By:
On:
In: automation
With: 0 Comments

In Configure RMON Alarms&Events by script I’ve shown a short python-algorithm to to discover all Cisco class-based QoS (cbQoS) packet-/drop-counters and to generate RMON-alarms for each. The router monitors these counters every 300s, calculates the delta for the interval and raises RMON-events when there were packets/drops or when the have been before but not anymore. This RMON-event has been configured as an syslog-message to an syslog-receiver etc. The existing script just generated a list of cli-commands which had to be entered manually to the router-config. Not a valid aproach when having hundreds devices to be configured. Now i want the script to automatically configure theRead More →

By:
On:
In: automation
With: 0 Comments

Stop frequent polling of everything, please! Last week I had to troubleshoot a network of a customer which was overwhelmed with SNMP-Queries – it wasn’t the first one. All Switch- and Router-CPUs have been at high level, since every tiny counter was polled at high rate. To provide real-time graphs to the top-level-management. Which hopefully don’t waste time to watch these colourful pictures all day for entertainment purposes. Doesn’t anybody remember RMON? Years ago I’ve been teaching routing&switching-classes as a full-time Cisco/BayNetworks/Fluke-instructor, and in every switching class there was a brief explanation about SNMP. And about RMON. RFC2819 – RMON (Remote Network Monitoring) MIB 4Read More →

By:
On:
In: wan
With: 0 Comments

Not talking about ATM, PPP, HDLC, Frame Relay WAN. Ethernet is the new WAN. Sometimes you need an easy to use encryption, which is just added to a Link between two devices – and you don’t want to invent IPSec-VPNs which at least add complexity to the design. MACsec solved this problem bringing absolutely transparent encryption, but – since MACsec-Sessions are sent to a „link-local“ ethernet destination address (01-80-c2-00-00-03) they aren’t allowed to be forwarded by any device. A typical „non-dark-fiber“ WAN-Link can’t be encrypted using MACsec. http://www.ieee802.org/1/files/public/docs2013/ae-seaman-macsec-hops-0213-v02.pdf discussed years ago the elegant technical solution. Years later these thoughts are moving into production: Cisco inventedRead More →