Powered by Blogger.
Home » Posts filed under GNS3
Showing posts with label GNS3. Show all posts
Showing posts with label GNS3. Show all posts

SNMP: Simple Network Management Protocol

Posted by Unknown Saturday, April 27, 2013 1 comment

SNMP: Simple Network Management Protocol

SNMP is used for monitoring of network devices, collects logs and health statistics of different device nodes. SNMP data can be collected on a centralized NMS (Network Management System), the collected data can be plotted for a better representation of the overall network health. SNMP collects all of its data via SNMP Pooling and SNMP traps. Some famous SNMP supported NMSs are IBM Tivoli, PRTG and MRTG grapher. Many free SNMP based software is also available in the open source community.

Quick Facts about SNMP:
  • SNMP Poll uses UDP 161
  • SNMP Trap uses UDP 162
  • SNMPv3 allows username authentication and packet encryption
  • SNMP Inform requires packet acknowledgement, while SNMP Trap does not
  • SNMP versions: SNMPv1, SNMPv2c & SNMPv3
SNMP Configuration in GNS3

Suppose, we are setting in a NOC (Network Operations Center). Our network is up and running, our task is to configure an SNMP based NMS to monitor our Core Network Router (R1), which is critical for our network operations. We are using a very popular NMS, known as PRTG (Packet router traffic Grapher). PRTG is a very popular used NMS, very good, efficient and excellent graphical interface, which gives us a very remarkable view of our critical network elements.

The simple flow of the topology is as follows:

A 2691 router is connected to a cloud (in GNS3, Cloud is used to connect the router to our PC physical interface). PRTG NMS has been configured on PC1 (local host). The topology is given below:


The IPs used:

  • Fast Ethernet 0/0 ( R1) : 192.168.0.99/24
  • NMS PC1 IP : 192.168.0.100/24
SNMP enabled via the following commands on R1:

We need to configure a community string (community string is a sort of snmp password) for our snmp server on the router, in our case as we are using community string “PRTG” (using PRTG as the community string for simplicity):

snmp-server community PRTG RW

Above command, simply means that we have enabled PRTG as a password for our snmp-server. You need to use this password while configuring the SNMP settings on your NMS, in our case its PRTG. In the next step we are going to set our SNMP server host address:











Host means our SNMP server IP address, in our case it is: 192.168.0.101/24.

And you can also select which version of SNMP you want to use by:











We have done our configuration on PRTG server and have enabled the monitoring of Fast Ethernet 0/0 interface of R1. The NMS output can be shown as:



In the above example we have configured our NMS to monitor R1 Health and R1 Fast Ethernet 0/0 interface status. The sample outputs from NMS are:




Some more amazing graphs:



All the logs related to our above simple network are maintained:




SNMP Packets:

To check SNMP in action, we can use: debug snmp packets command. The sample debug output for above network is:




SNMP is the most interesting topic to study and configure, you can download many propriety and open source SNMP based NMS tools from internet to experiment with.

Shah Hussain (c) 






GLBP Part II + Practical implementation

Posted by Unknown Saturday, March 23, 2013 0 comments
GLBP Configurations:


We will use GNS3 to implement GLBP. We are using two hosts with same default gateway. Our configuration check list is:
  • Basic GLBP Configuration
  • GLBP priority and preempt
  • GLBP MD5 authentication
  • GLBP Load Balancing Method
  • AVG and AVF Failover
  • GLBP Packet Analysis

We are using the following GNS3 topology:


We are using R1 and R2 to simulate our hosts in GNS3. The configuration on both these routers is:
R1(HostA)

R1#show running-config interface fastEthernet 0/0
Building configuration...

Current configuration : 96 bytes
!
interface FastEthernet0/0
 ip address 192.168.1.1 255.255.255.0
 duplex auto
 speed auto
end

and a static route is define to point it to our default-gateway: 192.168.1.10

R1#show ip route static
S*   0.0.0.0/0 [1/0] via 192.168.1.10





Same sort of configuration is done on R2(HostB) too:

R2#show running-config interface fastEthernet 0/0
Building configuration...

Current configuration : 96 bytes
!
interface FastEthernet0/0
 ip address 192.168.1.2 255.255.255.0
 duplex auto
 speed auto
end

R2#show ip route static
S*   0.0.0.0/0 [1/0] via 192.168.1.10

R3 and R4 are our Gateways on which we will load balance the traffic and create redundancy using GLBP. Please note EIGRP is configured as routing protocol with AS # 4 on R3-R4-R5. In the next step we will enable GLBP on Fast Ethernet 0/0 interface of R3 and R4. The configuration done on each router interface is as follow:

R3#show running-config interface fastEthernet 0/0
Building configuration...

Current configuration : 283 bytes
!
interface FastEthernet0/0
 mac-address 0033.3333.3333
 ip address 192.168.1.3 255.255.255.0
 duplex auto
 speed auto
 glbp 4 ip 192.168.1.10
 glbp 4 priority 120
 glbp 4 preempt
 glbp 4 weighting 6
 glbp 4 load-balancing weighted
 glbp 4 authentication md5 key-string shah123
end

The routing configuration on R3 is as follow:

R3#show ip route eigrp
D    10.0.0.0/8 [90/409600] via 192.168.3.5, 00:09:27, FastEthernet0/1
D    192.168.2.0/24 [90/307200] via 192.168.3.5, 00:09:27, FastEthernet0/1
                    [90/307200] via 192.168.1.4, 00:09:27, FastEthernet0/0

R3#show ip route
Output ommited
Gateway of last resort is not set
D    10.0.0.0/8 [90/409600] via 192.168.3.5, 00:09:35, FastEthernet0/1
C    192.168.1.0/24 is directly connected, FastEthernet0/0
D    192.168.2.0/24 [90/307200] via 192.168.3.5, 00:09:35, FastEthernet0/1
                    [90/307200] via 192.168.1.4, 00:09:35, FastEthernet0/0
C    192.168.3.0/24 is directly connected, FastEthernet0/1

As you can see GLBP group number 4 is configured on R3 with virtual gateway IP : 192.168.1.10. The priority is set to 120, as we want to make this router AVG ( Active Virtual Gateway), authentication and load balancing also adjusted. We can create various type of load balancing but here we are using weighting. The configurations on R4 are almost same, but we have given a little bit low priority number to this gateway as we would like to make it GLBP Virtual Forwarder. The configurations are as follow:

R4#show running-config interface fastEthernet 0/0
Building configuration...

Current configuration : 283 bytes
!
interface FastEthernet0/0
 mac-address 0044.4444.4444
 ip address 192.168.1.4 255.255.255.0
 duplex auto
 speed auto
 glbp 4 ip 192.168.1.10
 glbp 4 priority 110
 glbp 4 preempt
 glbp 4 weighting 7
 glbp 4 load-balancing weighted
 glbp 4 authentication md5 key-string shah123
end

R4#show ip route eigrp
D    10.0.0.0/8 [90/409600] via 192.168.2.5, 00:16:45, FastEthernet0/1
D    192.168.3.0/24 [90/307200] via 192.168.2.5, 00:16:45, FastEthernet0/1
                    [90/307200] via 192.168.1.3, 00:16:45, FastEthernet0/0

R4#show ip route
Output omitted.

Gateway of last resort is not set

D    10.0.0.0/8 [90/409600] via 192.168.2.5, 00:17:10, FastEthernet0/1
C    192.168.1.0/24 is directly connected, FastEthernet0/0
C    192.168.2.0/24 is directly connected, FastEthernet0/1
D    192.168.3.0/24 [90/307200] via 192.168.2.5, 00:17:10, FastEthernet0/1
                    [90/307200] via 192.168.1.3, 00:17:10, FastEthernet0/0

The configuration on our last router, R5, on which we will create a loop back 5 interface to test ping it from R1 and R2 to check our GLBP load balancing and redundancy, is:

R5#show ip route
Gateway of last resort is not set

     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       10.0.0.0/24 is directly connected, Loopback5
D       10.0.0.0/8 is a summary, 00:31:59, Null0
D    192.168.1.0/24 [90/307200] via 192.168.3.3, 00:19:12, FastEthernet0/0
                    [90/307200] via 192.168.2.4, 00:19:12, FastEthernet0/1
C    192.168.2.0/24 is directly connected, FastEthernet0/1
C    192.168.3.0/24 is directly connected, FastEthernet0/0



And we are done! Now we are good to go, we can check the GLBP and verify it via the following commands:
R4#show glbp
FastEthernet0/0 - Group 4
  State is Standby
    3 state changes, last state change 00:20:20
  Virtual IP address is 192.168.1.10
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.904 secs
  Redirect time 600 sec, forwarder time-out 14400 sec
  Authentication MD5, key-string "shah123"
  Preemption enabled, min delay 0 sec
  Active is 192.168.1.3, priority 120 (expires in 8.472 sec)
  Standby is local
  Priority 110 (configured)
  Weighting 7 (configured 7), thresholds: lower 1, upper 7
  Load balancing: weighted
  Group members:
    0033.3333.3333 (192.168.1.3) authenticated
    0044.4444.4444 (192.168.1.4) local
  There are 2 forwarders (1 active)
  Forwarder 1  ---------------  >Active virtual Gatway
    State is Listen
    MAC address is 0007.b400.0401 (learnt)
    Owner ID is 0033.3333.3333
    Time to live: 14398.476 sec (maximum 14400 sec)
    Preemption enabled, min delay 30 sec
    Active is 192.168.1.3 (primary), weighting 6 (expires in 9.976 sec)
  Forwarder 2 ----------------- > GLBP virtual Forwarder
    State is Active
      3 state changes, last state change 00:20:03
    MAC address is 0007.b400.0402 (default)
    Owner ID is 0044.4444.4444
    Preemption enabled, min delay 30 sec
    Active is local, weighting 7

And the output of the same command on R3 is as:

R3#show glbp
FastEthernet0/0 - Group 4
  State is Active
    2 state changes, last state change 00:30:01
  Virtual IP address is 192.168.1.10
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.568 secs
  Redirect time 600 sec, forwarder time-out 14400 sec
  Authentication MD5, key-string "shah123"
  Preemption enabled, min delay 0 sec
  Active is local
  Standby is 192.168.1.4, priority 110 (expires in 8.052 sec)
  Priority 120 (configured)
  Weighting 6 (configured 6), thresholds: lower 1, upper 6
  Load balancing: weighted
  Group members:
    0033.3333.3333 (192.168.1.3) local
    0044.4444.4444 (192.168.1.4) authenticated
  There are 2 forwarders (1 active)
  Forwarder 1
    State is Active
      1 state change, last state change 00:29:51
    MAC address is 0007.b400.0401 (default)
    Owner ID is 0033.3333.3333
    Redirection enabled
    Preemption enabled, min delay 30 sec
    Active is local, weighting 6
    Arp replies sent: 1
  Forwarder 2
    State is Listen
      2 state changes, last state change 00:24:42
    MAC address is 0007.b400.0402 (learnt)
    Owner ID is 0044.4444.4444
    Redirection enabled, 599.216 sec remaining (maximum 600 sec)
    Time to live: 14399.212 sec (maximum 14400 sec)
    Preemption enabled, min delay 30 sec
    Active is 192.168.1.4 (primary), weighting 7 (expires in 9.208 sec)
    Arp replies sent: 2

to see our GLBP in action, we issue a ping from Host A ( R1) to 10.0.0.4 loopback interface on R5, arp debugging has been enabled on Host A to check GLBP in action. Here is the output:

R1#ping 10.0.0.4

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:

*Mar  1 00:47:57.511: IP ARP: creating incomplete entry for IP address: 192.168.1.10 interface FastEthernet0/0
*Mar  1 00:47:57.515: IP ARP: sent req src 192.168.1.1 c001.17a4.0000,
                 dst 192.168.1.10 0000.0000.0000 FastEthernet0/0
*Mar  1 00:47:57.547: IP ARP: rcvd rep src 192.168.1.10 0007.b400.0402, dst 192.168.1.1 FastEthernet0/0.
*Mar  1 00:47:59.591: IP ARP: rcvd req src 192.168.1.4 0044.4444.4444, dst 192.168.1.1 FastEthernet0/0
*Mar  1 00:47:59.595: IP ARP: creating entry for IP address: 192.168.1.4, hw: 0044.4444.4444
*Mar  1 00:47:59.599: IP ARP: sent rep src 192.168.1.1 c001.17a4.0000,
                 dst 192.168.1.4 0044.4444.4444 FastEthernet0/0.!!!
Success rate is 60 percent (3/5), round-trip min/avg/max = 28/42/56 ms

R1#show ip arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.1.10           36   0007.b400.0402  ARPA   FastEthernet0/0

R1#traceroute 10.0.0.4

Type escape sequence to abort.
Tracing the route to 10.0.0.4

  1 192.168.1.4 28 msec 36 msec 20 msec ---- > R4 Fast Ethernet 0/0 interface for outgoing packet
  2 192.168.2.5 40 msec *  40 msec

That is great! Our new gateway has been resolved by host A while communicating with R5 loopback interface (10.0.0.4). Okay we have confirmed that our GLBP is working great virtual MAC and IP assignment is working perfectly. Now if we want to check whether redundancy is working or not, we can do the following, we will disable the Fast Ethernet 0/0 interface on R4, and check if R3 is taking its place or not:
R1#ping 10.0.0.4 repeat 2000

Type escape sequence to abort.
Sending 2000, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.....!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.
Success rate is 99 percent (730/736), round-trip min/avg/max = 8/34/112

During the above highlighted instance Interface Fast Ethernet 0/0 was shut down on R4 and the traffic was shifted after a minor glitch to R3, as can be seen from below output:

R1#show ip arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.1.10            0   0007.b400.0401  ARPA   FastEthernet0/0
Internet  192.168.1.1             -   c001.17a4.0000  ARPA   FastEthernet0/0
Internet  192.168.1.3             0   0033.3333.3333  ARPA   FastEthernet0/0

As you can the virtual MAC address corresponding to Virtual GW (192.168.1.10) changed from 0007.b400.0402 ---- > 0007.b400.0401!! isn’t it great J

In short GLBP is a very good redundancy and load balancing protocol. AVG is responsible for keeping any eye on all Virtual forwarders and assigning virtual MACs according to network requirements. Active Virtual Gateway redundancy is managed by GLBP priority value and Active virtual forwarders are controlled via weight value in the configurations. 






MY CCNA LAB in GNS3

Posted by Unknown Sunday, February 3, 2013 5 comments
 Above lab is created in GNS3 to practice almost all the concepts. I have used C2691 and 7200 series routers. To get the topology files, please drop me your email id in the comments box, i will reply as soon as possible. Thanks

How to set Secure CRT as default terminal in GNS3

Posted by Unknown Monday, January 28, 2013 5 comments

Step # 1 Download Secure CRT from : http://thepiratebay.se/torrent/7438817/VanDyke.SecureCRT.v7.0.0.326-ZWT(x86)
Install the software according to its default directory setting.

Step # 2 Open your GNS3 Edit --- > Preference Box menu , from here go to General --- > Terminal Settings


Step # 3 Select the Secure CRT according to your OS from Preconfigurated terminal commands drop down box


In my case , as i am using 64-bit OS, i have selected SecureCRT(Windows 64-bit), once selected, click the Use button and you are good to use CRT! Great..

As a demonstration, i have opened my all routers in a single sweet looking window of Secure CRT :


I hope this post was helpful for you. Please let me know your feedback, your questions are welcomed in the comments box below.

Copyright © My CISCO Journal . All rights reserved.