Embed Size (px)
Citation preview
LAB1
• Choose SNMP device managment software
• Features:– Gives Nice overview of network– Bandwith monitoring – Multible users– WEB user interface ?– Freeware usually requirs more customisation– Commercial usually easier to install– Commercial usually expensive (3-10K e)
LAB Enviroment
• 6 –racks with: – Cisco catalyst Switches, Cisco Router, Cisco Firewall– 2 computer / rack (Server and Client)– Console cables and Network cables to computers
connected to rack (Don’t remove cables from computer)
– Hard Disk is a removable (We use set named IP)– MAX 4 person / Group
LAB reports
• Max 4 –person / Group
• Must be returned in a 1 week
• More instructions in a lab work instructions
LAB 2 objective• The object of this laboratory work is to
acquire hands-on experience on various NMS tasks.
• Fault management
• Configuration management
• Performance management
• (Accounting management)
• Normally device configuration is not done with SNMP but by other means (CLI, Web Browser interface, TFTP config file download...), but SNMP provides an excellent way to retrieve information from manageable network devices.
Autodiscovery
• After starting the SNMPc server the NMS station is automatically discovering network topology and devices and displaying them on hierarchical network maps
• (Autodiscovery, automapping). Simply put the discovery uses the following phases:
– the NMS station contacts its default gateway and retrieves device type, ARP androuting tables with SNMP
– the NMS station contacts all hosts found on the ARP table of the router to discover SNMP manageability, device type, services and further details concerning the network
– the NMS station contacts all routers found on the routing table of the default router to discover SNMP manageability, ARP and routing tables and further networking details
– the NMS station performs ping sweep to discover all IP nodes on local and remote IP subnets
• Other programs may use CDP to find neighbour Cisco Devices
• based on the device types, routing table entries and other retrieved information the NMS station builds network maps.
• We can affect the autodiscovery process at least by the following ways: – enabling and restarting discovery (Config / Discovery Agents...)– by configuring if full DNS names is used for device identifications– by enabling subnet ping scan on IP subnets– by enabling or disabling status and service polling– by specifying if Non-SNMP nodes, RMON devices or servers
with given port are
• found– by specifying autodiscovery seed IP addresses (Seeds)– by specifying SNMP versions, RO and RW Community names
(Comm).
LAB2 Network Management tasks
• Castle Rock SNMPc server Software– Installed on server computer (higher number)– Before starting you MUST SET PROPER IP
ADDRESSEES AND HAVE AN ACTIVE LINK ON NETWORK !!!
• USE CATALYST 3550 Switch and 2600 router
SNMPc
• Start SNMPc –program
• Choose clear events from file menu
• Choose Reset from file menu
SNMPc• Config
menu -> discovery Agents
• Choose correct IP-NetworkChoose Enable Discovery
Enable Status Polling
Enable Service Polling
SNMPc
• Comm:– Edit and select
snmp version 1– Read
community public
SNMPc
• Seeds– Router as a
Seed– Mask
255.255.255.0– Remember to
use Add Button– From General
tab choose restart
• If Configured correctly (router and switch configured as well)
ROUTER CONFIG fixed for 2600• service timestamps debug datetime msec• service timestamps log datetime msec• no service password-encryption• !• hostname Router1• !• !• enable secret cisco• !• interface Loopback0• description Router-loopback0• ip address 192.168.201.1 255.255.255.0• !• interface FastEthernet0/0• description router-interface-0/0• ip address 192.168.200.1 255.255.255.0• duplex auto• speed auto• !
• interface FastEthernet0/1• no ip address• shutdown• duplex auto• speed auto• !• ip classless• !• ip http server• !• snmp-server community public RO• snmp-server location EVTEK-labra• Snmp-server contact something• line con 0• line aux 0• line vty 0 4• password cisco• login
ACL: Standard: access-list [Number(<100) ] [permit|deny] [source IP]Extended access-list [Number >100] [permit|deny] [protocol] [Source ip] [Destination ip] [if tcp/udp then eq] [port]] [log]Ip accesss-goup [number] [in|out]SNMP: snmp-server community public RO ?
Switch fixed for 3550• version 12.1• no service pad• service timestamps debug uptime• service timestamps log uptime• no service password-encryption• !• hostname Switch• !• !• ip subnet-zero• !• interface FastEthernet0/1• switchport mode access• spanning-tree portfast• !• interface FastEthernet0/2• switchport mode access• spanning-tree portfast• !• interface FastEthernet0/3• switchport mode access• spanning-tree portfast• !• interface FastEthernet0/4• switchport mode access• spanning-tree portfast• !
interface FastEthernet0/24!interface GigabitEthernet0/1 switchport mode dynamic desirable
interface Vlan1 ip address 192.168.200.2 255.255.255.0!ip classlessip http server!snmp-server community public ROsnmp-server location EVTEK-labra!line con 0line vty 5 15LoginPassword cisco
!!end
Syslog
• Add syslog collection to server computer
• Start Kiwi syslog daemon from server computer
• In router direct log messages to syslog– Logging host xxx.xxx.xxx.xxx –command– Debug all generates lots of messages– Loggin level debugging
