Monitoring Cisco Switches

Monitoring Cisco Switches

You can adviser and administer your Catalyst switches in a cardinal of altered ways. One way

is primarily through a animate anchorage appliance either the command-line interface (CLI) or other

methods for assuming arrangement administration functions, such as Cisco Discovery Protocol

(CDP), Embedded Alien Ecology (RMON), or Switched Anchorage Analyzer (SPAN). The

console anchorage is an EIA/TIA-232 DCE interface to which you can affix a animate terminal or

modem. The blazon of connector, however, acclimated depends on the hardware. On a Catalyst 5000

with Supervisor I or II, a rollover cable is acclimated with the aloft hardware. On a Supervisor III or

a Catalyst 6000, a beeline through cable is acclimated in affiliation with a modular plug. Other

kinds of switches may be different.

Through the animate port, you can anon admission the CLI or configure a Consecutive Band Internet

Protocol (SLIP) interface to admission such arrangement administration functions as Telnet, ping, and

SNMP. An IP abode can be assigned to the Cisco about-face for administration purposes. Once the

address is in place, you can complete Telnet to admission the IP abode of the about-face to ability the CLI.

You can additionally use the IP abode of the about-face to admission an SNMP agent, such as CiscoWorks

2000.

NOTE This affiliate contains references and commands that are based on Cisco Switch-Based IOS.

Out-of-Band Management

Out-of-band administration admission for Cisco switches in accepted is performed via the following

methods:

• Animate Anchorage Connection

• SLIP

Console Anchorage Connection

The animate anchorage is the bounded (out-of-band) animate terminal affiliation to the switch—a DB-

25 changeable adapter apparent in Figure 13-2. Added switches may crave altered animate cables

in affiliation with modular plugs instead of the DB-25.

Monitoring Cisco Switches 431

Figure 13-2 The Catalyst 5000 Animate Port

To use the animate port, affix via a straight-through cable, an EIA/TIA-232 terminal

(configured for 9600 baud, no parity, eight abstracts bits, and one stop bit), modem, or network

management workstation, as apparent in Figure 13-3. As acclaimed above, however, this may vary

depending on the blazon of about-face used.

Figure 13-3 Attaching to the Animate Port

The animate anchorage enables you to accomplish the afterward functions:

• Configure the about-face with a command-line interface.

• Adviser arrangement statistics and errors.

• Configure SNMP abettor parameters.

• Download software updates to the about-face or administer software images residing in Flash

memory to absorbed devices.

CONSOLE

Desktop system

terminal settings:

Straight through EIA/TIA-232 cable with

a 25-pin D blazon connector

. 9600 baud

. 8 bits

. 1 stop bit

. No parity

Console port

Supervisor Engine module

100 BaseTX RJ-45 and M3 connectors

432 Affiliate 13: Ecology and Troubleshooting

Serial Band Internet Agreement (SLIP)

You can admission the Cisco about-face command band appliance Consecutive Band Internet Agreement (SLIP). This

protocol is a adaptation of Internet Agreement (IP) that runs over consecutive links acceptance IP

communications through the animate port.

Configuring SLIP on the Animate Port

Catalyst alternation switches abutment out-of-band administration through the use of a modem attached

to the animate port. This out-of-band affiliation works in affiliation with SLIP. The out-ofband

connection can be acclimated to:

• Authorize a Telnet affair that provides admission to the Cisco about-face CLI.

• Use the Telnet Server feature.

• Authorize an SNMP administration affair that provides the adequacy to use an SNMPbased

management belvedere such as the CiscoWorks 2000 solution.

To authorize an out-of-band affiliation on a Cisco switch, affix a 100 percent Hayescompatible

modem by agency of a straight-through cable with a 25 pin D blazon adapter as

shown in Figure 13-4. The modem should be configured for auto acknowledgment mode.

Figure 13-4 Out-of-band Administration Appliance SLIP

Use the SLIP (sl0) interface for point-to-point SLIP admission amid the about-face and an IP

host.

CAUTION You charge use the animate anchorage for the SLIP connection. Back the SLIP affiliation is enabled

and SLIP is absorbed on the animate port, an EIA/TIA-232 terminal cannot affix via the

console port. If you are affiliated to the about-face CLI through the animate anchorage and you admission the

slip attach command, you will lose the animate anchorage connection. Use Telnet to admission the

switch, admission advantaged mode, and admission the blooper abstract command to restore the animate port

connection.

Telnet or SNMP

Console port

Supervisor Engine module

100BaseTX RJ-45 and M3 connectors

Modem Modem

SLIP

Monitoring Cisco Switches 433

To accredit and attach SLIP on the animate port, accomplish the afterward arrangement of tasks:

Step 1 Admission the about-face from a alien host with Telnet via the telnet

{host_name | ip_addr} command.

Step 2 Admission advantaged approach on the about-face via the accredit command.

Step 3 Set the animate anchorage SLIP abode and the destination abode of

the absorbed host via the set interface sl0 slip_addr dest_addr

command.

Step 4 Accredit SLIP for the animate anchorage via the blooper attach command.

Step 5 Verify the SLIP interface agreement via the appearance interface

command.

Example 13-1 shows how to configure SLIP on the animate anchorage and verify the configuration:

In-Band Management

The afterward protocols are acclimated to accomplish in-band administration of a Cisco switch:

• Simple Arrangement Administration Agreement (SNMP)

• Telnet

• Cisco Discovery Agreement (CDP)

Example 13-1 Configuring SLIP on the Animate Anchorage and Verifying the Configuration

sparc20% telnet 172.20.52.71

Trying 172.20.52.71 ...

Connected to 172.20.52.71.

Escape appearance is '^]'.

Cisco Systems Console

Enter password:

Console> enable

Enter password:

Console> (enable) set interface sl0 10.1.1.1 10.1.1.2

Interface sl0 blooper and destination abode set.

Console> (enable) blooper attach

Console Anchorage now active SLIP.

Console> (enable) appearance interface

sl0: flags=51

slip 10.1.1.1 dest 10.1.1.2

sc0: flags=63

vlan 523 inet 172.20.52.71 netmask 255.255.255.224 advertisement 172.20.52.95

Console> (enable)

434 Affiliate 13: Ecology and Troubleshooting

SNMP

Simple Arrangement Administration Agreement (SNMP) is an appliance band agreement advised to

facilitate the barter of administration advice amid arrangement devices. The SNMP

system consists of three parts—SNMP manager, SNMP agent, and Administration Information

Base (MIB).

Instead of defining a ample set of commands, SNMP places all operations in a get-request, getnext-

request, and set-request format. For example, an SNMP ambassador can get a amount from

an SNMP abettor or abundance a amount into that SNMP agent. The SNMP ambassador can be allotment of a

network administration arrangement (NMS), and the SNMP abettor can abide on a networking device

such as a switch. The SNMP abettor can acknowledge to MIB-related queries actuality beatific by the NMS.

The afterward account capacity the basal functions accurate by SNMP agents:

• Accessing a MIB capricious appliance the get-request or get-next-request format—This

function is accomplished by the SNMP abettor as a aftereffect of a appeal for the amount of a MIB

variable from a arrangement administration station. The SNMP abettor gets the amount of a MIB

variable by accessing advice stored in the MIB and again responds.

• Setting a MIB variable—This action is additionally accomplished by the SNMP abettor as a aftereffect of

a bulletin from a arrangement administration station. The SNMP abettor requests that the value

of a MIB capricious be changed.

• SNMP trap—This action is acclimated to acquaint a arrangement administration base that an

extraordinary accident has occurred at an agent. Back a allurement action occurs, the SNMP

agent sends an SNMP abettor allurement bulletin to anniversary of the arrangement administration stations as

specified in the allurement receiver table.

To configure SNMP on your switch, accomplish the afterward steps:

Step 1 Configure the SNMP association strings via the set snmp

community {read-only | read-write | read-write-all}

community_string command.

Step 2 Accredit a allurement receiver abode and association via the set snmp

trap rcvr_address rcvr_community command. If you enter

incorrect information, admission the bright snmp allurement command to

delete the entry. Again re-enter the set snmp allurement command.

Step 3 If desired, configure the about-face so that it issues an authentication

trap via the set snmp allurement accredit command.

The set snmp Command Options

The syntax for the set snmp association command, acclimated to configure SNMP community

strings, is as follows:

set snmp association {read-only | read-write | read-write-all} [community_string]

Monitoring Cisco Switches 435

The keywords for the set snmp association command are as follows:

• read-only—Keyword to accredit read-only admission to the defined SNMP community.

• read-write—Keyword to accredit read-write admission to the defined SNMP community.

• read-write-all—Keyword to accredit read-write admission to the defined SNMP community.

The read-write-all offers admission to the association strings themselves.

• community_string—An alternative parameter. This is the name of the SNMP community.

The absence SNMP association strings are as follows:

— read-only (public)

— read-write (private)

— read-write-all (secret)

Example 13-2 demonstrates some sample achievement afterwards entering the set snmp community

command appliance all three community_string options.

As approved in Archetype 13-3, to appearance the options of the set snmp command admission the

command at the CLI in accredit mode.

An IP admittance allurement is beatific back crooked admission based on the IP admittance account is attempted. The

set snmp allurement command is a advantaged approach about-face command acclimated to accredit or attenuate the

different SNMP accessories on the arrangement or to add an admission into the SNMP affidavit trap

receiver table. The absence agreement has SNMP accessories disabled. Use the appearance snmp

Example 13-2 set snmp association Command Output

Console> (enable) set snmp association read-only public

SNMP read-only association cord set.

Console> (enable) set snmp association read-write private

SNMP read-write association cord set.

Console> (enable) set snmp association read-write-all secret

SNMP read-write-all association cord set.

Example 13-3 Viewing set snmp Command Options

Console> (enable) set snmp

Set snmp commands:

----------------------------------------------------------------------

set snmp association Set SNMP association string

set snmp advice Appearance this message

set snmp rmon Set SNMP RMON

set snmp allurement Set SNMP allurement information

436 Affiliate 13: Ecology and Troubleshooting

command to verify the adapted accessories were configured. The syntax for the set snmp trap

command is as follows:

set snmp allurement {enable | disable} [all | bore | anatomy | arch | captive | auth |

vtp | ippermit | vmps | config | article | stpx]

set snmp allurement rcvr_addr rcvr_community

Table 13-2 abstracts the keywords and arguments for the set snmp allurement command

Table 13-2 set snmp allurement Command Keywords/Arguments

Command

Keyword/Argument Definition

enable Keyword to actuate SNMP traps.

disable Keyword to conciliate SNMP traps.

all Alternative keyword to specify all allurement types.

module Alternative keyword to specify the moduleUp and moduleDown accessories from

the CISCO-STACK-MIB.

chassis Alternative keyword to specify the ciscoSyslogMIB allurement from the CISCOSYSLOG-

MIB.

bridge Alternative keyword to specify the newRoot and topologyChange traps

from RFC 1493 (the BRIDGE-MIB).

repeater Alternative keyword to specify the rptrHealth, rptrGroupChange, and

rptrResetEvent accessories from RFC 1516 (the SNMP-REPEATER-MIB).

auth Alternative keyword to specify the authenticationFailure allurement from RFC

1157.

vtp Alternative keyword to specify the VTP from the CISCO-VTP-MIB.

ippermit Alternative keyword to specify the IP Admittance Denied admission from the

CISCO-STACK-MIB.

vmps Alternative keyword to specify the vmVmpsChange allurement from the CISCOVLAN-

MEMBERSHIP-MIB.

config Alternative keyword to specify the sysConfigChange allurement from the CISCOSTACK-

MIB.

entity Alternative keyword to specify the entityMIB allurement from the ENTITY-MIB.

stpx Alternative keyword to specify the STPX trap.

rcvr_addr IP abode or IP alias of the arrangement to accept SNMP traps.

rcvr_community Association cord to use back sending affidavit traps.

Monitoring Cisco Switches 437

Example 13-4 shows how to accredit SNMP anatomy traps:

Example 13-5 shows how to accredit all SNMP traps:

Example 13-6 shows how to attenuate SNMP anatomy traps:

Example 13-7 shows how to add an admission in the SNMP allurement receiver table:

SNMP Verification

To verify SNMP settings, admission the appearance snmp command. Afterwards entering this command, you

will see the achievement in Archetype 13-8.

Example 13-4 Enabling SNMP Anatomy Traps

Console> (enable) set snmp allurement accredit chassis

SNMP anatomy anxiety accessories enabled.

Console> (enable)

Example 13-5 Enabling All SNMP Traps

Console> (enable) set snmp allurement enable

All SNMP accessories enabled.

Console> (enable)

Example 13-6 Disabling SNMP Anatomy Traps

Console> (enable) set snmp allurement attenuate chassis

SNMP anatomy anxiety accessories disabled.

Console> (enable)

Example 13-7 Adding an Admission in the SNMP Allurement Receiver Table

Console> (enable) set snmp allurement 192.122.173.42 public

SNMP allurement receiver added.

Console> (enable)

Example 13-8 appearance snmp Command Output

Console> appearance snmp

RMON: Enabled

Traps Enabled: Chassis

Port Accessories Enabled: None

Community-Access Community-String

---------------- --------------------

read-only public

Trap-Rec-Address Trap-Rec-Community

---------------- --------------------

192.122.173.42 public

Console>

438 Affiliate 13: Ecology and Troubleshooting

Telnet Client Access

Remote, in-band SNMP administration is accessible through any LAN or ATM interface assigned

to the aforementioned VLAN as the Supervisor module’s NMP IP address. In-band admission can be

used to authorize Telnet sessions to the Cisco about-face CLI or SNMP administration sessions on an

SNMP-based administration platform, such as CiscoWorks 2000.

Cisco switches accommodate approachable Telnet functionality from the CLI; this affection allows a

network ambassador to use Telnet from the CLI of the about-face to added accessories on the network.

Using Telnet, a arrangement ambassador can advance a affiliation to a Cisco about-face while also

connecting to addition about-face or router. Cisco switches abutment up to eight accompanying Telnet

sessions. Telnet sessions abstract automatically afterwards actual abandoned for a configurable time

period. To admission the about-face through a Telnet session, you charge aboriginal set the IP abode for the

switch.

NOTE Approachable Telnet is accustomed from “enable” admission approach on the Catalyst 4000, 5000, and 6000

series switches. The syntax beneath demonstrates an attack to Telnet from user EXEC mode.

6500-1> telnet

Unknown command "telnet". Use 'help' for added info.

6500-1>

To admission the about-face from a alien host with Telnet, accomplish these steps:

Step 1 From the alien host, admission the telnet command and the name or

IP abode of the about-face you appetite to access. The syntax for this

command is: telnet {hostname | ip_addr}.

Step 2 At the prompt, admission the for the CLI. If no password

has been configured, columnist Enter.

Step 3 Admission the all-important commands to complete your adapted tasks.

Step 4 Back finished, avenue the Telnet affair via the abdicate command.

After entering the telnet command, you will see the affectation in Archetype 13-9.

Example 13-9 telnet Command Output

host% telnet cat5000-1.cisco.com

Trying 172.16.44.30 ...

Connected to cat5000-1.

Escape appearance is '^]'.

Cisco Systems Console

Enter password:

Console>

Monitoring Cisco Switches 439

Cisco Discovery Agreement (CDP)

Cisco Discovery Agreement (CDP) is media- and protocol-independent and runs on all Ciscomanufactured

equipment including routers, bridges, admission and advice servers, and

switches. With CDP, arrangement administration applications can retrieve the accessory blazon and the

SNMP-agent abode of adjoining accessories (see Figure 13-5). Applications are now enabled

to accelerate SNMP queries to adjoining devices.

Figure 13-5 A Typical Cisco Arrangement Environment with CDP Enabled

CDP meets a charge created by the actuality of lower-level, around cellophane protocols. CDP

enables arrangement administration applications to dynamically ascertain Cisco accessories that are

neighbors of already accepted devices, neighbors active lower-layer cellophane protocols in

particular. CDP runs on all media that abutment the Subnetwork Admission Agreement (SNAP). CDP

runs over the abstracts articulation band only, not the arrangement layer. Therefore, two systems that support

different arrangement band protocols can apprentice about anniversary other. Cached CDP advice is

available to arrangement administration applications. Cisco accessories never advanced a CDP packet.

When new advice is received, old advice is discarded.

Example 13-10 shows how to affectation CDP advice about adjoining systems:

Example 13-10 Displaying CDP Advice about Adjoining Systems

Console> appearance cdp acquaintance 4

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

S - Switch, H - Host, I - IGMP, r - Repeater

Port Device-ID Port-ID Belvedere Capability

------- ----------------------- ----------------- ------------------- ----------

4/1 001905905 4/1 WS-C5000 TS

4/1 062000101(CAT3) 9 WS-C1201 SI

continues

NMS platform

Cisco Router

Catalyst switch

Catalyst switch

Catalyst switch

CDP

CDP

CDP

CDP

440 Affiliate 13: Ecology and Troubleshooting

Embedded Alien Monitoring

Cisco switches accommodate abutment for the Embedded Alien Ecology (RMON) of Ethernet

and Fast Ethernet ports. Embedded RMON provides you with afterimage into arrangement activity.

It enables you to admission and accidentally adviser the RMON blueprint RFC 1757 groupings of

statistics, actual information, alarms, and contest for any anchorage through SNMP or the

TrafficDirector Administration application.

The RMON affection monitors arrangement cartage at the abstracts articulation band of the OSI archetypal without

requiring a committed ecology delving or arrangement analyzer. RMON enables a network

manager to assay arrangement cartage patterns, set up proactive alarms to ascertain problems before

they affect users, analyze abundant arrangement users as candidates to move to committed or higher

speed ports, and accomplish trend assay for abiding planning.

The statistics accumulation of the RMON blueprint maintains appliance and absurdity statistics for the

switch that is monitored. Statistics accommodate advice about:

• Collisions.

• Cyclic back-up checks (CRC) and alignment.

• Undersized or colossal packets.

• Jabber.

• Fragments.

• Broadcast, multicast, and unicast messages.

• Bandwidth utilization.

The history accumulation takes alternate samples from the statistics area and food them for later

retrieval. This includes advice such as utilization, absurdity counts, and packet counts.

A arrangement arrangement ambassador uses the anxiety accumulation to set a sampling breach and threshold

for any RMON recorded item. Examples of anxiety settings accommodate complete or about values,

rising or falling thresholds of utilization, packet counts, and CRC errors.

4/1 069000022 8/1 WS-C5500 TS

4/1 069000040 4/2 WS-C5500 TS

Console>

An account of the achievement awning is apparent below:

Port – Anchorage that the CDP advice was abstruse on.

Device-ID – Consecutive cardinal of the accessory (and name if configured)

Port-ID – Anchorage at the alien device

Platform – Cisco artefact number

Capability – Adequacy of the accessory (see Adequacy Codes listed at top of output

Example 13-10 Displaying CDP Advice about Adjoining Systems (Continued)

Monitoring Cisco Switches 441

The accident accumulation allows contest (generated traps) to be logged, printed, and provided to a

network manager. The time and date is recorded with anniversary logged event. Arrangement managers use

the accident accumulation to actualize customized letters based on anxiety types.

Extended RMON capabilities are provided through the use of a Cisco SwitchProbe connected

to the switch’s SPAN port. Refer to the section, “Switched Anchorage Analyzer,” for additional

information.

To configure a Cisco about-face for RMON, actuate SNMP alien ecology abutment via the set

snmp rmon accredit command. Afterwards entering the set snmp rmon accredit command, you will

see the affectation in Archetype 13-11.

Switched Anchorage Analyzer

Cisco switches accept a Switched Anchorage Analyzer (SPAN) affection enables you to adviser cartage on

any anchorage for assay by a arrangement analyzer accessory or RMON probe. This affection additionally provides

RMON2 statistics on all nine RMON groups and all seven layers of the OSI model. Enhanced

SPAN (E-SPAN) enables you to adviser cartage from assorted ports with the aforementioned VLAN to a

port for analysis.

The SPAN redirects cartage from an Ethernet, Fast Ethernet, or Fiber Distributed Data

Interface (FDDI) anchorage or VLAN to an Ethernet or Fast Ethernet adviser anchorage for assay and

troubleshooting. You can adviser a distinct anchorage or VLAN appliance a committed analyzer such as a

Network Associates Sniffer, or an RMON probe, such as a Cisco SwitchProbe. Figure 13-6 is

an archetype of the SPAN affection on the Catalyst 5000 alternation switch.

A added contempo affection is alleged R-SPAN, which allows for the ecology of a alien switch’s

traffic. R-SPAN is accessible on the Catalyst 6000 alternation switches. It can alone be acclimated in a

switched arrangement alone of Catalyst 6000 switches. In added words, no added blazon of switches,

Cisco or otherwise, can be in the complete aisle amid the two switches.

In this configuration, all cartage on Ethernet anchorage 5 is mirrored assimilate the configured SPAN port

Ethernet 10. The arrangement analyzer amid on Ethernet 10 can see arrangement cartage on Ethernet

5 after actuality physically absorbed to it.

Example 13-11 set snmp rmon accredit Command Output

Console> (enable) set snmp rmon enable

SNMP RMON abutment enabled.

442 Affiliate 13: Ecology and Troubleshooting

Figure 13-6 SPAN Agreement on a Catalyst 5000 Alternation Switch

Example 13-12 shows how to affectation SPAN information.

The afterward account defines the appearance amount command achievement fields in Archetype 13-12.

• Admin Source—Source anchorage or VLAN for SPAN information.

• Oper Source—Operator anchorage or VLAN for SPAN information.

• Destination—Destination anchorage for SPAN information.

• Direction—Status of whether transmit, receive, or transmit/receive advice is

monitored.

• Status—Status of whether SPAN is enabled or disabled.