Network Maintenance

I am going to admit that I have not been studying for the TSHOOT exam very diligently. In my mind it is a topic that we deal with on a daily basis and what could the book teach me. (sarcasm) They gave us the topology, if you understand it like your own network what more could they want? Well, I read the first few chapters and learned some new commands. Now I’m going back to start over, this time typing up notes like I did for the ONT. It keeps me headed in the right direction because other people can see my progress and that motivation keeps me on task.

The first chapter has been a struggle because it is not interesting. These notes are just me struggling through, trying not to fall asleep or get side tracked… oh look there’s a new article on slashdot…

Two network maintenance categories:
Structured tasks — Planned tasks.
Interrupt-driven tasks — Helpdesk tasks.

Network Maintenance Models:
FCAPS — Fault, Configuration, Accounting, Performance and Security management.
ITIL — IT Infrastructure Library is a series of books and checklists published by the UK Government that a company can modify to it’s needs.
TMN — The Telecommunications Management Network includes is the ITU-T version of the FCAPS model, it includes Business, Service, Network and Element management.
Cisco Lifecycle Services — Phases are Prepare, Plan, Design, Implement, Operate, Optimize.

Routine Maintenance Tasks:
Configuration changes
Hardware replacement
Scheduled backups
Software updates
Network performance monitoring

Change Management Issues:
Responsibility, who owns what processes.
Define scheduled maintenance tasks.
Change procedures to follow.
Documentation, who is responsible.
Rollback plan, what happens when a change goes south.

Documentation: — Network documentation is one of the most important tasks a network administrator does. (My opinion, not out of the book.)

Logical topology diagram — shows network interconnects and protocols
Physical topology diagram — shows physical layout and interconnects
Listing of interconnections — device and port connections with circuit IDs
Inventory of network equipment — manufacturer, serial number, model number software version
IP address assignment — describe the network numbering scheme
Configuration information — copies of current and past configurations
Original design documentation — why the network was designed that way

Troubleshooting Aids:
The terminal when logged in remotely does not display console messages by default. Use the term mon command to see messages.

Logging levels:
The logging levels listed below are the same for if you are logging console or logging buffered:

  <0-7>          Logging severity level
  emergencies    System is unusable                (severity=0)
  alerts         Immediate action needed           (severity=1)
  critical       Critical conditions               (severity=2)
  errors         Error conditions                  (severity=3)
  warnings       Warning conditions                (severity=4)
  notifications  Normal but significant conditions (severity=5)
  informational  Informational messages            (severity=6)
  debugging      Debugging messages                (severity=7)
  filtered       Enable filtered logging
  guaranteed     Guarantee console messages
  xml            Enable logging in XML
  <cr>

It’s always good to be able to correlate logs with the correct time, use NTP to synchronize clocks across the domain:

R4#sh clock
.12:00:10.263 UTC Fri Jan 1 1993
R4#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R4(config)#clock timezone CDT -6
R4(config)#
.Jan  1 12:00:40.687: %SYS-6-CLOCKUPDATE: System clock has been updated from 12:00:40 UTC Fri Jan 1 1993 to 06:00:40 CDT Fri Jan 1 1993, configured from console by console.
R4(config)#ntp server 10.2.2.10
R4(config)#exit
R4#sh clock
17:38:51.397 CDT Thu Mar 18 2010

And if you log remotely:

logging facility local6
logging host 10.2.2.10

Backup Tools:
At the Circus we use rancid with SVN to back up our Cisco and ProCurve devices. I never knew about the archive command, however, I still believe rancid is the better tool, with SVN it will email you diffs, set it up with tacacs+ and you know who made what changes and can be notified by email.

Let’s explore some Cisco backup options.

For standard ftp backup:

R4#sh run | inc \ ftp
ip ftp username ftpuser
ip ftp password ftppass

And ftp in action:

R4#copy start ftp://10.2.2.10
Address or name of remote host [10.2.2.10]?  
Destination filename [r4-confg]? 
Writing r4-confg !
1977 bytes copied in 0.076 secs (26013 bytes/sec)

The archive command. I have it set to archive every 60 minutes and every time I write memory:

R4#sh run | sect arch
archive
 path tftp://10.2.2.10/Archives/r4.arch
 write-memory
 time-period 60

The archive command in action, when I archive from the command line, it writes r4.arch-29 and when I wri mem it archives r4.arch-30.

R4#archive confi
!!
R4#sh arch
The next archive file will be named tftp://10.2.2.10/Archives/r4.arch-30
 Archive #  Name
   0       tftp://10.2.2.10/Archives/r4.arch-15 
   1       tftp://10.2.2.10/Archives/r4.arch-16 
   2       tftp://10.2.2.10/Archives/r4.arch-17 
   3       tftp://10.2.2.10/Archives/r4.arch-18 
   4       tftp://10.2.2.10/Archives/r4.arch-19 
   5       tftp://10.2.2.10/Archives/r4.arch-20 
   6       tftp://10.2.2.10/Archives/r4.arch-21 
   7       tftp://10.2.2.10/Archives/r4.arch-22 
   8       tftp6://10.2.2.10/Archives/r4.arch-23 
   9       tftp://10.2.2.10/Archives/r4.arch-24 
   10       tftp://10.2.2.10/Archives/r4.arch-25 
   11       tftp://10.2.2.10/Archives/r4.arch-26 
   12       tftp://10.2.2.10/Archives/r4.arch-27 
   13       tftp://10.2.2.10/Archives/r4.arch-28 
   14       tftp://10.2.2.10/Archives/r4.arch-29 <- Most Recent
R4#wri me
Building configuration...
[OK]!!
R4#sh arch
The next archive file will be named tftp://10.2.2.10/Archives/r4.arch-31
 Archive #  Name
   0       tftp://10.2.2.10/Archives/r4.arch-30 <- Most Recent
   1       tftp://10.2.2.10/Archives/r4.arch-16 
   2       tftp://10.2.2.10/Archives/r4.arch-17 
   3       tftp://10.2.2.10/Archives/r4.arch-18 
   4       tftp://10.2.2.10/Archives/r4.arch-19 
   5       tftp://10.2.2.10/Archives/r4.arch-20 
   6       tftp://10.2.2.10/Archives/r4.arch-21 
   7       tftp://10.2.2.10/Archives/r4.arch-22 
   8       tftp://10.2.2.10/Archives/r4.arch-23 
   9       tftp://10.2.2.10/Archives/r4.arch-24 
   10       tftp://10.2.2.10/Archives/r4.arch-25 
   11       tftp://10.2.2.10/Archives/r4.arch-26 
   12       tftp://10.2.2.10/Archives/r4.arch-27 
   13       tftp://10.2.2.10/Archives/r4.arch-28 
   14       tftp://10.2.2.10/Archives/r4.arch-29 
R4#

Both the archive and ftp sections of the R4 config:

R4#sh run | sect ftp|arch
archive
 path tftp://10.2.2.10/Archives/r4.arch
 write-memory
 time-period 60
ip ftp username ftpuser
ip ftp password ftppass

And to restore the running config from backup use the configure replace command:

R4#config repla tftp://10.2.2.10/Archives/r4.arch-30
This will apply all necessary additions and deletions
to replace the current running configuration with the
contents of the specified configuration file, which is
assumed to be a complete configuration, not a partial
configuration. Enter Y if you are sure you want to proceed. ? [no]: y
Loading Archives/r4.arch-30 from 10.2.2.10 (via FastEthernet0/1): !
[OK - 2039 bytes]

Total number of passes: 0
Rollback Done

R4#
*Mar 18 18:11:22.354: Rollback:Acquired Configuration lock.
R4#
This entry was posted in Routing. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s