Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192
Characterizing the network is step 2 of the design methodology. In this section you learn to identify a network's major features, tools to analyze existing network traffic, and tools for auditing and monitoring network traffic.
Steps in Gathering Information
When arriving at a site that has an existing network, you need to obtain all the existing documentation. Sometimes no documented information exists. You should be prepared to use tools to obtain information and/or get access to log into the network devices to obtain information. Here are the steps for gathering information:
| Step 1. | Identify all existing information and documentation.
|
| Step 2. | Perform a network audit.
|
| Step 3. | Use traffic analysis to augment information on applications and protocols used.
|
When gathering exiting documentation, you look for site information such as site names, site addresses, site contacts, site hours of operation, and building and room access. Network infrastructure information includes locations and types of servers and network devices, data center and closet locations, LAN wiring, WAN technologies and circuit speeds, and power used. Logical network information includes IP addressing, routing protocols, network management, and security access lists used. You need to find out if voice or video is being used on the network.
Network Audit Tools
When performing a network audit, you have three primary sources of information:
After gathering the existing documentation, you must obtain access to the existing management software. The client may already have CiscoWorks tools from which you can obtain hardware models and components and software versions. You can also obtain the existing router and switch configurations.
The network audit should provide the following information:
-
Network device list
-
Hardware models
-
-
Configurations
-
Auditing tool output information
-
Interface speeds
-
Link, CPU, and memory utilization
-
WAN technology types and carrier information
When performing manual auditing on network devices, you can use the following commands to obtain information:
-
show tech-support
-
show processes cpu
-
show version
-
show processes memory
-
show running-config
Example 1-1 shows the output of a
show version command. This command shows the operating system version, the router type, the amount of flash and RAM memory, the router uptime, and interface types.
Example 1-1. show version Command
| Code View: R2>show version
Cisco IOS Software, 7200 Software (C7200-K91P-M), Version 12.2(25)S9, RELEASE SO
FTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright 1986-2006 by Cisco Systems, Inc.
Compiled Tue 28-Mar-06 23:12 by alnguyen
ROM: ROMMON Emulation Microcode
BOOTLDR: 7200 Software (C7200-K91P-M), Version 12.2(25)S9, RELEASE SOFTWARE (fc1
)
R2 uptime is 5 minutes
System returned to ROM by unknown reload cause - suspect boot_data[BOOT_COUNT] 0
x0, BOOT_COUNT 0, BOOTDATA 19
System image file is "tftp://255.255.255.255/unknown"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Cisco 7206VXR (NPE400) processor (revision A) with 147456K/16384K bytes of memor
y.
Processor board ID 4294967295
R7000 CPU at 150Mhz, Implementation 39, Rev 2.1, 256KB L2 Cache
6 slot VXR midplane, Version 2.1
Last reset from power-on
PCI bus mb0_mb1 (Slots 0, 1, 3 and 5) has a capacity of 600 bandwidth points.
Current configuration on bus mb0_mb1 has a total of 200 bandwidth points.
This configuration is within the PCI bus capacity and is supported.
PCI bus mb2 (Slots 2, 4, 6) has a capacity of 600 bandwidth points.
Current configuration on bus mb2 has a total of 0 bandwidth points
This configuration is within the PCI bus capacity and is supported.
Please refer to the following document "Cisco 7200 Series Port
Adaptor Hardware Configuration Guidelines" on CCO <www.cisco.com>,
for c7200 bandwidth points oversubscription/usage guidelines.
1 FastEthernet interface
8 Serial interfaces
125K bytes of NVRAM.
65536K bytes of ATA PCMCIA card at slot 0 (Sector size 512 bytes).
8192K bytes of Flash internal SIMM (Sector size 256K).
Configuration register is 0x2102
|
Here are some of the network management tools you can use to obtain network audit information:
-
CiscoWorks is Cisco's configuration and auditing tool from which you can obtain device inventory and configuration information.
-
WhatsUP Gold/WhatsUP Professional is IPSwitch's network monitoring tool. It can monitor router bandwidth and do trend analysis. The tool can also monitor servers performing network discovery.
-
Castle Rock SNMPc monitors network devices, servers, and WAN links. Web reports can be generated.
-
Cacti is resource monitoring software and a graphing tool.
-
Netcordia NetMRI is a network analysis product that discovers the network, performs analysis, and makes configuration recommendations.
-
NetQoS NetVoyant does device performance monitoring and reports on network infrastructure, devices, and services.
-
Other tools include network protocol analyzers (sniffers) such as Network General Sniffer and WildPackets EtherPeek.
Network Analysis Tools
To obtain application-level information, the IP packet needs to be further inspected. Cisco devices or dedicated hardware or software analyzers capture packets or use SNMP to gather specific information. Network analysis tools include the following:
-
Network-Based Application Recognition (NBAR) is a Cisco IOS tool used to identify well-known applications and protocols.
-
NetFlow is IOS software that collects and measures data as it passes through router and switch interfaces.
-
CNS NetFlow Collector Engine is Cisco hardware that gathers every flow in a network segment.
-
Third-party tools include Sniffer, Ethernet, and SolarWinds Orion.
Network Checklist
The following is a network checklist that can be used to determine a network's health status:
-
No shared Ethernet segments are saturated (no more than 40 percent sustained network utilization). New segments should use switched and not shared technology.
-
No WAN links are saturated (no more than 70 percent sustained network utilization).
-
The response time is generally less than 100ms (one-tenth of a second). More commonly less than 2ms in a LAN.
-
No segments have more than 20 percent broadcasts or multicast traffic. Broadcasts are sent to all hosts in a network and should be limited. Multicast traffic is sent to a group of hosts but should also be controlled and limited to only those hosts registered to receive it.
-
No segments have more than one cyclic redundancy check (CRC) error per million bytes of data.
-
On the Ethernet segments, less than 0.1 percent of the packets result in collisions.
-
A CPU utilization at or over 75 percent for a 5-minute interval likely suggests network problems. Normal CPU utilization should be much lower during normal periods.
-
The number of output queue drops has not exceeded 100 in an hour on any Cisco router.
-
The number of input queue drops has not exceeded 50 in an hour on any Cisco router.
-
The number of buffer misses has not exceeded 25 in an hour on any Cisco router.
-
The number of ignored packets has not exceeded 10 in an hour on any interface on a Cisco router.
No comments:
Post a Comment