23_managing network environment

7/29/2019 23_Managing Network Environment

1/45

2009 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 1

Managing network

environment

Novan Aryandi [email protected]

System Engineer

PT. CISCO SYSTEMS INDONESIA
mailto:[email protected]:[email protected]


2/45


Objectives

Upon completion of this chapter, you willbe able to perform the following tasks:

Recovery of Router Password

Determine the location from which a configuration and IOS image will beloaded

Gather information about neighbor devices

Gather information about remote devices

Create a simple network diagram todocument the network


3/45


Router Start-up Flow Chart

Use IOS from

Flash

Attempt to get

IOS from

network

Use IOS in ROM

(RXBoot mode)

Check

start-up

config

Boot

field =0

0x0

Boot

field =1

0x1

Bootsystem

commands?

Config reg

bit 13=1

?

5 failures

?

Valid

IOS in

Flash

?

Do what

they say

Run

ROM

Monitor

START

Yes

Yes

No

No

Yes

No

No

Yes

Yes

No

No

Yes Success?

No

Yes

Use file from

Network

Load IOSValid

config

?

Config reg

bit 6=1

?

Yes

No Yes

SETUP

DIALOG

NORMAL

START UP

COMPLETE

No


4/45


How to recover a Password?


5/45


How to recover a Password? contd


6/45


Managing IOS Images

Network

server

FLASH

Router

c2500-js-l_120-3.bin

Network

server


7/45 2009 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 7

Preparing for a Network Backup Image

Check access to the server

Router

Network

server





Check space available on the server

Router

Network

server





Check space available on the server Check file naming convention

Router

c2500-js-l_120-3.bin

Network

server




Router

c2500-js-l_120-3.bin

Network

server


Check space available on the server Check file naming convention

Create file on server if required



Verifying config register



wg_ro_a#show flash

System flash directory:File Length Name/status1 10084696 c2500-js-l_120-3.bin

[10084760 bytes used, 6692456 available, 16777216 total]16384K bytes of processor board System flash (Read ONLY)

Verifying Memory and DecipheringImage Filenames

Verify Flash memory has room for the IOS image



wg_ro_a#copy flash tftpSource filename []? c2500-js-l_120-3.binAddress or name of remote host []? 10.1.1.1Destination filename [c2500-js-l_120-3.bin]?!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

10084696 bytes copied in 709.228 secs (14223 bytes/sec)

wg_ro_a#

Creating a Software Image Backup

Back up current files prior to updating Flash

Networkserver

FLASH

copy flash tftp



wg_ro_a#copy tftp flashAddress or name of remote host [10.1.1.1]?Source filename []? c2500-js-l_120-3.binDestination filename [c2500-js-l_120-3.bin]?Accessing tftp://10.1.1.1/c2500-js-l_120-3.bin...Erase flash: before copying? [confirm]Erasing the flash filesystem will remove all files! Continue? [confirm]Erasing device... eeeee (output omitted) ...erasedErase of flash: complete

Loading c2500-js-l_120-3.bin from 10.1.1.1 (via Ethernet0): !!!!!!!!!!!!!!!!!!!!(output omitted)

[OK - 10084696/20168704 bytes]Verifying checksum... OK (0x9AA0)10084696 bytes copied in 309.108 secs (32636 bytes/sec)wg_ro_a#

Upgrading the Image from the Net

Erase Flash occurs before loading new image

Note message that image already exists

Networkserver

FLASH



Cisco Discovery Protocol (CDP)

Cisco Discovery Protocol (CDP) is a Cisco proprietary protocol used forneighbor discovery

CDP will only show information about directly connected neighbors but it isstill a powerful tool

CDP is a Layer 2 (data link) protocol




CDP is media and protocol independent, and runs on all Cisco equipmentover the Subnetwork Access Protocol (SNAP).




CDP Version 2 (CDPv2) is the most recent release of the protocol. CiscoIOS Release 12.0(3)T or later supports CDPv2

When a Cisco device boots up, CDP starts up automatically and allowsthe device to detect neighbor devices that use CDP




Each device that is configured for CDP sends periodic messages andlistens to periodic CDP messages that are sent by others

These messages, known as advertisements, contains:

- At least one address at which it can receive Simple Network ManagementProtocol (SNMP) messages

- Time-to-live or hold-time information



Information obtained with CDP

Each router that uses CDP exchanges protocol information with its neighbors

The network administrator can display the results of this CDP informationexchange on a console that is connected to a local router

An administrator can use the show cdp neighbors command to displayinformation about the networks that are directly connected to a router




CDP transmits type length values (TLVs) to provide information about eachCDP neighbor device

Device TLVs displayed by the show cdp neighbors command include thefollowing:

- Device ID

- Local Interface

- Holdtime

- Capability

- Platform

- Port ID




The following TLVs are only included in CDPv2:

- VTP management domain name- Native VLAN

- Full or half-duplex



Showing CDP Neighbor Entries



The show cdp neighbors Command



Implementation, Monitoring, and Maintenanceof CDP

Router(config)# cdp run - enables CDP globally on a router. By default, CDP isglobally enabled

Router(config-if)# cdp enable - enables CDP on a particular interface. On Cisco IOSRelease 10.3 or higher, CDP is enabled by default on all supported interfaces

Router# show cdp traffic - displays traffic counters

Router# clear cdp counters - resets traffic counters to zero

Router> show cdp - displays interval between transmissions of CDP advertisements

Router> show cdp entry {*|device-name [*][protocol | version]} - displays informationabout a specific neighbor.

Router> show cdp interface [type number] - displays information about interfaces onwhich CDP is enabled


25/45


Implementation, Monitoring, and Maintenanceof CDP

show cdp neighbors [type number] [detail] -

The show cdp neighbors [type number] [detail] command can be used to

obtain the following:

Device ID Address

Port ID Capabilities

Version Platform

IP network prefix

VTP management domain name (CDPv2 only)

Native VLAN (CDPv2 only)

Full/Half duplex (CDPv2)


26/45


The show cdp traffic and clear cdpcounters Commands


27/45


The show cdp Command


28/45


The show cdp entry Command

This command is used to get information about one specific neighbor.


29/45


The show cdp interface Command


30/45


The show cdp neighbors Command


31/45


Creating a Network Map

The information given by CDP can be used to create a network map of theconnected devices

To discover devices that are connected to neighbor devices, use Telnet toconnect to the neighbors. Then use the show cdp neighbors command


32/45


Disabling CDP

Router(config)# no cdp run - used to disable CDP at the global level

Router(config-if)# no cdp enable - used to disable CDP on a specific

interface


33/45


Disabling CDP


34/45


Getting Information about Remote Devices -Telnet

Telnet is a virtual terminal protocol that functions at the application layer ofthe OSI model

It allows remote connection to the router command-line interface (CLI) forconfiguration, monitoring, and troubleshooting purposes

As a TCP/IP application, Telnet depends on TCP to guarantee the correctand orderly delivery of data between the client and server


35/45


Telnet


36/45


Using Telnet to Connect to RemoteDevices

Remote device

SwitchBRouterA RouterBSwitchA

10.3.3.2 10.3.3.1 10.1.1.110.1.1.2

10.2.2.1 10.2.2.2

S0S1

RouterA#telnet 10.2.2.2Trying 10.2.2.2 ... Open-------------------------------------------------Catalyst 1900 Management ConsoleCopyright (c) Cisco Systems, Inc. 1993-1998All rights reserved.Enterprise Edition Software

Ethernet Address: 00-90-86-73-33-40PCA Number: 73-2239-06PCA Serial Number: FAA02359H8KModel Number: WS-C1924-ENSystem Serial Number: FAA0237X0FQ..SwitchB>


37/45


Viewing Telnet Connections


10.3.3.2 10.3.3.1 10.1.1.110.1.1.2

10.2.2.1 10.2.2.2

S0S1

RouterA#sh sessionConn Host Address Byte Idle Conn Name

1 10.1.1.2 10.1.1.2 0 1 10.1.1.2* 2 10.3.3.2 10.3.3.2 0 0 10.3.3.2

RouterA#sh userLine User Host(s) Idle Location

* 0 con 0 10.1.1.2 310.3.3.2 2

11 vty 0 idle 1 10.1.1.2


38/45


Suspending a Telnet Session


10.3.3.2 10.3.3.1 10.1.1.110.1.1.2

10.2.2.1 10.2.2.2

S0S1

RouterB#xRouterA#sh sessionConn Host Address Byte Idle Conn Name

1 10.1.1.2 10.1.1.2 0 1 10.1.1.2RouterA#resume 1

RouterB#


39/45


RouterA#disconnectClosing connection to 10.3.3.2 [confirm]

RouterA#clear line 11[confirm][OK]

Closing a Telnet Session

Closing a session openedby a remote device

Closing the currentsession opened by you


10.3.3.2 10.3.3.1 10.1.1.110.1.1.2

10.2.2.1 10.2.2.2

S0S1


40/45


Testing with theping Command

The ping command can be used to test end-to-end connections at the network layer The ping command sends a packet to the destination host and then waits for a reply

packet from that host

Ping uses the Internet Control Message Protocol (ICMP) to receive echo messagesfrom the target router

Echo messages can help evaluate the path-to-host reliability, delays over the path, and

whether the host can be reached or is functional

Two kinds of echo messages:

- Exclamation point (!) - indicates a successful echo (there is connectivity)

- Period (.) - indicates an unsuccessful echo (there is NO connectivity)


41/45


Testing with the traceroute Command

The traceroute command can be used to find where data is sent in a network

The main difference between ping and traceroute is that ping tests end-to-end connectivity and traceroute tests each step along the way

In the following Figure, the path from York to Rome is traced. Along the waythe path must go through London and Paris. If one of these routers is

unreachable, three asterisks (*) will be returned instead of the name of therouter


42/45


Using the ping and t raceCommands

Test connectivity and path to a remote device

Router##ping 10.1.1.10

Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 10.1.1.10, timeout is 2 seconds:!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

Router#trace 10.1.1.10

Type escape sequence to abort.Tracing the route to 10.1.1.10

1 10.1.1.10 4 msec 4 msec 4 msecRouter#


43/45


Troubleshooting IP Addressing Issues

Telnet verifies the application layer software between a source and adestination. This is the most complete test mechanism available.

Ping uses the ICMP protocol to verify the hardware connection and the IPaddress of the network layer. This is a basic test mechanism.

Traceroute locates failures in a path from a source to a destination at thenetwork layer. This command uses Time to Live values to generatemessages from each router along a path.


44/45


After completing this chapter, you should be able to perform the followingtasks:

Use Cisco Discovery Protocol from a device to get information aboutneighboring devices

Use Telnet to retrieve information about remote devices

Determine the load location of the IOS image

List the commands to load an IOS image file

Summary


45/45

23_managing network environment

Documents