The following section is a summary of the major points you should be aware of in this chapter.
Network Maintenance Fundamentals Overview
- Network maintenance is an integral component of a network management methodology
- Network maintenance activities are either structured or interrupt-driven (ad-hoc)
- A structured or scheduled network maintenance approach is based on predefined plan
- Ad-hoc maintenance activities are those that are performed when any issues arise
- A structured maintenance approach leverages proactive monitoring
- An ad-hoc approach increases the number of resources required to support the network
Network Maintenance Tasks
- Network maintenance tasks are simply tasks that are performed on a day-to-day basis
- The following is a list of common network maintenance tasks:
- Installing, replacing or upgrading both hardware and software
- Monitoring, tuning and optimizing the network
- Documenting the network and maintaining network documentation
- Securing the network from both internal and external threats
- Planning for network upgrades, expansions, or enhancements
- Scheduling backups and restoring services or the network from backups
- Ensuring compliance with legal regulations and corporate policies
- Troubleshooting problem reports
- Maintaining and updating device configurations
An Overview of Network Management Models
- Network management models are general guidelines running and maintaining a network
- There are several network management models that are available
- You should select the network management model best aligned with your business goals
- Commonly referenced network management models include the following:
- Telecommunications Management Network
- FCAPS
- Information Technology Infrastructure Library
- Cisco Lifecycle Services
- The TMN is a model defined by ITU-T for managing systems in a communications network
- The TMN is referenced in ITU-T Recommendation M.3010
- The TMN was originally developed to provide a framework for service providers
- The TMA defined four management architectures at different levels of abstraction:
- A functional architecture
- An information architecture
- A physical architecture
- A logical layered architecture
- The TMN logical layered architecture includes an additional four layers of abstraction:
- The Business Management Layer
- The Service Management Layer
- The Network Management Layer
- The Element Management Layer
- FCAPS is the ISO TMN model and framework for network management
- The FCAPS fault management life cycle includes the following tasks:
- Fault and problem detection
- Handling and acknowledging alarms sent by devices
- Fault and problem isolation using a filtration and correlation process
- Fault correction and recovery
- Tracking problems through resolution via a trouble ticketing system
- Configuration management encompasses the management of actual device configurations
- Configuration management encompasses the configuration change control process
- Configuration management includes tracking and logging changes to device configurations
- Accounting management covers methods to track usage statistics and costs
- Performance management covers the tracking of system and network statistics
- Performance management includes baselining, and improving performance, e.g. using QoS
- Performance management can provide valuable data for capacity planning
- Security management addresses access rights that include authentication and authorization
- Security management is concerned with securing access to network devices
- Security management may also include additional tasks such as integrating firewalls
- ITIL is a set of best practices for ITSM, IT development and IT operations
- ITIL is organized into a set of texts which are defined by related functions
- The five processes or sets defined in ITILv3 are:
- Service Strategy
- Service Design
- Service Transition
- Service Operation
- Continual Service Improvement
- The Cisco PPDIOO model encompasses all steps from network vision to optimization
- PPDIOO stands for prepare, plan, design, implement, operate, and optimize
IOS Maintenance and Monitoring Tools
- Cisco provides a plethora of tools that can be used for both maintenance and monitoring
- The EEM is part of the Cisco Embedded Automation Systems (EASy) toolkit
- The EASy toolkit combines the following embedded management technologies with EEM:
- Cisco IP Service Level Agreements (IP SLAs)
- Expression MIB
- Network-Based Application Recognition (NBAR)
- Flexible NetFlow
- Enhanced Object Tracking
- Cisco IOS Shell (IOS.sh)
- EEM is a powerful and flexible subsystem that provides real-time network event detection
- EEM provides onboard automation and increases the intelligence of network devices
- EEM supports of the use of scripts which can be configured using the CLI or using Tcl
- IOS IP SLA allows you to monitor, analyze and verify IP service levels for IP applications
- IOS IP SLA uses active traffic monitoring to measure network performance
- IOS IP SLA measures and monitors performance metrics like jitter, latency, and packet loss
- IOS IP SLA is comprised of two components, which are the source (agent) and the target
- IOS IP SLA operations can be broadly categorized into the following five functional areas:
- Availability monitoring
- Network monitoring
- Application monitoring
- Voice monitoring
- Video monitoring
- Logging messages and events both locally and to a syslog server is a core maintenance task
- Syslog allows a host to send event notification messages across IP networks
- Syslog messages are sent to event collectors called syslog servers or syslog daemons
- A syslog daemon or server is an entity that listens to the syslog messages that are sent to it
- Syslog uses User Datagram Protocol (UDP) as the underlying transport mechanism
- The syslog client sends messages to the syslog sever, specifying a destination port of 514
- Syslog messages cannot exceed 1,024 bytes in size
- Syslog messages contain three distinct parts, which are the priority, header, and message
- When configuring logging, synchronize the device clock manually or using NTP
- The Simple Network Management Protocol, SNMP, is a widely used management protocol
- SNMP can be used to collect statistics, monitor device performance and for baselining
- SNMP is an Application Layer (Layer 7) protocol
- SNMP uses UDP as the Transport layer protocol, using UDP ports 161 and 162
- An SNMP network consists of a management system, agents, and managed devices
- The management system executes monitoring applications and controls managed devices
- An SNMP agent resides on each managed device
- SNMP agents capture data from Management Information Bases (MIBs)
- A managed element, such as a router, switch, or firewall, is accessed via the SNMP agent
- Managed devices are monitored and controlled using read, write and trap commands
- The read command is used by an NMS to monitor managed devices
- The write command is used by an NMS to control managed devices
- SNMP trap command is used by managed devices to report events to the NMS
- Devices can be configured to send SNMP traps or informs to an NMS
- SNMP traps are messages that alert the SNMP manager of a condition on the network
- SNMP informs are SNMP traps that include confirmation of receipt from the manager
- There are three versions of SNMP, which are versions 1, 2, and 3
- SNMPv1 is widely used and is the de facto network-management protocol
- SNMPv2 revises SNMPv1 and includes improvements to the original SNMPv1 standard
- SNMPv3 provides additional security services not available in previous versions
- Cisco IOS NetFlow is a powerful maintenance and monitoring tool
- Cisco IOS NetFlow reports on traffic statistics, e.g. packets and bytes
- The device on which NetFlow is configured sends out information that it has collected
- Cisco IOS NetFlow has the ability to differentiate between traffic flows
- An IP flow is based on a set of 5 and up to 7 IP packet attributes which may include:
- Destination IP address
- Source IP address
- Source port
- Destination port
- Layer 3 protocol type
- Class of Service
- Router or switch interface
- Cisco IOS NetFlow stores flow information in the NetFlow cache or simply the flow cache
- Collected NetFlow data can be access via the CLI or using a NetFlow Collector
- NBAR is an intelligent classification engine in Cisco IOS software
- Network Based Application Recognition that can recognize a wide variety of applications
- The NBAR Protocol Discovery (PD) feature can collect application and protocol statistics
- NBAR uses PDLMs for protocol and application recognition
- The use of PDLMs allows NBAR to recognize additional protocols and applications
- The configuration archive feature allows configs to be saved in the configuration archive
- The configuration replace and configuration rollback allows for configuration rollbacks
- The Command Scheduler allows you to run exec commands on a regular basis on a router
- The IOS Command Scheduler has 2 processes: policy lists and the scheduler
- Policy lists contain the exec commands that you want to be executed on the router
- The scheduler is used to configure when these commands will be run
Additional Maintenance and Monitoring Tools
- In addition to IOS tools, Cisco provides the following maintenance and monitoring tools
- Cisco Router and Security Device Manager
- Cisco Configuration Professional
- Cisco Configuration Assistant
- Cisco Network Assistant
- CiscoWorks LAN Management Solution (LMS)
- SDM is a Web-based (GUI) device-management tool for Cisco access routers
- SDM can be used for monitoring and troubleshooting tasks
- CCP is also a GUI based device management tool for Cisco access routers
- CCP can be used for network monitoring and maintenance tasks
- CCA is used for the Cisco Smart Business Communications System
- CCA is a Web-based (GUI) tool
- CCA includes the System Dashboard, Topology View, or Front Panel View
- CNA is a GUI-based tool
- CNA can be used to apply common services across switches, routers, and access points
- The CiscoWorks LAN Management Solution is comprised of several software applications
- LMS provides monitoring, and troubleshooting capabilities
- CiscoWorks LMS can be used for the configuration and administration of campus networks
- CiscoWorks LMS includes the following software applications:
- Resource Manager Essentials (RME)
- CiscoWorks Health and Utilization Monitor
- Device Fault Manager (DFM)
- Internetwork Performance Monitor (IPM)