160 likes | 302 Views
NMS Labs. Mikko Suomi mikko.suomi@evtek.fi. LAB1. Choose SNMP device managment software Features : Gives Nice overview of network Bandwith monitoring Multible users WEB user interface ? Freeware usually requirs more customisation Commercial usually easier to install
E N D
NMS Labs Mikko Suomi mikko.suomi@evtek.fi
LAB1 • Choose SNMP device managment software • Features: • Gives Nice overview of network • Bandwith monitoring • Multible users • WEB user interface ? • Freeware usually requirs more customisation • Commercial usually easier to install • Commercial usually expensive (3-10K e)
LAB Enviroment • 6 –racks with: • Cisco catalyst Switches, Cisco Router, Cisco Firewall • 2 computer / rack (Server and Client) • Console cables and Network cables to computers connected to rack (Don’t remove cables from computer) • Hard Disk is a removable (We use set named IP) • MAX 4 person / Group
LAB reports • Max 4 –person / Group • Must be returned in a 1 week • More instructions in a lab work instructions
LAB 2 objective • The object of this laboratory work is to acquire hands-on experience on various NMS tasks. • Fault management • Configuration management • Performance management • (Accounting management) • Normally device configuration is not done with SNMP but by other means (CLI, Web Browser interface, TFTP config file download...), but SNMP provides an excellent way to retrieve information from manageable network devices.
Autodiscovery • After starting the SNMPc server the NMS station is automatically discovering network topology and devices and displaying them on hierarchical network maps • (Autodiscovery, automapping). Simply put the discovery uses the following phases: • the NMS station contacts its default gateway and retrieves device type, ARP androuting tables with SNMP • the NMS station contacts all hosts found on the ARP table of the router to discover SNMP manageability, device type, services and further details concerning the network • the NMS station contacts all routers found on the routing table of the default router to discover SNMP manageability, ARP and routing tables and further networking details • the NMS station performs ping sweep to discover all IP nodes on local and remote IP subnets • Other programs may use CDP to find neighbour Cisco Devices
based on the device types, routing table entries and other retrieved information the NMS station builds network maps. • We can affect the autodiscovery process at least by the following ways: • enabling and restarting discovery (Config / Discovery Agents...) • by configuring if full DNS names is used for device identifications • by enabling subnet ping scan on IP subnets • by enabling or disabling status and service polling • by specifying if Non-SNMP nodes, RMON devices or servers with given port are • found • by specifying autodiscovery seed IP addresses (Seeds) • by specifying SNMP versions, RO and RW Community names (Comm).
LAB2 Network Management tasks • Castle Rock SNMPc server Software • Installed on server computer (higher number) • Before starting you MUST SET PROPER IP ADDRESSEES AND HAVE AN ACTIVE LINK ON NETWORK !!! • USE CATALYST 3550 Switch and 2600 router
SNMPc • Start SNMPc –program • Choose clear events from file menu • Choose Reset from file menu
SNMPc • Config menu -> discovery Agents • Choose correct IP-Network Choose Enable Discovery Enable Status Polling Enable Service Polling
SNMPc • Comm: • Edit and select snmp version 1 • Read community public
SNMPc • Seeds • Router as a Seed • Mask 255.255.255.0 • Remember to use Add Button • From General tab choose restart
If Configured correctly (router and switch configured as well)
ROUTER CONFIG fixed for 2600 • interface FastEthernet0/1 • no ip address • shutdown • duplex auto • speed auto • ! • ip classless • ! • ip http server • ! • snmp-server community public RO • snmp-server location EVTEK-labra • Snmp-server contact something • line con 0 • line aux 0 • line vty 0 4 • password cisco • login • service timestamps debug datetime msec • service timestamps log datetime msec • no service password-encryption • ! • hostname Router1 • ! • ! • enable secret cisco • ! • interface Loopback0 • description Router-loopback0 • ip address 192.168.201.1 255.255.255.0 • ! • interface FastEthernet0/0 • description router-interface-0/0 • ip address 192.168.200.1 255.255.255.0 • duplex auto • speed auto • ! ACL: Standard: access-list [Number(<100) ] [permit|deny] [source IP] Extended access-list [Number >100] [permit|deny] [protocol] [Source ip] [Destination ip] [if tcp/udp then eq] [port]] [log] Ip accesss-goup [number] [in|out] SNMP: snmp-server community public RO ?
Switch fixed for 3550 interface FastEthernet0/24 ! interface GigabitEthernet0/1 switchport mode dynamic desirable interface Vlan1 ip address 192.168.200.2 255.255.255.0 ! ip classless ip http server ! snmp-server community public RO snmp-server location EVTEK-labra ! line con 0 line vty 5 15 Login Password cisco ! ! end • version 12.1 • no service pad • service timestamps debug uptime • service timestamps log uptime • no service password-encryption • ! • hostname Switch • ! • ! • ip subnet-zero • ! • interface FastEthernet0/1 • switchport mode access • spanning-tree portfast • ! • interface FastEthernet0/2 • switchport mode access • spanning-tree portfast • ! • interface FastEthernet0/3 • switchport mode access • spanning-tree portfast • ! • interface FastEthernet0/4 • switchport mode access • spanning-tree portfast • !
Syslog • Add syslog collection to server computer • Start Kiwi syslog daemon from server computer • In router direct log messages to syslog • Logging host xxx.xxx.xxx.xxx –command • Debug all generates lots of messages • Loggin level debugging