Re: [c-nsp] SNMP query for just one interface?
Find the ifIndex for the one interface, and instead of doing a table walk, just append that ifIndex to whichever interface object you're polling and do simple gets. ifDescr.6 ifOperStatus.6 ifAdminStatus.6 etc. - billn On Fri, 21 Mar 2008, Bernd Ueberbacher wrote: Hi everyone! One more problem before the weekend ;-) Is it somehow possible to query just ONE interface of a Cisco router/switch? I need to see the traffic going through a certain interface, but this tiny management PC shouldn't see the other ports. I found a website which points into the right direction (I guess), snmp-server community public ro snmp-server community ourCommStr ro snmp-server community topsecret rw 60 snmp-server community hideit ro view noRouteTable access-list 60 permit 10.1.1.1 access-list 60 permit 10.2.2.2 snmp-server view noRouteTable internet included snmp-server view noRouteTable ip.21 excluded snmp-server view noRouteTable ip.22 excluded snmp-server view noRouteTable ifMIB excluded but I'm still to stupid to query just one port without seeing anything else (other ports, cpu, ...) Please let me know/give me a hint how this can be done. Thanks and have a nice weekend everybody, Bernd ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Traffic Analyzing?
I'm not looking for MRTG. I'm looking for a traffic analyzer. 'Ooooh. Traffic analysis.. Netflow! You seek Netflow!' - billn On Wed, 12 Dec 2007, Shaun R. wrote: I don't know if something like this is even possible so I figured I would ask. I was wondering if there was any type of software out there that would monitor traffic leaving the network and display reports about which ASN/Providers they are going down. This would be useful for determining what providers I should peer with next. For example if the software showed that 50% of my traffic was destined to travel to or across Level3 then it would be beneficial for me to bring in a pipe from level3. Anything out there like this? ~Shaun ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] multilink bundle
Convert it to a full data pipe and find another way to transport the voice traffic over it? This is out of my scope, but it seems like VOIP could be a winner here. - billn On Tue, 4 Dec 2007, Joseph Jackson wrote: Just to answer everyones questions here's the story. One end has a 7206 NPE G1 with 1 gig of ram other end has 7204 NPE 300 with 256 megs of ram Each router has a PA-MC-T3= (the channelized ds3 card) We do have a ds3 it just has channels 1-5 stripped of it to do voice between the locations. I would like to use the rest of the DS3's bandwidth for data but I can't seem to find a way to do that without just using a crap load of T1's put into multilink bundles. Any ideas? Thanks Joseph From: Doug Clements [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 04, 2007 5:10 PM To: Joseph Jackson Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] multilink bundle On Dec 4, 2007 4:49 PM, Joseph Jackson [EMAIL PROTECTED] wrote: Would it be considered retarded to put 23 T1's into a multilink bundle? I wouldn't try it, but assuming you're running 7500, there are hardware limitations: http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft /120t/120t3/multippp.htm#wp1025005 --Doug ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Getting Netflow information from an Extreme Networks network without Netflow/Sflow
On Wed, 28 Nov 2007, Adam Powers wrote: I would definitely take a look at Luca Deri's nProbe (the same Italian that brought us ntop). This small linux/windows application simulates a router's I haven't worked with it myself but he even sells a small appliance that runs nprobe if you don't want to mess with building out an probe server yourself. http://www.ntop.org/nProbe.html This probably isn't a bad move for those interested in flow statistics without getting into the nuts and bolts of how it works. This will come with the same caveat of finding an appropriate choke point to trap traffic via span/port mirror. This solution will only scale so far before you need to get exotic with your collector hardware. Given the original requirements of an older network, I don't think that's a problem right now. To put some real numbers on this, 100megabit and 1gigabit are the simple limits of this solution. - billn ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] on the subject of SNMP
Try looking for 'bridging' and 'forwarding' tables instead. 6500 is screwy (at last check, I'm a few years out of date by now) in that you need to append @$vlanNumber to the community string when polling the device to get information about a specific vlan. Once you get into that context, things might start to make a little more sense. I've no experience with FWSM, though, so caveat utilitor. Hope that helps. - billn On Tue, 27 Nov 2007, Justin M. Streiner wrote: Does anyone have an OID to: 1. enumerate the VLANs configured in a vlan-group to be presented to an FWSM in a 6500 via the firewall vlan-group command? I've searched the MIBs using many different combinations of vlan, firewall, channel, etc, but have come up with nothing. 2. list the spanning-tree priorities for the VLANs that are configured on a device? I found several things in the MIBs that looked promising, but when I poll them, I didn't get what I thought I'd get, or the OIDs I looked at were deprecated. Cisco's MIB object navigator hasn't been much help, so any insight to get pointed in the right direction is greatly appreciated. Thanks jms ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Getting Netflow information from an Extreme Networks network without Netflow/Sflow
You can implement tools like softflowd on a server to generate flows from traffic it sees on one (or more) of its interfaces, in combination with your available port mirroring option. Obvious limits are going to include figuring out where your traffic chokepoints are, to facilitate comprehensive monitoring, and whether or not you can get a big enough pipe on server hardware to handle your traffic volume. - billn On Tue, 27 Nov 2007, Mike Louis wrote: Hello All, I am working with a large client that uses extreme networks gear extensively. Most of their gear is older i series and e series summit and black diamond equipment. Anyone on this list have any experience with getting netflow top talkers information from a network like this without using netflow or sflow. I am working on some other tools using NTOP for starters but i am not getting the information that i need. I would like to use a tool that can support port mirroring traffic to gather network statistics. The current gear that they are using supports Sflow however its so old that even extreme recommended not enabling it on links over 1Mbps. Netflow was a no go as well plus most of the gear won't support it. Any ideas on some good network visibility tools for traffic anaylsis. Specifically something similar to what information netflow can provide with source/destination port/address information for a flow. Thanks in advance Mike Note: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt from disclosure. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the original sender immediately by telephone or return email and destroy or delete this message along with any attachments immediately. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Network Topology Mapping
This topic never fails to amaze me, that there are people who will build a network of size and not document it. (I'm not faulting you, I've just seen it happen a lot.) I've built toolsets that do this, only to have people actively refuse to use them. I don't get it. - billn On Sun, 28 Oct 2007, Sami Joseph wrote: Hello, I have a corporate network with 6500s as core and 3560s as access, IP phones and a lot of other routers and PIXs. I need to have a full detailed network documentation and mapping of topology because we have such a big network a no documentation which always slows our troubleshooting. I am looking for guidance from you guys on what is the best way/tool/process to do it from your experience? any templates for the documentation? Thanks, Sam ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Network Topology Mapping
Correlate ARP cache to bridge tables. You can do it from your core switches as a start. It's THE best way for finding anything talking on your network. - billn On Sun, 28 Oct 2007, Sami Joseph wrote: Hi Roland, Thanks. The point is i dont really know all the devices we have, so i cant be sure that they all have snmp and CDP configured. Is there a way around that? on the top of my head, i would do a port scan and based on that i would go into each device and make sure each has SNMP and CDP before i start discovering. Which open source one would you recommend ? How about CiscoWorks? Thanks, Sam On 10/28/07, Roland Dobbins [EMAIL PROTECTED] wrote: On Oct 28, 2007, at 3:27 PM, Roger Oliver wrote: I'm very interested to hear what others do. PacketDesign RouteExplorer does good visualizations based upon BGP and IGP, and Narus InSight Manager does visualization based upon BGP. There are also tools like lanmap, which watch packets via RSPAN in a given locality. Several of the open source and commercial NMS systems do SNMP-based autodiscovery; it's important to test these out and ensure they're tuned not to be overly aggressive prior to running the autodiscovery, monitor your network while it's taking place, do it during a maintenance window, etc. Some folks use GraphViz with a bit of Perl-fu on their configs to generate graphs, too. --- Roland Dobbins [EMAIL PROTECTED] // 408.527.6376 voice I don't sound like nobody. -- Elvis Presley ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Snmp monitoring of 10GigE Interfaces
Alternatively, make sure you're using the 64 bit counters (ifHCInOctets ifHCOutOctets). See the ifXtable in ftp://ftp.cisco.com/pub/mibs/v2/IF-MIB.my - billn On Thu, 10 May 2007, Rhett Bassett wrote: Kumar Dasari wrote: I am having rather erratic and inconsistent results for bandwidth usage reports from different SNMP software packages (MRTG, Cacti, Solarwinds etc) when monitoring 10GigE interfaces on Cisco 7609 Routers. For example there is discripency in what the snmp software says what the 5 min bps output rate is, and what the show int te1/1 shows on the router itself. Software is lower always. Any suggestions on how I can fix this? Increase your sample rate - you're probably hitting the SNMP counter rollover. Quoth the Cricket manual (http://cricket.sourceforge.net/support/doc/reference.html): an SNMP Counter32 can wrap in under 5 minutes at bandwidths above 100 Mbits, it's critical to fetch the data more often, or else RRD will not be able to correctly detect and process the counter wrap. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] MPLS Fast Reroute
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120st/120st16/frr.htm - billn On Fri, 27 Apr 2007, Raman Sud wrote: Has anyone setup MPLS fast-reroute using RSVP? Is there a config that someone can share Thanks Raman Sud ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
