NMS Labs Mikko Suomi mikko.suomi@evtek.fi LAB1 • Choose SNMP device managment software • Features: – – – – – – – Gives Nice overview of network Bandwith monitoring Multible users WEB user interface ? Freeware usually requirs more customisation Commercial usually easier to install Commercial usually expensive (3-10K e) LAB Enviroment • 6 –racks with: – Cisco catalyst Switches, Cisco Router, Cisco Firewall – 2 computer / rack (Server and Client) – Console cables and Network cables to computers connected to rack (Don’t remove cables from computer) – Hard Disk is a removable (We use set named IP) – MAX 4 person / Group LAB reports • Max 4 –person / Group • Must be returned in a 1 week • More instructions in a lab work instructions LAB 2 objective • • • • • • The object of this laboratory work is to acquire hands-on experience on various NMS tasks. Fault management Configuration management Performance management (Accounting management) Normally device configuration is not done with SNMP but by other means (CLI, Web Browser interface, TFTP config file download...), but SNMP provides an excellent way to retrieve information from manageable network devices. Autodiscovery • After starting the SNMPc server the NMS station is automatically discovering network topology and devices and displaying them on hierarchical network maps • (Autodiscovery, automapping). Simply put the discovery uses the following phases: – the NMS station contacts its default gateway and retrieves device type, ARP androuting tables with SNMP – the NMS station contacts all hosts found on the ARP table of the router to discover SNMP manageability, device type, services and further details concerning the network – the NMS station contacts all routers found on the routing table of the default router to discover SNMP manageability, ARP and routing tables and further networking details – the NMS station performs ping sweep to discover all IP nodes on local and remote IP subnets • Other programs may use CDP to find neighbour Cisco Devices • based on the device types, routing table entries and other retrieved information the NMS station builds network maps. • We can affect the autodiscovery process at least by the following ways: – – – – – enabling and restarting discovery (Config / Discovery Agents...) by configuring if full DNS names is used for device identifications by enabling subnet ping scan on IP subnets by enabling or disabling status and service polling by specifying if Non-SNMP nodes, RMON devices or servers with given port are • found – by specifying autodiscovery seed IP addresses (Seeds) – by specifying SNMP versions, RO and RW Community names (Comm). LAB2 Network Management tasks • Castle Rock SNMPc server Software – Installed on server computer (higher number) – Before starting you MUST SET PROPER IP ADDRESSEES AND HAVE AN ACTIVE LINK ON NETWORK !!! • USE CATALYST 3550 Switch and 2600 router SNMPc • Start SNMPc –program • Choose clear events from file menu • Choose Reset from file menu SNMPc • Config menu -> discovery Agents • Choose correct IPNetwork Choose Enable Discovery Enable Status Polling Enable Service Polling SNMPc • Comm: – Edit and select snmp version 1 – Read community public SNMPc • Seeds – Router as a Seed – Mask 255.255.255.0 – Remember to use Add Button – From General tab choose restart • If Configured correctly (router and switch configured as well) ROUTER CONFIG fixed for 2600 • • • • • • • • • • • • • • • • • • • service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Router1 ! ! enable secret cisco ! interface Loopback0 description Router-loopback0 ip address 192.168.201.1 255.255.255.0 ! interface FastEthernet0/0 description router-interface-0/0 ip address 192.168.200.1 255.255.255.0 duplex auto speed auto ! • • • • • • • • • • • • • • • • • • interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! ip classless ! ip http server ! snmp-server community public RO snmp-server location EVTEK-labra Snmp-server contact something line con 0 line aux 0 line vty 0 4 password cisco login ACL: Standard: access-list [Number(<100) ] [permit|deny] [source IP] Extended access-list [Number >100] [permit|deny] [protocol] [Source ip] [Destination ip] [if tcp/udp then eq] [port]] [log] Ip accesss-goup [number] [in|out] SNMP: snmp-server community public RO ? Switch fixed for 3550 • • • • • • • • • • • • • • • • • • • • • • • • • • • version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Switch ! ! ip subnet-zero ! interface FastEthernet0/1 switchport mode access spanning-tree portfast ! interface FastEthernet0/2 switchport mode access spanning-tree portfast ! interface FastEthernet0/3 switchport mode access spanning-tree portfast ! interface FastEthernet0/4 switchport mode access spanning-tree portfast ! interface FastEthernet0/24 ! interface GigabitEthernet0/1 switchport mode dynamic desirable interface Vlan1 ip address 192.168.200.2 255.255.255.0 ! ip classless ip http server ! snmp-server community public RO snmp-server location EVTEK-labra ! line con 0 line vty 5 15 Login Password cisco ! ! end Syslog • Add syslog collection to server computer • Start Kiwi syslog daemon from server computer • In router direct log messages to syslog – Logging host xxx.xxx.xxx.xxx –command – Debug all generates lots of messages – Loggin level debugging