chapter 1

Cisco certification training

Instructor:- ASHOK TAMBE

Contact us :- 9930157345 ashok tambe

Training for

CCNA,CCNP,

CCNA SECURITY

CCIP,

MPLS, BGP, IPV6

NETWORK+, SEURITY+

Instructor:- ASHOK TAMBE

Cisco certification training

Copyright© 2013 NETworkingWANschool

https://www.facebook.com/Networkingwanschool

CCNP TSHOOT 642-832


ASHOK TAMBE

Chapter 1 – Planning Maintenance for Complex Networks

CCNP TSHOOT 642-832

[email protected]


ASHOK TAMBE

CCNP TSHOOT 642-832 Understanding Maintenance Methods

Network maintenance, at its essence, is doing whatever is required to keep the

network functioning and meeting the business needs of an organization. Some

examples of the tasks that fall under the umbrella of network maintenance are as

follows:

■ Hardware and software installation and configuration

■ Troubleshooting problem reports

■ Monitoring and tuning network performance

■ Planning for network expansion

■ Documenting the network and any changes made to the network

■ Ensuring compliance with legal regulations and corporate policies

■ Securing the network against internal and external threats

Obviously, this listing is only a sampling of network maintenance tasks. Also, keep in

mind that the list of tasks required to maintain your network could be quite different

from the list of tasks required to maintain another network.


ASHOK TAMBE

CCNP TSHOOT 642-832 Proactive Versus Reactive Network Maintenance

Network maintenance tasks can be categorized as one of the following:

■ Structured tasks: Performed as a predefined plan.

■ Interrupt-driven tasks: Involve resolving issues as they are reported.

Interrupt-driven tasks can never be completely eliminated; however, their occurrence

can be lessened through a strategic structured approach. Not only does a structured

maintenance approach offer reduced downtime (by fixing problems before they occur),

it also proves to be more cost effective. Specifically, unplanned network outages can

be resolved more quickly. Fewer resources are consumed responding to problems,

because fewer problems occur.

Because a structured approach considers underlying business goals, resources can

be allocated that complement business drivers. Also, security vulnerabilities are

more likely to be discovered through ongoing network monitoring, which is another

component of a structured maintenance approach


ASHOK TAMBE

CCNP TSHOOT 642-832

Structured Network Maintenance

• Reduced Network Downtime: Discover and prevent problems before they happen.

Maximize mean time between failures (MTBF). Minimize mean time to repair

(MTTR).

• More cost effectiveness: Performance monitoring and capacity planning for

budgeting and future networking needs. Choosing proper equipment for better

price/performance ratio over the lifetime of equipment.

• Better alignment with business objectives: Time and resources are allocated to

processes based on importance to the business instead of prioritizing tasks and

assigning budgets based on incidents. For example, upgrades and major

maintenance jobs are not scheduled during critical business hours.

• Higher network security: Attention to network security is part of structured network

maintenance. Up-to-date prevention and detection mechanisms can notify staff

through logs and alarms. Monitoring allows you to observe network vulnerabilities

and needs, and justify plans for strengthening network security


ASHOK TAMBE

CCNP TSHOOT 642-832 Well-Known Network Maintenance Models

The following is a sampling of some of the more well-known maintenance models:

■ FCAPS: FCAPS (which stands for Fault management, Configuration management,

Accounting management, Performance management, and Security management) is a

network maintenance model defined by the International Organization for Standardization

(ISO).

■ ITIL: An IT Infrastructure Library (ITIL) defines a collection of best-practice

recommendations that work together to meet business goals.

■ TMN: The Telecommunications Management Network (TMN) network management

model is the Telecommunications Standardization Sector’s (ITU-T) variation of the

FCAPS model. Specifically, TMN targets the management of telecommunications

networks.

■ Cisco Lifecycle Services: The Cisco Lifecycle Services maintenance model defines

distinct phases in the life of a Cisco technology in a network. These phases are

Prepare, Plan, Design, Implement, Operate, and Optimize. As a result, the Cisco Lifecycle Services model is often referred to as the PPDIOO model.


ASHOK TAMBE

CCNP TSHOOT 642-832 Adapting a Well-Known Network Maintenance Model

As an example, imagine you have selected the ISO FCAPS model as the foundation for your

maintenance model. To adapt the FCAPS model for your environment, for each element of the

FCAPS model, you should identify specific tasks to perform on your network. Table provides a

sampling of tasks that might be categorized under each of the FCAPS management areas


ASHOK TAMBE

CCNP TSHOOT 642-832 Identifying Common Maintenance Procedures

Routine Maintenance Tasks

Some routine maintenance tasks should be present in a listing of procedures contained

in a network maintenance model. Following is a listing of such common maintenance

tasks:

■ Configuration changes: Businesses are dynamic environments, where relocation of

users from one office space to another, the addition of temporary staffers, and new

hires are commonplace. In response to organizational changes, network administrators

need to respond by performing appropriate reconfigurations and additions to

network hardware and software. These processes are often referred to as moves, adds,

and changes.

■ Replacement of older or failed hardware: As devices age, their reliability and

comparable performance tend to deteriorate. Therefore, a common task is the replacement

of older hardware, typically with better performing and more feature-rich devices.

Occasionally, production devices fail, thus requiring immediate replacement.

■ Scheduled backups: Recovery from a major system failure can occur much quicker

if network data and device configurations have been regularly backed up. Therefore,

a common network maintenance task is to schedule, monitor, and verify backups of

selected data and configuration information. These backups can also be useful in recovering

important data that were deleted.


ASHOK TAMBE

CCNP TSHOOT 642-832

Updating software: Updates to operating system software (for servers, clients, and

even network devices) are periodically released. The updates often address

performance issues and security vulnerabilities. New features are also commonly

offered in software upgrades. Therefore, performing routine software updates

becomes a key network maintenance task.

■ Monitoring network performance: The collection and interpretation of traffic

statistics, bandwidth utilization statistics, and resource utilization statistics for

network devices are common goals of network monitoring. Through effective

network monitoring (which might involve the collection and examination of log files

or the implementation of a high-end network management server), you can better

plan for future expansion (that is, capacity planning), anticipate potential issues

before they arise, and better understand the nature of the traffic flowing through

your network


ASHOK TAMBE

CCNP TSHOOT 642-832 Managing Network Changes

Maintaining Network Documentation

Network documentation typically gets created as part of a network’s initial design and installation.

However, keeping that documentation current, reflecting all changes made since the network’s

installation, should be part of any network maintenance model. Keeping documentation current

helps more effectively isolate problems when troubleshooting. Additionally, accurate documentation

can prove to be valuable to designers who want to scale the network

The following list outlines common elements found in a set of network documentation:

. Logical topology diagram: A logical topology diagram shows the interconnection

of network segments, the protocols used, and how end users interface with the

network. However, this diagram is not concerned with the physical locations of

network components.

■ Physical topology diagram: Unlike a logical topology diagram, a physical topology

diagram shows how different geographical areas (for example, floors within a

building, buildings, or entire sites) interconnect. The diagram reflects where various

network components are physically located.


ASHOK TAMBE

CCNP TSHOOT 642-832 Maintaining Network Documentation

■ Listing of interconnections: A listing of interconnections could be, for example, a spreadsheet

that lists which ports on which devices are used to interconnect network components, or connect

out to service provider networks. Circuit IDs for service provider circuits might be included in this

documentation.

■ Inventory of network equipment: An inventory of network equipment would include such

information as the equipment’s manufacturer, model number, version of software, information about

the licensing of the software, serial number, and an organization’s

asset tag number.

■ IP address assignments: An organization might use private IP address space internally

and use network address translation (NAT) to translate those private IP address space numbers

into publicly routable IP addresses. Alternately, an organization might have public IP addresses

assigned to some or all of their internal devices. A classful IP address space (either public or

private) might be subdivided within an organization, resulting in subnets with a non-default subnet

mask. These types of IP addressing specifications would be included in a set of network

documentation


ASHOK TAMBE

CCNP TSHOOT 642-832

■ Configuration information: When a configuration change is made, the current

configuration should be backed up. With a copy of current configuration information, a

device could be replaced quicker, in the event of an outage. Beyond having a backup

of current configuration information, some network administrators also maintain

archival copies of previous configurations. These older configurations could prove to

be useful when attempting to roll back to a previous configuration state or when trying

to duplicate a previous configuration in a new location. It is a good practice to

name archival copies of previous configurations based on a certain format that makes

sense to you. For example, some companies name their archival copies by date, others

by function, and still others by a combination of both.

■ Original design documents: Documents created during the initial design of a network

might provide insight into why certain design decisions were made, and how the

original designers envisioned future network expansion

Maintaining Network Documentation


ASHOK TAMBE

CCNP TSHOOT 642-832 Restoring Operation After Failure

Although most modern network hardware is very reliable, failures do occur from time

to time. Aside from hardware failures, environmental factors could cause a network

outage. As a few examples, the failure of an air conditioner unit could cause network

equipment to overheat; water leakage due to flooding or plumbing issues could

cause hardware failures; or a fire could render the network equipment unusable.

Planning and provisioning hardware and software for such outages before they occur

can accelerate recovery time. To efficiently replace a failed (or damaged) device, you

should be in possession of the following:

■ Duplicate hardware ■ Operating system and application software (along with any applicable licensing) for the device ■ Backup of device configuration information


ASHOK TAMBE

CCNP TSHOOT 642-832

Network Monitoring and Performance Measurement

Helps you transform your network maintenance process to a less interrupt-driven,

more methodical approach

Important to choose the variables to be monitored and measured.

Interface status

interface load

CPU load

memory usage

More sophisticated metrics include delay, jitter, and packet loss


ASHOK TAMBE

CCNP TSHOOT 642-832 The Network Maintenance Toolkit

After selecting the processes, and their corresponding tasks, that make up your network maintenance model, you next need to identify the tools required to carry out your maintenance processes. These tools should be targeted toward your specific processes and tasks, helping you focus your troubleshooting efforts without having to wade through reams of irrelevant information. This section provides examples of a few indispensable elements you should have in your network maintenance toolkit.


ASHOK TAMBE

CCNP TSHOOT 642-832 The Network Maintenance Toolkit

Basic Network Maintenance Tools

The basic components of a network maintenance toolkit are:

CLI device management

show commands

debug commands

Embedded Device Manager (EEM)

IP SLA commands

Consider Example following which shows router R2 receiving Open Shortest Path

First (OSPF) link state updates from its OSPF neighbours as those updates occur.


ASHOK TAMBE

CCNP TSHOOT 642-832

GUI Tools

Graphical User Interface (GUI) based device management (free)

Cisco Configuration Professional (CCP)

Secure Device Manager (SDM)

Cisco Configuration Assistant (CCA)

Cisco Network Assistant

CiscoWorks (not so free)


ASHOK TAMBE

CCNP TSHOOT 642-832


ASHOK TAMBE

CCNP TSHOOT 642-832 Implementing Backup and Restore Services

Essential element of any network maintenance toolkit

Simplest and most commonly implemented service is TFTP

No configuration on network devices

More secure protocols such as FTP, SCP, and HTTP or HTTPS

For all of these protocols, the credentials can be specified as

part of the Uniform Resource Locator (URL) that is used with the

copy command.


ASHOK TAMBE

CCNP TSHOOT 642-832 Backup Tools

External servers are often used to store archival backups of a device’s operating system (for example, a Cisco IOS image) and configuration information. Depending on your network device, you might be able to back up your operating system and configuration information to a TFTP, FTP, HTTP, or SCP server. To illustrate, consider Example

copy [/erase] source-url destination-url

Copy the startup-configuration to a FTP server at 10.1.152.1

Create a file named RO1-test.cfg

username “backup” and password “san-fran”

The username and password are specified by placing the username and

password as username:password@ before the server name or IP address

in the URL.

For SCP, HTTP and HTTPS you would use a similar syntax, replacing the

URL prefix ftp:// with scp://, http:// or https://

R1# copy startup-config ftp://backup:[email protected]/R1-test.cfg

Address or name of remote host [10.1.152.1]?

Destination filename [R1-test.cfg]?

Writing R1-test.cfg !

2323 bytes copied in 0.268 secs (8668 bytes/sec)


ASHOK TAMBE

CCNP TSHOOT 642-832

Copy command

Specifying the username and password on the command line is

somewhat cumbersome and suffers from the fact that the password

is displayed in clear text on the screen.

username and password can be specified in the configuration

Note: Type of encryption to use on the password. A value

of 0 disables encryption. A value of 7 indicates proprietary

encryption.

R1(config)# ip ftp username backup

R1(config)# ip ftp password san-fran

R1(config)# exit

R1# copy startup-config ftp://10.1.152.1/R1-test.cfg

Address or name of remote host [10.1.152.1]?

Destination filename [R1-test.cfg]?

Writing R1-test.cfg !

2323 bytes copied in 0.304 secs (7641 bytes/sec)


ASHOK TAMBE

CCNP TSHOOT 642-832 Archive command

The process of backing up a router’s configuration can be automated using an archiving feature,

which is part of the Cisco IOS Configuration Replace and Configuration Rollback feature.

Specifically, you can configure a Cisco IOS router to periodically (that is, at intervals specified in

minutes) back up a copy of the startup configuration to a specified location (for example, the

router’s flash or an FTP server). Also, the archive feature can be configured to create an archive

every time you copy a router’s running configuration to the startup configuration.

Example illustrates a router configured to back up its startup configuration every day (that is,

every 1440 minutes) to an FTP server (with an IP address of 192.168.1.74, where the login

credentials have already been configured in the router’s configuration). In addition to regular

daily backups, the write-memory command causes the router to archive a copy of the

startup configuration whenever the router’s running configuration is copied to the startup

configuration.


ASHOK TAMBE

CCNP TSHOOT 642-832

You can view the files stored in a configuration archive by issuing the show archive command, as demonstrated in Example


ASHOK TAMBE

CCNP TSHOOT 642-832

Example shows the execution of the copy run start command, which copies a router’s running configuration to the router’s startup configuration. The show archive command is then reissued, and the output confirms that an additional configuration archive (named R1-config-3) has been created on the FTP server.


ASHOK TAMBE

CCNP TSHOOT 642-832

You can restore a previously archived configuration using the configure replace command. This command does not merge the archived configuration with the running configuration, but rather completely replaces the running configuration with the archived configuration. Example shows the restoration of an archived configuration to a router. Notice that the router’s hostname changes after the configuration restoration


ASHOK TAMBE

CCNP TSHOOT 642-832 Logging Tools

Device logs often offer valuable information when troubleshooting a network issue. Many events that occur on a router are automatically reported to the router’s console. For example, if a router interface goes down, a message is written to the console. However, this feedback is not provided to you, by default, if you are connected to a router via Telnet. If you are connected to a router via Telnet and want to see console messages, you can enter the command terminal monitor.

Events on networking devices can be logged.

Various events

Various levels of severity

Events are logged to:

Console (default)

Console display

Buffer

Server

Examples

Interfaces up or down

Configuration changes

Routing protocol adjacencies


ASHOK TAMBE

CCNP TSHOOT 642-832

Logging Services

Logging severity levels on Cisco Systems devices are as follows:

(0) Emergencies

(1) Alerts

(2) Critical

(3) Errors

(4) Warnings

(5) Notifications

(6) Informational

(7) Debugging

By default, all messages from level 0 to 7 are logged to the console


ASHOK TAMBE

CCNP TSHOOT 642-832

Logging Services

Console

You can also adjust the logging severity level of the console.

By default, all messages from level 0 to 7 are logged to the console;

You can configure the severity level as an optional parameter:

logging console level

Limits the logging of messages displayed on the console terminal to the specified

level and (numerically) lower levels.

You can enter the level number or level name.


ASHOK TAMBE

CCNP TSHOOT 642-832

Logging Services

Buffer

logging buffered [buffer-size|level]

May or may not be the default

By default, messages of all severity levels are logged to buffer.

show logging Displays the content of the buffer

The buffer is circular, meaning that when the buffer has reached its

maximum capacity, the oldest messages will be discarded to allow the

logging of new messages.


ASHOK TAMBE

CCNP TSHOOT 642-832

Logging Services

Server

logging ip-address command

Some IOS version it is logging host

By default, only messages of severity level 6 or lower will be logged to the

syslog server.

This can be changed by entering the logging trap level command.


ASHOK TAMBE

CCNP TSHOOT 642-832 Network Time Protocol

Imagine that you are reviewing device logs collected in a router’s buffer and

are attempting to correlate the events in the device logs with an issue you are

troubleshooting. To make that correlation, the logged events need to have accurate timestamps

Although you could individually set the clock on each of your routers, those clocks

might drift over time and not agree. You might have heard the saying that a man with

one watch always knows what time it is, whereas a man with two watches is never

sure. This implies that devices need to have a common point of reference for their

time. Such a reference point is made possible by Network Time Protocol (NTP),

which allows routers to point to a device acting as an NTP server. Because the NTP

server might be referenced by devices in different time zones, each device has its

own time zone configuration, which indicates how many hours its time zone differs

from Greenwich Mean Time (GMT).


ASHOK TAMBE

CCNP TSHOOT 642-832 Network Time Protocol

Example shows an NTP configuration entered on a router located in the Eastern time

zone, which is five hours behind GMT when daylight savings time is not in effect. The

clock summer-time command defines when daylight savings time begins and ends.

In this example, daylight savings time begins at 2:00 AM on the second Sunday in

March and ends at 2:00 AM on the first Sunday in November. The ntp server

command is used to point to an NTP server. Note that a configuration can have more than one ntp server command, for redundancy.


ASHOK TAMBE

CCNP TSHOOT 642-832

Cisco Support Tools

Cisco has several other troubleshooting and maintenance tools available on its website:

http://www.cisco.com/en/US/support/tsd_most_requested_tools.html

Some of the tools available at this website require login credentials with appropriate privilege

levels.




ASHOK TAMBE

CCNP TSHOOT 642-832 Network Documentation Tools

Earlier, we discussed the importance of network documentation. For this documentation

to truly add value, however, it should be easy to retrieve and be current. To keep the

documentation current, it should be easy to update.

A couple of documentation management system examples are as follows:

■ Trouble ticket reporting system: Several software applications are available for

recording, tracking, and archiving trouble reports (that is, trouble tickets). These

applications are often referred to as help desk applications. However, their

usefulness extends beyond the help desk environment.

■ Wiki: A wiki can act as a web-based collaborative documentation platform. A

popular example of a wiki is Wikipedia (www.wikipedia.com), an Internet-based

encyclopedia that can be updated by users. This type of wiki technology can also be

used on your local network to maintain a central repository for documentation that is

both easy to access and easy to update.


ASHOK TAMBE

CCNP TSHOOT 642-832 Configuration and Documentation Tools

Many web-based (online) maintenance tools and resources that can

be helpful during the planning and implementation of network

maintenance procedures.

Configuration and Documentation Tools

Dynamic Configuration Tool

Cisco Feature Navigator

SNMP Object Navigator

Cisco Power Calculator


ASHOK TAMBE

CCNP TSHOOT 642-832


ASHOK TAMBE

CCNP TSHOOT 642-832 Monitoring and Measuring Tools

Keeping an eye on network traffic patterns and performance metrics can help you anticipate

problems before they occur. As a result, you can address those issues proactively, rather than

taking a reactive stance where you continually respond to problem reports.

Beyond basic show and debug commands, more advanced utilities are available for traffic

and performance monitoring. For example, Cisco IOS Netflow can provide you with

tremendous insight into your network traffic patterns. Several companies market Netflow

collectors, which are software applications that can take the Netflow information reported from

a Cisco router and convert that raw data into useful graphs, charts, and tables reflecting traffic

patterns.

Simple Network Management Protocol (SNMP) allows a monitored device (for example, a

router or a switch) to run an SNMP agent. An SNMP server can then query the SNMP agent

running on a monitored device to collect data such as utilization statistics or device

configuration information.


ASHOK TAMBE

CCNP TSHOOT 642-832


ASHOK TAMBE

CCNP TSHOOT 642-832

Network Monitoring and Performance Measurement Tools

GUI- and CLI-based device management tools are used to examine individual devices after the

problem is noticed.

Network monitoring system continuously checks your network devices’ availability and status:

Detect possible problems as soon as they occur

Sometimes before they even become apparent to end users

Uses protocols such as SNMP and ICMP

Cisco IOS Netflow technology can be leveraged to monitor devices and traffic


ASHOK TAMBE

CCNP TSHOOT 642-832

chapter 1

Documents

structured network maintenance

network downtime

network expansion

ipv6 network

network functioning

ongoing network monitoring

structured tasks

planning maintenance