Here is some things you may want to know about SMAP, the active network map:
* what's it good for?
* no really, what's it good for?
* what's it not good for?
* how about a few examples?
* what sort of Mac do I need to run it on?
* how do I get started using it?
* what's this Simple Internet Version Control thing?
* how much does SMAP cost?
* and where can I learn more?
What is SMAP good for?
SMAP is a simple network traffic visualization tool. SMAP will help you create an active map of a portion of your logical network, and once you've got a map, SMAP will animate it for you.
You can tell SMAP about any or all of the devices on your network that have SNMPv1-over-IP manageability built in.
SMAP can automatically discover SNMP/IP devices that are acting as IP routers, and devices that are talking to those IP routers.
SMAP can discover, or you can tell it about, any or all network interfaces on those devices, and it will show you the current incoming and outgoing traffic and error activity on those interfaces.
SMAP will discover and display the logical network clouds that these interfaces attach to.
SMAP will discover and display the IP network numbers of these interfaces and clouds.
SMAP will also discover and display the AppleTalk cable ranges and zones of these interfaces and clouds, but only for devices that support the AppleTalk MIB.
SMAP will also discover and display the IPX network numbers of these interfaces and clouds, but only for devices that support the Novell IPX MIB.
If the activity on your logical network clouds is visible to RMON agents via the RMON etherStats group, or to nonswitched ethernet hubs via the Repeater MIB or certain other proprietary MIBs, SMAP will show you the overall traffic and error activity for those clouds.
And if your logical network clouds have RMON agents that implement the RMON matrix group, SMAP will show you the physical-layer conversation matrix eggs for those clouds.
SMAP will log all or a selection of the measurement datagrams it receives or transmits, as well as SNMP traps, syslog messages, and diagnostics, in a format suitable for pasting into spreadsheets.
SMAP will let you monitor all or selected portions of its log.
So why would I want a traffic visualization tool anyway?
SMAP can help you see what's going on with your network.
Just as important, it can help others see this.
An example: a developer was installing an ancient bandwidth-chewing multiuser flat-file 'database' program. I needed to convince him of the application's adverse network impact.
With no visualization tools, I would have had to take the traditional approach - you know, simple assertions, pleading, threats, maybe a bar chart or two, lots of arm-waving, that sort of thing.
Instead, at an appropriate time I pointed out a SMAP display to him - "see all those huge green ugly blobs disfiguring that nice network map? that's your stupid application" (or words to that effect). It worked. I didn't need to utter a single threat.
What is SMAP not good for?
SMAP was designed as a simple network traffic visualization tool. All of its features were created with this design goal in mind.
Although it will create basic network maps for you, there's no real mapping intelligence: SMAP's not meant to be a cool or clever map-making program.
Although it has a nice browsing interface, there are real limitations on the kind and number of MIBs you can tell it about: SMAP's not meant to be an industrial-strength MIB browser.
Although it will tell you if something's gone wrong with one of its devices, there's no attempt to organize and prioritize the alerts it receives: SMAP's not meant to be a general-purpose network operations center console.
Although it will monitor devices that speak a variety of protocols in addition to TCP/IP, you're only able to look at devices that can tell you about themselves via SNMP: SMAP's not meant to be an all-encompassing network device display.
SMAP Examples:
Here's one of the maps I use at work, which shows me the 10Base-T portion of my headquarters LANs, and the two main routers that interconnect them:
(Our 'OA1' ethernet seems kind of busy right now, but I'm not alarmed - it's just past 9 am and all our Windows users are logging in to their NetWare server - it'll calm down in a few minutes…)
Here's a map of one of my WANs:
(We've got RMON agents at most of these WAN sites, so if one of these LANs starts to look unusually busy, I'll just double-click on it to see which device conversations are using up the bandwidth)
And here's a look into the 'NCC' ethernet that's at the top of the first map above, using an RMON agent that I have running on that network to produce a conversation matrix egg for it:
(looks like one of our backup servers is active…)
(that thick line has lots of green on one side of its thin black core and none on the other - you see lopsided lines like this when a network conversation is one-sided - think of the traffic as travelling clockwise around the thin center line - in this case since the thick green side of the connector is below the center line, it tells you that node 000079A003A0 is sending loads of octets to node 02608C3B83E0, which is not sending anything back)
SMAP Requirements:
* a Mac Plus or better, with MacOS 6.0.4 or better, and MacTCP 1.1.1 or Open Transport 1.0.8 or better, attached to a network over which the Mac can talk to one or more devices that are manageable by SNMP over IP
* you need to know an SNMP read community for each device you want to map
* you need some basic MIB knowledge if you want to interpret the datagram log, or the Monitor and Details and Browse displays; otherwise no MIB knowledge is assumed
Getting started with SMAP:
There's basically two things to do with SMAP:
1. create some maps of your logical internetwork (SMAP can help you, or you can do it yourself)
2. once you've got maps, SMAP will animate them for you.
1. Create your internetwork maps
How you do this is a matter of taste - do you want to fit everything you've got into one map?
Or would several smaller maps be easier to deal with?
1A. Let SMAP create a map for you
If you've got a small or uncomplicated site, then one map is probably fine.
SMAP will be happy to help you create such a map - just open an Untitled window, make sure 'Read community…' from the 'SNMP polling' submenu of the Settings menu matches the SNMP read community your routers generally use, select 'IP routers via ipRouteTable' from the Discover menu, and wait a few minutes.
SMAP will find all your TCP/IP routers and add them, along with all the logical networks they know about, to your map.
If discovery is not starting up, or if it seems to have stalled, try using 'Suggest…' from the Discover menu to tell SMAP about one of the devices it was unable to find.
When SMAP seems to have found everything, turn off IP router discovery and Save the resulting map.
SMAP's discovery process adds objects to your maps with no concern for the resulting layout, so the results may look kind of ugly. You'll probably want to drag those router boxes and network clouds into a better layout — one that helps you make conceptual sense of your internetwork.
If you don't like the looks of the objects SMAP has added to your map, use the various options of the 'Object creation' submenu of the Settings menu to adjust the size and appearance of new SMAP objects, then open a New window and start the discovery again. You can also adjust the size of individual objects with your mouse.
Finally, if your networks are monitored by RMON agents or by manageable network hubs, use 'Cloudness…' from the Edit menu to define which agent is monitoring each network cloud.
1B. Assemble your own maps
If you've got a complicated site, with lots of LANs and WANs, then one big map would probably be difficult to work with, not to mention overcomplicated and ugly. You'll probably want to build your own maps.
(This is what I do at work… I've got four or five maps, one for each conceptual portion of our internetwork, and SMAP animates them all.)
Perhaps you can use SMAP's discovery as a supplement, but probably you'll just want to build your maps by hand.
Add devices to a map with 'Insert device…' from the Edit menu.
Remove them with 'Clear' from the Edit menu.
If you only want to add part of a device to your map, you can use 'Insert device…' to add one interface at a time, or you can add the whole thing, then after selecting 'Interfaces' from the Map menu to see the individual interfaces, use 'Clear' from the Edit menu to remove the interfaces you don't want to see.
2. Let SMAP animate your maps
Once you've got maps of your network worlds, let SMAP go to work.
SMAP will regularly poll your mapped devices and show you their traffic and error rates.
At work, I leave SMAP running on an abandoned iisi on the back corner of my desk, animating my various maps… occasionally I tab through the maps, looking for unhealthy traffic or error patterns…if some device becomes unreachable, SMAP will bring it to the front…
You may also want to use SMAP's log to generate permanent text or spreadsheet or chart documentation of your traffic - just Copy from a Monitor window, or select 'Copy logbuffer' from the Edit menu, then paste the results into Excel or some other application. Or open an appropriate Monitor window and use 'Append to…' from the File menu to copy all monitored activity to a document on disk.
What's this Simple Internet Version Control thing?
One of the problems of software distribution is that when a bugfix or a new version of a program is released, there's no easy way to notify its users. And with shareware distribution, there's no easy way for an author to estimate how many copies of the program are actually in use. The Simple Internet Version Control protocol (SIVC, pronounced "civic") is a way to solve both these problems.
In its default configuration, SMAP will once or twice a week issue an SIVC query over the internet to its version control server, and if it discovers that a new version of SMAP is out, it will tell you so, and present you with a one-click way to download it. No personal or system information is sent to the query server. No software is downloaded unless you specifically request it.
The SIVC protocol was invented by Chris Johnson, and SMAP is currently querying a copy of his SIVC server application. For more details, see the pages at
http://gargravarr.cc.utexas.edu/chrisj/
If you're not comfortable with the idea of these automatic queries, no problem, you can just disable them via the 'Allow SIVC autoqueries' option of the 'Version control' submenu of the File menu. SMAP will not issue one of these autoqueries till at least ten minutes after it's started, so that ought to give you ample time to disable the option. And you'll still be able to do manual SIVC queries whenever you want via 'Check program version' in the same submenu.
How much does SMAP cost?
SMAP is $20 shareware. If you use it, please pay for it.
Payment details are in 'SMAP Basics', available from SMAP's Help menu, or via 'About SMAP…' from SMAP's Apple menu.
Want to learn more about SMAP?
Turn on balloon help for SMAP's menu items.
Assorted technical notes are available in 'SMAP Miscellany', available from SMAP's Help menu, or via 'About SMAP…' from SMAP's Apple menu.
