By:
On:
In: wan
With: 0 Comments

My apprehension – a weird nightmare of having to shutdown the router, add the nic and boot the router again – proved wrong. vNIC Hot-Add is supported for VMware ESXi, Citrix XenServer and KVM Not for Hyper-V, Azure, AWS today. Cisco: Virtual Machine Requirements …up to 10 vNICs for ESXi btw. Starting with three default-interfaces select the VM go to „Edit Settings“ Next, Next, Finish be patient …Hot-Remove is supported only using a special „two-step“ strategyRead More →

By:
On:
In: automation
With: 0 Comments

Is this SDN (Software defined Networking)? I think so! I really love to provision new Cisco CSR1000v lab-routers without the need to do everything manually in the graphical user interface. It’s possible to provision production-routers, too, of course: Just add your license-information to leave the 100Kbps-limit behind (which is no handicap for normal lab-usage). The Common OVF Tool (COT) (Documentation) enables me to do this by injecting an initial startup-configuration into the cisco-provided OVA-file before deploying it to an ESXi-host. Interactive Cisco CLI-Commands possible And, even better, the Cisco CSR1000V allows interactive CLI-commands within the injected configuration: building new bootflash-directories, creating a SSH-key. Injecting theRead More →

By:
On:
In: automation
With: 0 Comments

In Configure RMON Alarms&Events by script I’ve shown a short python-algorithm to to discover all Cisco class-based QoS (cbQoS) packet-/drop-counters and to generate RMON-alarms for each. The router monitors these counters every 300s, calculates the delta for the interval and raises RMON-events when there were packets/drops or when the have been before but not anymore. This RMON-event has been configured as an syslog-message to an syslog-receiver etc. The existing script just generated a list of cli-commands which had to be entered manually to the router-config. Not a valid aproach when having hundreds devices to be configured. Now i want the script to automatically configure theRead More →

By:
On:
In: automation
With: 0 Comments

Since I still want to build a centralized solution for automated configuration of RMON-alarms to monitor Cisco cbQoS-packet/drop-counters a solution to retrieve and modify device configurations was needed. The NAPALM (Network Automation and Programmability Abstraction Layer with Multivendor support) Framework seems to provide the required features. NAPALM Installation Some NAPALM-IOS dependencies have to be fulfilled first. The „partial installation“ seems to be not working anymore, the full installation uses some KB more ressources, not worth to think about the partial installation… IOS Preperation To allow remote-access to the centralized NAPALM server these features need to be enabled in each IOS device: Remote-Access via SSH, SCPRead More →

By:
On:
In: automation
With: 0 Comments

Works out of the box. if you’re fine with AES128-Encryption. AES256 might not be a requirement in all cases, but having the opportunity to choose seems to be not absolutely absurd in 2017… Good news: The NetSNMP-AES192/256-patch is on the way. EasySNMP installation and usage I’d like to refer to Linux: SNMP with Python for the basics. IOS-Config: VIEW/GROUP/USER Take the opportunity and leverage SMP-Views to limit access to several SNMP-OIDs. EasySNMP: „Session“-Object with SNMPv3-Credentials Find the official docs here: EasySNMP Session-API Security level could be: no_auth_or_privacy If you want to use the user-based authentication without need for security auth_without_privacy Authentication only might be „goodRead More →

By:
On:
In: linux
With: 0 Comments

Sometimes I need a lightweight straight-forward toolset to provision, modify or delete vSphere-Objects. Installation was a nightmare in former times, but vSphere CLI Release 6.5 works with Ubuntu server 16.04.3 LTS „out of the box“. And – it’s compatible with ESXi 6.0 hosts. (don’t waste time trying to install vSphere CLI Release 6.0 on a current Linux Server) Consider the docs: vSphere CLI Documentation VMware [Code] vSphere-CLI 6.5 Download the 64-bit Archive Use the vmware-search or Google… „Download VMware vSphere Command Line Interface 6.5“ might be a promising query. I downloaded VMware-vSphere-CLI-6.5.0-4566394.x86_64.tar.gz using my Windows Machine. Transfer the Archive to the Linux-VM using SCP SinceRead More →

By:
On:
In: automation
With: 0 Comments

Getting back to the original task.. Use a script on a centralized Controller-VM to figure out for which SNMP-OID RMON-Alarms should get configured Get all current QoS-Drop-Counters, check the traffic-direction to monitor only outbount-queues, generate RMON-Alarms. Example Output: Todo: Verify existing RMON-Alarm/Event-Configuration at the device Todo: Push the config automatically to the deviceRead More →

By:
On:
In: automation
With: 0 Comments

Today I’ll show how retrieve additional details from already discoverd QoS-Counters. They are mostly descriptive, for human eyes. The „Traffic-Direction“-Attribute might be relevant since in most cases only outbound drop-counters might be interesting, so the discovered list of OIDs could get filtered to process only those outbound OIDs. Refresh: Retrieve all „QoS Packet-Counters“ There are two Policy-Objects #P: Policy #18 Policy #34 Both Policy-Objects contain three Traffic-Classes #Q: Class #65535 Class #131072 Class #196608 Attributes of a bound Policy #P Each Policy has at least two attributes: Interface-Type of the Policy (5 : CoPP) 1:mainInterface 2:subInterface 3:frDLCI 4:atmPVC 5:controlPlane 6:vlanPort 7:evc Traffic-Direction 1:input 2:output InterfaceRead More →

By:
On:
In: automation
With: 0 Comments

Discover the OIDs representing the counter-values of all active traffic-classes Ciscos „SNMP Object Navigator“ (http://mibs.cloudapps.cisco.com/ITDIT/MIBS/servlet/index) is our friend to get the base-OID when you know the name of the MIB: Object-NAME <=> Object-ID (OID) „cbQosCMStatsEntry“ <=> „1.3.6.1.4.1.9.9.166.1.15.1.1“ Each object is a set of all counters from „show policy-map interface“-command, the Object Navigator documents the ID of these counters, too.Read More →

By:
On:
In: automation
With: 0 Comments

RMON Refresher Think about this given Router-Configuration: Three Queues at interface Gig1: CM_VOIP_RTP CM_VOIP_CTRL class-default with per-Queue-Statistics: Packet counters Drop-counters etc. In these first examples, i don’t want to wait for queue-drops, i’ll just generate DSCP=EF-Traffic by the ping-command and watch the Queue-Packet-Counters, not Drops. Configure RMON Alarms and Events I’ll add two RMON-Events event #10 = rising-threshold – in my example: >1 Packet has been dropped forwarded event #11 = the falling-threshold – no packets have been… Than, instruct the Router to have a look at a QoS-counter: In the upcoming post I’ll discover the RMON-MIB to illustrate where the „enterprise.9….65536“-Parameter comes from. ThisRead More →