I am going to admit that I have not been studying for the TSHOOT exam very diligently. In my mind it is a topic that we deal with on a daily basis and what could the book teach me. (sarcasm) They gave us the topology, if you understand it like your own network what more could they want? Well, I read the first few chapters and learned some new commands. Now I’m going back to start over, this time typing up notes like I did for the ONT. It keeps me headed in the right direction because other people can see my progress and that motivation keeps me on task.
The first chapter has been a struggle because it is not interesting. These notes are just me struggling through, trying not to fall asleep or get side tracked… oh look there’s a new article on slashdot…
Two network maintenance categories:
Structured tasks — Planned tasks.
Interrupt-driven tasks — Helpdesk tasks.
Network Maintenance Models:
FCAPS — Fault, Configuration, Accounting, Performance and Security management.
ITIL — IT Infrastructure Library is a series of books and checklists published by the UK Government that a company can modify to it’s needs.
TMN — The Telecommunications Management Network includes is the ITU-T version of the FCAPS model, it includes Business, Service, Network and Element management.
Cisco Lifecycle Services — Phases are Prepare, Plan, Design, Implement, Operate, Optimize.
Routine Maintenance Tasks:
Network performance monitoring
Change Management Issues:
Responsibility, who owns what processes.
Define scheduled maintenance tasks.
Change procedures to follow.
Documentation, who is responsible.
Rollback plan, what happens when a change goes south.
Documentation: — Network documentation is one of the most important tasks a network administrator does. (My opinion, not out of the book.)
Logical topology diagram — shows network interconnects and protocols
Physical topology diagram — shows physical layout and interconnects
Listing of interconnections — device and port connections with circuit IDs
Inventory of network equipment — manufacturer, serial number, model number software version
IP address assignment — describe the network numbering scheme
Configuration information — copies of current and past configurations
Original design documentation — why the network was designed that way
The terminal when logged in remotely does not display console messages by default. Use the term mon command to see messages.
The logging levels listed below are the same for if you are logging console or logging buffered:
<0-7> Logging severity level emergencies System is unusable (severity=0) alerts Immediate action needed (severity=1) critical Critical conditions (severity=2) errors Error conditions (severity=3) warnings Warning conditions (severity=4) notifications Normal but significant conditions (severity=5) informational Informational messages (severity=6) debugging Debugging messages (severity=7) filtered Enable filtered logging guaranteed Guarantee console messages xml Enable logging in XML <cr>
It’s always good to be able to correlate logs with the correct time, use NTP to synchronize clocks across the domain:
R4#sh clock .12:00:10.263 UTC Fri Jan 1 1993 R4#conf t Enter configuration commands, one per line. End with CNTL/Z. R4(config)#clock timezone CDT -6 R4(config)# .Jan 1 12:00:40.687: %SYS-6-CLOCKUPDATE: System clock has been updated from 12:00:40 UTC Fri Jan 1 1993 to 06:00:40 CDT Fri Jan 1 1993, configured from console by console. R4(config)#ntp server 10.2.2.10 R4(config)#exit R4#sh clock 17:38:51.397 CDT Thu Mar 18 2010
And if you log remotely:
logging facility local6 logging host 10.2.2.10
At the Circus we use rancid with SVN to back up our Cisco and ProCurve devices. I never knew about the archive command, however, I still believe rancid is the better tool, with SVN it will email you diffs, set it up with tacacs+ and you know who made what changes and can be notified by email.
Let’s explore some Cisco backup options.
For standard ftp backup:
R4#sh run | inc \ ftp ip ftp username ftpuser ip ftp password ftppass
And ftp in action:
R4#copy start ftp://10.2.2.10 Address or name of remote host [10.2.2.10]? Destination filename [r4-confg]? Writing r4-confg ! 1977 bytes copied in 0.076 secs (26013 bytes/sec)
The archive command. I have it set to archive every 60 minutes and every time I write memory:
R4#sh run | sect arch archive path tftp://10.2.2.10/Archives/r4.arch write-memory time-period 60
The archive command in action, when I archive from the command line, it writes r4.arch-29 and when I wri mem it archives r4.arch-30.
R4#archive confi !! R4#sh arch The next archive file will be named tftp://10.2.2.10/Archives/r4.arch-30 Archive # Name 0 tftp://10.2.2.10/Archives/r4.arch-15 1 tftp://10.2.2.10/Archives/r4.arch-16 2 tftp://10.2.2.10/Archives/r4.arch-17 3 tftp://10.2.2.10/Archives/r4.arch-18 4 tftp://10.2.2.10/Archives/r4.arch-19 5 tftp://10.2.2.10/Archives/r4.arch-20 6 tftp://10.2.2.10/Archives/r4.arch-21 7 tftp://10.2.2.10/Archives/r4.arch-22 8 tftp6://10.2.2.10/Archives/r4.arch-23 9 tftp://10.2.2.10/Archives/r4.arch-24 10 tftp://10.2.2.10/Archives/r4.arch-25 11 tftp://10.2.2.10/Archives/r4.arch-26 12 tftp://10.2.2.10/Archives/r4.arch-27 13 tftp://10.2.2.10/Archives/r4.arch-28 14 tftp://10.2.2.10/Archives/r4.arch-29 <- Most Recent R4#wri me Building configuration... [OK]!! R4#sh arch The next archive file will be named tftp://10.2.2.10/Archives/r4.arch-31 Archive # Name 0 tftp://10.2.2.10/Archives/r4.arch-30 <- Most Recent 1 tftp://10.2.2.10/Archives/r4.arch-16 2 tftp://10.2.2.10/Archives/r4.arch-17 3 tftp://10.2.2.10/Archives/r4.arch-18 4 tftp://10.2.2.10/Archives/r4.arch-19 5 tftp://10.2.2.10/Archives/r4.arch-20 6 tftp://10.2.2.10/Archives/r4.arch-21 7 tftp://10.2.2.10/Archives/r4.arch-22 8 tftp://10.2.2.10/Archives/r4.arch-23 9 tftp://10.2.2.10/Archives/r4.arch-24 10 tftp://10.2.2.10/Archives/r4.arch-25 11 tftp://10.2.2.10/Archives/r4.arch-26 12 tftp://10.2.2.10/Archives/r4.arch-27 13 tftp://10.2.2.10/Archives/r4.arch-28 14 tftp://10.2.2.10/Archives/r4.arch-29 R4#
Both the archive and ftp sections of the R4 config:
R4#sh run | sect ftp|arch archive path tftp://10.2.2.10/Archives/r4.arch write-memory time-period 60 ip ftp username ftpuser ip ftp password ftppass
And to restore the running config from backup use the configure replace command:
R4#config repla tftp://10.2.2.10/Archives/r4.arch-30 This will apply all necessary additions and deletions to replace the current running configuration with the contents of the specified configuration file, which is assumed to be a complete configuration, not a partial configuration. Enter Y if you are sure you want to proceed. ? [no]: y Loading Archives/r4.arch-30 from 10.2.2.10 (via FastEthernet0/1): ! [OK - 2039 bytes] Total number of passes: 0 Rollback Done R4# *Mar 18 18:11:22.354: Rollback:Acquired Configuration lock. R4#