints information about the host on which Network Discovery is running, such as local routing table, ARP table, interfaces, default routers, network number, subnet number, and netmask.
  -D s hostname	Starts Network Discovery SNMP module, which takes hostname as its target host, does a one-time SNMP query of the specified device, and prints the information to standard output.
  -D t hostname	Starts Network Discovery Traceroutes module, which executes the traceroutes code with hostname as target, and prints to standard output the route to the specified host and the gateways used to reach it.

  
  

3.9.3 More About Hop Counts

Hop Count, set in the Discover Network dialog, is a measure of how far Network Discovery will extend when attempting to discover new network components. Specifically, for any given route from the machine running Network Discovery (or from the subnetwork specified with the Network option, also in the Discover Network dialog), Hop Count specifies the maximum number of routers that the packets sent by Network Discovery can traverse. The default setting is 0 hops, which means that discoveries are restricted to the local subnetwork. Specifying -1 for Hop Count causes Network Discovery to not limit its discovery.

---

Note – Depending on the size of your network, setting Hop Count to any value above 0 may result in very long discoveries. An alternative would be to limit the discovery to subnets, links, and routers for discoveries with a hop count greater than 0.

---

To Perform a Multihop Discovery On a Remote Network

1. In the Discover Network window, select the From Network toggle button in Types of Discovery.

2. In the Network field, enter the network name from which to initiate the discovery.

3. Select the number of hops, from the Hop Count menu, to set the boundary to discover for.

4. Click Start to begin the discovery.

3.9.4 More About Ping/SNMP Optimization

Setting optimal Network Discovery ping and timeout parameters, based on your network characteristics and the objects for which you are discovering, can have significant performance and reliability implications for the discovery process. To put it another way: if you set these parameters optimally, your network discovery will proceed smoothly and relatively quickly, but if your ping and timeout settings are wrong for your particular network, network discovery can take an extremely long time and/or not find all the components on your network.

The Network Discovery tool uses a set of ping, SNMP, and timeout algorithms that automatically optimize your Network Discovery ping and timeout settings based on the characteristics of your network and the components you are discovering. To use this feature, select the Ping/SNMP optimization settings on the Discover Network Ping/SNMP/RPC tab that most closely match your network characteristics, and then Network Discovery will do the rest. Refer to Section 3.4 Deciding Which Components to Discover for more instructions on setting Ping/SNMP options.

While it is possible to manually set Ping and timeout values from the em_discover command line, it is not always so easy to get these settings right. Moreover, the automatic Ping/SNMP algorithms dynamically vary these settings based on the network components you are discovering.

3.9.5 More About RPC Agents and SunNet Manager Proxies

SunNet Manager (SNM) RPC-based agents and proxy agents deployed on devices in your network can be used by Solstice EM as part of your strategy for managing network resources. The resource may be a machine, a component in a machine (such as a router interface card), or some other resource. The SNM agent may be local to or remote from that resource. For more information about using RPC agents in general, refer to the Customizing Guide.