Scribd
Upload
143 views

Chapter4 - Network Assurance

This document discusses techniques for network assurance including debugging tools like ping, traceroute, debug commands, SNMP, and syslog. It covers configuring device monitoring with syslog, NetFlow, Flexible NetFlow to monitor traffic types. SPAN, RSPAN, ERSPAN are discussed for port mirroring. IP SLA is covered for network monitoring. Cisco DNA Center workflows are summarized for network configuration, monitoring and management. Finally, NETCONF and RESTCONF are introduced for network device configuration management.

Uploaded by

Beza Getachew
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
143 views

Chapter4 - Network Assurance

This document discusses techniques for network assurance including debugging tools like ping, traceroute, debug commands, SNMP, and syslog. It covers configuring device monitoring with syslog, NetFlow, Flexible NetFlow to monitor traffic types. SPAN, RSPAN, ERSPAN are discussed for port mirroring. IP SLA is covered for network monitoring. Cisco DNA Center workflows are summarized for network configuration, monitoring and management. Finally, NETCONF and RESTCONF are introduced for network device configuration management.

Uploaded by

Beza Getachew
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 17

Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

CHAPTER 4
NETWORK ASSURANCE

1
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

CHAPTER4: NETWORK ASSURANCE


- Chapter’s Agenda:
4.1 Diagnose network problems using tools such as:
debugs, conditional debugs, trace route, ping, SNMP, and syslog
4.2 Configure and verify device monitoring using syslog for remote logging
4.3 Configure and verify NetFlow and Flexible NetFlow
4.4 Configure and verify SPAN/RSPAN/ERSPAN
4.5 Configure and verify IPSLA
4.6 Describe Cisco DNA Center workflows to apply:
network configuration, monitoring, and management
4.7 Configure and verify NETCONF and RESTCONF

2
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

4.1 Network Problems Diagnosing Tools

- Ping & Traceroute


- Ping uses ICMP
- Echo Request & Echo Reply
- Traceroute uses UDP

- Debug & Conditional Debug


- Debug
- detailed information about behind the scenes operations
- it supports and shows everything of almost every protocol
- Conditional Debug
- more specific
- detailed information about a specific operation, BUT, per interface,
per address, etc.
3
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- SNMP & SYSLOG


- Simple Network Management Protocol (SNMP)
- Monitor Networks from a single point of view
- Server/Agent Relationship
- uses UDP 161
- the server is thee requester (and recorder)

- at the agent side:


- MIB Object (The Factory)
- Agent (The Messenger)
- SNMP versions:
- v1: obsolete
- v2c: enhanced
- v3: supports Authentication & Encryption
4
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

https://www.paessler.com/network_monitor_software

5
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- System Loggings (Syslog)


- stay aware of “everything”
- know all what is happening behind the scenes (or even in front of)
- starts from the obvious information up to “Emergency” 0 = Emergency
1 = Alert
- Server/Client Relationship
2 = Critical
3 = Error

- Server can be a Normal Server that collects all the loggings 4 = Warning

5 = Notification
- Server can use the “Syslog” or “Splunk” Software
6 = Information
- client is the networking device that generates logs 7 = Debug

- Quote: “Every Awesome Cisco Engineer Will Need Ice-Cream Daily”

6
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

https://www.solarwinds.com/-/media/solarwinds/swdcv2/licensed-products/log-manager/images/product-screenshots/lm-real-time-log-stream.ashx

7
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

4.2 Syslog Logging Types

- Console Logging: show logs to the console user


- Terminal Logging: show logs to Line VTY user
- Buffered Logging: store some logs in the RAM
- Remote Logging:
- collect and send Syslog messages to a remote server
- remote server must be reachable via an interface
- remote server must have a Syslog Application
- monitoring will occur from the server side
- Example:
Router(config)#logging host x.x.x.x
Router(config)#logging traps (0 1 2 3 4 5, etc.)
Router(config)#logging source-interface Loopback0

8
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

4.3 Netflow

- specifically, what type of traffic is passing?


- not the amount, the type
- like: Telnet, SSH, HTTP, etc...
- more info about every type of flow
- by Cisco
- works with SNMP

- Netflow client (node) = generator


- Netflow server = collector (application)
- export to UDP 2055 (can be modified)
- Netflow can be exported to the CLI

- versions:
- v5: popular for IPv4
- v9: template-based flow, support IPv6
- flexible, define what to collect, what to export

9
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- Flexible Netflow:
- more options:
- multiple exporters
- collects more data (more fields)
- flexible at collecting and exporting
- uses Flow-Monitors
- multiple Monitors for multiple collections

10
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

4.4 Switchport Analyzer (SPAN)

- SPAN will assign a switchport as an analyzer


- called a span source
- analyzes all types of traffic passing by this port
- assigns a different port as an analysis exporter
- called the SPAN destination

*SPAN destination ports, will be only used for monitoring


*no longer sending frames, at all
*SPAN source can be used for multiple sessions
*SPAN destination can't be used for multiple sessions

11
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- Remote SPAN (RSPAN)


- when the destination is an interface on another switch
- of the same networks
- reachable through VLANs (trunk ports)

- Encapsulated Remote SPAN (ERSPAN)


- when the destination is an interface on another switch
- in a different network!!
- reachable through L3 connectivity and routing
- requires tunneling to connect SRC and DST
- like GRE Tunnel

12
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

4.5 IP Service Level Agreement (IP SLA)

- performs a specific operation


- from a specific source to a specific destination
- like, icmp, http, tcp, udp, etc..
- logs statistics about the successes/failures of that operation

- Enhanced Object Tracking (SLA Track)


- monitors the statistics of IP SLA
- performs an action based on the statistics output

13
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

4.6 Cisco DNA Center Workflows

- all the processes that a DNAC performs to the nodes


- are categorized under 4 main functions “Pillars”
- under each Pillar, a procedure of steps happens to the nodes
- that procedure is called “Workflow”
- the 4 pillars with their workflows:
- Design:
- design and create the topology of the network
- assign nodes to groups and profiles
- Policy:
- create and modify the network operations based on a policy
- polices will be processed and automatically applied to all nodes
- Provision:
- add and initiate new nodes, to join the network and start operating
- configure/modify the config of all nodes
- Assurance:
- monitor and manage the network

14
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

4.7 NETCONF & RESTCONF

- Network Configuration Protocol (NETCONF)


- responsible for collecting and exporting network devices configuration
- as well as importing and implementing network devices configuration
- by using SSH to connect to each device
- can SSH to multiple devices at the same time
- thus, multiple functions to multiple devices at the same time is applicable
- utilizes YANG model
- uses TCP 830
- uses XML (and support JSON)

15
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- NETCONF Architecture
- netconf agent = node
- netconf manager = server
- netconf data store ( 3 data bases)
- stores configuration information at the agent
- running datastore, startup datastore, and candidate datastore

*server can access a node by (windows terminal, mac, and linux terminal)

16
Cisco CCNP & CCIE Enterprise Core - ENCOR 350-401

- Representational State Transfer Configuration Protocol (RESTCONF)


- like NETCONF
- but through HTTPs
- so, TCP 443
- utilizes HTTP verbs (GET, PUT, POST, DELETE)
- uses JSON (and supports XML)
- utilizes YANG models

17

You might also like