|
|
Table 10-1 describes the advanced features supported in SwitchProbe devices.
| This Feature... | Performs This Function | For More Information, See This Section |
|---|---|---|
Serial Line Internet | Provides out-of-band communication between the agent and the management software through the remote serial port. | |
Modem Support | Lets the agent dial and communicate through a modem attached to the remote serial port. | |
Security Options | Provides a significantly improved level of security for access and control of the agent. | |
Static Routes | Establishes semipermanent static routes between the agent and management stations. | |
Private Routes | Establishes permanent private routes between the agent and management stations. | |
SLIP Routing | Enables the SwitchProbe device to route IP traffic between the SLIP interface and the primary LAN interface. | |
Expert Data | Lets you create IP filters that determine whether to include or exclude packets for statistics collection. | |
SNMP Traps | Lets you configure the SwitchProbe device to send SNMP traps to specific ports and destination addresses. | |
Cisco Discovery | Lets network management applications automatically discover and learn certain configuration information about network devices that support CDP protocol. The CDP function is supported on all SwitchProbe devices running release 4.7 firmware. | |
FASTMIB Feature | Improves the tracking of RMON1 statistics at the first indication of dropped packets | |
Locally Administered | Lets you define the agent MAC address in a Token Ring environment. | "Assigning a Locally Administered Address (Token Ring Interfaces)" |
Roving | Directs full RMON analysis on specific switch ports and other network device ports on demand. |
All SwitchProbe models support out-of-band communications using Serial Line Internet Protocol (SLIP) through the serial port labeled Remote. You can use the SLIP connection as a secondary connection through which to access all network statistics.
The SLIP function also includes these features:
The serial connection can be direct through EIA/TIA-232 or over telephone lines using dial-up modems. Communications over a serial line are the same as over a LAN, except that serial line packets are encapsulated using SLIP protocol (as specified in RFC 1055).
The SwitchProbe agent uses a standard IP routing algorithm to route packets to different interfaces. You should configure the agent using an IP address on a different subnet than the LAN IP address. The IP addresses that appear on the SLIP interface should be in a different subnet than the LAN interface; otherwise, the agent cannot route the packets correctly.
To configure the SLIP interface, you must use the console port or the TrafficDirector Remote Login application.
To configure the SLIP interface, follow these steps:
Step 1 Connect to the agent using the console port or the TrafficDirector Remote Login application.
Step 2 Select the SLIP interface.
Step 3 Configure the following elements:
Step 4 Select the LAN management interface again.
Step 5 Configure the IP stack on the management station to use SLIP.
Step 6 Create a new agent using the Remote Login application with the new IP address and interface used by the SLIP port.
To configure the agent to use the SLIP port, follow these steps:
Step 1 Connect to the agent using the console or the TrafficDirector Remote Login application.
After connecting to the agent, the following configuration menu is displayed:
***** SwitchProbe Ethernet Rev 4.7 *****
Interface number :1
[1] Change IP Address 192.168.143.103
[2] Change Net Mask 255.255.255.0
[3] Change Default Gateway Address 192.168.143.1
[4] Change Read Community public
[5] Change Write Community public
[8] Select Interface ETHERNET
[9] Change Server Address 192.168.143.12
[10] Upgrade Software
[11] Enter Command-line mode
[12] Reset Agent
[31] Go top Next Page
Enter your response or Enter "exit" to logout
Step 2 Change the selected interface.
You must select the serial interface before you can configure it. The selected interface is shown across from menu item 8. In this example, the selected interface is Ethernet.
To change the selected interface, enter 8 and press Enter.
Selection# 8
Select the interface:
[1] ETHERNET MODE = MANAGE + MONITOR
[2] SERIAL MODE = MANAGE
[3] ETHERNET MODE = MONITOR
New interface [1] :
Step 3 Select the item that corresponds to the serial interface.
In this example, enter 2 and press Enter to select the serial interface. The configuration menu reflects the serial interface settings.
New interface : 2
***** SwitchProbe Ethernet Rev 4.7 *****
[1] Change IP Address Not configured
[2] Change Net Mask Not configured
[3] Change Default Gateway Address 192.168.143.87
[4] Change Read Community public
[5] Change Write Community public
[6] Change Interface Speed 9600
[8] Select Interface SERIAL
[9] Change Server Address 192.168.143.12
[10] Upgrade Software
[11] Enter Command-line mode
[12] Reset Agent
[31] Go to Next Page
Enter your response or Enter "exit" to logout
Selection#:
Step 4 To change the IP address of the agent, enter 1 and press Enter.
You are prompted to enter the new IP address.
Step 5 Enter the new IP address and press Enter.
The following example shows how to change the IP address to 192.168.143.1:
Selection#: 1
New IP Address [0.0.0.0] : 192.168.143.1
Warning: Net mask changed to conform to ip_addr
Step 6 To change the agent subnet mask, enter 2 and press Enter.
You are prompted for the new subnet mask.
Step 7 Enter the new subnet mask and press Enter.
The following example shows how to change the subnet mask to 255.255.252.0:
Selection#: 2
New Net Mask Address [0.0.0.0] : 255.255.252.0
Step 8 To change the default gateway address, enter 3 and press Enter.
You are prompted for the new address.
Step 9 Enter the new gateway address and press Enter.
The following example shows how to change the default gateway address to 192.168.143.94:
Selection#: 3
New Default Gateway Address [192.168.143.6] : 192.168.143.94
Step 10 To set the speed of the serial interface, enter 6 and press Enter.
Step 11 Enter the desired speed (in bps).
The following example shows how to change the interface speed to 19.2 kbps:
Selection#: 6
Enter Baud Rate <1200, 2400, 4800, 9600,19200, 38400, 56000,
11520>
New Interface Speed [9600] : 19200
***** SwitchProbe Token Ring Rev 4.7 *****
Interface number :2
[1] Change IP Address 192.168.143.1
[2] Change Net Mask 255.255.252.0
[3] Change Default Gateway Address 192.168.143.94
[4] Change Read Community public
[5] Change Write Community public
[6] Change Interface Speed 19200
[8] Select Interface Token Ring
[9] Change Server Address 192.168.143.12
[10] Upgrade Software
[11] Enter Command-line mode
[12] Reset Agent
Enter your response or Enter "exit" to logout
Selection#:
Step 12 To select the item that corresponds to the Ethernet interface, enter 1 and press Enter.
The configuration menu is displayed:
New interface [1] : 1
***** SwitchProbe Ethernet Rev 4.7 *****
[1] Change IP Address 192.168.143.1
[2] Change Net Mask 255.255.252.0
[3] Change Default Gateway Address 192.168.143.94
[4] Change Read Community public
[5] Change Write Community public
[8] Select Interface ETHERNET
[9] Change Server Address 192.168.143.7
[10] Upgrade Software
[11] Enter Command-line mode
[12] Reset Agent
Enter your response or Enter "exit" to logout
Selection#:
Step 13 Reset the SwitchProbe agent. To do so, see "Resetting a SwitchProbe Agent" in "Configuring SwitchProbe Devices."
Before the SwitchProbe agent can use a modem through the remote serial port, you must configure SLIP correctly. The agent supports Hayes-compatible modems connected to the remote serial port for SLIP connections with remote network management stations.
You configure the modem through the agent console using command-line mode. For more information about command-line mode, see ""Using Command-Line Mode to Customize SwitchProbe Devices."
To access command-line mode, follow these steps:
Step 1 Connect to the agent using the console or the TrafficDirector Remote Login application.
Step 2 To access the command-line mode, enter 11 and press Enter.
Selection#: 11
Enter "quit" to exit the command-line mode.
%
The object name for modem options is modem. For help about modem options, enter the command help modem, as shown in the following example:
% help modem
Command to display or change modem data:
set modem var value
get modem var
var:
init_string hangup_string connect_string
noconnect_string phone_number1 phone_number2
connect_protocol connect_time connect_retry
disconnect_time
do modem connect
To display all modem parameters, enter the command get modem, as shown in the following example:
% get modem
init_string AT S0=1 Q0 S10=20^M
hangup_string ^2+++^2ATH0^M
connect_string #CONNECT#CONNECT 9600#
noconnect_string BUSY#NO CARRIER#NODIALTONE#NOANSWER#
phone_number1
phone_number2
cp<connect_protocol>
connect_time 30
connect_retry 10
disconnect_time 30
mode 2
status 0
To display the contents of a specific modem control string, enter the command get with the modem object and the name of the control string, as shown in the following example
% get modem connect_time
10
The following example sets the modem connect time to 20:
% set modem connect_time 20
% get modem connect_time
20
Modem control strings are ASCII strings used to initialize and communicate with the modem.
You must enclose all strings containing blank spaces inside quotation marks. All modem control strings are limited to 40 characters. If you use more characters than the maximum allowed, the string is not accepted.
You can embed control characters such as carriage-returns in the strings by preceding the control character with a caret (^) character. For example, to embed a carriage-return (Ctrl-M), you enter ^M.
The strings can also contain the following special control characters:
You can use the pound (#) character as a delimiter for strings.
Table 10-2 describes the modem control string.
| This Control String... | Is Used For |
|---|---|
init_string | An initialization string used for the modem; sent when the modem is first initialized and controls general modem operation. |
hangup_string | This string is sent to the modem if a connection is made and the agent must disconnect. |
connect_string | Used by the agent to compare text received from the modem. A match indicates a connection was made. |
noconnect_string | Used by the agent to compare text received from the modem. A match indicates a connection was not made. |
phone_number1 | Sent to the modem to instruct it to dial out to make a connection. This string must include the dial command and the primary telephone number. |
phone_number2 | A secondary dialing string used by the agent if the primary telephone connection (phone_number1) fails. The primary telephone number is retried for a number of times specified by the connect_retry string before this string is used. |
connect_protocol | The login name and password used by the agent to connect to the network after the modem has established a connection. |
connect_time | After the agent dials a number, it waits for connect_time (in seconds) for a connection before it retries the number. The default is 30. |
connect_retry | The agent retries the primary telephone number (phone_number1) connect_retry times before it switches to the secondary telephone number (phone_number2). The default is 10. |
disconnect_time | After making a connection, the agent disconnects if no data is sent by the agent for disconnect_time. The default is 30. |
For help with debugging, you can log all messages to and from the modem to the event log. You enable and disable this feature with the agent_options object.
% get agent_options
router_discovery on
router_enable off
modem_log off
slip_ip off
packet_capture on
traffic_generator off
discover_wanspeed off
The following example shows how to turn the modem log on:
% set agent_options modem_log on
The following example shows how to turn the modem log off:
% set agent_options modem_log off
The following example shows how to view the event log:
% get eventlog
This tutorial shows the modem configuration process. Any entries you make for modem configuration take effect immediately without rebooting the agent.
To configure the modem through the agent console using the command-line mode, see "Using Command-Line Mode to Customize SwitchProbe Devices," and follow these steps:
Step 1 To access command-line mode, connect to the agent using the console or the TrafficDirector Remote Login application.
Step 2 To access command-line mode, enter 11 and press Enter:
Selection#: 11
Enter "quit" to exit the command-line mode.
%
Step 3 To review the existing configuration, enter the command get modem:
% get modem
init_string AT S0=1 Q0 S10=20^M
hangup_string 2+++^2ATH0^M
connect_string #CONNECT#CONNECT 9600#
noconnect_string BUSY#NO CARRIER#NODIALTONE#NOANSWER#
phone_number1
phone_number2
cp<connect_protocol
connect_time 30
connect_retry 10
disconnect_time 30
Step 4 Enter the modem initialization string:
% set modem init_string "AT S0=1^M"
The agent interprets this string as:
AT S0=1 to the modem to instruct it to answer incoming calls on the first ring.Step 5 Set the modem hangup string to "^2+++^2ATH0^M":
% set modem hangup_string ^2+++^2ATH0^M
The agent interprets this string as:
+++ to switch the modem from data mode to command modeATH0 so the modem hangs up.Step 6 Set the modem connect string to match the message your modem sends when it makes a connection.
In this example, assume the message is CONNECT or CONNECT 14000.
See your modem reference manual for the exact string used by your modem:
% set modem connect_string "#CONNECT#CONNECT 14000#"
The pound sign (#) is a string separator. The agent assumes that a connection is made if it receives either of the strings delimited by the # character.
Step 7 Set the modem noconnect string to match the message your modem sends when it fails to make a connection.
In this example, assume the message is BUSY or NO CARRIER, or
NO DIALTONE or NO ANSWER. See your modem reference manual for the exact string used by your modem:
% set modem noconnect_string "#BUSY#NO CARRIER#NO DIALTONE#NO ANSWER#"
The syntax is the same as the connect string.
Step 8 Set the modem primary phone number to dial 1-555-123-4567.
% set modem phone_number1 ATDT15551234567^M
You must precede all modem commands with AT. Use the D command to make the modem dial and use T to indicate touch-tome dialing (instead of pulse).
Step 9 Set the modem connect protocol as follows:
% set modem connect_protocol ^2^s^M^wlogin:^smikec^M^wpassword:^ssecretword^M
The agent interprets this string as:
If modem protocol and security support is not needed, set a null connect_protocol string:
% set modem connect_protocol ""
The agent waits for the connection to be established for a maximum of connect_time.
Step 10 Set the connect_time to 30 seconds:
% set modem connect_time 30
The agent retries a number for a maximum of connect_retry times.
Step 11 Set the connect_retry string to 5 times:
% set modem connect_retry 5
Step 12 Set the modem secondary phone number to dial 1-555-123-1111.
After the agent has failed to make a connection after connect_retry attempts, it tries to use the secondary phone number:
% set modem phone_number2 ATDT15551231111^M
You must precede all modem commands with AT. Use the D command to make the modem dial and use T to indicate touch-tome dialing (instead of pulse).
If data is not send for more than disconnect_time after the agent makes the connection, the agent closes the connection.
Step 13 Set the disconnect_time string to 30 seconds:
% set modem disconnect_time
30IREF
OBJ:20752
When you select Security Options from the Agent Configuration Utility main menu, another menu is displayed. Table 10-3 describes the security-related functions you can configure with these options.
| This Option... | Performs This Function |
|---|---|
Change admin_password | All SwitchProbe devices are shipped with no administrator password enabled. By default, you do not need to enter a password to access the Agent Configuration Utility on a local console to view settings and enter new values in the utility settings. This option lets you establish or modify a password required to access the Agent Configuration Utility on a local console or using the TrafficDirector Remote Login application. |
Change user_password | All SwitchProbe devices are shipped with no user password enabled. By default, you do not need to enter a password to access the Agent Configuration Utility on a local console. This option lets you establish or modify a password required to access the Agent Configuration Utility on a local console or using the TrafficDirector Remote Login application. |
Change capture_slice_size | All SwitchProbe devices are shipped with a default capture slice size of 4096. Because some packet data might be sensitive in nature, this option lets you modify the buffer size of each packet. |
Toggle data_capture | All SwitchProbe devices are shipped with this option enabled. By default, each SwitchProbe device can capture each packet that the device sees on any attached segment. Because some packet data might be sensitive in nature, this option lets you disable the data capture ability. You can turn this option off (disable data capture) using the TrafficDirector Remote application or from a local console. As an added security feature, after you disable this option, you can only enable it again from the local console. |
The Data Capture feature lets a SwitchProbe device collect selected packets for later decoding and analysis. You can use the TrafficDirector Protocol Decode application to upload the packets to the client software for seven-layer protocol analysis.
By default, packet capture is enabled in a SwitchProbe device. After you disable packet capture functionality in an agent, you can only enable it again from the local console.
To toggle packet capture functionality on or off, follow these steps:
Step 1 Access the Agent Configuration Utility.
Step 2 To go to the next page, enter 31 and press Enter.
Step 3 To access Security Options, enter 19 and press Enter.
Step 4 To toggle data capture on or off, enter 4 and press Enter.
Step 5 To return to the previous screen, enter 5 and press Enter.
This feature secures an unattended password-protected SwitchProbe device.
If a user or admin password has been assigned to the SwitchProbe device, the Console Logout function immediately ends your Agent Configuration Utility session and displays a prompt to enter a user or admin password. This function is useful for authorized users (using a password) of a SwitchProbe device to temporarily log out of the device without exposing the device to unauthorized use.
If a user or admin password has not been assigned to the device, the Console Logout function performs no useful task, but displays the current screen again.
All SwitchProbe models use the SNMP community mechanism for security. Any stations trying to access the SwitchProbe device must know the read community name to gain read access, and must know the write community name to gain write access.
All SwitchProbe models also support an access list that controls which IP address groups are allowed access, and what level of access they have. The access list allows four different groups of access; you can assign each group a different access level.
Table 10-4 shows the access levels . When an address matches more than one group in the access list and qualifies for rights at more than one level, the access level with the highest priority number is granted.
| Priority | Level | Rights |
|---|---|---|
4 | rw | Read and write. |
3 | ro | Read-only; cannot use Remote Login. |
2 | pw | Partial write only; no writes allowed; cannot use Remote Login; can access Resource Manager; no data capture. |
1 | no | No access. |
You can define a maximum of eight different groups and establish access to each group with a different address group. An address group can be an individual IP address or a group of addresses, defined by the network address and network mask:
When an SNMP request is received from a host, its source IP address is logically ANDed with the mask. The result of the logical AND is compared with the network address field.
If the comparison is successful, the access level of that group is granted to that host. However, the host can match multiple entries in the access list. When a host matches multiple access levels, the access level with the highest priority is used.
Use the following guidelines to specify masks:
| To Allow Access To... | Use |
|---|---|
A particular node | Mask 255.255.255.255 |
An entire subnet | Subnet mask for that subnet as the mask |
All hosts |
To configure access list security, follow these steps:
Step 1 Access command-line mode using the console or the TrafficDirector Remote Login application.
Step 2 Enter 11 and press Enter:
Selection#: 11
Enter "quit" to exit the command-line mode.
%
Step 3 For help about displaying and changing the SNMP access list, enter the command help access_list:
% help access_list
Command to display or change SNMP access list:
get access_list
set access_list entry# address mask level
entry# -> the entry number in the access list
address -> IP/NET address
mask -> mask for IP/NET address
level -> level of access allowed [no, rw, pw, ro]
set access_list entry# level
clear access_list
Step 4 Enter the command get access_list to view the current access list.
% get access_list
Entry IP/NET Addr Mask Level
[1] 0.0.0.0 0.0.0.0 no
[2] 0.0.0.0 0.0.0.0 no
[3] 0.0.0.0 0.0.0.0 no
[4] 0.0.0.0 0.0.0.0 no
[5] 0.0.0.0 0.0.0.0 no
[6] 0.0.0.0 0.0.0.0 no
[7] 0.0.0.0 0.0.0.0 no
[8] 0.0.0.0 0.0.0.0 no
When the SwitchProbe device is manufactured, all entries in the table have no access, and the access list security feature is disabled:
Step 5 Enter the command set access_list to change the access list.
The command must specify the access_list object, the entry number, the network address, the mask, and the access level.
The following example grants read and write access to one specific host with the address 192.168.143.5. All other hosts have no access.
% set access_list 1 192.168.143.5 255.255.255.255 rw
% get access_list
Entry IP/NET Addr Mask Level
[1] 192.168.143.5 255.255.255.255 rw
[2] 0.0.0.0 0.0.0.0 no
[3] 0.0.0.0 0.0.0.0 no
[4] 0.0.0.0 0.0.0.0 no
Your SwitchProbe device is shipped with the access list security feature disabled by default. All entries in the table have no access and the SNMP security feature is disabled.
To clear the access list, enter the following command:
% clear access_list
You can also create an entry in the table with an IP network address of 0.0.0.0, a mask of 0.0.0.0, and the level as rw, allowing all nodes to read/write to the agent:
% set access_list 1 0.0.0.0 0.0.0.0 rw
Tables 10-5 and 10-6 show examples of incorrectly and correctly configured access lists.
| IP Network Address | Mask | Level | Comments |
|---|---|---|---|
192.168.143.0 | 255.255.255.0 | rw | All hosts on this subnet allow read and write access. This setting overrides the pw access granted for the larger subnet. |
192.168.143.100 | 255.255.255.255 | no | Because this host is part of the subnet in Entry 1 and rw overrides no, this host would be granted read and write access. |
192.168.0.0 | 255.255.0.0 | pw | All hosts on this subnet allow only partial-write access, which is read-only plus access to Resource Manager. |
192.168.143.88 | 255.255.255.255 | ro | Host is allowed read-only access. |
| IP Network Address | Mask | Level | Comments |
|---|---|---|---|
192.168.143.100 | 255.255.255.255 | rw | Host allows read and write access. |
192.168.143.0 | 255.255.0.0 | ro | All hosts on subnet 192.168.143.0 allow read access only. |
0.0.0.0 | 0.0.0.0 | pw |
You can add static routes to SwitchProbe devices using the local or remote console. A static route is volatile and is deleted when the device is rebooted.
You configure static routes using command-line mode. For more information about command-line mode, see "Using Command-Line Mode to Customize SwitchProbe Devices."
You can access command-line mode by connecting to the agent through the console or by using the TrafficDirector Remote Login application. To do so, enter 11 and press Enter.
Selection#: 11
Enter "quit" to exit the command-line mode.
%
In command-line mode, enter the command help route to display a complete set of the routing commands:
% help route
Commands to display or change agent routes:
get route
set route net mask gateway metric
net -> NET/IP address
mask-> mask for NET/IP address
gateway -> gateway for NET/IP address
clear route net mask
Enter the command get route to display the current routing table for the agent:
% get route
NET MASK GATEWAY METRIC INTF TTL REFS USE
192.0.0.1 255.255.255.255 192.0.0.1 0 0 999 1 0
192.168.143.255 255.255.255.255 192.168.143.219 0 0 999 1 6200
192.168.143.192 255.255.255.255 192.168.143.219 0 0 999 1 0
192.168.143.219 255.255.255.255 192.168.143.219 0 0 999 1 4294
192.168.0.0 255.255.255.255 192.168.143.219 0 0 999 1 0
192.168.143.192 255.255.255.192 192.168.143.219 0 1 999 1 122
0.0.0.0 0.0.0.0 192.168.143.193 15 1 999 1 11806
The following command sets a static route for all communication with the NET 192.168.0.0 to be directed to the gateway 192.168.143.20:
% set route 192.168.0.0 255.255.252.0 192.168.143.20
The following command sets a static route for all communication with the IP address 192.168.143.5 to be directed to the gateway 192.168.193.20:
% set route 192.168.143.5 255.255.255.255 192.168.193.20
The following command deletes the previous static route:
% clear route 192.168.0.0 255.255.252.0
You can configure SwitchProbe devices to have private routes that are stored in NVRAM and configured in the agent route table at boot time. NVRAM can hold four private routes, each containing three fields—IP/Subnet address, mask for the IP/Subnet address, and gateway for the route.
You configure private routes through the console using command-line mode. For more information about command-line mode, see "Using Command-Line Mode to Customize SwitchProbe Devices."
You access command-line mode by connecting to the agent using the console or the TrafficDirector Remote Login application. To do so, enter 11 and press Enter.
Selection#: 11
Enter "quit" to exit the command-line mode.
%
Enter the command help proute to display a complete set of the private route commands:
% help proute
Command to display or change agent private routes:
get proute
set proute entry# net mask gateway metric
entry# -> entry number in the route table
net -> NET/IP address
mask -> mask for NET/IP address
gateway -> gateway for NET/IP address
metric -> metric for route - default=0
set proute entry# no
clear proute
Enter the command get proute to display the current private route table:
% get proute
Entry IP/NET Addr Mask Gateway Metric
[1] Not configured
[2] Not configured
[3] Not configured
[4] Not configured
Enter the command set proute with the entry number, network address, mask, and gateway to change the private route table. In the following example, all packets destined for IP subnet 192.168.143.0 are sent to 192.168.143.20:
% set proute 1 192.168.143.0 255.255.0.0 192.168.143.20
% get proute
Entry IP/NET Addr Mask Gateway
[1] 192.168.143.0 255.255.0.0 192.168.143.20
[2] Not configured
[3] Not configured
[4] Not configured
To invalidate a private route entry, enter the following commands. This example invalidates private route entry 1:
% set proute 1 no
% get proute
Entry IP/NET Addr Mask Gateway
[1] Not configured
[2] Not configured
[3] Not configured
[4] Not configured
To clear all private route entries, enter the command clear proute:
% clear proute
A SLIP mini-routing feature is supported in all SwitchProbe devices. This feature allows trap messages from the network to be forwarded to remote management locations through the SLIP interface. It also allows access to the network through the SLIP port for telnet and other IP-based activities. This feature is useful when the network segment is otherwise inaccessible.
The primary interface (for example, interface 1) has a secondary IP address used to make the agent act as a pseudo-IP router and for routing. If the mini-routing option is enabled, the agent routes all IP packets from the SLIP port to the LAN, and vice versa.
For packets coming from the SLIP interface that are not destined for this agent, but for another host on the network, the agent replaces the source IP address with the pseudo-IP address and recalculates the checksums before sending the packet across the LAN port.
The same process is followed for packets arriving on the LAN port that are destined for the pseudo-IP address. These packets are trapped and sent to the SLIP port using the SLIP port IP address as the source IP address. The checksum is recalculated before transmitting the packets on the SLIP port. All IP packets are supported for this pseudo-router.
The pseudo-routing function works only on IP packets; all other packets are not affected. When the IP packet reaches the SwitchProbe device, the firmware forwards it to the IP task. The IP task determines where the packet belongs. If it is not intended for itself, and if the SLIP route option has been enabled, the IP packet is transmitted on the LAN interface after the source IP address has been submitted by the secondary IP address.
You enable and disable SLIP routing using the agent console in command-line mode. For more information about command-line mode, see "Using Command-Line Mode to Customize SwitchProbe Devices."
You can access command-line mode by connecting to the agent using the console or the TrafficDirector Remote Login application.
To do so, enter 11 and press Enter:
Selection#: 11
Enter "quit" to exit the command-line mode.
%
SLIP routing is controlled by the slip_ip option in the agent_options object. To view the current setting, enter the command get agent options:
% get agent_options
options = 0x33
router_discovery on
router_enable off
modem_log off
slip_ip off
discover_wanspeed off
real_iftype off
To enable SLIP routing, enter the following command:
% set agent_options slip_ip on
You can create and download IP filters to SwitchProbe devices that determine whether to include or exclude packets from particular IP addresses. You can configure your SwitchProbe device to collect only packets from those hosts you want to monitor, eliminating unwanted hosts and conversations.
To do so, you must provide the device with the network address and mask of the hosts you want to include or exclude. You can use these methods to provide the SwitchProbe device with this IP filter information:
You download the required IP filter information by specifying the information in a text file, then passing that file as a parameter to the dvftp utility. This text file contains lines in the following format:
ip_address mask I/E
For example:
192.168.143.127 255.255.0.0 I
192.168.143.23 255.255.255.0 E
In this example, the SwitchProbe device includes (I) for collecting all packets from host 192.168.x.x, and excludes (E) all packets from host 192.168.143.x.
Enter the following command to run the dvftp utility:
dvftp agentname filename IP-DATAFILTER
where:
If you are using the TrafficDirector application on a UNIX platform, you must run the dvftp utility directly from $NSHOME/bin; if you are running the TrafficDirector application on a Windows NT platform, you must enter the command from the TrafficDirector shell. If you do not include a path as part of filename, it defaults to $NSHOME/usr.
To provide the SwitchProbe device with IP filter information using the dvftp utility, follow these steps:
Step 1 Verify that you have added the agent to the TrafficDirector application and specified the monitor interface.
Step 2 Create a text file containing the IP filter information for the hosts you want to include or exclude. (You can save this file under a name you select.)
Step 3 To run the dvftp utility, enter the following command:
% dvftp agentname filename
IP-DATAFILTER
As an alternative to using the dvftp utility for IP filter configuration, you can set the contents of the IP-DATAFILTER object directly from the command line. To do so, follow these steps:
Step 1 Access the Agent Configuration Utility.
Step 2 To access command-line mode, enter 11 and press Enter.
Step 3 Enter the following command:
% set data IP-DATAFILTER interface "ip_address mask
I/E"
For example, the following command configures interface 3 to exclude for collection all packets from host 192.168.143.x. Use the get command to check the IP-DATAFILTER information:
% set data IP-DATAFILTER 3 "192.168.143.40 255.255.255.0 E"
% get date IP-DATAFILTER
ip addr mask interface I/E
192.168.143.48 255.255.255.0 3
EIREFO
BJ:20637
SwitchProbe devices generate SNMP traps when alarm thresholds are crossed or when there are changes in PVC status. You configure both the port(s) and destination addresses you need for SNMP traps.
Specify the port to which you want the agent to send using the trap_port command-line object.
Specify the hosts to which you want the agent to send traps by maintaining the trap destination table using the TrafficDirector dvadmin utility.
By default, all SNMP traps that the SwitchProbe device generates are sent to the TrafficDirector application at port 395. You can also configure the device to send traps to port 162, or to both ports.
The trap_port object contains the number of the port to which the SwitchProbe device sends SNMP traps. This object can contain the following values:
To specify the ports to which you want the SwitchProbe device to send all SNMP traps, follow these steps:
Step 1 Access the Agent Configuration Utility.
Step 2 To access command-line mode, enter 11 and press Enter.
Step 3 Do one of the following:
The Cisco Discovery Protocol (CDP) function is supported on all SwitchProbe devices running firmware Release 4.7 or greater.
CDP allows Cisco Systems' network management applications to automatically discover and learn certain configuration information about network devices that support the CDP protocol.
To provide this functionality, periodic CDP messages are sent from the SwitchProbe device to allow the network management applications to discover the device. These messages are sent out only on the manage interface, although the CDP messages can be seen by all monitor interfaces. After the device has been discovered, you can poll it to gather specific configuration information for that device.
All Fast Ethernet and FDDI agents include a FASTMIB feature that lets you configure the device to improve the tracking of RMON1 statistics at the first indication of dropped packets.
To change the FASTMIB feature, follow these steps:
Step 1 Access the Agent Configuration Utility.
Step 2 To access command-line mode, enter 11 and press Enter.
Step 3 Use the command get agent_options fastmib to check the current status of the FASTMIB feature.
Step 4 Enable or disable this feature as follows:
To identify the location of a SwitchProbe device, you can assign a locally administered address (LAA) that changes the MAC address of the Token Ring interface. You configure the LAA using command-line mode on the agent console.
To configure the LAA, follow these steps:
Step 1 Access the Agent Configuration Utility main menu.
Step 2 To access command-line mode, enter 11 and press Enter.
Step 3 Enter the following command:
set mac_addr <local area address>
where <local area address> is a new MAC address you want to assign to the Token Ring interface.
For example:
set mac_addr 00-80-8C-01-00-42.
Step 4 To return to the Agent Configuration Utility main menu, enter quit and press Enter.
The Agent Configuration Utility main menu is displayed again. The new values do not take effect until you reset the SwitchProbe agent. To do so, see "Resetting a SwitchProbe Agent" in "Configuring SwitchProbe Devices."
You can establish the SwitchProbe device as a roving agent to achieve full RMON analysis on a specific switch port or other network device port on demand.
Roving is used in conjunction with mini-RMON. For example, you can set up an external proxy agent to provide continuous mini-RMON support for all ports, then use the same agent as a roving agent to achieve full RMON analysis on a particular port on demand.
Although you can use a single SwitchProbe model as both a proxy RMON agent and a roving agent, they are two separate features—both are dependent on the device being monitored. For example, a network device might support proxy RMON but not roving.
To monitor a network device (such as a switch) with a roving agent, the device must support roving. A device supports roving when it meets the following two requirements:
Roving RMON involves a physical connection between the SwitchProbe device and the switch. Typical roving RMON configuration for a switch includes using one or more switch ports as a monitor port and one switch port as an analyzer port. The monitor port is the port on which you want to examine traffic; the analyzer port is the port where an external SwitchProbe device connected to the switch views that traffic.
You can use any dual-port SwitchProbe device as a roving agent. The agent ports must be of the same media type and configured as shown in Table 10-7.
| Interface | Mode | Connection | SwitchProbe Action |
|---|---|---|---|
1 | Manage | To the network with access to the switch | Sets monitor port and communicates with the TrafficDirector application. |
2 | Serial/SLIP | Not used | — |
3 | Monitor | Analyzer port |
Posted: Wed Oct 2 08:01:10 PDT 2002
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.