Transcript NMS Labs

NMS Labs
Mikko Suomi
[email protected]
LAB1
• Choose SNMP device managment software
• Features:
–
–
–
–
–
–
–
Gives Nice overview of network
Bandwith monitoring
Multible users
WEB user interface ?
Freeware usually requirs more customisation
Commercial usually easier to install
Commercial usually expensive (3-10K e)
LAB Enviroment
• 6 –racks with:
– Cisco catalyst Switches, Cisco Router, Cisco Firewall
– 2 computer / rack (Server and Client)
– Console cables and Network cables to computers
connected to rack (Don’t remove cables from
computer)
– Hard Disk is a removable (We use set named IP)
– MAX 4 person / Group
LAB reports
• Max 4 –person / Group
• Must be returned in a 1 week
• More instructions in a lab work instructions
LAB 2 objective
•
•
•
•
•
•
The object of this laboratory work is to
acquire hands-on experience on various
NMS tasks.
Fault management
Configuration management
Performance management
(Accounting management)
Normally device configuration is not
done with SNMP but by other means
(CLI, Web Browser interface, TFTP
config file download...), but SNMP
provides an excellent way to retrieve
information from manageable network
devices.
Autodiscovery
•
After starting the SNMPc server the NMS station is automatically
discovering network topology and devices and displaying them on
hierarchical network maps
•
(Autodiscovery, automapping). Simply put the discovery uses the following
phases:
– the NMS station contacts its default gateway and retrieves device type, ARP
androuting tables with SNMP
– the NMS station contacts all hosts found on the ARP table of the router to
discover SNMP manageability, device type, services and further details
concerning the network
– the NMS station contacts all routers found on the routing table of the default
router to discover SNMP manageability, ARP and routing tables and further
networking details
– the NMS station performs ping sweep to discover all IP nodes on local and
remote IP subnets
•
Other programs may use CDP to find neighbour Cisco Devices
• based on the device types, routing table entries and
other retrieved information the NMS station builds
network maps.
• We can affect the autodiscovery process at least by the
following ways:
–
–
–
–
–
enabling and restarting discovery (Config / Discovery Agents...)
by configuring if full DNS names is used for device identifications
by enabling subnet ping scan on IP subnets
by enabling or disabling status and service polling
by specifying if Non-SNMP nodes, RMON devices or servers
with given port are
• found
– by specifying autodiscovery seed IP addresses (Seeds)
– by specifying SNMP versions, RO and RW Community names
(Comm).
LAB2 Network Management tasks
• Castle Rock SNMPc server Software
– Installed on server computer (higher number)
– Before starting you MUST SET PROPER IP
ADDRESSEES AND HAVE AN ACTIVE LINK
ON NETWORK !!!
• USE CATALYST 3550 Switch and 2600
router
SNMPc
• Start SNMPc
–program
• Choose clear
events from
file menu
• Choose
Reset from
file menu
SNMPc
• Config
menu ->
discovery
Agents
• Choose
correct IPNetwork
Choose Enable Discovery
Enable Status Polling
Enable Service Polling
SNMPc
• Comm:
– Edit and select
snmp version 1
– Read
community
public
SNMPc
• Seeds
– Router as a
Seed
– Mask
255.255.255.0
– Remember to
use Add Button
– From General
tab choose
restart
• If Configured
correctly
(router and
switch
configured
as well)
ROUTER CONFIG fixed for 2600
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router1
!
!
enable secret cisco
!
interface Loopback0
description Router-loopback0
ip address 192.168.201.1 255.255.255.0
!
interface FastEthernet0/0
description router-interface-0/0
ip address 192.168.200.1 255.255.255.0
duplex auto
speed auto
!
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
ip classless
!
ip http server
!
snmp-server community public RO
snmp-server location EVTEK-labra
Snmp-server contact something
line con 0
line aux 0
line vty 0 4
password cisco
login
ACL:
Standard: access-list [Number(<100) ] [permit|deny] [source IP]
Extended access-list [Number >100] [permit|deny] [protocol] [Source ip] [Destination
ip] [if tcp/udp then eq] [port]] [log]
Ip accesss-goup [number] [in|out]
SNMP: snmp-server community public RO ?
Switch fixed for 3550
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
ip subnet-zero
!
interface FastEthernet0/1
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/3
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/4
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
switchport mode dynamic desirable
interface Vlan1
ip address 192.168.200.2 255.255.255.0
!
ip classless
ip http server
!
snmp-server community public RO
snmp-server location EVTEK-labra
!
line con 0
line vty 5 15
Login
Password cisco
!
!
end
Syslog
• Add syslog collection to server computer
• Start Kiwi syslog daemon from server
computer
• In router direct log messages to syslog
– Logging host xxx.xxx.xxx.xxx –command
– Debug all generates lots of messages
– Loggin level debugging