1

基礎網路介紹及網路故障排除

2

一網路基礎架構介紹

3

Typical Network Topologies Defining Features

4

Hierarchical Model

5

Typical Multilayer Network Design

6

Multilayer Design Guidelines

Access (Cisco Catalyst 2950 2960 Series)

ndash Layer 2 switching in wiring closet (can be Layer 3 aware)ndash Acts as the network trust or policy boundaryDistribution (Cisco Catalyst 3550 3560 3750 Series)

ndash Layer 3 Switching in distribution layerndash Utilizes IGP for benefits such as load balancing fast convergence and

scalability

ndash Provide first‐hop redundancyresiliencendash Aggregates the access layer elements

Core (Cisco Catalyst 4000 6500 Series)

ndash Layer 3 switching in the backbone for load balancing fast convergence and scalability

ndash Requires high‐speed service with no policy enforcement

7

Defining the Access Layer

Aggregates user end stations IP phones and servers

Connects to distribution‐layer switches

All uplinks can actively forward traffic (Layer 3 distribution)

Layer 2 device with Layer 3 intelligence (Security QoS IP multicast etc)

Use intelligent network services for establishing the trust boundary

8

Defining the Distribution Layer

Aggregates wiring closets (access layer) and uplinks to Core

Protects core from high‐density peering

Availability load balancing QoS and provisioning are important considerations at this layer

ndash Use Layer 3 Switching in the distribution layerndash HSRP and HSRP tracking insure first‐hop redundancy

9

Defining the Core Layer

Backbone for the networkmdashConnects distribution‐layer blocks

Aggregation point for distribution layer

Core layer is required to scale campus networks

ndash Physical cabling requirements

ndash Routing complexity

10

Do I Need a Core Layer

Easier to add a moduleFewer links in the coreEasier bandwidth upgradeRouting protocol peering reducedCore layermdashOptional for small networks

11

Server Farms

Put server farm in its own VLAN and IP SubnetmdashLayer 3 switch traffic to it

If dual NIC servers connected to two access switches require Layer 2 adjacency for NIC redundancy then

ndash Install Layer 2 link between distribution blocks for example VLAN 3

12

Campus Design Best Practices

Map Layer 2 VLANs to Layer 3 IP subnets

Avoid campus‐wide VLANs

Design a campus with Layer 3 protocols

Daisy‐chaining dangerous

Take advantage of equal‐cost routes

Oversubscription and performance characteristics

13

Map Layer 2 VLANs to Layer 3 Subnets

Map Layer 2 domain to a Layer 3 subnet with an understandable VLAN‐to‐IP subnet numbering scheme

For example data VLAN 20 and voice VLAN 120 in building 1 can correspond to 10120x24 and 101120x24

A good addressing scheme helps in summarizing routes and eases troubleshooting

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

2

一網路基礎架構介紹

3

Typical Network Topologies Defining Features

4

Hierarchical Model

5

Typical Multilayer Network Design

6

Multilayer Design Guidelines

Access (Cisco Catalyst 2950 2960 Series)

ndash Layer 2 switching in wiring closet (can be Layer 3 aware)ndash Acts as the network trust or policy boundaryDistribution (Cisco Catalyst 3550 3560 3750 Series)

ndash Layer 3 Switching in distribution layerndash Utilizes IGP for benefits such as load balancing fast convergence and

scalability

ndash Provide first‐hop redundancyresiliencendash Aggregates the access layer elements

Core (Cisco Catalyst 4000 6500 Series)

ndash Layer 3 switching in the backbone for load balancing fast convergence and scalability

ndash Requires high‐speed service with no policy enforcement

7

Defining the Access Layer

Aggregates user end stations IP phones and servers

Connects to distribution‐layer switches

All uplinks can actively forward traffic (Layer 3 distribution)

Layer 2 device with Layer 3 intelligence (Security QoS IP multicast etc)

Use intelligent network services for establishing the trust boundary

8

Defining the Distribution Layer

Aggregates wiring closets (access layer) and uplinks to Core

Protects core from high‐density peering

Availability load balancing QoS and provisioning are important considerations at this layer

ndash Use Layer 3 Switching in the distribution layerndash HSRP and HSRP tracking insure first‐hop redundancy

9

Defining the Core Layer

Backbone for the networkmdashConnects distribution‐layer blocks

Aggregation point for distribution layer

Core layer is required to scale campus networks

ndash Physical cabling requirements

ndash Routing complexity

10

Do I Need a Core Layer

Easier to add a moduleFewer links in the coreEasier bandwidth upgradeRouting protocol peering reducedCore layermdashOptional for small networks

11

Server Farms

Put server farm in its own VLAN and IP SubnetmdashLayer 3 switch traffic to it

If dual NIC servers connected to two access switches require Layer 2 adjacency for NIC redundancy then

ndash Install Layer 2 link between distribution blocks for example VLAN 3

12

Campus Design Best Practices

Map Layer 2 VLANs to Layer 3 IP subnets

Avoid campus‐wide VLANs

Design a campus with Layer 3 protocols

Daisy‐chaining dangerous

Take advantage of equal‐cost routes

Oversubscription and performance characteristics

13

Map Layer 2 VLANs to Layer 3 Subnets

Map Layer 2 domain to a Layer 3 subnet with an understandable VLAN‐to‐IP subnet numbering scheme

For example data VLAN 20 and voice VLAN 120 in building 1 can correspond to 10120x24 and 101120x24

A good addressing scheme helps in summarizing routes and eases troubleshooting

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

3

Typical Network Topologies Defining Features

4

Hierarchical Model

5

Typical Multilayer Network Design

6

Multilayer Design Guidelines

Access (Cisco Catalyst 2950 2960 Series)

ndash Layer 2 switching in wiring closet (can be Layer 3 aware)ndash Acts as the network trust or policy boundaryDistribution (Cisco Catalyst 3550 3560 3750 Series)

ndash Layer 3 Switching in distribution layerndash Utilizes IGP for benefits such as load balancing fast convergence and

scalability

ndash Provide first‐hop redundancyresiliencendash Aggregates the access layer elements

Core (Cisco Catalyst 4000 6500 Series)

ndash Layer 3 switching in the backbone for load balancing fast convergence and scalability

ndash Requires high‐speed service with no policy enforcement

7

Defining the Access Layer

Aggregates user end stations IP phones and servers

Connects to distribution‐layer switches

All uplinks can actively forward traffic (Layer 3 distribution)

Layer 2 device with Layer 3 intelligence (Security QoS IP multicast etc)

Use intelligent network services for establishing the trust boundary

8

Defining the Distribution Layer

Aggregates wiring closets (access layer) and uplinks to Core

Protects core from high‐density peering

Availability load balancing QoS and provisioning are important considerations at this layer

ndash Use Layer 3 Switching in the distribution layerndash HSRP and HSRP tracking insure first‐hop redundancy

9

Defining the Core Layer

Backbone for the networkmdashConnects distribution‐layer blocks

Aggregation point for distribution layer

Core layer is required to scale campus networks

ndash Physical cabling requirements

ndash Routing complexity

10

Do I Need a Core Layer

Easier to add a moduleFewer links in the coreEasier bandwidth upgradeRouting protocol peering reducedCore layermdashOptional for small networks

11

Server Farms

Put server farm in its own VLAN and IP SubnetmdashLayer 3 switch traffic to it

If dual NIC servers connected to two access switches require Layer 2 adjacency for NIC redundancy then

ndash Install Layer 2 link between distribution blocks for example VLAN 3

12

Campus Design Best Practices

Map Layer 2 VLANs to Layer 3 IP subnets

Avoid campus‐wide VLANs

Design a campus with Layer 3 protocols

Daisy‐chaining dangerous

Take advantage of equal‐cost routes

Oversubscription and performance characteristics

13

Map Layer 2 VLANs to Layer 3 Subnets

Map Layer 2 domain to a Layer 3 subnet with an understandable VLAN‐to‐IP subnet numbering scheme

For example data VLAN 20 and voice VLAN 120 in building 1 can correspond to 10120x24 and 101120x24

A good addressing scheme helps in summarizing routes and eases troubleshooting

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

4

Hierarchical Model

5

Typical Multilayer Network Design

6

Multilayer Design Guidelines

Access (Cisco Catalyst 2950 2960 Series)

ndash Layer 2 switching in wiring closet (can be Layer 3 aware)ndash Acts as the network trust or policy boundaryDistribution (Cisco Catalyst 3550 3560 3750 Series)

ndash Layer 3 Switching in distribution layerndash Utilizes IGP for benefits such as load balancing fast convergence and

scalability

ndash Provide first‐hop redundancyresiliencendash Aggregates the access layer elements

Core (Cisco Catalyst 4000 6500 Series)

ndash Layer 3 switching in the backbone for load balancing fast convergence and scalability

ndash Requires high‐speed service with no policy enforcement

7

Defining the Access Layer

Aggregates user end stations IP phones and servers

Connects to distribution‐layer switches

All uplinks can actively forward traffic (Layer 3 distribution)

Layer 2 device with Layer 3 intelligence (Security QoS IP multicast etc)

Use intelligent network services for establishing the trust boundary

8

Defining the Distribution Layer

Aggregates wiring closets (access layer) and uplinks to Core

Protects core from high‐density peering

Availability load balancing QoS and provisioning are important considerations at this layer

ndash Use Layer 3 Switching in the distribution layerndash HSRP and HSRP tracking insure first‐hop redundancy

9

Defining the Core Layer

Backbone for the networkmdashConnects distribution‐layer blocks

Aggregation point for distribution layer

Core layer is required to scale campus networks

ndash Physical cabling requirements

ndash Routing complexity

10

Do I Need a Core Layer

Easier to add a moduleFewer links in the coreEasier bandwidth upgradeRouting protocol peering reducedCore layermdashOptional for small networks

11

Server Farms

Put server farm in its own VLAN and IP SubnetmdashLayer 3 switch traffic to it

If dual NIC servers connected to two access switches require Layer 2 adjacency for NIC redundancy then

ndash Install Layer 2 link between distribution blocks for example VLAN 3

12

Campus Design Best Practices

Map Layer 2 VLANs to Layer 3 IP subnets

Avoid campus‐wide VLANs

Design a campus with Layer 3 protocols

Daisy‐chaining dangerous

Take advantage of equal‐cost routes

Oversubscription and performance characteristics

13

Map Layer 2 VLANs to Layer 3 Subnets

Map Layer 2 domain to a Layer 3 subnet with an understandable VLAN‐to‐IP subnet numbering scheme

For example data VLAN 20 and voice VLAN 120 in building 1 can correspond to 10120x24 and 101120x24

A good addressing scheme helps in summarizing routes and eases troubleshooting

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

5

Typical Multilayer Network Design

6

Multilayer Design Guidelines

Access (Cisco Catalyst 2950 2960 Series)

ndash Layer 2 switching in wiring closet (can be Layer 3 aware)ndash Acts as the network trust or policy boundaryDistribution (Cisco Catalyst 3550 3560 3750 Series)

ndash Layer 3 Switching in distribution layerndash Utilizes IGP for benefits such as load balancing fast convergence and

scalability

ndash Provide first‐hop redundancyresiliencendash Aggregates the access layer elements

Core (Cisco Catalyst 4000 6500 Series)

ndash Layer 3 switching in the backbone for load balancing fast convergence and scalability

ndash Requires high‐speed service with no policy enforcement

7

Defining the Access Layer

Aggregates user end stations IP phones and servers

Connects to distribution‐layer switches

All uplinks can actively forward traffic (Layer 3 distribution)

Layer 2 device with Layer 3 intelligence (Security QoS IP multicast etc)

Use intelligent network services for establishing the trust boundary

8

Defining the Distribution Layer

Aggregates wiring closets (access layer) and uplinks to Core

Protects core from high‐density peering

Availability load balancing QoS and provisioning are important considerations at this layer

ndash Use Layer 3 Switching in the distribution layerndash HSRP and HSRP tracking insure first‐hop redundancy

9

Defining the Core Layer

Backbone for the networkmdashConnects distribution‐layer blocks

Aggregation point for distribution layer

Core layer is required to scale campus networks

ndash Physical cabling requirements

ndash Routing complexity

10

Do I Need a Core Layer

Easier to add a moduleFewer links in the coreEasier bandwidth upgradeRouting protocol peering reducedCore layermdashOptional for small networks

11

Server Farms

Put server farm in its own VLAN and IP SubnetmdashLayer 3 switch traffic to it

If dual NIC servers connected to two access switches require Layer 2 adjacency for NIC redundancy then

ndash Install Layer 2 link between distribution blocks for example VLAN 3

12

Campus Design Best Practices

Map Layer 2 VLANs to Layer 3 IP subnets

Avoid campus‐wide VLANs

Design a campus with Layer 3 protocols

Daisy‐chaining dangerous

Take advantage of equal‐cost routes

Oversubscription and performance characteristics

13

Map Layer 2 VLANs to Layer 3 Subnets

Map Layer 2 domain to a Layer 3 subnet with an understandable VLAN‐to‐IP subnet numbering scheme

For example data VLAN 20 and voice VLAN 120 in building 1 can correspond to 10120x24 and 101120x24

A good addressing scheme helps in summarizing routes and eases troubleshooting

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

6

Multilayer Design Guidelines

Access (Cisco Catalyst 2950 2960 Series)

ndash Layer 2 switching in wiring closet (can be Layer 3 aware)ndash Acts as the network trust or policy boundaryDistribution (Cisco Catalyst 3550 3560 3750 Series)

ndash Layer 3 Switching in distribution layerndash Utilizes IGP for benefits such as load balancing fast convergence and

scalability

ndash Provide first‐hop redundancyresiliencendash Aggregates the access layer elements

Core (Cisco Catalyst 4000 6500 Series)

ndash Layer 3 switching in the backbone for load balancing fast convergence and scalability

ndash Requires high‐speed service with no policy enforcement

7

Defining the Access Layer

Aggregates user end stations IP phones and servers

Connects to distribution‐layer switches

All uplinks can actively forward traffic (Layer 3 distribution)

Layer 2 device with Layer 3 intelligence (Security QoS IP multicast etc)

Use intelligent network services for establishing the trust boundary

8

Defining the Distribution Layer

Aggregates wiring closets (access layer) and uplinks to Core

Protects core from high‐density peering

Availability load balancing QoS and provisioning are important considerations at this layer

ndash Use Layer 3 Switching in the distribution layerndash HSRP and HSRP tracking insure first‐hop redundancy

9

Defining the Core Layer

Backbone for the networkmdashConnects distribution‐layer blocks

Aggregation point for distribution layer

Core layer is required to scale campus networks

ndash Physical cabling requirements

ndash Routing complexity

10

Do I Need a Core Layer

Easier to add a moduleFewer links in the coreEasier bandwidth upgradeRouting protocol peering reducedCore layermdashOptional for small networks

11

Server Farms

Put server farm in its own VLAN and IP SubnetmdashLayer 3 switch traffic to it

If dual NIC servers connected to two access switches require Layer 2 adjacency for NIC redundancy then

ndash Install Layer 2 link between distribution blocks for example VLAN 3

12

Campus Design Best Practices

Map Layer 2 VLANs to Layer 3 IP subnets

Avoid campus‐wide VLANs

Design a campus with Layer 3 protocols

Daisy‐chaining dangerous

Take advantage of equal‐cost routes

Oversubscription and performance characteristics

13

Map Layer 2 VLANs to Layer 3 Subnets

Map Layer 2 domain to a Layer 3 subnet with an understandable VLAN‐to‐IP subnet numbering scheme

For example data VLAN 20 and voice VLAN 120 in building 1 can correspond to 10120x24 and 101120x24

A good addressing scheme helps in summarizing routes and eases troubleshooting

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

7

Defining the Access Layer

Aggregates user end stations IP phones and servers

Connects to distribution‐layer switches

All uplinks can actively forward traffic (Layer 3 distribution)

Layer 2 device with Layer 3 intelligence (Security QoS IP multicast etc)

Use intelligent network services for establishing the trust boundary

8

Defining the Distribution Layer

Aggregates wiring closets (access layer) and uplinks to Core

Protects core from high‐density peering

Availability load balancing QoS and provisioning are important considerations at this layer

ndash Use Layer 3 Switching in the distribution layerndash HSRP and HSRP tracking insure first‐hop redundancy

9

Defining the Core Layer

Backbone for the networkmdashConnects distribution‐layer blocks

Aggregation point for distribution layer

Core layer is required to scale campus networks

ndash Physical cabling requirements

ndash Routing complexity

10

Do I Need a Core Layer

Easier to add a moduleFewer links in the coreEasier bandwidth upgradeRouting protocol peering reducedCore layermdashOptional for small networks

11

Server Farms

Put server farm in its own VLAN and IP SubnetmdashLayer 3 switch traffic to it

If dual NIC servers connected to two access switches require Layer 2 adjacency for NIC redundancy then

ndash Install Layer 2 link between distribution blocks for example VLAN 3

12

Campus Design Best Practices

Map Layer 2 VLANs to Layer 3 IP subnets

Avoid campus‐wide VLANs

Design a campus with Layer 3 protocols

Daisy‐chaining dangerous

Take advantage of equal‐cost routes

Oversubscription and performance characteristics

13

Map Layer 2 VLANs to Layer 3 Subnets

Map Layer 2 domain to a Layer 3 subnet with an understandable VLAN‐to‐IP subnet numbering scheme

For example data VLAN 20 and voice VLAN 120 in building 1 can correspond to 10120x24 and 101120x24

A good addressing scheme helps in summarizing routes and eases troubleshooting

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

8

Defining the Distribution Layer

Aggregates wiring closets (access layer) and uplinks to Core

Protects core from high‐density peering

Availability load balancing QoS and provisioning are important considerations at this layer

ndash Use Layer 3 Switching in the distribution layerndash HSRP and HSRP tracking insure first‐hop redundancy

9

Defining the Core Layer

Backbone for the networkmdashConnects distribution‐layer blocks

Aggregation point for distribution layer

Core layer is required to scale campus networks

ndash Physical cabling requirements

ndash Routing complexity

10

Do I Need a Core Layer

Easier to add a moduleFewer links in the coreEasier bandwidth upgradeRouting protocol peering reducedCore layermdashOptional for small networks

11

Server Farms

Put server farm in its own VLAN and IP SubnetmdashLayer 3 switch traffic to it

If dual NIC servers connected to two access switches require Layer 2 adjacency for NIC redundancy then

ndash Install Layer 2 link between distribution blocks for example VLAN 3

12

Campus Design Best Practices

Map Layer 2 VLANs to Layer 3 IP subnets

Avoid campus‐wide VLANs

Design a campus with Layer 3 protocols

Daisy‐chaining dangerous

Take advantage of equal‐cost routes

Oversubscription and performance characteristics

13

Map Layer 2 VLANs to Layer 3 Subnets

Map Layer 2 domain to a Layer 3 subnet with an understandable VLAN‐to‐IP subnet numbering scheme

For example data VLAN 20 and voice VLAN 120 in building 1 can correspond to 10120x24 and 101120x24

A good addressing scheme helps in summarizing routes and eases troubleshooting

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

9

Defining the Core Layer

Backbone for the networkmdashConnects distribution‐layer blocks

Aggregation point for distribution layer

Core layer is required to scale campus networks

ndash Physical cabling requirements

ndash Routing complexity

10

Do I Need a Core Layer

Easier to add a moduleFewer links in the coreEasier bandwidth upgradeRouting protocol peering reducedCore layermdashOptional for small networks

11

Server Farms

Put server farm in its own VLAN and IP SubnetmdashLayer 3 switch traffic to it

If dual NIC servers connected to two access switches require Layer 2 adjacency for NIC redundancy then

ndash Install Layer 2 link between distribution blocks for example VLAN 3

12

Campus Design Best Practices

Map Layer 2 VLANs to Layer 3 IP subnets

Avoid campus‐wide VLANs

Design a campus with Layer 3 protocols

Daisy‐chaining dangerous

Take advantage of equal‐cost routes

Oversubscription and performance characteristics

13

Map Layer 2 VLANs to Layer 3 Subnets

Map Layer 2 domain to a Layer 3 subnet with an understandable VLAN‐to‐IP subnet numbering scheme

For example data VLAN 20 and voice VLAN 120 in building 1 can correspond to 10120x24 and 101120x24

A good addressing scheme helps in summarizing routes and eases troubleshooting

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

10

Do I Need a Core Layer

Easier to add a moduleFewer links in the coreEasier bandwidth upgradeRouting protocol peering reducedCore layermdashOptional for small networks

11

Server Farms

Put server farm in its own VLAN and IP SubnetmdashLayer 3 switch traffic to it

If dual NIC servers connected to two access switches require Layer 2 adjacency for NIC redundancy then

ndash Install Layer 2 link between distribution blocks for example VLAN 3

12

Campus Design Best Practices

Map Layer 2 VLANs to Layer 3 IP subnets

Avoid campus‐wide VLANs

Design a campus with Layer 3 protocols

Daisy‐chaining dangerous

Take advantage of equal‐cost routes

Oversubscription and performance characteristics

13

Map Layer 2 VLANs to Layer 3 Subnets

Map Layer 2 domain to a Layer 3 subnet with an understandable VLAN‐to‐IP subnet numbering scheme

For example data VLAN 20 and voice VLAN 120 in building 1 can correspond to 10120x24 and 101120x24

A good addressing scheme helps in summarizing routes and eases troubleshooting

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

11

Server Farms

Put server farm in its own VLAN and IP SubnetmdashLayer 3 switch traffic to it

If dual NIC servers connected to two access switches require Layer 2 adjacency for NIC redundancy then

ndash Install Layer 2 link between distribution blocks for example VLAN 3

12

Campus Design Best Practices

Map Layer 2 VLANs to Layer 3 IP subnets

Avoid campus‐wide VLANs

Design a campus with Layer 3 protocols

Daisy‐chaining dangerous

Take advantage of equal‐cost routes

Oversubscription and performance characteristics

13

Map Layer 2 VLANs to Layer 3 Subnets

Map Layer 2 domain to a Layer 3 subnet with an understandable VLAN‐to‐IP subnet numbering scheme

For example data VLAN 20 and voice VLAN 120 in building 1 can correspond to 10120x24 and 101120x24

A good addressing scheme helps in summarizing routes and eases troubleshooting

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

12

Campus Design Best Practices

Map Layer 2 VLANs to Layer 3 IP subnets

Avoid campus‐wide VLANs

Design a campus with Layer 3 protocols

Daisy‐chaining dangerous

Take advantage of equal‐cost routes

Oversubscription and performance characteristics

13

Map Layer 2 VLANs to Layer 3 Subnets

Map Layer 2 domain to a Layer 3 subnet with an understandable VLAN‐to‐IP subnet numbering scheme

For example data VLAN 20 and voice VLAN 120 in building 1 can correspond to 10120x24 and 101120x24

A good addressing scheme helps in summarizing routes and eases troubleshooting

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

13

Map Layer 2 VLANs to Layer 3 Subnets

Map Layer 2 domain to a Layer 3 subnet with an understandable VLAN‐to‐IP subnet numbering scheme

For example data VLAN 20 and voice VLAN 120 in building 1 can correspond to 10120x24 and 101120x24

A good addressing scheme helps in summarizing routes and eases troubleshooting

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

14

Avoid Campus‐Wide VLANs

Large and overlapping spanning‐tree domain

Propagates problems (potential failure domain)

Slows convergence

Modern routers not network bottlenecks

bull DHCP and Mobile IP address client mobility

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

15

Layer 3 Dual‐Path

Layer 3 load balancing preserves bandwidth

ndash Unlike Layer 1 and Layer 2 redundancy (blocked ports)Fast recovery to remaining path

ndash Convergence is extremely fast (dual equal‐cost paths no need for OSPF or EIGRP to recalculate new path)

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

16

Daisy Chains

No UplinkFastmdashSlow STP convergence

Discontinuous subnets Traffic reaches black hole (both routers claim they can reach VLAN x)

Install Layer 2 link between the two distribution switches

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

17

Daisy Chains (Cisco Catalyst 3750 Series)

Utilize Cross‐Stack UplinkFast

feature for stackables

bull Transitions redundant blocking link directly to forwarding if link to root fails

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

18

Understand Performance and Oversubscription Characteristics

Most networks are built with oversubscription

Performance usually limited not by the box but by the uplink

Use QoS to protect real‐time flows at congested points

Oversubscription rules of thumb work well

201 maximum at wiring closet

Less in distribution (41) and server farm (from 41 to 11)

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

19

Redundancy Types

Layer 1 redundancymdashProvides an alternate physical path through the network

Layer 23 redundancymdashSpanning‐tree routing protocol EtherChannelfor alternate path awareness and fast convergence

StabilitymdashEnsure a stable network through proper physical STP and routing design to reduce human errors

Application availabilitymdashApplication server and client processes must support failover for maximum availability

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

20

Small Campus Network

Backbone layermdashcollapsed core and distribution

Can use modularstackable switching solutions

Scalable up to few access switches

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

21

Medium Campus Network

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

22

Large Campus Network

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

23

Building Block Approach

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

24

Switch Block Characteristics

bull Device switches support one or more subnetsVLANs

bull Subnets terminate at the distribution switch

bull Access devices have redundant links

bull Spanning Tree Protocol terminates at the switch block boundary

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

25

VLANs in the Switch Block

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

26

Link Types

A trunk link is capable of carrying multiple VLANs

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

27

Trunking

bull Specifically developed for multi‐VLAN interswitch communications

bull Places a unique identifier in the header of each frame

bull Functions at Layer 2 bull IEEE

8021Q

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

28

Inter‐VLAN Routing

bull A Route Processor provides Layer 3 functionality for switches

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

29

Increasing Performance Add More Bandwidth

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

30

Fast EtherChannel

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

31

Is QoS Needed in the Campus

Maybe maybe not campus congestionis a buffer management issue

ldquoJust throw more bandwidth at it That will solve the problemrdquo

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

32

Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

33

Enabling QoS in the Campus Scheduling in the Campus

Output buffers can reach 100 in campus networks resulting in dropped voice packets

QoS required when there is a possibility of congestion in buffers

Multiple queues are the only way to guarantee voice quality

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

34

Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS

bull 8021p user priority field also called class of service (CoS)

bull Different types of traffic are assigned different CoS values

bull CoS 6 and 7 are reserved for network use

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

35

Enabling QoS in the Campus Layer 3 Classificationmdash IP Precedence DSCP

bull IPv4 Three most significant bits of ToS byte are called IP precedence other bits unused

bull DiffServ Six Most significant bits of ToS byte are called DSCP remaining two bits used for flow control

bull DSCP backward compatible with IP precedence

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

36

Enabling QoS in the Campus Classification Summary

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

37

Power Over Ethernet

Prepare the network for IP Telephony and Wireless access

Eliminate the need for separate electrical wiring

Cisco pre‐standard POE and 8023af are fully supported

Wide selection of standards‐based IEEE 8023af powered devices

ndash IP Phonesndash Wireless Access Points

ndash Surveillance cameras

ndash Access Card Readers

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

38

Access Point Front Cover LEDrsquos

Status LightsEthernet

Status

Radio Activity

Ethernet Activity

Status

Radio Activity

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

39

CiscoWorks WLSE

1

Specialized application for managing the Cisco WLAN

2

Centralized template‐ based configuration of access points and bridges

with user defined groups

3

Proactive fault and performance monitoring

of access points bridges LEAP server and

attached switch

CiscoWorks Wireless LANSolution Engine

U N I V E R S I T YU N I V E R S I T Y

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

40

二網路設備介紹

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

41

The Cisco LAN Switching Portfolio

Catalyst 375035602960 Catalyst 6500Catalyst 40004500

bull Stackable Compact Footprint bull Gig Density 12 Ports bull EZ Clustering Managementbull L2-L4 Switchingbull Medium Port Density

bull Highest Switching Capacitybull High Availability - Stateful Failoverbull 10-Gigabit Ethernet Interfaces bull Nonblocking Gigabit Density 142bull LANWAN Interfaces (to OC 48)

L2-L7 SwitchingIntegrated Inline PowerServices Modules Redundant PowerRedundant Supervisor Fabric

bull High Switching Capacitybull High-Density 101001000bull High-Density 100FX amp 1000LXbull Nonblocking Gigabit Density 32bull L2-L4 Switching bull Inline Power Optionbull Redundant Power

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

42

Cisco Catalyst Positioning

Pric

ePe

rfor

man

ce

FunctionFlexibility

Catalyst 29502960

Catalyst 35503560

Catalyst 4500 Family

Catalyst 6500 Series

bull Modular 101001000bull High performance Layer 2L3L4 bull 24‐64 Gbps Switching Enginebull Chassis level high availability

bull

Modular 101001000bull

Highest density switching

capacity

bull

Layer 234‐7bull

32‐720 Gbps

Switching

Engine

bull

Highest Availability

bull

10100

and GE configurationsbull

High performance switching and routingbull

Enterprise‐class intelligent Layer 3L4 servicesbull

Clustering capable

bull

Stackable 10100 switchingbull

Gigabit

uplink connectivitybull

Advanced intelligent Layer 3L4 servicesbull

Clustering capable

Catalyst 3750bull

Stackable 101001000 and 10100 configurationsbull

Cisco StackWisetrade

Technologybull

Optimized for Gigabit Ethernet deploymentbull

Enterprise‐class Intelligent Layer 3L4 servicesbull

Highly resilient 32Gbps stacking interconnectionbull

Single management interface w auto configuration

Fast Ethernet

Optimized

Gigabit Ethernet

Optimized

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

43

Cisco Catalyst 2960 Series Model Overview Fast Ethernet Models

Softwarebull LAN Base Image

Enterprise-class intelligent services Advanced QoS enhanced security high availability

bull Orderable with latest IOS software version

bull 48 10100100 portsbull 2 101001000 Uplink

ports

bull 24 10100 portsbull 2 101001000 Uplink

Ports

Catalyst 2960-24TT Catalyst 2960-48TT

bull 24 10100 portsbull 2 Dual-Purpose Uplink

ports

Catalyst 2960-24TC Catalyst 2960-48TC

bull 48 10100 portsbull 2 Dual Purpose Uplink

ports

Uplinksbull Dual Purpose

UplinksOne 101001000 TX Port and One SFP Port

One port active at a time

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

44

Cisco Catalyst 3750 Series Switches Model Overview

Catalyst 3750G‐24TS

bull

24 101001000

Portsbull

24 101001000 Ports

bull

4 SFP ports

Two Software Versions

Standard Multilayer Software Image

(SMI)

bull Enterprise‐class intelligent services

Advanced QoS Enhanced Security High

Availability RIP and Static IP routing

Routed ACLs HSRP

Enhanced Multilayer Software Image

(EMI)

bull SMI feature set plus Dynamic IP Unicast

routing Smart Multicast routing

Catalyst 3750‐2448 are orderable with

either software image preinstalled

Catalyst 3750‐2448 can be upgraded

from SMI to EMI

Catalyst 3750G‐24T

bull

24 10100 Ports

bull

2 SFP ports

bull

48 10100 Ports

bull

4 SFP ports

Catalyst 3750‐24 Catalyst 3750‐48

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

45

Cisco StackWisetrade Technology

bull 32Gbps fault tolerant bi‐directional

backplane

bull Single IP address for management

bull Auto configuration and IOS version

checkupdate

bull 1N Master redundancy

bull Sub‐second L2 failover

bull Cross stack Etherchannel

bull Configurable QoS queues across

stack

bull Line speed performance with QoS

and ACLs for GE

bull Hot add and delete of GE and FE

chassis in same stack

bull Patented cable connector

S 1

S 3

S 2

M 4

M = Master Switch

S = Slave Switch

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

46

Cisco Catalyst 4500 Series Architecture

bull Centralized Forwarding ASICs

bull All packets are forwarded via the supervisor

bull No distributed line card forwarding

bull Scalable architecture ‐

64 to 320 Gbps

bull Fastest Centralized Architecture in the Industry

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

47

Cisco Catalyst 4500 Series Overview Common Architecture

Single Supervisor-Based

Chassis

Redundant Supervisor-Based

Chassis

Cisco Catalyst 4507R-E

Cisco Catalyst 4510R-E

Cisco Catalyst 4506-E

Cisco Catalyst 4503-E

Single RU Fixed Configuration

Same Switching Architecture

and Common Cisco IOSreg

Cisco Catalyst 4948 and 4948-10GigE

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

48

Cisco Catalyst 4500 Series Evolutionary Centralized Architecture

1999 2002 2004 2007 2012

Continued InnovationServices and Performance

Same Line Card

18Mpps 48Mpps 102Mpps

10100

1000

Layer 2

PoE L234

10 GbE

SSO

NACNSF

ISSUCISF

E‐Series

250 Mpps

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

49

Evolution of Centralized Switching Technology

Evoluti

onEvo

lution

1999 18

Mpps

L2 Only

2002 48

Mpps

L2L3

2004102

Mpps

L2L3 10Gig

2007250

Mpps

L2L3 IPv6

14X

increase

since lsquo99

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

50

Next‐Generation Catalyst 4500 ldquoE‐Seriesrdquo

Secure Flexible Non‐Stop Communications

ldquoErdquo

Series Chassis

ldquoErdquo

Series Line Cards

Supervisor 6‐E with CenterFlex

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

51

Cisco Catalyst 6500 Delivers Secure Converged Network Services

High Availabilitybull Physical

Availabilitybull Logical Availabilitybull Stateful Failover at

Layer 2bull Rapid Spanning-

Tree Convergence

QoSbull Input Policingbull Traffic

Classificationbull Multiple Queuesbull Convergence

Ready

Securitybull Layer 234

Access Controlbull 8021X User

Authenticationbull MAC Filteringbull Dynamic VLAN

Manageabilitybull Inline Powerbull Simple

Configurationbull L2-L4 Servicesbull Rich Multicast

Support

End-to-End Services

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

52

Catalyst 6500 Family

Catalyst 65033 slot chassis

Catalyst 65066 slot chassis

Catalyst 65099 slot chassis

Catalyst 6509‐NEBSNEBS Compliant 9 slot chassis

Catalyst 651313 slot chassis

Catalyst 6509‐NEBS‐A9 slot chassis

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

53

Cisco Catalyst 6500 Series

The Cisco Catalyst 6500 Series supports a wide range of interface densities performance and high‐availability options

Flexible 3‐ 6‐ 9‐ and 13‐slot chassis configurations

ndash Scalable switching fabric ndash Cisco

IOS software choices supported

on all supervisor engines

ndash Fast 2‐3 second stateful

failover of

redundant supervisors and integrated

services

ndash 10‐Mbps to 10‐Gbps Ethernet and DS0

to

OC‐48 WAN interfaces

ndash Wire‐rate QoS

and ACL policy

management

WS-6503 WS-C6506 WS-C6509 WS-C6509-NEBS and WS-C6513

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

54

Catalyst 6500 Supervisors

The Catalyst 6500 has three Supervisor options on offer

with each providing a different architectural backplane

configuration for line cards to connect intohellip

Supervisor 1A Supervisor 2 Supervisor 720 (NEW)

256Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 210Mppshellip

720Gb backplane

supporting hardware

accelerated Layer 2 and 3

QoS and Security policies

up to 400Mppshellip

32Gb backplane supporting

hardware accelerated Layer

2 and 3 QoS and Security

policies up to 15Mppshellip

Supervisor Options for the Catalyst 6500

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

55

Catalyst 6500 LinecardsThe Catalyst 6500 has a family of linecards to suit all network needshellip

10100 TX and 100 Fiber 101001000 TX GE SFP

GE GBIC 10GE WAN

Optical Switch Modules Inline Power ATM

CAT

6500

L I

NECARDS

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

56

Catalyst 6500 Service Modules

Content ServicesCommunications Media MWAN

Firewall Module VPN Module Intrusion Detection

Content Switching SSL Network Management

Service Modules represent the next generation of intelligent modules for the Catalyst 6500

Each module provides a high performance option scalable and feature rich deployment

optionshellip

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

57

Small Form Factor Pluggable (SFP)

bull New industry standard connector

bull Same functionality as Gigabit Interface Converters

(GBICs)

bull Hot pluggable

bull Smaller fiber connector LC

for SF

bull 25 SFPs

fit in space of one GBIC

bull Shipping SX LX ZX at FCS

bull 101001000BT and CWDM versions to come in mid

to late 2003

GBIC

SFP

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

58

三無線網路認證介紹

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

59

漫遊認證環境架構圖

NCHC資策會

WLANGateway

WLANGateway

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

60

無線漫遊環境身份認證機制

網頁認證

使用網站伺服器憑證(Certificate)辨識合法認證網站

透過SSL加密保護使用者帳號密碼安全

採用PAP (Password Authentication Protocol)認證機制

8021x認證

採CHAP或加密通道進行認證

EAP‐MD5ndash 採用CHAP (Challenge Handshake Authentication Protocol)認證

EAP‐PEAP ndash 採用 SSL加密通道 + MS‐CHAP v2 認證

EAP‐TTLSndash 採用 SSL加密通道 + PAPCHAPMS‐CHAPEAPndash 支援多種認證機制

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

61

WLAN Gateway

bull Usually web page for authorisationbull Allows policy based accessbull Good managementbull Very user friendlybull No client required

Bluesocketndash Commercial but popular in uk academiandash Lots of featuresNoCatAuthndash open source

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

62

Bluesocket Wireless Gateway

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

63

httpwwwitcntnuedutwservice1270php

四師大網路基本架構介紹

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

64

對外網路架構圖

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

65

校本部校區有線網路系統架構圖

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

66

校本部校區無線網路系統架構圖

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

67

理學院校區有線網路系統架構圖

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

68

理學院校區無線網路系統架構圖

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

69

林口校區有線網路系統架構圖

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

70

林口校區無線網路系統架構圖

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

71

五網路障礙排除方式

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

72

Possible Symptoms of Physical Layer Problems

Increased number of interface errorsIncreased number of interface errors

LEDs are off flashing or in a state other than the expected state during normal operationLEDs are off flashing or in a state other than the expected state during normal operation

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

Excessive utilizationExcessive utilization

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

73

Possible Symptoms of Data Link Layer Problems

Excessive CRC errors and frame check sequence errors Excessive CRC errors and frame check sequence errors

Large quantities of broadcast traffic Large quantities of broadcast traffic

A MAC address is cycling between portsA MAC address is cycling between ports

Console messagesConsole messages

System log file messagesSystem log file messages

Management system alarmsManagement system alarms

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

74

General Cisco Commands to Isolate Physical and Data Link Layer Problems

ping host

| ip‐addressping host

| ip‐address

routergt

bull

Sends an echo request packet to an address then waits for a reply

trace [destination]trace [destination]

routergt

bull

Identifies the path a packet takes through the network

[no] debug [no] debug

router

bull

Displays a list of options for enabling or disabling debugging events on a device

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

75

Cisco Commands to Isolate Physical Layer Problems

show versionshow version

routergt

bull

Displays the Cisco IOS software version and all installed hardware configurations

show ip interface briefshow ip interface brief

routergt

bull

Displays a summary of the status of all interfaces on a device

show interfaces [type number]show interfaces [type number]

routergt

bull

Displays the operational status of an interface including the amount and type of traffic being sent and received

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

76

Cisco Commands to Isolate Physical Layer Problems (Cont)

show cdp neighbor detailshow cdp neighbor detailroutergt

bull Displays the device type IP address and Cisco IOS version of neighboring devices

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

77

Cisco Commands to Isolate Data Link Layer Problems

show ip arpshow ip arp

routergt

bull

Displays entries in the Address Resolution Protocol (ARP) table

debug [arp

| serial | ppp]debug [arp

| serial | ppp]

router

bull

Captures events relating to data link layer protocols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

78

General End‐System Commands to Isolate Physical and Data Link Layer Problems

pingping

bull

Sends an echo request packet to an address then waits for a reply

netstat

‐rnnetstat

‐rn

bull

Displays the status of all connected devices and links without querying a DNS server

arp

‐aarp

‐a

bull

Displays the current mappings of the IP address to the MAC address in the ARP table

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

79

Windows Commands to Isolate Physical and Data Link Layer Problems

ipconfig

[all]ipconfig

[all]

bull

Displays IP information for hosts running Windows NT2000XP

Cgt

tracert [‐d]tracert [‐d]

bull

Identifies a path to a destination device

Cgt

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

80

Guidelines for Isolating Problems at the Physical and Data Link Layers

Check operational status and data error ratesCheck operational status and data error rates

Verify proper interface configurationsVerify proper interface configurations

Check for bad cables or connectionsCheck for bad cables or connections

Check for correct cable pin‐outCheck for correct cable pin‐out

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

81

Port Monitoring (SPAN)

Allows a port to monitor traffic coming into or out of

anotherPort

VLAN

Trunk

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

82

Remote SPAN (RSPAN)

Allows a port to monitor SPAN information on other switches through a trunk connection

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

83

NetFlow Data Export

Access to records of switched flow statistics

with NAM

Source and destination IP

Port numbers and protocol types

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

84

六網路管理介紹

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

85

NAMs in Campus LAN

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

86

Network Analysis Module (NAM)

bull

Switch‐integrated standards‐

based monitoring (RMON1 RMON2

extended RMON)

bull

Useful for performance monitoring troubleshooting

and capacity planning

bull

Easy to deploy and use with embedded web‐based Traffic Analyzer

bull

Full visibility into applications hosts conversations and

IP‐based services including VoIP

and QoS

Integrated traffic‐monitoring solution in Catalyst 6500 series to build application‐level visibility into network infrastructure

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

87

NAM as a Standards‐Based RMON Solution

The RMON MIB reports on the health and status of network traffic

Mini‐RMON agents in Catalyst 6500 collect Layer 2 (RMON1) statistics on all ports (utilization packets errors)

NAM supports full RMON1 and 2 to provide visibility up to Application layer (applications hosts conversations)

NAM supports extended RMON for VLAN QoS Application Response Time and so on

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

88

Application Hosts and Conversations Monitoring

Identify unknown applications and drill down on the hosts using them

Discover top talkers top conversations

Network managers can drill down

into who is doing what

Network managers can drill down

into who is doing what

NEW inSoftware

Version 22

NEW inSoftware

Version 22

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

89

VoIP Monitoring

NAM supports various facets of VoIPmonitoring

Active IP telephony monitoring

ndash Track active call attributesndash Identify call quality degradationndash Call details by phonesRMON1 and RMON2

ndash Distribution of VoIP

protocols

Application Response Time (ART)

ndash CallManager

responses

DSMON

ndash VoIP

traffic by DSCP values

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

90

Application Response Time (ART)

Find out where the application delays are occurring

ndash Detailed data on request‐ response exchanges

between clients and servers

Server visibility

ndash Monitor servers for protocols application

usage and top talkers

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

91

Packet Capture and Decode

Capture and decode packets for troubleshooting

Extensive pre‐ and post‐capture filters

Can save and export to other tools including Sniffer

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

92

Alarms

Set alarm thresholds on various parameters for proactive monitoring

Define traps or generate syslog

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

93

Defining Network Management Functional Areas

ISO defines five functional areas of network management

ISO defines five functional areas of network management

bullFault Management

bullConfiguration Management

bullAccounting Management

bullPerformance Management

bullSecurity Management

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

94

FCAPS Fault Management

The process of locating diagnosing and correcting

network problems

Device Down

Link Down

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

95

FCAPS Configuration Management

bull The process of obtaining data from the network and using

that data to manage the setup of all network devices

bull Allows rapid access to configuration information

bull Facilitates remote configuration and provisioning

bull Provides an up‐to‐date inventory of network

components

SpeedDuplex

Connectivity

TrunkingVLANs Allowed

Spanning Tree Protocol State

Software VersionConfiguration File

Device Type

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

96

FCAPS Accounting Management

bull Measuring the usage of network resources by users in order to

establish the metrics check quotas determine costs and bill users

bull Measures and reports accounting information based on individual

groups and users

bull Administers the cost of the network

bull Internal verification of third‐party billing for usage Bandwidth Consumption

Application Usage

hellip

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

97

FCAPS Performance Management

bull Ensuring that the data network remains accessible

and has adequate bandwidth

bull Reduces network overcrowding and inaccessibility

bull Provides a consistent level of service to the

network user

bull Determine utilization trends to proactively isolate and solve

performance problems

UtilizationPeakminmaxError RatesUnicast Rates

Broadcast Rates

CPU UtilizationMemory Usage

ThroughputResponse Time

LatencyAvailabilityReliability

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

98

FCAPS Security Management

bull Protecting sensitive information on devices

attached to a data network by controlling access points to

that information

bull Builds network user confidence

bull Secures sensitive information from both internal and

external sources

bull Protects the network functionality from malicious

attacks

MAC AddressLocked to Port

Access ListBlocks Connections

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

99

Performing Network Management Sources for Information

GAUGEs TIMERs

0 9 1 2 3

COUNTERs TABLEs FILEs

Operating System Data Structures

Manageable Device

showCommands

WebServer

SystemLogging

SNMPSNMPAGENTAGENT

ProductionServices

Layer N Forwarding

http80tcp

syslog514udp

snmp161udp

MIBObjects

snmp‐trap162udp

Built in Intelligence

CDPVTPSAA

telnetCLI

TFTPClient

tftp69udp

PingTrace route

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

100

Network Management Information Model MIB Management Information Base

MIB

ndash

Management Information BaseSet of variables defining the status of a device (eg temp = 85 degrees)Just facts ndash not whether it is good or badDefined according to SMI (Structure of Management Information) rulesEach managed object is described using a unique object identifier (OID)

MIB

IMIBIIStandard MIBObjects included are considered essential for either fault or configuration management

Other standard MIBsRMON host router

Proprietary vendor MIBsExtensions to standard MIBs

SNMPAGENTSNMPAGENT

1000s of manageable objects following rules defined in the SMI standards

1000s of manageable objects following rules defined in the SMI standards

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

101

Network Management Communication Model SNMP Simple Network Management Protocol

CommunityStrings

CommunityStrings

bull Get requests used to read the value of objectbull Set requests used to modify the value of object

bull Authorization is via community strings

(Read‐OnlyRead‐Write)

bull Traps

provide asynchronous event notification

IP Network SNMPManageable

Device

Trap

Get Response

Get Request Get-Next RequestGet-Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

102

Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response

SNM

P M

anag

er

SNM

P A

gent

Rea

d =

publ

ic re

adw

rite

= pr

ivat

e

GetResponse (sysDescr0=SunOS)

Verify access permission and retrieve MIB value using OID to traverse the MIB tree

InstanceOID

13612111

MIB value

GetRequest(sysDescr0)Read Community(public)

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

103

Types of Management Systems Example ‐

Enterprise Manager amp Fault Management

Correlate and manage events

and SNMP traps

Perform fault isolation and root cause analysis

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

104

Types of Management Systems Example ndash CiscoWorks

Resource Manager Essentials and Campus Manager

Knowledge of network configuration and topology

Facilitates remote configuration of network devices

Maintains an archive of configuration data that allows generation of inventory reports

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

105

Types of Management Systems Example ndash NetFlow (Accounting Management)

Flow Profiling

AccountingBilling

Network Planning

Network Monitoring

Flow

Collectors

Flow

CollectorsEnd‐User AppsEnd‐User AppsNetFlow

Data ExportNetFlowData Export

NetScout

RMON ProbeRMON Probe

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

106

Types of Management Systems Example ndash MRTG (Performance Management)

bull Monitors traffic load on network links based on SNMP statistics

bull Generates real‐time HTML traffic reports

bull Can be used to monitor any

MIB

variable using

SNMP

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

107

Types of Management Systems Example ndash CiscoWorks

How is the network connectedbull Physical Cablingbull Virtual LANs

Where are the end users servers IP phones connected

bull Switch port numberbull VLAN membership

How do I troubleshoot connectivity problems

Campus Manager User Tracking

Campus Manager Topology Services

Campus Manager Topology Services

Campus Manager User TrackingCampus Manager

Path Analysis

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

108

Diagnosing Connectivity Problems CiscoWorks Server Tools

Ping Use ping to test device connectivity from CiscoWorks server

TracerouteRun a trace route between the CiscoWorks server and the target device to detect routing problems

NS LookupRun a nslookup to obtain DNS name server information and IP address of hostname

Management Station to DeviceTest to verify if upper layer protocols are supported from CiscoWorks to the target device UDP TCP Telnet TFTP HTTP and SNMP

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

109

Types of Management Systems Example ndash CiscoWorks

19216862

CiscoWorks Server(ANI Service)

CampusDatabase

19216861

Schedule data retrieval

times

CAM Table11‐11‐11‐11‐11‐00 2111‐11‐11‐11‐11‐11 2211‐11‐11‐11‐11‐22 2311‐11‐11‐11‐11‐33 24

22 23 24

21

ARP Table11‐11‐11‐11‐11‐11 19216861011‐11‐11‐11‐11‐22 19216861111‐11‐11‐11‐11‐33 192168611

1

CAM

Retrieval

(switching

table)

2 Address

Resolution (MAC

to IP)

DNS

3 Name Resolution

(IP to hostname)

Host Table192168610 USER1192168611 Printer1192168611 IPtele1

SNMP

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

1

Forwarding tablesbull

MAC addressbull

VLANbull

Port

2

ARP tablesbull

Subnetsbull

IP address

3

DNS Servicebull

DNS names

4

IP Phonesbull

Phone numberbull

Phone type

5

Login namesbull

Unix bull

Windows NT clientsbull

Novell clients

CallManager4

Call Detail

Records

5

Login

Names

UNIX Novell amp

Windows NT

clients running

UTLite script

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

110

Diagnosing Connectivity Problems Campus Manager Tools

Topology Services

User Tracking

Path Analysis

1

Locate the communication pair in the User Tracking database

bull

Addressesbull

VLAN informationbull

Switch port connection

2

Investigate the Layer 2 and Layer 3 path between the communication

pair

3

Map the topology and begin the investigation on devices and links

Launch other applications

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

111

Diagnosing Connectivity Problems Workflow for Using Campus Manager

LaunchPath Analysis

LaunchPath Analysis

Ensure discovery of devices

hosts are up to date

Ensure discovery of devices

hosts are up to date

Use User TrackingTo Locate EndStation Info

Use User TrackingTo Locate EndStation Info

ConductVoiceTrace

ConductVoiceTrace

ConductDataTrace

ConductDataTrace

DisplayPath in Topology

Map

DisplayPath in Topology

Map

Launch other Apps(Telnet CiscoView

Etc)

Launch other Apps(Telnet CiscoView

Etc)

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

112

Diagnosing Device Connectivity Problems Example

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

The Problem hellip

bull

Itrsquos Monday morning Tom at

the Help Desk receives a call

bull

Suzy is complaining that

response time to an application

server is slow

The Solution Steps hellip

bull

Find user and server location

and obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and response

time along the network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Do you know

your

hostname or

username

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

113

Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

Gathering Information hellip

bull

Gather end‐user and server

information stored in the

User Tracking database

bull

Use a simple query based on

specific search criteria or by

sorting on one of the table

columns

bull

Using addresses search for

network conflicts (duplicate

IPs etc)

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

1

Query the User Tracking

database ‐

Suzy knew the

hostname of her computer

2 Simple Query displays switch

port and VLAN association

2 Simple Query displays switch

port and VLAN association

3 LastSeen field indicates last

time end station was

discovered

3 LastSeen field indicates last

time end station was

discovered

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

114

Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Select Valid Endpoints

bull

Source node must be managed

in CiscoWorks (topology

services or user tracking)

bull

To view layer 2 tracing source

node must be a Cisco device

bull

Destination node can be any

reachable node on the

network including outside the

managed domain

Trace path from application server

to Suzy

Trace path from application server

to Suzy

Couldnrsquot get to Suzy machine ndash try

from server

Couldnrsquot get to Suzy machine ndash try

from server

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

115

Diagnosing Device Connectivity Problems Example ndash Analyze Map Results

Layer 3 Pa

th Layer 2 Pathand

Layer 2 Shortcuts

Layer 2 Pathand

Layer 2 Shortcuts

Source Node

Destination Node

Tool Tip

Tool Tip

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

Trace path from application

server(rtm‐ibm) to Suzy

(pluto)

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

116

Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

Sources of Trace Information

bull

NMS queries (from CiscoWorks2000 Server and user tracking)

bull

SNMP requests

bull

Trace route command

bull

ldquoBest guessrdquo

(not very reliable)

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

117

Diagnosing Device Connectivity Problems Example ndash Analyze Table Results

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

Information Retrieved from Server Database and User Tracking Table

bull

Device MACIP address alias class type and uptime

bull

Interface name address mask type speed maximum transfer unit (MTU) and index number

bull

VTP domain and VLAN name

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

118

Diagnosing Voice Connectivity Problems Example

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

The Problem hellip

bull

Tom at the Help Desk

receives a call

bull

Willy is complaining that he

can hear John talk but John

can not hear Willy

The Solution Steps hellip

bull

Find IP Phone locations and

obtain connectivity

information

bull

Check connection settings

bull

Verify VLAN associations

bull

Find network path

bull

Check utilization and

response time along the

network path

CiscoWorks

Help Desk(Tom)

CorporateNetwork

Willy Wonka

CiscoCallManager

(CDRs)

John JohnsonWhat are the phone

numbers

When did you place

the call

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

119

Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Gathering Information from User Tracking

bull

Change User Tracking table to

IP Phone layout

bull

Check location of IP Phones

and CCM information

Managing Cisco

CallManager

Managing Cisco

CallManager

Locate calling number and

destination numbers using

query or sort

Locate calling number and

destination numbers using

query or sort

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

120

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

1

2

Cisco CallManager Cluster

information is obtained

If clusters are found the

Voice Query Trace dialog

appears

Cisco CallManager Cluster

information is obtainedIf clusters are found the

Voice Query Trace dialog

appears

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

Gather Information from Path Analysis

bull

Search all CDRs in the CCMs

clusters discovered by

CiscoWorks

bull

Use CDRs to find call

bull

Use Path Analysis to trace

path

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

121

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

3

4 5

Search CDRs using

phone numbers or

time of call

Search CDRs using

phone numbers or

time of call

Select CCM

Cluster to

query

Select CCM

Cluster to

query

Get records in

selected cluster(s)

that match criteria

Get records in

selected cluster(s)

that match criteria

For each cluster display

CDRS CDRs available only

for completed

calls

For each cluster display

CDRS CDRs available only

for completed

calls

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

122

Diagnosing Voice Connectivity Problems Example ndash Conduct Voice Trace

Completed CallCDR

If trace

unsuccessful

try in reverse

direction

6

7

CCMrsquos IP

address

CCMrsquos IP

address

Calling

phonersquos IP

address

Calling

phonersquos IP

address

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

123

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

Application Server(CCM)

Application Server(CCM)

Problem with

access to assigned

CCM

Problem with

access to assigned

CCM

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

bull

Use Topology Services to check SNMP status of Cisco CallManager (CCM) and links to

interface to verify phones are configured

bull

Prior to selecting the task Highlight Path in Network View Topology Services must be open

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

124

Diagnosing Voice Connectivity Problems Example ndash Launching other Applications

CallManager

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

125

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAA

The Solution Steps hellip

bull

Launch other applications

bull

Check utilization and

response time along the

traced network path

bullRefer to Module on

Performance Management

bull

CiscoView

bull

Real‐Time Monitor and

RMON agents

bull

IPM and SAACiscoWorks

Help Desk(Tom)

CorporateNetwork

Suzy

ApplicationServer

Connectivity looks ok

I will have to look at

performance issues

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

126

Diagnosing Device Connectivity Problems Example ndash Launching other Applications

CiscoV

iew

Visual Switch Manager Home

1mdash

Examine CiscoView GUI to Determine Port

Integrity

2mdashRealtime Utilization

3mdashPort Settings

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

127

Summary

bull Network connectivity data is extremely useful for troubleshooting problems

bull To reach the goals of network management collecting information about the status and health of the network and network devices is necessary

bull Though there are many ways of storing status and health data MIBs allows for a standardized way to define and store the data

bull Though there are many ways to retrieve status and health data SNMP provides a standardized way to retrieve data stored in MIBs

CommunityStrings

CommunityStrings

SNMPManageable

Device

Trap

Get Response

Get Request Get‐Next RequestGet‐Bulk Request (v2)

Set Request

NMS

ManagementEntity

ManagementEntity

SNMPAGENTSNMPAGENT MIB

variables

IP Network

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

128

Q amp A

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols

129

Cisco Icons and Symbols

Router

Switch

Voice Router

SRST-Enabled Router

Switch Router

Cisco Unified CallManager

Phone

IP Phone

Gateway

File Server

Network Cloud

Laptop

PC

Camera PCVideo

• 投影片編號 1
• 投影片編號 2
• Typical Network Topologies Defining Features
• Hierarchical Model
• Typical Multilayer Network Design
• Multilayer Design Guidelines
• Defining the Access Layer
• Defining the Distribution Layer
• Defining the Core Layer
• Do I Need a Core Layer
• Server Farms
• Campus Design Best Practices
• Map Layer 2 VLANs to Layer 3 Subnets
• Avoid Campus-Wide VLANs
• Layer 3 Dual-Path
• Daisy Chains
• Daisy Chains (Cisco Catalyst 3750 Series)
• Understand Performance and Oversubscription Characteristics
• Redundancy Types
• Small Campus Network
• Medium Campus Network
• Large Campus Network
• Building Block Approach
• Switch Block Characteristics
• VLANs in the Switch Block
• Link Types
• Trunking
• Inter-VLAN Routing
• Increasing PerformanceAdd More Bandwidth
• Fast EtherChannel
• Is QoS Needed in the Campus
• Enabling QoS in the Campus Congestion ScenariomdashTCP Traffic Burst + VoIP
• Enabling QoS in the Campus Scheduling in the Campus
• Enabling QoS in the Campus Layer 2 Classificationmdash8021p CoS
• Enabling QoS in the Campus Layer 3 ClassificationmdashIP Precedence DSCP
• Enabling QoS in the Campus Classification Summary
• Power Over Ethernet
• Access Point Front Cover LEDrsquos
• CiscoWorks WLSE
• 投影片編號 40
• The Cisco LAN Switching Portfolio
• Cisco Catalyst Positioning
• Cisco Catalyst 2960 Series Model OverviewFast Ethernet Models
• Cisco Catalyst 3750 Series Switches Model Overview
• Cisco StackWisetrade Technology
• Cisco Catalyst 4500 Series Architecture
• Cisco Catalyst 4500 Series OverviewCommon Architecture
• Cisco Catalyst 4500 SeriesEvolutionary Centralized Architecture
• Evolution of Centralized Switching Technology
• Next-Generation Catalyst 4500ldquoE-Seriesrdquo
• Cisco Catalyst 6500 Delivers Secure Converged Network Services
• Catalyst 6500 Family
• Cisco Catalyst 6500 Series
• Catalyst 6500 Supervisors
• Catalyst 6500 Linecards
• Catalyst 6500 Service Modules
• Small Form Factor Pluggable (SFP)
• 投影片編號 58
• 漫遊認證環境架構圖
• 無線漫遊環境身份認證機制
• WLAN Gateway
• Bluesocket Wireless Gateway
• 投影片編號 63
• 對外網路架構圖
• 校本部校區有線網路系統架構圖
• 校本部校區無線網路系統架構圖
• 理學院校區有線網路系統架構圖
• 理學院校區無線網路系統架構圖
• 林口校區有線網路系統架構圖
• 林口校區無線網路系統架構圖
• 投影片編號 71
• Possible Symptoms of Physical Layer Problems
• Possible Symptoms of Data Link Layer Problems
• General Cisco Commands to Isolate Physical and Data Link Layer Problems
• Cisco Commands to Isolate Physical Layer Problems
• Cisco Commands to Isolate Physical Layer Problems (Cont)
• Cisco Commands to Isolate Data Link Layer Problems
• General End-System Commands to Isolate Physical and Data Link Layer Problems
• Windows Commands to Isolate Physical and Data Link Layer Problems
• Guidelines for Isolating Problems at the Physical and Data Link Layers
• Port Monitoring (SPAN)
• Remote SPAN (RSPAN)
• NetFlow Data Export
• 投影片編號 84
• NAMs in Campus LAN
• Network Analysis Module (NAM)
• NAM as a Standards-Based RMON Solution
• Application Hosts and Conversations Monitoring
• VoIP Monitoring
• Application Response Time (ART)
• Packet Capture and Decode
• Alarms
• Defining Network Management Functional Areas
• FCAPSFault Management
• FCAPSConfiguration Management
• FCAPSAccounting Management
• FCAPSPerformance Management
• FCAPSSecurity Management
• Performing Network Management Sources for Information
• Network Management Information ModelMIB Management Information Base
• Network Management Communication Model SNMP Simple Network Management Protocol
• Network Management Communication Model Bounce Diagram ndash SNMP Get Request and Response
• Types of Management Systems Example - Enterprise Manager amp Fault Management
• Types of Management SystemsExample ndash CiscoWorks
• Types of Management SystemsExample ndash NetFlow (Accounting Management)
• Types of Management SystemsExample ndash MRTG (Performance Management)
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCiscoWorks Server Tools
• Types of Management SystemsExample ndash CiscoWorks
• Diagnosing Connectivity ProblemsCampus Manager Tools
• Diagnosing Connectivity ProblemsWorkflow for Using Campus Manager
• Diagnosing Device Connectivity ProblemsExample
• Diagnosing Device Connectivity Problems Example ndash Gather User and Server Information
• Diagnosing Device Connectivity Problems Example ndash Conducting a Data Trace
• Diagnosing Device Connectivity Problems Example ndash Analyze Map Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Trace Results
• Diagnosing Device Connectivity Problems Example ndash Analyze Table Results
• Diagnosing Voice Connectivity ProblemsExample
• Diagnosing Voice Connectivity Problems Example ndash Gather IP Phone and CCM Information
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Conduct Voice Trace
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Voice Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Diagnosing Device Connectivity ProblemsExample ndash Launching other Applications
• Summary
• 投影片編號 128
• Cisco Icons and Symbols