IT Operations Management (ITOM)

NNMi Ultimate and NA, better together - an MPLS case study

NNMi Ultimate and NA, better together - an MPLS case study


Guest post by Ullas V V


Need for NNMi Ultimate and NA:

The latest big release of Network Node Manager i (NNMi 10.00) and Network Automation (NA 10.0) are available now to optimize your network management strategy. On their own they solve a vast number of issues pertaining to network management – and when they come together they work wonders managing your network.


A tight integration exists between NNMi and NA—and they strengthen each other.  Here, I have taken a relatively complex problem – the Multiprotocol Label Switching (MPLS) domain – and in this blog I will describe how NNMi Ultimate when paired together with NA, breaks down the problem and automates the whole story, so that you don’t need to perform complex tasks repetitively.


NNMi Ultimate offers multiple smart plug-ins such as:

  • NNM iSPI for MPLS,
  • iSPI for Multicast,
  • iSPI for IP Telephony

These are used for managing advanced features of the network. (You can find more details about the simplified product structure of NNMi Ultimate in the What’s new in HP Network Management Software 10.00 blog post)


Returning to the original problem – Take a look at the following network:

Figure 1 - click for larger image


Let’s say you are an Internet Service Provider (ISP) or  a large enterprise providing MPLS connectivity between your customer’s branch offices and Head office, and various sub-departments within each of these offices. The sub-departments correspond to your customer VPNs, and for prioritized, high bandwidth connectivity, you are required to carry your MPLS traffic over Traffic Engineering (TE) Tunnels.


Let’s say you get a complaint from the finance department of Company A that there is poor connectivity between Site one and Site two that doesn’t achieve the promised 100Mbps connectivity.


The Solution:

Let’s say you find out the real root cause, after a lot of searching and issuing of commands and by logging into multiple devices, that the connectivity between these two sites is poor because it’s not being carried over fixed bandwidth Traffic Engineering Tunnels.  Instead, it’s on a normal LSP (Label Switched Path). You are now required to configure a new tunnel between these two sites to solve the problem.


The NNM iSPI for MPLS can get you to the root cause in a few clicks, and Network Automation can automate this whole story and proactively check for compliance (for example, existence of TE Tunnels between few agreed sites is a compliance issue) of such scenarios.


Now that this problem is reported in one corner of the network, obviously you don’t want to wait for someone else to report the same problem, and if such problems exist you can fix it in any corner of the network (by automating it with NA).


Approach to this fault and the proactiveness that NA brings to the table

The debugging begins with the inventory of all these network elements, which is maintained in NNM. Network elements can either be physical (eg: Nodes interfaces etc.) or logical (eg: Connections, MPLS VPNs, TE tunnels etc.) You can clearly visualize the problematic portion of the network.



Figure 2


You can launch into the troubled VPN and verify that the branch offices are rightly grouped.  You can adjust your GUI and launch the LSP MAP to ensure the type of MPLS connectivity between these sites.



Figure 3


Go to this node and navigate to the TE tunnel tab to see if any tunnels have been configured to this destination (if yes, is it down?)


If it’s not configured, you need to ask why it wasn’t configured? What was the last change? Who did it? How can you configure a new tunnel?  What if such a problem exists in other parts of the network? How can you proactively detect such problems and report on them? – NA answers all these questions. The easy navigability from NNMi to NA with its rich set of features will help you answer these questions.


Check the configuration history of this node within NNMi console or easily navigate to NA to check more details.


Figure 4


How do I configure a new tunnel? How will I automate it to solve this particular problem, in whichever corner of the network this problem exists?


The solution is easy.  When you provision something like this, you can directly launch into these devices from NA, without worrying about user names and passwords (all are pre-configured and remembered in NA in a secure manner) – See Figure 3, which illustrates password-less login to devices. 


After launching the devices, do the following:

  1. Enter all the commands and logout.
  2. To automate, go to session history, and ask NA to convert this session to a script so that with minor modifications, such as of the variables, you can run the script on other devices as well.

Figure 5


  1. Name this as Tunnel configuration task
    1. Most variables here such as the IP address, interfaces, tunnel names are all resources of your network. When you want to provision a new tunnel and need an interface or an IP address in this context, you need to look for a free one in the available pool and pull this. This is known as resource management and it is done in a systematic way within NA (RIM, the Resource Identity Management feature). To learn more read a blog on the topic  here.


Figure 6


  1. The configuration that you did in the earlier steps is captured, and you can just run it now to have the same configuration entered to any other part of the network.



Figure 7


What if a similar problem exists in other parts of the network? How can you proactively detect such problems and report?


Within NA, simply configure a new policy and run it on a host of devices in one shot to check compliance. There is a simple set of device-specific commands to check for the existence of a configured tunnel to a destination and if it is up and running. These commands will do the magic and report if any of the devices don’t comply.


Figure 8


If you want this to be checked at the end of each day, you can configure it to run periodically.

If someone is deleting such a configuration it is a policy violation and a serious matter to you. To prevent this,  you can setup the workflow authorization mechanism so it doesn’t happen without your approval.



While there are multiple products with a rich set of features, each adding value on their own, this blog’s intention is to show how well the products are connected together to solve a bigger network problem. The features I connected here are NNM inventoryàMPLS Inventory views , à LSP management à NNMi-NA integration à NA configuration historyà Password less logging in to devices from NA à capturing configuration sessions à command scripts à RIM à making something important as a policy (Check policy compliance )à Workflow and authorization.


Just like your network, this is only one corner of handpicked features in this problem context that I chose to illustrate from the vast set of features that NMC products have to offer.


Learn more about Network Node Manager i (NNMi 10.00) and Network Automation (NA 10.0) here.


About the author: Ullas v v has been in HP NMC team for over 9 years with majority of his years into developing and maintaining iSPI for MPLS. He also has insights into Network Automation and currently handling NA customer issues in his CPE role. The author holds 2 approved patents and a defensive publication along with other team members in MPLS domain.


Ullas has a graduate degree in Electronics and communications engineering from Visweswaraya technological university , Karnataka, India.





Network Node Manager i (NNMi) unifies fault, availability, and performance monitoring for your network. NNMi software helps you improve network uptime and performance, and increase responsiveness to business needs. Download a free trial today.


HP Network Automation  software automates the complete operational lifecycle of network devices from provisioning to policy-based change management, compliance, and security administration. Start your free trial today.


Tweet to us at @HPITOps  and let us know what you think! | Friend HP Software on Facebook   | Join our Network Management Solutions group on LinkedIn.





Michael Procopio Procopio
  • infrastructure management
About the Author


HPE Software Product Marketing. Over 20 years in network and systems management.