Cisco Monitor Common Mistakes

I am going to touch on common mistakes in cisco network monitoring today. You know for sure that you need a network-monitoring tool for managing your network. There are wide varieties of tools available that range from simple to complex and free to enterprise ones.
If you get one monitoring tool and install it, can you say that everything is under control? Are you going to be aware of what happened in your network? I will try to warn you about common mistakes in Cisco network monitoring. Actually, these mistakes are common for any kind of network however my experience on Cisco environment.

1. Monitoring without documentation
If you are monitoring your network and don’t have the complete network documentation, then it will not be clear whether monitoring is beneficial or not. How can you be sure about reliability of your monitoring system without knowing exact number of devices, their models and their interconnections?

Read More

Network Monitoring Tools

What are your daily duties as the network administrator? You have to keep your network up and running. You have to answer calls which may relate to situations like “X location is down” or “Y location is slow”. You should monitor your network as described below to fulfill the tasks.

• You should monitor your network and take actions with respect to situations like device and line failures.
• You should analyze line utilizations, errors on the line and be sure about network performance.
• You should be aware of who talks with whom? How much bandwidth is needed for every single application?
• And sometimes, you need to see exact data flow over the network.

If you have all these information ready, then people will think twice before they point finger at you. How can you achieve this?

We need a layered approach to understand network monitoring. I am not talking about network layers, but network monitoring layers. We have to involve deeply to monitoring layers before decide about network monitoring software needs. A simple summary could be like below.

• Preconditions of network monitoring.
• Up/Down monitoring
• Performance Monitoring / SNMP monitoring
• Who talks with whom? / Netflow monitoring
• Data capture / Data sniffing

Preconditions of Network Monitoring
Network documentation is essential to monitor a network. Trying to set up network monitoring tools before going through the documentation is complete waste of time. You will see everything green on the screen, but this maybe due to one of the redundant lines that are down. You will sit staring without knowing what is happening. Always remember, documentation comes first and everything follows.
Suggested monitoring tools: Powerpoint/Visio, NetViz


Up/Down monitoring
You have a map in which you can see some red and green lights glowing. Green means up and red means down. It is simple yet powerful. You will immediately come to know that there is some problem if the red light glows.
This is based on ping. Almost every IP devices support echo/echo reply. So, you can monitor all IP devices in your network by using ping. You go one step further by monitoring one application at a time present on a device instead of whole device. All network applications utilize TCP/UDP ports. You can monitor the applications by trying to access with telnet to its TCP/UDP ports. The port being open suggests that the application is running
Suggested monitoring tools: WhatsupGold, nmap


Performance monitoring / SNMP monitoring
The lines are up, the devices are up, but life is not perfect. People complain about performance of data lines. Are they saturated? Do we have package losses on the lines? Are routers running out of memory? We need SNMP to monitor heart beat of the network.
Suggested monitoring tools: MRTG, Solarwinds Orion, PRTG


Who talks with whom? / Netflow monitoring
You realized that the line is full. Someone / some applications make increase traffic load enormously. Who are they? Is it necessary traffic? In Cisco devices, by using “ip accounting” command we can get an idea of current traffic sources and destinations. Nevertheless, to analyze and to optimize the traffic we need flow monitoring. We need to know source and destination IP addresses and TCP/UDP ports and number of packages/bytes.
Everyone blames the network speed until you publish the network usage report that clearly shows only 15% of the traffic is ERP traffic and rest comes Internet access.
You should know that flow monitoring tools requires more server resources, since they collect enormous amount of data.
Suggested monitoring tools: Fluke Netflow monitor, Paasler


Data capture / RMON – Sniffer tools
Sometimes you need to observe the exact data flow on the line and not just information about it. Just have a look at this sample scenario. After you find out that the web service causes inappropriately high network traffic, the owner of the application just can say “No, we are not pushing this much of data to network. We just respond Yes or No in this web service and it is just 100 bytes”. Therefore, you should sniff the data flow on the line. Maybe, you will find that web service responds yes or no (100 bytes) and with the definition of web service (6 kilobytes).
Suggested monitoring tools: Wireshark

Read More

Advanced SSH settings Cisco IOS

I mentioned about basic SSH setting in SSH@Cisco article. But I saw that there are other questions about SSH settings, so, I decided to dive a bit deeper. The settings mentioned below are tested with IOS 12.4, but I am not sure about exact version that supports below features.

Q1. What happens if I changed hostname or ip domain name after SSH settings has been done?
A1. Nothing. You need them to create rsa keys but, but afterwards, if you change them, only the key name changes and key data remain same.

ciscolab#sh crypto key mypubkey rsa

Read More

SSH @ Cisco

       Recently, I had to swap the Internet router of my company. BGP and cef ate up the whole memory and it was not possible to upgrade the memory of Cisco 3725 router beyond 256MB. It was time to change it.

       I had a chance to install a new Cisco 3845 with 1GB memory. Everything was fine except SSH access that I needed because of security policy. I searched the web and found “Configuring Secure Shell on Routers and Switches Running Cisco IOS” document on Cisco web site. It was a little bit different than current one. I made a configuration as explained, but it was not good enough and access to the router via SSH was not possible.

About one week later, I realized that

• SSH only supports authentication with username/password, but it does not support just access password like telnet
• So, I had to create a user and set a password with username command
• I had to enable aaa new-model OR issue login local command under line vty for username/password authentication.
• Also a hostname and a domain name were required to generate the keys, since router uses its FQDN as the label of the key pair.
• SSH is enabled by default and I do not need to enable it myself.

Read More

Top five learning tools

1. Guide to network adminGood network administration is the backbone of today's technology-dependent enterprises. Network administrators are charged with keeping expansive networks and numerous applications running smoothly, and the job can seem overwhelming at times. We're coming to the rescue with this guide that brings you back to basics. We polled our readers about their most common tasks to find out what the heart and soul of network administration consists of
   

Read More

Hardware/Software Life Cycle

Hardware Life Cycle

On lists of hardware recommendations, you will see a status value which may be one of these four options:

Early Adoption – equipment is new and is undergoing validation testing in company's network. Sites installing hardware of this type do so at their own risk but we do encourage a certain amount of creativity and look forward to receiving feedback on the community's experiences.
We recommend early adoption hardware is installed in a low risk part of the network.

Current Recommended – equipment is recommended wherever possible for new installations.

Current Alternati ve – equipment is still current and supported, but the latest Company networking engineering standard

Read More

IOS Commands

Privileged Mode

   enable - get to privileged mode

   disable - get to user mode

Configuring the Router

   sh running-config - details the running configuration file (RAM)

   sh startup-config - displays the configuration stored in NVRAM

   setup - Will start the the automatic setup; the same as when you first boot the router

   config t - use to execute configuration commands from the terminal

   config mem - executes configuration commands stored in NVRAM; copies startup-config to running-config

   config net - used to retrieve configuration info from a TFTP server

   copy running-config startup-config - copies saved config in running config (RAM) to NVRAM or "write memory" for IOS under ver.11

Read More

Troubleshooting Strategy

How do you know when you are having a network problem? The answer to this question depends on your site's network configuration and on your network's normal behavior. See "Knowing Your Network" for more information.

If you notice changes on your network, ask the following questions: Has this event ever occurred before?

• Is the change expected or unusual?
• Does the change involve a device or network path for which you already have a backup solution in place?
• Does the change interfere with vital network operations?
• Does the change affect one or many devices or network paths?

After you have an idea of how the change is affecting your network, you can categorize it as critical or noncritical. Both of these categories need
By using a strategy for network troubleshooting, you can approach a problem methodically and resolve it with minimal disruption to network users. It is also important to have an accurate and detailed map of your current network environment.

Read More

Knowledge of Networking Practices

1 Implementing the Installation of the Network 
     1.1 Demonstrate awareness that administrative and test accounts, passwords, IP addresses, IP configurations, relevant SOPs, etc., must be obtained prior to network implementation.

    1.2 Explain the impact of environmental factors on computer networks. Given a network installation scenario, identify unexpected or atypical conditions that could either cause problems for the network or signify that a problem condition already exists, including

     ·         room conditions (e.g., humidity, heat, etc.)
     ·      it's important to setup the room with normal humidity to prevent electrostatic discharge (ESD), air conditioning to prevent CPU overheating and system shutdown

Read More

Troubleshooting the Network

How To Troubleshooting The Network

Recognize the following steps as a systematic approach to identifying the extent of a network problem and, given a problem scenario, select the appropriate next step based on this approach:
   1. determine whether the problem exists across the network,
   2. determine whether the problem is workstation, workgroup, LAN or WAN,
   3. determine whether the problem is consistent and replicable, and
   4. use standard troubleshooting methods.

Identify the following steps as a systematic approach for troubleshooting network problems and, given a problem scenario, select the appropriate next step based on this approach:
   1. identify the exact issue,
   2. recreate the problem,
   3. isolate the cause,
   4. formulate a correction,
   5. implememt the correction,
   6. test,
   7. document the problem and the solution, and
   8. give feedback.

Read More