Skip to content
the broadcast

networking, computing, virtualization, automation

WAN

Automated RMON Alarm/Event-configuration for class-based QoS-Monitoring using NAPALM

2017-12-05
By: ron
On: 2017-12-05
In: automation
With: 0 Comments

In Configure RMON Alarms&Events by script I’ve shown a short python-algorithm to to discover all Cisco class-based QoS (cbQoS) packet-/drop-counters and to generate RMON-alarms for each. The router monitors these counters every 300s, calculates the delta for the interval and raises RMON-events when there were packets/drops or when the have been before but not anymore. This RMON-event has been configured as an syslog-message to an syslog-receiver etc. The existing script just generated a list of cli-commands which had to be entered manually to the router-config. Not a valid aproach when having hundreds devices to be configured. Now i want the script to automatically configure theRead More →

QoS Monitoring: Watch the Queues!?

2017-11-23
By: ron
On: 2017-11-23
In: automation
With: 0 Comments

Stop frequent polling of everything, please! Last week I had to troubleshoot a network of a customer which was overwhelmed with SNMP-Queries – it wasn’t the first one. All Switch- and Router-CPUs have been at high level, since every tiny counter was polled at high rate. To provide real-time graphs to the top-level-management. Which hopefully don’t waste time to watch these colourful pictures all day for entertainment purposes. Doesn’t anybody remember RMON? Years ago I’ve been teaching routing&switching-classes as a full-time Cisco/BayNetworks/Fluke-instructor, and in every switching class there was a brief explanation about SNMP. And about RMON. RFC2819 – RMON (Remote Network Monitoring) MIB 4Read More →

WAN MACsec – Encrypting Ethernet-Frames in the WAN

2017-11-15
By: ron
On: 2017-11-15
In: wan
With: 0 Comments

Not talking about ATM, PPP, HDLC, Frame Relay WAN. Ethernet is the new WAN. Sometimes you need an easy to use encryption, which is just added to a Link between two devices – and you don’t want to invent IPSec-VPNs which at least add complexity to the design. MACsec solved this problem bringing absolutely transparent encryption, but – since MACsec-Sessions are sent to a „link-local“ ethernet destination address (01-80-c2-00-00-03) they aren’t allowed to be forwarded by any device. A typical „non-dark-fiber“ WAN-Link can’t be encrypted using MACsec. http://www.ieee802.org/1/files/public/docs2013/ae-seaman-macsec-hops-0213-v02.pdf discussed years ago the elegant technical solution. Years later these thoughts are moving into production: Cisco inventedRead More →

Kategorien

  • AI
  • automation
  • awayfromevernote
  • AWS
  • Azure
  • Certification
  • client
  • Cloud
  • Development
  • homelab
  • linux
  • pub
  • Scripting
  • stupid defaults
  • Uncategorized
  • wan
  • Windows

Neueste Beiträge

  • Cisco UCS – set SSH idle-timeout
  • IPv4 Documentation Address-Blocks
  • Refresh ENVironment Variables
  • Windows Client Setup: Disable Teredo/ISATAP
  • Cloud-Init for VMs in private and public Clouds

Schlagwörter

AI Ansible Automation AWS Azure bestpractice chrome Cisco Cloud Code COM Controller cot CSR1000v Ethernet Firefox hsts Hyperconverged KVM Lab Linux Monitoring MTU NAPALM Nested nexus nxos PowerShell Proactive productivity PuTTY Python QoS Scapy Scripting Security Terraform todo UCSD Virtualization Visio VMware WAN Windows Wordpress

Impressum

Impressum

Designed using Dispatch. Powered by WordPress.