CISCO and ITS SUPPLIERS DISCLAIM All WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE of MERCHANTABILITY, FITNESS for a PARTICULAR PURPOSE and NONINFRINGEMENT OR ARISING FROM a COURSE of DEALING, USAGE, OR TRADE PRACTICE. USERS MUST TAKE FULL RESPONSIBILITY for THEIR
CISCO and ITS SUPPLIERS DISCLAIM All WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE of MERCHANTABILITY, FITNESS for a PARTICULAR PURPOSE and NONINFRINGEMENT OR ARISING FROM a COURSE of DEALING, USAGE, OR TRADE PRACTICE. USERS MUST TAKE FULL RESPONSIBILITY for THEIR
CISCO and ITS SUPPLIERS DISCLAIM All WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE of MERCHANTABILITY, FITNESS for a PARTICULAR PURPOSE and NONINFRINGEMENT OR ARISING FROM a COURSE of DEALING, USAGE, OR TRADE PRACTICE. USERS MUST TAKE FULL RESPONSIBILITY for THEIR
170 West Tasman Drive San J ose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 User Guide for Campus Manager Software Release 5.2 CiscoWorks Text Part Number: OL-18011-01
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJ ECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCBs public domain version of the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower, Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0903R) User Guide for Campus Manager 5.2 1998-2009 Cisco Systems, Inc. All rights reserved.
iii User Guide for Campus Manager 5.2 OL-18011-01 C O N T E N T S Notices xix OpenSSL/Open SSL Project i-xix License Issues i-xix Preface xxiii Audience i-xxiii Conventions i-xxiii Product Documentation i-xxiv Related Documentation i-xxiv Additional Information Online i-xxv Obtaining Documentation, Obtaining Support, and Security Guidelines i-xxv CHAP T E R 1 About Campus Manager 1-1 Campus Manager Applications 1-1 CHAP T E R 2 Whats New in Campus Manager 5.2 2-1 New Features in This Release 2-1 CHAP T E R 3 Getting Started With Campus Manager 3-1 Logging Into CiscoWorks 3-1 Before Using Campus Manager 3-2 Starting Campus Manager Applications 3-2 Understanding the User Interface 3-4 Campus Manager Process and Dependent Processes 3-7 Viewing and Maintaining Log File Details 3-8 Error Messages 3-10 CHAP T E R 4 Integrating Campus Manager With CiscoWorks Common Services 4-1 CiscoWorks LMS Portal Integration 4-1 Understanding Common Services ACS Integration 4-3 Understanding DCR Integration 4-4 Data Collection and DCR 4-4 Handling DCR Events 4-5
Contents iv User Guide for Campus Manager 5.2 OL-18011-01 Understanding Object Grouping Services Integration 4-5 Understanding Device Center Integration 4-6 Understanding Software Center Integration 4-6 Understanding License Integration 4-7 CHAP T E R 5 Administering Campus Manager 5-1 Understanding Campus Manager Administration 5-1 Using Daemon Manager 5-3 Restarting Daemon Manager on Solaris 5-3 Restarting Daemon Manager on Windows 5-4 Selective Backup and Restore 5-4 Viewing Campus Manager Home Page 5-7 Using Campus Manager Data Collection Administration 5-12 Viewing Summary of Data Collection Settings 5-12 Modifying SNMP Timeouts and Retries 5-13 Device Management 5-15 Mode and Policy Settings 5-15 Manually Including Devices to Data Collection 5-19 Manually Excluding Devices from Data Collection 5-20 Using Advanced Search in CM Device Selector 5-22 Usage Notes 5-22 Scheduling Data Collection 5-23 Device Poller 5-24 Configuring Topology Settings 5-26 Restricted Topology View 5-26 Configuring DFM Polling 5-26 Understanding Groups 5-27 System Defined Groups 5-28 User Defined Groups 5-29 Overview of Subnet Based Groups 5-29 Rules Editor 5-30 Example of Rule 5-32 Using Groups 5-34 Creating Groups 5-34 Modifying Groups 5-40 Viewing Group Details 5-40 Deleting a Group 5-40 Recomputing Group Membership 5-41 Using Administration Reports 5-41
Contents v User Guide for Campus Manager 5.2 OL-18011-01 Analyzing ANI Server 5-41 Viewing Data Collection Metrics 5-41 Viewing Data Collection Details 5-42 Viewing List of Devices Supported 5-43 Using Other Admin Settings 5-44 Configuring Discrepancy Reporting and Syslog Message Generation 5-44 Purging Reports J obs and Archived Reports 5-45 Setting RME Credentials 5-46 Setting Debugging Options 5-47 Setting up Debugging Options for Data Collection 5-48 Setting up Debugging Options for Configuration and Reports 5-50 Setting Debugging Options for Device Groups 5-51 Setting Debugging Options for Topology 5-51 Using Campus Manager J ob Browser 5-53 Administration Command Line Interface 5-54 Configuration Settings for SNMPv3 Devices 5-57 Starting Campus Manager Applications 5-59 Security 5-59 CHAP T E R 6 Generating Reports 6-1 Using the Reports J ob Browser 6-1 Using the Report Generator 6-4 Viewing Archived Reports 6-5 Purging Reports J obs and Archived Reports 6-6 CHAP T E R 7 Tracking Users 7-1 Understanding User Tracking 7-1 Understanding Network and Campus Manager Dependencies 7-5 Using User Tracking Administration 7-5 Viewing Acquisition Information 7-6 Interpreting Acquisition Information 7-7 Configuring User Tracking Acquisition Actions 7-8 Using User and Host Acquisition 7-9 Modifying Acquisition Settings 7-9 Configuring Rogue MAC List 7-17 Modifying Acquisition Schedule 7-20 Modifying Ping Sweep Options 7-21 Configuring Subnet Acquisition 7-22
Contents vi User Guide for Campus Manager 5.2 OL-18011-01 Modifying Delete Interval 7-23 Configuring Trunk for End Host Discovery 7-23 Specifying Purge Policy 7-25 Specifying Domain Name Display 7-25 Importing Information on End Host Users 7-26 Understanding Dynamic Updates 7-26 Viewing Dynamic Updates Process Status 7-30 Enabling SNMP Traps on Switch Ports 7-30 SNMP MAC Notification Listener 7-32 Configuring SNMP Trap Listener 7-32 HPOV as Primary Listener 7-33 DFM as Primary Listener 7-34 Configuring Dynamic User Tracking 7-36 Debugging Options 7-38 Debugging Options for User Tracking Server 7-39 Debugging Dynamic Updates 7-40 Debugging Options for User Tracking Reports 7-43 Dynamic User Tracking Console 7-43 Understanding User Tracking Reports 7-44 Using User Tracking Reports 7-45 Viewing Quick Reports 7-46 Operator Values and Date Formats for Last Seen Column 7-47 Exporting and Printing Reports 7-48 Viewing Report J obs List 7-49 Viewing J ob Details 7-50 Stopping J obs 7-51 Deleting J obs 7-51 Using Report Generator 7-51 Viewing Duplicates Report 7-52 Interpreting Duplicate Reports 7-53 Viewing End Hosts Reports 7-55 Interpreting End Host Reports 7-55 Interpreting Active End Hosts Report 7-59 Viewing IP Phones Reports 7-61 Interpreting IP Phones Reports 7-62 Viewing MAC Reports 7-63 Interpreting MAC Reports 7-65 Understanding Switch Port Usage Reports 7-66 Interpreting Switch Port Capacity Report 7-71
Contents vii User Guide for Campus Manager 5.2 OL-18011-01 Interpreting Switch Port Usage Reports 7-71 Interpreting Summary Report for Switch Ports 7-72 Understanding History Report 7-72 Viewing History Reports for Switch Port Utilization 7-73 Interpreting History Reports for Switch Ports 7-74 History Reports Based on Filters 7-74 Interpreting End Host History Reports 7-75 Using Custom Reports 7-76 Viewing List of Custom Reports 7-76 Creating Custom Reports 7-76 Editing Custom Reports 7-78 Copying Custom Reports 7-78 Deleting Custom Reports 7-78 Using Custom Layouts 7-79 Viewing List of Custom Layouts 7-79 Creating Custom Layouts 7-79 Editing Custom Layouts 7-80 Copying Custom Layouts 7-80 Deleting Custom Layouts 7-81 Using Archived Reports 7-81 Viewing Archived Reports List 7-81 Viewing Reports 7-82 Deleting Archived Reports 7-84 Integrating CiscoWorks WLSE 7-84 Viewing Reports on Wireless Clients 7-84 Interpreting Reports on Wireless Clients 7-85 User Tracking Command Line Interface 7-86 Exporting Switch Port Usage Report 7-89 Importing User Tracking Data 7-91 Using Lookup Analyzer Utility 7-91 Understanding UTLite 7-93 Installing UTLite Script on Active Directory 7-95 Installing UTLite Script on Windows 7-96 Installing UTLite Script on NDS 7-97 Uninstalling UTLite Scripts From Windows 7-98 Uninstalling UTLite Scripts From Active Directory 7-98 Uninstalling UTLite Scripts From NDS 7-98 User Tracking Utility 7-99 Understanding UTU 1.1.1 7-99
Contents viii User Guide for Campus Manager 5.2 OL-18011-01 Definitions 7-100 Hardware and Software Requirements for UTU 1.1.1 7-100 Downloading UTU 1.1.1 7-100 Installing UTU 1.1.1 7-101 Accessing UTU 1.1.1 7-102 Configuring UTU 1.1.1 7-103 Searching for Users or Hosts 7-103 Using Search Patterns 7-106 Uninstalling UTU 1.1.1 7-106 Upgrading to UTU 1.1.1 7-107 Re-installing UTU 7-107 User Tracking Debugger Utility 7-108 Understanding Debugger Utility 7-108 Using Debugger Utility 7-108 CHAP T E R 8 Discrepancies and Best Practices Deviations 8-1 Understanding Discrepancies and Best Practices Deviations 8-1 Interpreting Discrepancies 8-2 Trunking Related Discrepancies 8-2 Trunk Negotiation Across VTP Boundary 8-3 Native VLANs Mismatch 8-4 Trunk VLANs Mismatch 8-4 Trunk VLAN Protocol Mismatch 8-4 VLAN-VTP Related Discrepancies 8-5 VTP Disconnected Domain 8-5 No VTP Server in Domain with at least One VTP Client 8-5 Link Related Discrepancies 8-6 Link Duplex Mismatch 8-6 Link Speed Mismatch 8-8 Link Trunk/NonTrunk Mismatch 8-9 Port Related Discrepancy 8-10 Port is in Error Disabled State 8-10 Device Related Discrepancy 8-11 Devices With Duplicate SysName 8-11 Spanning Tree Related Discrepancy 8-11 Port Fast Enabled on Trunk Port 8-11 Interpreting Best Practices Deviations 8-12 Channel Ports Related Best Practices Deviations 8-13 Non-channel Port in Desirable Mode 8-13
Contents ix User Guide for Campus Manager 5.2 OL-18011-01 Channel Port in Auto Mode 8-14 Spanning Tree Related Best Practices Deviations 8-15 BPDU Filter Disabled on Access Ports 8-16 BPDU-Guard Disabled on Access Ports 8-17 BackboneFast Disabled in Switch 8-18 UplinkFast not Enabled 8-20 Loop Guard and Port Fast Enabled on Ports 8-22 Trunk Ports Related Best Practices Deviations 8-23 Non-trunk Ports in Desirable Mode 8-23 Trunk Ports in Auto Mode 8-25 VLAN Related Best Practices Deviations 8-25 VLAN Index Conflict 8-25 VLAN Name Conflict 8-26 Link Ports Related Best Practice Deviation 8-26 UDLD Disabled on Link Ports 8-27 Access Ports Related Best Practice Deviation 8-28 CDP Enabled on Access Ports 8-28 Cisco Catalyst 6000 Devices Related Best Practice Deviation 8-29 High Availability not Operational 8-29 Viewing Discrepancy Reports 8-30 Understanding Discrepancy Reports 8-32 Viewing Details on Discrepancies 8-33 Fixing Discrepancies 8-34 Viewing Best Practices Deviations Reports 8-36 Understanding Best Practices Deviations Reports 8-38 Viewing Details on Best Practices Deviations 8-39 Fixing Best Practices Deviations 8-40 Customizing Discrepancies Reporting and Syslog Generation 8-42 CHAP T E R 9 Using Topology Services 9-1 Understanding Topology Services 9-2 Starting Topology Services 9-3 Using Topology Services Legend 9-5 Understanding Topology Services Main Window 9-12 Understanding Tree View 9-13 Using Topology Services Main Window 9-14 Navigating in Main Window 9-14 Understanding the Status Bar 9-16 Using Find in Main Window 9-17
Contents x User Guide for Campus Manager 5.2 OL-18011-01 Understanding Network Topology Views 9-17 Navigating in Network Topology Views 9-18 Connecting Securely to Devices From Clients 9-20 For Microsoft Windows Clients 9-20 For Solaris Clients 9-21 Displaying Network Views 9-22 Using Panner to View Topology Maps 9-22 Using Network Views 9-23 Customizing Network Topology Views 9-25 Saving Network Topology View Layouts 9-25 Deleting Devices From Network View 9-26 Changing Network Topology View Layouts 9-26 Starting CiscoWorks Applications From Topology Views 9-26 Modifying DFM Alert Settings 9-34 Modifying Network View Features 9-35 Changing Network Topology View Properties for One User Role 9-36 Changing Network Topology View Properties for All Users 9-37 Setting Background Images for Topology Views 9-38 Understanding Cluster Switches 9-40 Displaying Cluster Switches 9-40 Using Topology Filters 9-41 Enabling RMON to Measure Bandwidth Utilization 9-47 Modifying the Parameters 9-48 Enabling RMON on All Ports in Selected Devices 9-49 Enabling RMON on Selected Ports in Selected Devices 9-50 Disabling RMON 9-51 Customizing Bandwidth Utilization Filters 9-51 Highlighting Filtered Devices 9-52 Using Find in Network Topology Views 9-52 Understanding Summary View 9-53 Highlighting Devices From Summary View 9-53 Interpreting Summary Information 9-53 Interpreting Network View Summary Information 9-54 Interpreting Unconnected Device View Summary Information 9-54 Upgrading Network Topology Views 9-55 N-Hop View Portlet 9-56 Using Microsoft Visio With Topology Views 9-59 Downloading the Cisco Visio Stencil File 9-60 Exporting Network Topology Views to Visio 9-60
Contents xi User Guide for Campus Manager 5.2 OL-18011-01 Working With Links 9-61 Interpreting Link Tooltips 9-61 Displaying Link Attributes 9-61 Interpreting Link Attributes 9-62 Displaying Aggregate Link Attributes 9-62 Interpreting Aggregate Link Attributes 9-63 Time Domain Reflectometry Reports 9-63 Understanding Time Domain Reflectometry 9-63 Using Time Domain Reflectometry Reports 9-64 Running TDR Test for a Link 9-64 Running TDR Test For a Port 9-66 Working With Devices 9-67 Performing Data Collection for Devices 9-67 Interpreting Device Tooltips 9-68 Displaying Device Labels 9-68 Interpreting Device Labels 9-68 Clearing Device Labels 9-68 Displaying Device Attributes 9-69 Viewing End Host Report 9-69 Viewing Switch Port Report 9-69 Interpreting Device Attributes 9-69 Displaying Port Attributes 9-70 Interpreting Port Attributes 9-70 Setting Preferred Management Addresses 9-71 Starting CiscoView 9-72 Starting Telnet 9-73 Starting Device Center 9-74 Working With MLS Devices 9-74 Displaying MLS Reports 9-75 Interpreting MLS Reports 9-75 Working With Application Servers 9-76 Displaying Device Service Modules 9-77 Displaying Service Attributes 9-78 Interpreting Service Attributes 9-79 Displaying Campus Reports 9-79 Monitoring Protocol Filter by Port 9-80 Understanding Protocol Filtering 9-80 Displaying Protocol Filter Information 9-81 Viewing Data Collection Metrics 9-81
Contents xii User Guide for Campus Manager 5.2 OL-18011-01 Topology Groups 9-82 Understanding Topology Groups 9-82 Interpreting Topology Groups Summary Information 9-83 Hierarchical Maps 9-83 Understanding Hierarchical Maps 9-83 Viewing Hierarchical Maps 9-84 Topology Services Menu Reference 9-85 Topology Services Main Window Menu Reference 9-85 Network Topology View Menu Reference 9-87 Supported Protocols 9-91 Inter-Switch Link (ISL) Protocol 9-91 IEEE 802.1Q 9-92 CHAP T E R 10 Managing VLANs and VTP 10-1 Understanding Virtual LAN (VLAN) 10-2 Advantages of VLANs 10-2 Simplification of Adds, Moves, and Changes 10-2 Controlled Broadcast Activity 10-2 Workgroup and Network Security 10-3 VLAN Components 10-3 Using VLANs 10-4 Configuring VLANs 10-4 Selecting Devices or Entities 10-5 Creating VLANs 10-6 Assigning Ports to VLANs 10-7 Advanced Filter 10-9 Disallowing VLAN on Trunks 10-10 Understanding VLAN Creation Summary 10-11 Deleting VLANs 10-12 Moving Affected Ports to New VLAN 10-13 Understanding VLAN Deletion Summary 10-14 Creating Ethernet VLANs 10-15 Ethernet VLANs 10-15 Creating Ethernet VLANs 10-15 Interpreting VLAN Summary Information 10-15 Displaying VLAN Reports 10-16 Interpreting VLAN Reports 10-18 Understanding Private VLAN 10-18 Types of Private VLAN Ports 10-18
Contents xiii User Guide for Campus Manager 5.2 OL-18011-01 Promiscuous Ports 10-19 PVLAN Host Ports 10-19 PVLAN Trunk Ports 10-19 Using Private VLAN 10-19 Creating PVLAN 10-20 Creating Primary VLAN 10-21 Creating Secondary VLAN and Associating to Primary VLAN 10-22 Associating Ports to Secondary VLAN 10-22 Configuring Promiscuous Ports 10-23 Deleting PVLAN 10-24 Understanding Inter-VLAN Routing 10-25 Using Inter-VLAN Routing 10-25 Configuring Inter-VLAN Routing on RSM, MSFC, L2/L3 Devices 10-26 Configuring Inter-VLAN Routing on External Routers 10-27 VLAN Trunking Protocol 10-28 VTP Domains 10-29 Components of VTP Domains 10-30 Understanding VLAN Trunking Protocol Version 3 10-30 Support for VTP Version 3 in Campus Manager 10-30 Using VLAN Trunking Protocol (VTP) 10-32 Displaying VTP Reports 10-33 Interpreting VTP Reports 10-33 Using VTP Views 10-34 Understanding Trunking 10-35 Trunking Considerations 10-35 Dynamic Trunking Protocol (DTP) 10-35 Trunk Encapsulation 10-36 Trunk Characteristics 10-36 Encapsulation Types 10-37 Creating Trunk 10-37 Modifying Trunk Attributes 10-39 EtherChannel 10-41 Understanding EtherChannel 10-41 Using EtherChannel 10-41 Configuring EtherChannel 10-41 VLAN Port Assignment 10-42 Understanding VLAN Port Assignment 10-43 Starting VLAN Port Assignment 10-43 Using VLAN Port Assignment 10-44
Contents xiv User Guide for Campus Manager 5.2 OL-18011-01 Configuring Trunk Attributes 10-45 Displaying Attribute Summaries 10-46 Displaying Port Attributes 10-46 Interpreting Port Attributes Report 10-47 Displaying Device Attributes 10-48 Interpreting Device Attributes Report 10-48 Displaying Trunk Attributes 10-49 Interpreting Trunk Attributes 10-49 Usage Scenarios for Managing VLANs 10-50 Configuring PVLANs in External Demilitarized Zone 10-50 Prerequisites 10-50 Reproducing Scenario 10-51 Verifying Configuration 10-51 CHAP T E R 11 Managing Network Spanning Trees 11-1 Understanding Spanning Tree Protocol 11-1 Per VLAN Spanning Tree Protocol 11-2 Multiple Spanning Tree Protocol 11-2 Multiple Instance Spanning Tree Protocol 11-3 Spanning Tree Recommendation Reports 11-3 Spanning Tree Reports: Optimal Root Recommendation Report 11-4 Interpreting Optimal Root Recommendation 11-5 Spanning Tree Reports: Number of Instances Recommendation Report 11-6 Interpreting Number of Instances Recommendation 11-6 Spanning Tree Reports: Instance Reduction Recommendation Report 11-7 Interpreting Instance Reduction Recommendation 11-8 Spanning Tree Reports: VLAN to Instance Mapping Recommendation Report 11-8 Interpreting VLAN to Instance Mapping Recommendation 11-9 Spanning Tree Reports: STP Visualizer 11-10 Interpreting STP Visualizer 11-12 STP Visualizer Notes 11-12 Generating Reports and Configuring STP on the Network 11-13 Reporting and Configuring PVST Port 11-13 Reporting and Configuring MST Port 11-17 Reporting and Configuring MISTP Port 11-21 Reporting and Configuring PVST Device 11-25 Reporting and Configuring MST Device 11-28 Reporting and Configuring MISTP Device 11-32 Reporting and Configuring MST Instance 11-36
Contents xv User Guide for Campus Manager 5.2 OL-18011-01 Reporting and Configuring MISTP Instance 11-37 Reporting and Configuring PVST Trunk 11-38 Reporting and Configuring MST Trunk 11-40 Reporting and Configuring MISTP Trunk 11-42 Spanning Tree Filters 11-44 STP Inconsistency 11-44 Viewing STP Loop Inconsistency 11-44 Viewing STP PVID Inconsistency 11-45 Viewing STP Root Inconsistency 11-45 Viewing STP Type Inconsistency 11-45 STP Filters in Switch Cloud View 11-45 Spanning Tree 11-46 Viewing Spanning Tree per IEEE 802.1s Instance 11-46 Viewing Spanning Tree per Cisco MISTP Instances 11-46 Viewing VLANs in Switch Clouds 11-47 CHAP T E R 12 Support for IPv6 12-1 Understanding IPv6 Support in Campus Manager 12-1 Viewing IPv6 Addresses Report 12-2 Interpreting IPv6 Addresses Report 12-3 CHAP T E R 13 Data Extraction Engine 13-1 Overview of Data Extraction Engine 13-1 The cmexport Command 13-2 Running cmexport Command 13-3 cmexport Arguments and Options 13-3 Mandatory Arguments 13-4 Optional Arguments 13-4 Function-Specific Options 13-5 Displaying Help 13-5 Uses of cmexport 13-5 cmexport User Tracking 13-6 Mandatory Arguments 13-7 Accessing Help 13-9 cmexport Topology Command 13-9 Mandatory Arguments 13-10 Accessing Help 13-11 cmexport Discrepancy Command 13-12
Contents xvi User Guide for Campus Manager 5.2 OL-18011-01 Mandatory Arguments 13-12 Accessing Help 13-13 cmexport Manpage 13-14 Command Line Syntax 13-14 Arguments and Options 13-15 Mandatory Arguments 13-15 Function-Specific Options 13-16 Accessing Help 13-16 DEE Developers Reference 13-16 Schema for User Tracking Data 13-17 User Tracking Schema for Switch Data 13-18 User Tracking Schema for Phone Data 13-19 User Tracking Schema for Subnet Data 13-19 Schema for Topology Data 13-20 Schema for Discrepancy Data 13-21 Using Servlet to Export Data from Campus Manager 13-22 CHAP T E R 14 Virtual Network Manager 14-1 Understanding Virtual Network Manager Workflow 14-2 Virtual Network Manager Features 14-3 Key Acronyms, Terms and Definitions 14-4 Using VNM Features 14-5 Advantages of Virtual Network Manager 14-6 Getting Started with Virtual Network Manager 14-6 Launching Virtual Network Manager 14-6 Starting VNM Application 14-7 Navigating VNM 14-8 Using VNM Home Page 14-9 VRF Collection Status 14-10 VRF Readiness Information 14-11 Recently Completed Jobs 14-11 VRF List 14-12 Show Details 14-13 Virtual Network Manager Tasks 14-13 Configuring VRF 14-14 Create VRF 14-14 Interface Mapping to VRF 14-17 Routing Protocol Configuration 14-22 Summary of VRFs to be Configured 14-24
Contents xvii User Guide for Campus Manager 5.2 OL-18011-01 Editing VRF 14-26 Edit VRF 14-27 Interface Mapping to VRF in Edit VRF 14-28 Routing Protocol Configuration in Edit VRF 14-31 Summary of Edit VRF 14-33 Extending VRF 14-34 Extend VRF 14-35 Interface Mapping to VRF in Extend VRF 14-37 Routing Protocol Configuration in Extend VRF 14-40 Summary of Extend VRF 14-41 Deleting VRF 14-43 Delete VRF - Select Devices 14-44 Delete VRF - Summary 14-45 Edge VLAN Configuration 14-46 Select Devices for Edge VLAN Configuration 14-47 VLAN to VRF Mapping 14-48 Edge VLAN Configuration Summary 14-52 Administering Virtual Network Manager 14-54 Understanding VNM Administration 14-54 Using VNM Administration 14-55 Using VRF Collector Settings 14-55 Scheduling VRF Collector 14-55 Modifying VNM SNMP Timeouts and Retries 14-57 Setting VNM Debugging Options 14-58 VNM Server Debugging Settings 14-58 VRF Collector Debugging Settings 14-59 VNM Client Debugging Settings 14-59 VNM Utility Debugging Settings 14-60 Using Purge Settings 14-61 Purging VNM Reports J obs and Archived Reports 14-61 Topology 14-61 Using Topology in VNM 14-61 Generating Reports 14-62 Using the VNM J ob Browser 14-62 Using the VNM Report Generator 14-65 Readiness Report 14-66 Interpreting VRF Readiness Report 14-67 VRF Report 14-69 Device Based VRF Report 14-69
Contents xviii User Guide for Campus Manager 5.2 OL-18011-01 Interpreting Device Based VRF Report 14-70 VRF Based Report 14-72 Interpreting VRF Based Report 14-73 Viewing VNM Archived Reports 14-75 Troubleshooting 14-76 Ping or Traceroute 14-76 Show Results 14-79 CHAP T E R 15 Troubleshooting and FAQs 15-1 Troubleshooting 15-1 User Tracking 15-1 Topology Services 15-3 Troubleshooting Time Domain Reflectometry Reports 15-3 VLAN Port Assignment 15-4 FAQs 15-5 Device Management 15-5 User Tracking 15-6 Data Extraction Engine 15-9 Virtual Network Manager 15-10 AP P E NDI X A Commands to Enable MAC Notification Traps on Devices A-1 Overview of Dynamic Updates A-1 Configuring Switches With MAC Notification Commands A-1 Device Operating System Version-Specific Commands A-2 List of Commands to Enable MAC Notification Traps on Devices A-3 I NDE X
xix User Guide for Campus Manager 5.2 OL-18011-01 Notices The following notices pertain to this software license: OpenSSL/Open SSL Project This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com). License Issues The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License and the original SSLeay license apply to the toolkit. See below for the actual license texts. Actually both licenses are BSD-style Open Source licenses. In case of any license issues related to OpenSSL please contact openssl-core@openssl.org. OpenSSL License: Copyright 1998-2007 The OpenSSL Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions, and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgment: This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). 4. The names OpenSSL Toolkit and OpenSSL Project must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact openssl-core@openssl.org.
xx User Guide for Campus Manager 5.2 OL-18011-01 Notices OpenSSL/Open SSL Project 5. Products derived from this software may not be called OpenSSL nor may OpenSSL appear in their names without prior written permission of the OpenSSL Project. 6. Redistributions of any form whatsoever must retain the following acknowledgment: This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJ ECT AS IS' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJ ECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com). Original SSLeay License: Copyright 1995-1998 Eric Young (eay@cryptsoft.com). All rights reserved. This package is an SSL implementation written by Eric Young (eay@cryptsoft.com). The implementation was written so as to conform with Netscapes SSL. This library is free for commercial and non-commercial use as long as the following conditions are adhered to. The following conditions apply to all code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included with this distribution is covered by the same copyright terms except that the holder is Tim Hudson (tjh@cryptsoft.com). Copyright remains Eric Youngs, and as such any Copyright notices in the code are not to be removed. If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library used. This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). The word cryptographic can be left out if the routines from the library being used are not cryptography-related. 4. If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement: This product includes software written by Tim Hudson (tjh@cryptsoft.com).
xxi User Guide for Campus Manager 5.2 OL-18011-01 Notices OpenSSL/Open SSL Project THIS SOFTWARE IS PROVIDED BY ERIC YOUNG AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. The license and distribution terms for any publicly available version or derivative of this code cannot be changed. i.e. this code cannot simply be copied and put under another distribution license [including the GNU Public License].
xxii User Guide for Campus Manager 5.2 OL-18011-01 Notices OpenSSL/Open SSL Project
xxiii User Guide for Campus Manager 5.2 OL-18011-01 Preface This manual describes CiscoWorks Campus Manager 5.2 and provides instructions for using it. Audience This document is for anyone who installs, configures, verifies, and uses Campus Manager 5.2. Network administrators or operators should have the following skills: Basic Windows system administrator skills Basic network management skills Basic Internet browser skill Conventions This document uses the following conventions: Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the publication. Item Convention Commands and keywords boldface font Variables for which you supply values italic font Displayed session and system information screen font Information you enter boldface screen font Variables you enter italic screen font Menu items and button names boldface font Selecting a menu item in paragraphs Option > Network Preferences Selecting a menu item in tables Option >Network Preferences
xxiv User Guide for Campus Manager 5.2 OL-18011-01 Preface Product Documentation Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data. Product Documentation Note We sometimes update the printed and electronic documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates. Table 1 describes the product documentation that is available. Related Documentation Note We sometimes update the printed and electronic documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates. Table 1 Product Documentation Document Title Available Formats User Guide for Campus Manager 5.2 PDF on the product DVD. On Cisco.com at: http://cisco.com/en/US/products/sw/cscowor k/ps563/products_user_guide_list.html Context-sensitive online help Select an option from the navigation tree, then click Help. Click the Help button in the dialog box.
xxv User Guide for Campus Manager 5.2 OL-18011-01 Preface Additional Information Online Table 2 lists the additional documentation that is available. Additional Information Online Service Packs (SP) contains updated files necessary for the latest device support and fixes to known problems that are not available in Campus Manager 5.2. If you are a registered user, you can download SP for Campus Manager from: http://www.cisco.com/cgi-bin/tablebuild.pl/cw2000-campus Obtaining Documentation, Obtaining Support, and Security Guidelines For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly Whats New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html Subscribe to the Whats New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0. Table 2 Related Documentation Document Title Available Formats Installing and Getting Started With CiscoWorks LAN Management Solution 3.2 PDF on the product DVD. PDF on the Documentation CD. On Cisco.com: http://www.cisco.com/en/US/products/sw/cscowork/ps2425/ prod_installation_guides_list.html Data Migration Guide for LAN Management Solution 3.2 PDF on the product DVD. PDF on the Documentation CD. On Cisco.com: http://www.cisco.com/en/US/products/sw/cscowork/ps2425/ prod_installation_guides_list.html User Guide for CiscoWorks Common Services 3.3 PDF on the product DVD. PDF on the Documentation CD. On Cisco.com at: http://cisco.com/en/US/products/sw/cscowork/ps3996/produ cts_user_guide_list.html
xxvi User Guide for Campus Manager 5.2 OL-18011-01 Preface Obtaining Documentation, Obtaining Support, and Security Guidelines C H A P T E R
1-1 User Guide for Campus Manager 5.2 OL-18011-01 1 About Campus Manager Campus Manager is an integral component of CiscoWorks LAN Management Solution. As an enterprise solution to network management, Campus Manager provides a suite of web-based network management tools that enable administrators to obtain various types of graphical views of their network topology and end-user information. It also reports network inconsistencies, anomalies, and configuration errors in the discovered network. Campus Manager provides advanced capabilities to manage Spanning-Tree protocols, and a user friendly interface for creating, modifying, or deleting VLANs, LANEs, or assigning switch ports to VLANs. Campus Manager is based on a client-server architecture that connects multiple web-based clients to a server on the network. Campus Manager Applications Campus Manager applications provide tools for configuring, managing, understanding, and visualizing the complex physical and logical Layer 2 infrastructure. The applications in Campus Manager and what they allow you to do, are given below: Application Allows you to Topology Services Manage, view, and monitor the physical and logical services on your network. For more details, see, Chapter 9, Using Topology Services. User Tracking Locate and display data about users and hosts in the network, including wireless users. Dynamic Updates provides the details without any time delay. For more details, see Chapter 7, Tracking Users. Managing VLANs and VTP Assign VLAN to ports, display VLAN ports, or configure trunk ports, Create PVLAN, Delete PVLAN, Configure Promiscuous Ports. For more details, see Chapter 10, Managing VLANs and VTP.
1-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 1 About Campus Manager Campus Manager Applications Discrepancies and Best Practices Deviations Reporting View the discrepancies and best practices deviations in your network. This lets you resolve discrepancies and best practice deviations. For more details, see Chapter 8, Discrepancies and Best Practices Deviations. Virtual Network Manager Allows you to pre-provision, provision and monitor Virtual Routing and Forwarding-Lite (VRF-Lite) technology. VRF-Lite supports multiple virtual routing instances using a single routing device used to virtualize networks span across enterprise network. For more details, see Chapter 14, Virtual Network Manager. Application Allows you to C H A P T E R
2-1 User Guide for Campus Manager 5.2 OL-18011-01 2 Whats New in Campus Manager 5.2 New Features in This Release The following are the new features and enhancements available in Campus Manager 5.2: Virtual Network Manager Support for IPv6 Port and Module Configuration Reclaim Unused Up/Unused Down Report Selective Backup and Restore Rogue MAC Enhancement Open Database Schema Support Virtual Network Manager Virtual Network Manager (VNM) is an application that works in conjunction with Campus Manager (CM), and Resource Manager Essentials (RME). Virtual Network Manager generates VRF Readiness Report to provide information on the VRF readiness that help administrators identify the devices with hardware and software support available, in contrast to the required support to configure VRF. Virtual Network Manager application is used to perform VRF configurations in an enterprise network. You can perform the VRF Configurations using the following configuration workflows: Create, Edit, Extend, and Delete VRF. You can assign multiple VLANs to a single VRF instance using the Edge VLAN Configuration workflow. For details, see Virtual Network Manager. Support for IPv6 IPv6 support in Campus Manager includes the following network scenarios: Devices that may have IPv6 configured on their interfaces. These devices must have at least one IPv4 interface. Devices are managed using IPv4. Hosts running IPv6 are supported in the User Tracking application. For details, see Support for IPv6.
2-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 2 Whats New in Campus Manager 5.2 New Features in This Release Port and Module Configuration The Port and Module Configuration is a feature provided by Resource Manager Essentials (RME). RME uses port data to provide the port and module configuration feature. Campus Manager gets updated with the port configuration data while the Data Collection process is executed. In this release, the port configuration details collected by Campus Manager is forwarded to RME, which is stored in the database of RME. Reclaim Unused Up/Unused Down Report This report displays both Link and Access ports that are used at least once but have not been used for a specific number of days. This report is an enhancement of UT Reclaim reports of Campus Manager 5.2. Campus Manager 5.2 uses the data from Data Collection to retrieve the free up/down Link and Access Ports to generate reports. While running the Data Collection process, the timestamp information specific to the Data Collection is added to the ports. For details, see Understanding Switch Port Usage Reports. Selective Backup and Restore You can selectively Backup and Restore the configuration files and specific tables in data bases. You can also back up the schema, stored procedures, and tables that are specified in the configuration file of Campus Manager. Applications will ensure that the selected tables include all dependent tables for proper functioning as a part of Restore. For all tables that are not specified in the configuration file of Campus Manager, blank tables are created so that Campus Manager can function properly. Selective backup and restore allows you to restore the settings that are similar to the settings provided by normal backup. For details, see Selective Backup and Restore. Rogue MAC Enhancement As an enhancement, the Rogue MAC feature is enhanced with filters in the following reports: Quick Reports, End Host Reports, Active End Host Reports, IP Phone Reports and Custom Reports. The enhanced filters in the report operate on the column that you have selected and fetch records that contain the user input value. The pattern field that allows you to search patterns for the MAC Address column, is enhanced to include the following separators: dot (.) or colon (:). You can also search the patterns for MAC Addresses without any separators. For details, see Viewing Quick Reports. Open Database Schema Support LMS 3.2 supports exposing few database views and definitions. You can access the created views using the database access methods such as J DBC and ODBC, from a local or remote server. To enable the access to applications database, you must run the dbaccess.pl utility from the command line. See the Open Database Schema Support for LAN Management Solution 3.2 document for more information on exposed database views and definitions. Note We sometimes update the documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates. C H A P T E R
3-1 User Guide for Campus Manager 5.2 OL-18011-01 3 Getting Started With Campus Manager This chapter tells you how to get started with Campus Manager. The sections in this chapter are: Logging Into CiscoWorks Before Using Campus Manager Starting Campus Manager Applications Understanding the User Interface Campus Manager Process and Dependent Processes Viewing and Maintaining Log File Details Error Messages Logging Into CiscoWorks You must log into CiscoWorks server to access Campus Manager. If you are logging into CiscoWorks server for the first time, you can use admin, which is the reserved username and password. CiscoWorks UserModes To prevent unauthenticated access to the CiscoWorks Server, CiscoWorks applications, and data, Common Services provides features for managing security. You can specify the user authentication mode using the AAA Mode Setup. CiscoWorks Common Services supports two modes of user authentication and authorization: ACS modeAccess Control Server (ACS) provides authentication and authorization services in this mode. To use this mode, you must install Cisco Secure ACS on your network. Non ACS modeCiscoWorks Server provides authentication and authorization services in this mode. CiscoWorks Common Services, set to default, uses CiscoWorks Server authentication (Non ACS), to authenticate users and authorize them to access CiscoWorks Common Services applications. The CiscoWorks Server authentication scheme has five roles. You cannot change these roles, or the privileges assigned to those roles. The following is the list of privileges, sorted from the least privileged to the most privileged: Help Desk Approver Network Operator
3-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 3 Getting Started With Campus Manager Before Using Campus Manager Network Administrator System Administrator You can also use Cisco Secure ACS to provide user authentication and authorization. Cisco Secure ACS allows you to create custom roles and privileges, so that you can customize Common Services client applications. You can use Cisco Secure ACS to provide a more secure environment. Cisco Secure ACS allows you to define the roles for accessing a subset of devices.You can also decide on the applications that would function on the selected set of devices. If you configure Common Services to use non ACS modes for authentication, CiscoWorks Server provides authorization services. In ACS mode, the privileges you have depend on the ACS role assigned to you. See Campus Manager ACS Help for complete details on roles and privileges in Campus Manager. Before Using Campus Manager You must ensure that you have a valid license before you start using Campus Manager. For License information, see Installing and Getting Started with CiscoWorks LAN Management Solution 3.2. Campus Manager determines the devices, which are to be managed, through Data Collection filters or the auto-manage function. The auto-manage function, automatically manages the devices, where all the devices in Device and Credential Repository are added into Campus Manager as managed devices. You can also restrict the configuration to use a subset of the devices in DCR to be managed by Campus Manager, based on the devices in an IP address range or a VTP Domain. Devices that have been deleted from DCR continue to be managed by Campus Manager if Data Collection or User Tracking Acquisition are in progress. The licence is validated while launching different applications of Campus Manager like Topology services. If the license is expired or invalid, you are prompted to obtain a valid license. Starting Campus Manager Applications The Campus Manager applications are: Application Allows you to User Tracking Locate and display data about users and hosts in the network, including wireless users. Dynamic Updates provides details without any time delay. (To access User Tracking, select Campus Manager > User Tracking) For more details, see Chapter 7, Tracking Users. Topology Services Manage, view, and monitor the physical and logical services on your network. (To access Topology Services, select Campus Manager > Visualization. The Topology Services page appears. Click Launch Topology Services) For more details, see, Chapter 9, Using Topology Services.
3-3 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 3 Getting Started With Campus Manager Starting Campus Manager Applications Campus Manager with Java Web Start Technology Campus Manager uses J ava Web Start Technology to launch the user interface (UI) for Topology Services. You are prompted to install J ava Web Start, the first time you start these applications. You can download and install it on the client machine, using the installation screens that are displayed. The next time you start the application, it automatically uses this J ava Web Start. Managing VLANs and VTP Assign VLAN to ports, display VLAN ports, or configure trunk ports, Create PVLAN, Delete PVLAN, Configure Promiscuous Ports. (To access User Tracking, select Campus Manager > Configuration) For more details, see Chapter 10, Managing VLANs and VTP. Discrepancies and Best Practices Deviations Reporting View the Discrepancies and Best Practices Deviations in your network. Fix some Discrepancies and Best Practice Deviations. (To access Reports, select Campus Manager > Reports) For more details, see Chapter 8, Discrepancies and Best Practices Deviations. Managing Campus Manager J obs View the status of all Campus Manager J obs including User Tracking jobs and Campus Manager reports. (To access Campus Manager J obs, select Campus Manager > Job Management) For more details, see Chapter 5, Administering Campus Manager. Configuring VLANs, PVLANs and Trunk Configure and manage VLANs, PVLANs, Trunk, and also assign ports to VLANs. (To access Configuration, select Campus Manager > Configuration) For more details, see Chapter 10, Managing VLANs and VTP. Administrating Campus Manager Administer Data Collection and User Tracking Major Acquisition processes. (To access Administration, select Campus Manager > Administration) For more details, see Chapter 5, Administering Campus Manager. Application Allows you to
3-4 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 3 Getting Started With Campus Manager Understanding the User Interface Understanding the User Interface Campus Manager 5.2 provides a single User Interface (UI) for various applications such as Topology Services. All pages in Campus Manager have a Toggle icon as explained in Table 3-1. Table 3-1 Icon Description Icon Name Description Toggle To switch between the Full Screen view and the Normal view of the application page. Full Screen view Displays only the application configuration area. Normal view Displays the Table of Contents, Application tabs along with the Configuration area. By default, the Normal view is displayed. Configuration Icon Used as a Configuration Icon in the Routing Protocol Configuration page in the Create, Edit and Extend VRF workflows. Used as an Edge Interface Configuration Icon in the VLAN to VRF Mapping page in the Edge VLAN Configuration workflow. Interface Status as UP Displays the interface status as up in the VLAN to VRF Mapping page in the Edge VLAN Configuration workflow. Interface Status as DOWN Displays the interface status as down in the VLAN to VRF Mapping page in the Edge VLAN Configuration workflow. Existing VLAN Icon Icon is used to view the VLANs existing on the corresponding interface. You can use the icon in the VLAN to VRF Mapping page in the Edge VLAN Configuration workflow.
3-5 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 3 Getting Started With Campus Manager Understanding the User Interface The applications are grouped in the UI as provided in Table 3-2. Table 3-2 Grouping of Applications and Tasks in User Interface Tabs Applications and Features Home Campus Manager Home User Tracking Reports Report J obs Report Generator Custom Reports Custom Layouts Archives Acquisition Actions Visualization Topology Services RMON Configuration Configuration VLAN Configuration PVLAN Configuration Create PVLAN Delete PVLAN Configure Promiscuous Port VLAN Port Assignment Trunk Configuration Create Trunk Modify Trunk Attributes Reports Report J obs Report Generator Campus Manager Reports Best Practices Deviations Device Attributes Discrepancies Port Attributes VLAN Report Archives Job Management Campus Manager J ob Browser Administration Dashboard Data Collection SNMP Timeouts and Retries Device Management Mode And Policy Settings Include Devices Exclude Devices
3-6 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 3 Getting Started With Campus Manager Understanding the User Interface Schedule Data Collection Device Poller User Tracking Acquisition Acquisition Settings Schedule Acquisition Ping Sweep Configure Subnet Acquisition Delete Interval Configure Trunk For End Hosts Discovery Reports User Tracking Purge Policy Domain Name Display End Host Table Import Dynamic Updates Device Trap Configuration Trap Listener Configuration Debugging Options Dynamic User Tracking Dynamic User Tracking Console User Tracking Reports Groups Other Admin Settings Discrepancies Purge Settings RME Server Credentials Reports Debugging Options Data Collection Configuration and Reports Device Groups Topology User Tracking Server User Tracking Reports Dynamic User Tracking Table 3-2 Grouping of Applications and Tasks in User Interface (continued) Tabs Applications and Features
3-7 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 3 Getting Started With Campus Manager Campus Manager Process and Dependent Processes Campus Manager Process and Dependent Processes The following table lists the Campus Manager processes and their dependency processes. If you stop or restart any of these processes you must stop and restart their dependency processes. See for the list of dependent processes. You can stop and restart the process using Common Services > Admin > Process Table 3-3 List of Campus Manager and Dependent Processes Process Name Dependency (Sequential) Description Log File ANIDbEngine None System service: Database engine for Campus Manager None ANIServer EDS ANIDbEngine System service: Collects device information for Campus Manager ani.log CampusOGSServer CmfDbMonitor EssMonitor DCRServer CMFOGSServer System service: Provides Grouping services for Campus Manager CampusOGSServer.log MACUHIC EssMonitor ANIDbEngine System service: Receives and processes SNMP traps for Dynamic UT macuhic.log UTLITE EssMonitor ANIDbEngine System service: Receives and processes the UTLITE data utlite.log UTMajorAcquisitio n ANIServer UTMajor Acquisition is a transient process. System service: Collects end hosts information. ut.log UTManager EssMonitor ANIDbEngine DCRServer System service: Queries external system for Dynamic UT utm.log VNMServer ANIDbEngine System service: Handles VNM Services like configuration, VNM collector job scheduling Vnmserver.log WlseUHIC ANIDbEngine System service: Collects information from Wlse Device wlseuhic.log
3-8 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 3 Getting Started With Campus Manager Viewing and Maintaining Log File Details Viewing and Maintaining Log File Details Each Campus Manager module writes log files within the NMSROOT/log folder. Table 3-4 lists the name of the log file, Campus Manager module for which log file is written, the location in Windows where log files is stored, the location in Solaris where log files is stored and the purpose of the log file. Table 3-4 List of Campus Manager Log File Details Log File Module Location in Windows Location in Solaris Purpose ani.log Data Collection NMSROOT/log/ani. log /var/adm/CSCOpx/l og/ani.log Debugs Data Collection process. AniServer.log ANIServer NMSROOT/log/AN IServer.log /var/adm/CSCOpx/l og/dmgtd.log Debugs ANIServer process Campus.log Campus Manager Configuration and reports NMSROOT/log/Ca mpus.log /var/adm/CSCOpx/l og/Campus.log Debugs Configuration and reports screen of Campus Manager CampusOGSSer ver.log Campus OGSServer NMSROOT/log/Ca mpusOGSServer.log /var/adm/CSCOpx/l og/CampusOGSSer ver.log Debugs Campus OGSServer process CampusOGSCli ent.log Campus OGS client NMSROOT/log/Ca mpusOGSClient.log /var/adm/CSCOpx/l og/CampusOGSClie nt.log Debugs OGSClient campusportal.lo g Campus Portal NMSROOT/log/ca mpusportla.log /var/adm/CSCOpx/l og/campusportal.lo g Debugs the portlets like qtopo and CM portlets of Campus portal. Cmapps.log User Tracking UI NMSROOT/log/Cm apps.log /var/adm/CSCOpx/l og/Cmpapps.log Debugs all the UI pages for User Tracking macuhic.log MACUHIC NMSROOT/log/ma cuhic.log /var/adm/CSCOpx/l og/macuhic.log Debugs MACUHIC process for Dynamic UT ut.log User Tracking NMSROOT/log/ut.l og /var/adm/CSCOpx/l og/ut.log Debugs the User Tracking module utlite.log UTLITE NMSROOT/log/utlit e.log /var/adm/CSCOpx/l og/utlite.log.log Debugs UTLite Server. UTMajorAcquis ition.log User Tracking NMSROOT/log/ UTMajorAcquisitio n.log /var/adm/CSCOpx/l og/dmgtd.log Debugs UTMajorAcquisi tion process.
3-9 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 3 Getting Started With Campus Manager Viewing and Maintaining Log File Details utm.log UTManager NMSROOT/log/ Utm.log /var/adm/CSCOpx/l og/utm.log Debugs UTManager process of Dynamic UT Vnmclient.log VNM UI NMSROOT/log/ Vnmclient.log /var/adm/CSCOpx/l og/Vnmclient.log Debugs VNM UI Vnmcollector.lo g VNM Collector NMSROOT/log/Vn mCollector.log /var/adm/CSCOpx/l og/Vnmcollector.lo g Debugs VNMCollector process. VNMDeviceSel ector.log VNM Device selector NMSROOT/log/Vn mDeviceSelector.lo g /var/adm/CSCOpx/l og/VNMDeviceSele ctor.log Debugs the device selector provided by VNM. Vnmserver.log VNM Server NMSROOT/log/Vn merver.log /var/adm/CSCOpx/l og/Vnmserver.log Debugs VNMServer process Vnmutils.log VNM UI and Server NMSROOT/log/Vn mutils.log /var/adm/CSCOpx/ Vnmutils.log Debugs utility classes used by VNM client and server. Table 3-4 List of Campus Manager Log File Details (continued) Log File Module Location in Windows Location in Solaris Purpose
3-10 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 3 Getting Started With Campus Manager Error Messages Error Messages Table 3-5 lists the error messages, with the probable cause due to which the error has occurred. The table also provides the possible action to be taken for the error message. Table 3-5 Error Messages for Campus Manager Error Message Probable Cause Possible Action Assign Edge VLAN to VRF workflow You have not selected any devices from the Device Selector page. When no device is selected in the Device Selector. Select one or more devices to perform Edge VLAN VRF Mapping. You should make some changes to the VLAN to VRF Interface Mapping page before continuing. When you click Next without making any changes in the Interface Mapping to VRF page in create VRF, edit VRF, and extend VRF workflow. You should make some changes to the VLAN to VRF Interface Mapping page before continuing. Cannot connect to the CSTM backend process. The Application is not able to connect to CSTM backend process. Check whether the daemons are up and running You cannot configure the devices (display names) because they are being used by configuration workflows and locked. If few devices that you have selected is locked or used by some other user. Wait until they are free. Or Ensure that the devices are not used by configuration workflows and free the devices from the Resource Browser page. To access this, select CS > Admin > Resource Browser. You cannot configure the devices (display names) because they are being used by other users and locked. If all the devices that you have selected is locked or used by some other user. Wait until they are free Or Ensure that the devices are not used by other users and free the devices from the Resource Browser page. To access this, select CS > Admin > Resource Browser. You have entered an invalid IP Address. Enter a valid IP Address. You have entered an invalid IP Address. Enter a valid IP Address. You have entered an invalid Subnet Mask. Enter a valid Subnet Mask. You have entered an invalid Subnet Mask. Enter a valid Subnet Mask. You have entered an invalid VLAN ID. Enter a valid VLAN ID. You have entered an invalid VLAN ID. Enter a valid VLAN ID.
3-11 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 3 Getting Started With Campus Manager Error Messages You have entered an invalid VLAN Name. Enter a valid VLAN Name. You have entered an invalid VLAN Name Enter a valid VLAN Name. You have entered an invalid Route Distinguisher (RD). You have entered an invalid Route Distinguisher. Enter the RD value in the format A: B; where A takes numerical values (1 to 9999) or IP Address and B takes numerical values. RD value entered must be unique to a VRF. An error occurred while creating a job because the following processes might be down: J RM, ConfigMgmtServer or CTMJ rmServer. When VNM is unable to create a job used to configure VRF on devices Check the processes status in Common Services > Server > Admin > Processes. If the process is down, restart the daemon manager and try again. Upon clicking Finish, the commands displayed in the Summary page, will be deployed to the selected devices. The Summary page displays the commands that will be deployed to the devices for the following workflows: Create VRF, Edit VRF, Extend VRF, Delete VRF and Assign Edge VLAN. You can edit the commands in the previous page by clicking Back Or You can exit out the workflow by clicking Cancel. Cannot connect to the CTM backend process. VNM is unable to connect to the CTM backend process. Check the VNMServer status from Common Services > Server > Admin > Processes. If the process is down, restart the daemon manager and try again. J ob for configuration deployment is successfully created. Refer J ob Id. Appears after the completion of a configuration workflow. Click the J ob Id to view the status of the job. Troubleshooting VRF - Server side An error occurred while getting the source devices from the server because the ANIDbEngine might be down. While fetching the list of source devices from the server, ANIDbEngine might be down. Check the ANIDbEngine status in Common Services > Server > Admin > Processes. If the process is down, restart it and try again. An error occurred while getting the source devices from the server because the ANIDbEngine might be down. While fetching the list of destination devices from the server, ANIDbEngine might be down. Check the ANIDbEngine status in Common Services > Server > Admin > Processes. If the process is down, restart it and try again. An error occurred while getting the VRF from the server because the ANIDbEngine might be down. While fetching the list of VRFs from the server, ANIDbEngine might be down. Check the ANIDbEngine status in Common Services > Server > Admin > Processes. If the process is down, restart it and try again. Table 3-5 Error Messages for Campus Manager Error Message Probable Cause Possible Action
3-12 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 3 Getting Started With Campus Manager Error Messages An error occurred while getting the source interfaces from the server because the ANIDbEngine might be down. While fetching the list of source interfaces from the server, ANIDbEngine might be down. Check the ANIDbEngine status in Common Services > Server > Admin > Processes. If the process is down, restart it and try again. An error occurred while getting the destination interfaces from the server because the ANIDbEngine might be down. While fetching the list of destination interfaces from the server, ANIDbEngine might be down. Check the ANIDbEngine status in Common Services > Server > Admin > Processes. If the process is down, restart it and try again. An error occurred while retrieving the commands from the server. An error occurred while getting the list of commands from the server. None Unable to connect to the device since it is not supported in RME. When the device is not supported in RME. None RME database has failed because the RMEDBEngine might be down. Cannot get the output for the Ping or Traceroute operation. While executing the command, if the DB fails in RME. Check the status of RMEDBEngine in Common Services > Server > Admin > Processes. If the process is down, restart it and try again. Cannot get the output for the selected devices after connecting to them using Ping or Traceroute. This is because these devices are not managed by RME. The selected device is not managed by RME. None Cannot use Ping or Traceroute to connect to the device because it is not supported by RME. The selected device is not supported by RME. None An error occurred while running the command in RME because the RMEExtnService or RMEDBEngine processes might be down. An error occurred while executing the command in RME. Check the status of RMEDBEngine in Common Services > Server > Admin > Processes. If the process is down, restart it and try again. Select the VRF to proceed with VRF troubleshooting. If you click View Command or Ping without selecting a VRF. Select the VRF and click View Command or Ping. Select the source device to proceed with VRF troubleshooting. If you click View Command or Ping without selecting the source device. Select the source device and click View Command or Ping. Select the destination device to proceed with VRF troubleshooting. If you click View Command or Ping without selecting the destination device. Select the destination device and click View Command or Ping. Select the destination interface to proceed with VRF troubleshooting. If you click View Command or Ping without selecting the source interface. Select the destination device and click View Command or Ping. Table 3-5 Error Messages for Campus Manager Error Message Probable Cause Possible Action
3-13 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 3 Getting Started With Campus Manager Error Messages Select the source interface to proceed with VRF troubleshooting. If you click View Command or Ping without selecting the source interface. Select the destination device and click View Command or Ping. An error occurred while getting the command from the server. An error occurred while getting the command from the server. Try again. An error occurred while getting the output for Ping or Traceroute from the server because the RMEExtnService or RMEDBEngine processes might be down. An error occurred while getting the output from the server. Check the ANIDbEngine status in Common Services > Server > Admin > Processes. If the process is down, restart it and try again. The DCR ID of the device is negative. DCR ID of the device entered is negative. Enter the positive DCR ID Troubleshooting VRF - Client side An error occurred while getting the devices from the server. While getting a list of source or destination devices from the server. Try again. An error occurred while getting the VRFs from the server. While getting a list of VRFs from the server. Try again. An error occurred while getting the Source interfaces from the server. While getting a list of source interfaces from the server. Try again. An error occurred while getting the Destination interfaces from the server. While getting a list of destination interfaces from the server. Try again. Select a Source device before attempting to troubleshoot VRF. If you click View Command or Ping without selecting the source device. Select the source device and click View Command or Ping. Select a VRF before attempting to troubleshoot VRF. If you click View Command or Ping without selecting the VRF. Select the VRF and click View Command or Ping. Select a Destination device before attempting to troubleshoot VRF. If you click View Command or Ping without selecting the destination device. Select the destination device and click View Command or Ping. Select the Source interface before attempting to troubleshoot VRF. If you click View Command or Ping without selecting the source interface. Select the source interface and click View Command or Ping. Select the Destination interface before attempting to troubleshoot VRF. If you click View Command or Ping without selecting the destination interface. Select the destination interface and click View Command or Ping. Select the Source interface before attempting to troubleshoot VRF If you select the Bidirectional Ping option and click View Command or Ping without selecting the source interface. Select the Source interface and click View Command or Ping. Table 3-5 Error Messages for Campus Manager Error Message Probable Cause Possible Action
3-14 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 3 Getting Started With Campus Manager Error Messages An error occurred while retrieving the commands from the server. An error occurred while retrieving the commands from the server. Try again An error occurred while getting the output for Ping or Traceroute from the server. An error occurred while getting the output from the server. Check the ANIDbEngine status in Common Services > Server > Admin > Processes. If the process is down, restart it and try again. An internal error occurred. An error occurred while getting the output for Ping or Traceroute from the server. A general error has occurred. Try again. Table 3-5 Error Messages for Campus Manager Error Message Probable Cause Possible Action C H A P T E R
4-1 User Guide for Campus Manager 5.2 OL-18011-01 4 Integrating Campus Manager With CiscoWorks Common Services This chapter details the various CiscoWorks Common Services features that are integrated with Campus Manager. The features given in this chapter are: CiscoWorks LMS Portal Integration Understanding Common Services ACS Integration Understanding DCR Integration Understanding Object Grouping Services Integration Understanding Device Center Integration Understanding Software Center Integration Understanding License Integration CiscoWorks LMS Portal Integration CiscoWorks LMS Portal is the first page that appears when you log into CiscoWorks Server. The user interface, that is the LMS Portal, allows you to launch the LMS applications and it provides top-level navigation for the frequently used functions in these applications. You can launch Campus Manager from CiscoWorks LMS Portal. CiscoWorks LMS Portal uses portlets to provide important statistics and details of Campus Manager. Portlets are the basic user interface components that are managed and displayed in the CM View. For more information, see the User Guide for CiscoWorks LMS Portal 1.2.
4-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 4 Integrating Campus Manager With CiscoWorks Common Services CiscoWorks LMS Portal Integration Table 4-1 describes the CM Portlets in CiscoWorks LMS Portal. The data in the portlets are shown as tables or graphs, based on the type of data. The data available in the portlet gets refreshed according to the CiscoWorks LMS Portal application configuration. For more information on CM portlets, see User Guide for CiscoWorks LMS Portal 1.2. Table 4-1 CM Portlets in CiscoWorks LMS Portal Portlet Description Campus Manager Provides navigation path to individual CM modules CM N-Hop View HTML-based feature. It displays the N-Hop view from a specified device. You can use it to view a limited set of devices. CM Discrepancies Displays the type and count of discrepancies, such as network inconsistencies, anomalies, and misconfigurations in the discovered network. It also gives a description of the discrepancy, the impact it has on the network, and ways to resolve it. CM User Tracking Summary Displays the count of the following MAC Addresses: Rogue MAC, New MAC, and Dormant MAC. It also gives a summary of the last User Tracking information such as the number of end hosts and active end hosts. CM Best Practices Deviation Displays the deviations from normal or recommended practices in a network. It also provides information on each of the Best Practice Deviations reported in Campus Manager. It also gives a description of the Best Practice Deviation. It includes the impact, if any, that the deviation has on the network, and ways to resolve this deviation. CM Data Collection Summary Displays the details of the operations performed. The details displayed are the date and time at which the operation was last completed, and the result of the operation. It also displays the type of the operation, the last completed date and time of the operation, and the result of the operation in Collection Data Summary. CM Workflow Demo Displays the demos of the most frequently used workflows in Campus Manager application.
4-3 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 4 Integrating Campus Manager With CiscoWorks Common Services Understanding Common Services ACS Integration Understanding Common Services ACS Integration Common Services 3.3 (CS) Access Control Server (ACS) model provides six standard roles: Help Desk Approver Network Operator Network Administrator System Administrator Super Admin Campus Manager application features are mapped to CS User Roles. Campus Manager integrates CS 3.3 ACS model to provide granular role definitions. Campus Manager application features are defined as a set of tasks. For a list of Campus Manager tasks, see Common Services Permission Report. (Common Services > Server > Reports > Permission Report) In the CS mode, you can perform any operation on the device view as well as perform any operation on all the devices, if authorized for the corresponding tasks. In the ACS mode, you can view the devices. However, you are not allowed to perform a task for which you have no authorization. If you try to perform the task, Campus Manager displays an error message. For example, in the ACS mode, when you launch Topology Services window, you can view all the devices. All the devices includes devices whose groups you have not mapped to in the ACS server. However, if you select a task that is related to configuration or IP change management on a device that you are not authorized to work on, an error message appears. The following case applies when you select Per Network Device Group as the mode of authorization in the ACS server. Suppose you (with Network Admin role in Common Services) are authorized to perform the following tasks in the ACS mode. Let us assume that the same tasks are applicable to a user with Network Admin Role in Common Services. View_topo View_vpa View_ut View_Reports View_AniAnalysis Config_Vlan Config_VlanPort Config_UT Config_MgmtIP Discover_TopoDevices Discover_UTEndHosts Export_data
4-4 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 4 Integrating Campus Manager With CiscoWorks Common Services Understanding DCR Integration In ACS, assume that you are assigned to a device group with devices ip1, ip2, and ip3. You are not assigned to another device group that contains the devices ip4, ip5, and ip6. If you launch Topology Services, you can view all the devices in the Topology Map window. If you right-click and select Change Management IP Address, and the Change Management IP Address dialog box is launched since you are authorized for the task Config_MgmtIP. You can perform the task. If you right-click and select Delete Device, an authorization error appears because you are not authorized for the task, Delete_device. Understanding DCR Integration Device and Credential Repository (DCR) is a set of tables that stores device information and their credentials. DCRServer, a Common Services component, is a process. Managing devices and end hosts in Campus Manager is a two-step process: Data Collection Data Collection runs as a daemon. It fetches data from devices and computes topology and network discrepancies. User Tracking Major Acquisition User Tracking Major Acquisition is a transient process initiated by the Campus Manager Server. It discovers end hosts and IP phones in the network. This section contains: Data Collection and DCR Handling DCR Events Data Collection and DCR After fetching device details from DCR, Campus Manager needs to perform Data Collection to manage devices. Campus Manager Server does Data Collection, at scheduled intervals. For Data Collection, the server: 1. Gets the list of devices and their credentials from DCR. 2. Polls these devices. 3. Fetches information that is required for topology computation, reporting network discrepancies, and for various reports and device configurations. Earlier, Data Collection process supported the collection for ports less than or equal to 150K in a network. In this release, Campus Manager supports the collection of ports up to 250K. Note the following about Data Collection: If the credentials in DCR are incorrect, the devices are reported as unreachable in Campus Manager. For Data Collection, the credentials are not fetched from discoverysnmp.conf. It is not mandatory that Data Collection be done for all devices in DCR. You can choose or restrict the devices to be managed by Campus Manager, using the IP Address. Devices in DCR can be managed by Campus Manager in Auto mode or Manual mode.
4-5 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 4 Integrating Campus Manager With CiscoWorks Common Services Understanding Object Grouping Services Integration Auto mode is the default option, where devices in DCR are automatically managed in Campus Manager Data Collection. You can specify the filter policies based on IP Addresses to exclude or include devices in Data Collection. You can also manually add or delete devices. Manual mode policies are not applicable. You have to manually add or delete devices and only those devices will be taken for Data Collection. For complete details on Device Management, see Device Management. Campus Manager places the port data collected by Data Collection into the database of Resource Manager Essentials (RME). The data placed in the database is used by Port and Module Configuration feature of RME. For more information on how the data is used by Port and Module Configuration, see User Guide for Resource Manager Essentials 4.3 Handling DCR Events Data Collection Server gets the list of devices and credentials from DCR during every Data Collection. It is possible that other applications also, add new devices or update attributes of devices in DCR. DCRServer provides an event mechanism to inform the applications about these changes. For Campus Manager to be in synchronization with DCR, Data Collection Server listens to update and delete events from DCR. When Data Collection Server receives an update event for a device or a set of devices, it synchronizes the credential information for them. When Data Collection Server receives a Delete event for a set of devices, it deletes the devices from Campus Manager database. All Campus Manager views reflect this change immediately. Whenever there is a change in Management IP address in Campus Manager, the Data Collection Server sends an event to DCRServer. DCRServer updates the Management IP address attribute accordingly. Understanding Object Grouping Services Integration The Groups feature in Common Services helps you to group devices managed by CiscoWorks applications. It helps in creating, managing, and sharing groups of devices. The groups created using this feature, are shared across applications. You can also view the groups created in applications from Common Services.
4-6 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 4 Integrating Campus Manager With CiscoWorks Common Services Understanding Device Center Integration Understanding Device Center Integration Device Center provides a one-stop place where you can see a summary for a device as well as the various tools, reports, and tasks that you can perform on a selected device. Device Center helps you access device-centric features and information from a single location. After launching Device Center, you can invoke many tools on the selected device from a single location. The various features in Device Center come from the CiscoWorks applications installed on the server. The device details related to Campus Manager that are available in the various sections are: Summary Device IP Address Device Type CDP Neighbors Reports Device Attributes Report Port Attributes Report Switch Port Report Recently Down Switch Port Report Reclaim Unused Up Ports Switch Port Report Reclaim Unused Down Ports Switch Port Report Switch Port Capacity Switch Port Report Switch Port Summary UT End Host Report VLAN Report Understanding Software Center Integration Campus Manager releases Service Packs (SP) every three months and these updates are available through Cisco.com. Campus Manager integrates with Software Center, also known as Package Support Updater (PSU), and uses its download service. You can check the latest SP available for Campus Manager and download it, if required, using Software Center.
4-7 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 4 Integrating Campus Manager With CiscoWorks Common Services Understanding License Integration Understanding License Integration Campus Manager uses the Common Services licensing framework for licensing. Licensing is based on the number of devices. Devices managed by Campus Manager are determined during Data Collection. The license is validated while you are launching different applications of Campus Manager such as Topology Services. If the license has expired or is invalid, you are prompted to obtain a valid license. The following are the Use Case scenarios for Campus Manager based on the Common Services licensing framework: Behavior Before License Expiration (Nagging) Behavior When License Period Expires Impact of Licensing Device Limit. Behavior Before License Expiration (Nagging) This behavior applies to all users: A Nag message appears 10 days before a license expires. A message appears before expiration of license and when the device limit is crossed. When you add devices, you are warned if the device count is close to the configured limit (10% of limit or 100 whichever is lower). A message appears if the device limit is crossed. However, it allows you to add a further 10% of the license limit or 100 devices, whichever is lower. Behavior When License Period Expires This behavior applies to all users: Campus Manager displays the License Expired page after the license expires. User Tracking CLI and Data Extraction Engine (DEE) checks expiry and stops after displaying the License Expired message. User Tracking does not allow any scheduled jobs in the system. Backup and Restore processes backup and restore the license file. The behavior is consistent with the bundle-level behavior. Impact of Licensing Device Limit. A network might have more devices than what is allowed by the product specific license. In such cases, Campus Manager manages only the number of devices allowed by the license. For example, consider a network that has 1000 devices. Assume that the license is only for 300 devices. In this case, Common Services discovers all 1000 devices and stores the credentials in Device and Credential Repository. Campus Manager manages only the first 330 devices (10% of the allowed license limit) in DCR. However, you are prompted to upgrade the license. Since Data Collection is done on a partial set of devices, it is possible that some of the devices are placed under Topology Services Unconnected Views. In this case, you have to either upgrade to the unrestricted version of the license or apply the IP Address filters in order to manage only the devices within the current license limit. You can apply filters to manage devices in Auto mode of Device Management. You can also manually exclude devices from Campus Manager. For complete details, see Device Management.
4-8 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 4 Integrating Campus Manager With CiscoWorks Common Services Understanding License Integration C H A P T E R
5-1 User Guide for Campus Manager 5.2 OL-18011-01 5 Administering Campus Manager Network administrators can perform administrative tasks on Campus Manager applications using the Administration module. This chapter contains: Understanding Campus Manager Administration Viewing Campus Manager Home Page Using Campus Manager Data Collection Administration Configuring Topology Settings Understanding Groups Using Administration Reports Using Other Admin Settings Setting Debugging Options Using Campus Manager J ob Browser Administration Command Line Interface Security Understanding Campus Manager Administration There are two main processes in Campus Manager: Data Collection Fetches the device list from DCR and collects the following data from the network: Ports available in a device VLANs in the network or device Subnets in the network Discrepancies in the network Neighbor data for each device Details about STP running in the network
5-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Campus Manager Administration User Tracking Major Acquisition Collects information about the end hosts and IP phones in the network. For more details on User Tracking, see Understanding User Tracking. The data collected by the above processes is used by Campus Manager to generate reports about the network. This section explains: Using Daemon Manager Selective Backup and Restore Note The Device Discovery process that was available in the previous versions of Campus Manager is now moved to Common Services. For more details see the User Guide for Common Services. You can do the following settings from Campus Manager Administration: Data Collection Settings Specify the time period at which SNMP queries time out, and the number of retries that can be done by Campus Manager before it stops querying the device. Schedule the time intervals at which Data Collection runs. Include or exclude devices for Data Collection by setting appropriate filters. For details, see Viewing Summary of Data Collection Settings. Configuring Topology Settings Set Topology Maps to display only the devices that you are authorized to view. Configure DFM Poller to display DFM alert information in Topology maps. For details, see Configuring Topology Settings. User Tracking Settings Configure various options based on which data on end-hosts and IP phones in the network are collected. For details see, Using User Tracking Administration. Group Management Create Device groups that can be shared by a set of users. These groups allow you to view a subset of the entire network. For details, see Understanding Groups. Launch Administration Reports Launch and view reports on: Analysis of the ANI Server Data Collection metrics List of devices supported For details, see Using Administration Reports Other Admin Settings: Discrepancy Configuration Customize the Discrepancies Report to display only those discrepancies that you want to be notified about.
5-3 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Campus Manager Administration Specify the discrepancies for which you need to generate Syslog messages For details, see Understanding Discrepancies and Best Practices Deviations. RME Server Credentials Enter the credentials of the RME Server that you need to access, to invoke CiscoWorks CLI commands from a remote client. For details, see Setting RME Credentials. Set Purge Policies Configure Purge settings for jobs or report archives For details, see Purging Reports J obs and Archived Reports. Set Debugging options Enable debugging for the various applications in Campus Manager. For details, see Setting Debugging Options Using Daemon Manager The daemon manager provides the following services: Maintains the startup dependencies among processes. Starts and stops processes based on their dependency relationships. Restarts processes if an abnormal termination is detected. Monitors the status of processes. The daemon manager is useful if there are applications that have long-running processes that must be monitored and restarted. It is also used to start processes in a dependency sequence, and to start transient jobs. This section explains: Restarting Daemon Manager on Solaris Restarting Daemon Manager on Windows Restarting Daemon Manager on Solaris To restart daemon manager on Solaris: Step 1 Log in as root. Step 2 Enter the following to stop the daemon manager: /etc/init.d/dmgtd stop Step 3 Enter the following to start the daemon manager: /etc/init.d/dmgtd start
5-4 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Campus Manager Administration Restarting Daemon Manager on Windows To restart daemon manager on Windows: Step 1 Go to the command prompt. Step 2 Enter the following to stop the daemon manager: net stop crmdmgtd Step 3 Enter the following to start the daemon manager: net start crmdmgtd Note Do not start the daemon manager immediately after you stop it. The ports used by daemon manager will be in use for a while even after the daemon manager is stopped. Wait for sometime before you start the daemon manager. If the system resources are less than the required resources to install the application, restarting daemon manager displays warning messages that are recorded in log file. Log file for Solaris is /var/adm/CSCOpx/log/dmgtd.log Log file for Windows is NMSROOT\log\syslog.log Selective Backup and Restore You can selectively back up files from the LMS 3.2 Server and restore them only on this LMS 3.2 Server. You can also selectively back up and restore the configuration files and specific tables in databases. You can also backup the schema, stored procedures, and select tables specified in the configuration file of Campus Manager. The selected tables include all dependent table for proper functioning, as a part of Restore. For tables that are not specified in the configuration file of Campus Manager, blank tables are created so that Campus Manager can function properly. You can restore the settings similar to a normal backup with no data or little data. You can restore the settings, using the CLI function on Windows and Solaris. Only configurable files and data from the database will be backed up as part of a selective backup. This section contains: Files used for backup Backing up Using CLI Backing up View Selective Backup Normal Backup
5-5 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Campus Manager Administration Files used for backup For selective backup, the following two files are used: Config file: Systemfile.txt: The Systemfile.txt contains information about the configuration files that includes configuration settings. The Systemfile.txt is located at: Windows: NMSROOT/backup/manifest/ani/Systemfile.txt. Solaris: /opt/CSCOpx/backup/manifest/campus/Systemfile.txt. where, NMSROOT CiscoWorks installed directory DB file: Dbtablesfile.txt: The Dbtablesfile.txt is located at: Windows: NMSROOT/backup/manifest/campus/database/Dbtablesfile.txt Solaris: /opt/CSCOpx/backup/manifest/campus/database/Dbtablesfile.txt where, NMSROOT CiscoWorks installed directory The Dbtablesfile.txt contains a list of the following tables: ManualDevices The ManualDevices table includes the entries of the devices manually included and excluded. devicestopoll The devicestopoll table includes the entries of critical devices. Critical devices are the devices in your network that are polled at specified intervals. DbVersion The DbVersion table includes the version and the date on which database is installed. VNMVRF The VNMVRF table includes the VRFs discovered by VNM. Backing up Using CLI To back up data, using only CLI on Windows and Solaris: On Windows, run: NMSROOT\bin\perl NMSROOT\bin\backup.pl -dest=BackupDirectory [-system] [-log=LogFile] [-email=E-mail][-gen=Num_Generations] On Solaris, run: /opt/CSCOpx/bin/perl /opt/CSCOpx/bin/backup.pl -dest=BackupDirectory [-system] [-log=LogFile] [-email=E-mail] [-gen=Num_Generations] where, NMSROOT CiscoWorks installed directory -dest=BackupDirectoryDirectory where the backed up data to be stored. -systemCommand line option that allows you to back up only the selected system configurations from all applications instead of backing up the complete database. -log=LogFile Log file name that contains the details of the backup. -gen=Num_GenerationsMaximum number of backup generations to be retained in the backup directory. Backing up View If you backup a view, it cannot be restored. To get the latest view details, you need to freshly install a view by invoking: NMSROOT/bin/perl NMSROOT/bin/dbaccess.pl install
5-6 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Campus Manager Administration As a prerequisite to installing a view, you must run Data Collection and User Tracking. Normal Backup In case of normal backup, to backup a view, you need to freshly install a view by invoking: NMSROOT/bin/perl NMSROOT/bin/dbaccess.pl install. As a prerequisite to installing a view, you must run Data Collection and User Tracking. If you modify various Network Topology View features and take a backup of Topo Map Preferences. The topo map views that are backed up cannot be restored because the map views are dynamically generated. The following data is backed up when you run a backup from the user interface or from CLI without entering the -system option: SNMP Settings CM Homepage Settings Data Collection Scheduled Details User Defined Groups RME Credentials Data Purge Settings Trap Configuration Settings Custom Reports and Layouts Topo Map Preferences - This is applicable for Upgrade only. MAC Detection Settings VNM Settings, J obs and Archives - VNM Settings, J obs and Archives are migrated only when you restore data from LMS 3.2. Device Details Port and VLAN Details Campus J obs and Archives User Tracking J obs and Archives Note All Scheduled jobs which are yet to be run will be backed up. Selective Backup When you run a backup from CLI with -system option, all the above-mentioned data gets backed up except: Device Details Port and VLAN Details Campus Archives, User Tracking Archives and VNM Archives Discovery Settings will be migrated for LMS 3.0 or lower versions. After the completion of selective backup and restore, you must run Data collection before executing VNM workflows.
5-7 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Campus Manager Administration Note If you enter DSN:ani:NONE in the Dbtablesfile.txt, the database will not be backed up.
5-8 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Viewing Campus Manager Home Page Viewing Campus Manager Home Page The Campus Manager Home Page is the first page that appears when you start Campus Manager. From this homepage you can : View the status of the various processes running in Campus Manager For details, see System Status View the count of Discrepancies and Best Practise Deviations available in the network and launch reports on them. For details, see Discrepancies and Best Practices Deviations Launch Recently Completed User Tracking J obs For details, see Recently Completed J obs Access frequently used features in the application and launch various reports. For details, see Campus Manager Tasks and Reports You can use the Refresh icon to refresh the homepage manually and get a live status of the applications. By default, the page refreshes every 45 seconds. Select the Auto Refresh check box to refresh the page automatically. The information displayed on the homepage depends on the role assigned to you for the feature. System Status Table 5-1 describes the fields in the System Status table. Table 5-1 Fields in System Status Table Field Description Operation Campus Manager processesData Collection, User Tracking Acquisition Last Completion Time Date and time when the operation was last completed. Result Click on the respective hyperlinks to get reports on Data Collection, and User Tracking Reports. Status Status of the OperationRunning or Idle Action Click on the respective hyperlinks to start Data Collection, or User Tracking Acquisition. Data Collection: Displays a confirmation message from where you can choose to run Data Collection only for new devices or for all devices. After selecting the required option, click OK to run Data Collection. User Tracking Acquisition: Displays a confirmation message. Click OK to start User Tracking Acquisition.
5-9 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Viewing Campus Manager Home Page Discrepancies and Best Practices Deviations Campus Manager provides reports on discrepancies, such as network inconsistencies and anomalies or misconfiguration in the discovered network. Best Practices Deviations are variations from the normal or recommended practices in a network. The Campus Manager Home Page displays the total number of Discrepancies and Best Practise Deviations present in the network. When you click on the total number, the relevant report is launched. For more information, see Understanding Discrepancies and Best Practices Deviations. Recently Completed Jobs The Recently Completed J obs table displays the following details of jobs that were completed recently: J ob ID J ob Type Description Status Completed At Each J ob ID is displayed as a hyperlink. You can launch the report by clicking the hyperlink. If there are more than eight jobs, a link named More is displayed at the bottom right of the table. Click More >> to launch the Campus Manager J ob Browser page. Campus Manager Tasks and Reports The Campus Manager homepage provides hyperlinks to the following tasks and reports: Tasks Description Application Setup Tasks Data Collection Settings Displays the Data Collection Settings page. Here, you can configure various settings that define the scope of Data Collection in your network. For more information see Viewing Summary of Data Collection Settings. User Tracking Acquisition Settings Displays the Campus User Tracking Acquisition Settings page. Here you can configure various settings that define the scope of User Tracking Acquisition. For more information, see Using User Tracking Administration. Discrepancy Settings Displays the Network Discrepancies page from where you can customize the Network Discrepancies report. For more information, see Understanding Discrepancies and Best Practices Deviations. Device Group Management Displays the Group Management page from where you can manage groups. For more information, see Understanding Groups.
5-10 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Viewing Campus Manager Home Page Device Trap Configuration Displays the Device Trap Configuration page, from where you can configure Cisco switches for sending SNMPv1/SNMPv2 MAC Notification Traps. For more information, see Enabling SNMP Traps on Switch Ports. Trap Listener Configuration Displays the Trap Listener Configuration page, from where you can configure either Campus Manager or DFM or HPOV to listen to SNMP traps sent by devices. For more information, see Configuring SNMP Trap Listener. Trunk Configuration Displays the Trunk Configuration page, from where you can configure trunk link between devices. For more information, see Creating Trunk. Operational Tasks Topology Services Launches the Campus Manager Topology Services window. VLAN Port Assignment Launches the Campus Manager VLAN Port Assignment window. Device Reports Device Attributes Report Displays the Report Generator from where you can generate and view Device Attributes Report. The report gives information about the devices in your network. For more information, see Displaying Device Attributes. Port Attributes Report Displays the Report Generator from where you can generate and view Port Attributes Report. The report gives complete information about the ports in the devices such as Port Name, type, Speed, Duplex mode etc. For more information, see Displaying Port Attributes. VLAN Report Displays the Report Generator from where you can generate and view VLAN Report. The report gives complete information about the VLANs existing in your network such as, VLAN ID, VLAN Type Status etc. For more information, see Displaying VLAN Reports. User Tracking Reports End Host/IP Phone Report Displays the User Tracking Quick Reports page from where you can generate different types of End Host and IP Phones Report. For more information, see Viewing End Hosts Reports and Viewing IP Phones Reports. Wireless Report Displays the User Tracking Report Generator from where you can generate and view reports on the wireless devices connected to your network. For more information, see Viewing Reports on Wireless Clients. Tasks Description
5-11 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Viewing Campus Manager Home Page End Host History Report Displays the User Tracking Report Generator from where you can generate and view reports on end host history. This report gives information about the user logged in to the host, the date and time in which it was connected or disconnected to and from a port etc. For more information, see History Reports Based on Filters. MAC Reports Displays the User Tracking Report Generator from you can generate reports on new MACs, Rogue MACs and dormant MACs in the network. For more information, see Viewing MAC Reports. Tasks Description
5-12 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Viewing Campus Manager Home Page Network Reports Best Practice Deviation Report Displays the Report Generator from where you can generate and view reports on Best Practice Deviations in the network. You can view Acknowledged as well as Unacknowledged deviations. For more information, see Viewing Best Practices Deviations Reports. Discrepancies Report Displays the Report Generator from where you can generate and view reports on discrepancies present in the network. You can view Acknowledged as well as Unacknowledged discrepancies. For more information, see Viewing Discrepancy Reports. Advanced Reports Switch Port Capacity Report Lists switches that crossed utilization threshold limits, along with the value of percentage port utilization. For details see, Understanding Switch Port Usage Reports. Switch Port Summary Report Gives the number of Connected, Free, and Free down ports in each switch. For details see, Understanding Switch Port Usage Reports. Reclaim Unused Down Ports Report Lists administratively down ports, which are not connected to any end host or device. For details see, Understanding Switch Port Usage Reports. Reclaim Unused Up Ports Report Lists administratively up ports, which are not connected to any end host or device. For details see, Understanding Switch Port Usage Reports. Switch Port Utilization History Report History Report for Switch Port Utilization helps you to view the log in and log out of end hosts for the selected devices. For details, see Understanding History Report. Duplicate IP Report Displays the Report Generator page from where you can generate Duplicate IP Report. For more information, see Viewing Duplicates Report Duplicate MAC Report Displays the Report Generator page from where you can generate the Duplicate MAC Report. For more information, see Viewing Duplicates Report Duplicate MAC and VLAN Report Displays the Report Generator page from where you can generate the Duplicate MAC and VLAN Report. For more information, see Viewing Duplicates Report Ports with Multiple MAC Report Displays the Report Generator page from where you can generate report for Ports with Multiple MAC. For more information, see Viewing Duplicates Report Tasks Description
5-13 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration Using Campus Manager Data Collection Administration You must run Data Collection for Campus Manager to manage devices. Using the Administration module of Campus Manager, you can: View the summary of Data Collection settings. For details, see Viewing Summary of Data Collection Settings. Modify SNMP Timeouts and Retries. For details, see Modifying SNMP Timeouts and Retries. Specify Data Collection filters. For details, see Device Management. Schedule Data Collection. For details, see Scheduling Data Collection. Configure Polling options. For more details, see Device Poller. Specify the Data Collection debugging options. For details, see Setting up Debugging Options for Data Collection. You can click the Go to Campus Administration hyperlink from any screen to go to the Campus Administration dashboard. Viewing Summary of Data Collection Settings You can view a summary of the Data Collection settings in this page. To view summary: Step 1 Select Campus Manager > Administration > Data Collection. The summary of Data Collection Settings appears. Table 5-2 describes the fields that appear in the Data Collection Settings dialog box.
5-14 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration Modifying SNMP Timeouts and Retries You can modify the SNMP timeouts and retries when Data Collection fails for a particular device with SNMP timeout exceptions. The SNMP fallback methodology applicable for Data Collection, UT Acquisition, and Dynamic UT is as follows: If you have configured a device with SNMP v2 or v1 settings in DCR, then the device is initially queried with SNMP v2 by Campus Manager. If the query fails, CM will query the device with SNMP v1. If you have configured a device with SNMPv3 settings in DCR, then the device is queried with SNMP v3. However, if the query fails, the same device will not be queried with SNMP v2 or v1. Table 5-2 Data Collection Settings Field Description Type of Polling Polling can be done for all devices or a critical set of devices. Clicking View Details for this option takes you to the Device Poller, where you set the type of polling. For more information, see Device Poller Device Management Mode Devices can be managed in the Auto mode or Manual mode. Clicking View Details for this option launches the Mode and Policy Settings page, where you can do the required settings. For more information, see Device Management. Poll Interval Periodicity for polling the network. Polling Interval is in the format HH:MM:SS, where HH is the hour; MM is the minutes; SS is the seconds. Polling checks whether the devices managed by Campus Manager are SNMP reachable, and if the interfaces in the devices are up or down. The default poll interval is 2 hours. You can change this value in Campus Manager > Administration > Data Collection > Device Poller page. Data Collection Schedule Data Collection fetches the device list from DCR and collects the following data from the network: Ports available in a device VLANs present in the network/ device Subnets in the network Discrepancies in the network Neighbor data for each device Details about STP running in the network Click View Details to view the Data Collection Schedule details. You can add a new schedule and edit or delete existing schedules.
5-15 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration To modify SNMP timeouts and retries: Step 1 Select Campus Manager > Administration > Data Collection > SNMP Timeouts and Retries. The SNMP Timeouts and Retries dialog box appears. Step 2 Modify the SNMP settings as given in Table 5-3. Step 3 Click Add to add SNMP settings. Step 4 Select a row and either: Click Edit to edit the timeouts and retries values. Or Click Delete to delete the timeouts and retries values. Click OK to save the changes or click Cancel to exit. Step 5 Click Apply. Table 5-3 Modify Data Collection SNMP Timeouts and Retries Field Description Target Denotes the Target device. You should enter IPv4 or IPv6 address of the target device in this field. You can also use wildcard characters or range of numbers to specify the target device. For example, you can enter 10.[77-78].*.* or ABCD:EF12:*:*:*:*:[3A-BB] as the target device Timeouts Time period after which the query times out. This also indicates the time interval between the request and the first initial response from the device. The SNMP response may be slow for remote devices. If your network has remote devices connected over a slow link, configure a higher value for time-out. If Time out is increased, discovery time could also increase. Enter the value in seconds. The allowed range is 0-60. For every retry, the timeout value is doubled. For example, If the timeout is 10 seconds and retries 4: Campus Manager waits for 10 seconds for response for the first try, 20 seconds for the second retry, 40 seconds for the third retry and 80 seconds for the fourth retry. 150 seconds (10+20+40+80) is the total time lapse after which Campus Manager stops querying the device. Retries Number of attempts made to query the device. The allowed range is 0-8.
5-16 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration Device Management There are two modes of managing devices in Campus Manager namely Auto mode and Manual mode. Auto Mode This is the default option, where devices in DCR are automatically managed in Campus Manager Data Collection. You can specify the filter policies based on device groups to include devices in data collection. In addition to these, you can also manually add or delete devices. For more details on mode and policy settings, see Mode and Policy Settings. Manual Mode In this mode policies are not applicable. You must manually add or delete devices and only those devices will be taken for Data Collection. For more details on manual mode, see: Manually Including Devices to Data Collection. Manually Excluding Devices from Data Collection Mode and Policy Settings You can control the mode in which Data Collection runs as well as specify filters as follows: Enable Auto Mode Specifying Auto Allocation Rules Enable Auto Mode This option is selected by default. This indicates that Campus Manager Data Collection happens in the Auto mode. This mode works in tandem with the Manual mode policies. When you deselect this, Campus switches to the Manual mode of Data Collection and all filters set in the Auto mode are dropped. Specifying Auto Allocation Rules In Auto mode you can either manage all devices or manage devices in groups. There are two types of groups available: System Defined groups System defined groups are automatically created, based on the information in DCR. User Defined Groups You can create User Defined groups based on your requirement. For example, if you want to manage only devices with the IP address 10.77.*.* in Campus Manager: Create a group in Common Services for the devices with the IP Adress 10.77.[0-255].[0-255], say CM_Subnet77. Include that group in Campus Manager Auto mode settings. Run Data Collection. Now the devices with the IP address 10.77.*.* will be managed in Campus Manager. For more details on Group Creation, see the User Guide for Common Services 3.3.
5-17 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration To combine Auto mode policies with Manual mode, see: Manually Including Devices to Data Collection Manually Excluding Devices from Data Collection To set Auto Allocation rules: Step 1 Select Campus Manager > Administration > Data Collection > Device Management > Mode And Policy Settings. The Auto Allocation Settings dialog box appears. Step 2 Select either: Manage All Devices This setting indicates that all devices in DCR will be managed by Campus Manager (as per the license limit). If you select this, skip Step 3. Manage by Groups This setting indicates that only the devices belonging to the selected groups will be managed by Campus Manager. Step 3 Select the individual groups that are to be managed by Campus Manager. Step 4 Click Apply. If you selected Manage All Devices, the settings will be applied. All devices will be managed in Campus Manager in the next Data Collection. Skip Step 5. If you selected Manage by Groups, the Auto Allocation Summary window appears with the information, as explained inTable 5-4: . Table 5-4 Data Collection Filters Field Description Number of devices currently managed Number of devices currently managed in Campus Manager. Number of new devices after this rule change Number of devices that will be added to Campus Manager, after the settings are applied. Clicking on the number launches the device list. For the Manage by Groups setting: If a device has different display names, the same IP address, and belongs to two different groups, it is listed twice in the report. Number of devices that will be deleted after this rule change Number of devices that will be deleted from Campus Manager, after the settings are applied. If you click on the number, it launches the list of devices marked for deletion. For the Manage by Groups setting: If a device has different display names, the same IP address, and belongs to two different groups, it is listed twice in the report. Total number of devices after this rule change Total number of device that will be managed in Campus Manager after the settings are applied. This is the sum/difference of already managed devices and the devices added/deleted from the rule change.
5-18 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration Step 5 Click OK to save the settings or Cancel to cancel the changes. The rules set come into effect only in the next Data collection cycle. Example Consider the following scenario: The following devices are managed in Campus Manager: 10.77.209.60 10.77.209.59 10.77.210.7 To understand the device count in the Auto Allocation Summary window, assume the following: You have created a user-defined group in Common Services, which consists of the devices in the range 10.77.209.*, say LAB1. You have changed the mode to Manage by groups in Mode and Policy Settings page and have included only the group LAB1. DCR has the following devices in the range 10.77.209.*: 10.77.209.60 10.77.209.59 10.77.209.53 10.77.209.54 10.77.209.55 You have manually included the device 10.77.210.6 to be managed in Campus Manager. You have manually excluded the device 10.77.209.55, so that it is not managed in Campus Manager. Now the details of Auto Allocation Summary are: Number of devices currently managed: 3 (10.77.209.60, 10.77.209.59, 10.77. 210.7) Number of new devices after this rule change: 3 (10.77.209.53, 10.77.209.54, 10.77.210.6) Number of devices that will be deleted after this rule change: 1 (10.77.210.7) Current license limit Maximum number of devices that you can manage as per the LMS license you have purchased. For more details on this, see Installing and Getting Started guide published at http://cisco.com/en/US/products/sw/cscowork/ps2425/prod_installa tion_guides_list.html Run Data Collection Immediately after applying the settings Runs Data Collection immediately after applying the settings. Table 5-4 Data Collection Filters (continued) Field Description
5-19 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration 10.77.210.7 will not be managed after the rule change since it does not belong to the group LAB 1 and is not manually included. Total number of devices after the rule change: 5 (10.77.209.60, 10.77.209.59, 10.77.209.53, 10.77.209.54, 10.77.210.6) Points to be noted: When a group is removed from Common Services, the change is immediately reflected in the Auto Allocation Settings s screen, but the devices that belonged to this group will be managed in Campus Manager and shown in Topology maps until you perform Data Collection. When a new device is added to a group, deleted from a group or moved to another group, the changes will be reflected in Campus Manager only in the next Data Collection cycle. When you migrate from an older version of Campus Manager to the current version, all the IP based filters from the older version are automatically converted into a single group with the predefined name Migrated_From_CM_Filters. This group will be selected automatically as an Auto mode setting. This conversion will happen immediately after migration, during ANIServer startup. If the filter migration fails due to any issues, the filter value will be saved as comment (preceded with #symbol) in the ANIServer.properties file. When the DCR mode changes in the Campus Manager server as follows: Master mode to Slave mode Standalone mode to Slave mode All Auto and Manual mode policies will be deleted. Data Collection will be triggered on Manual mode and will delete all previously managed devices from the Campus Manager database. You have to set new policies and run Data Collection again to manage devices in Campus Manager. When the DCR mode changes in the Campus Manager server as follows: Standalone mode to Master mode Master mode to Standalone mode Slave mode to Standalone mode Slave mode to Master mode Auto Allocation mode is preserved. When Campus Manager server is integrated with ACS server, only authorized devices are shown in Campus Manager pages. But in the mode and policy settings page, when you click on "Number of new Devices after the rule change link" in the summary page, both authorized and unauthorized devices are listed if you have included unauthorized devices for managing in Campus. After you run Data collection, only the authorized devices are shown in Campus Manager.
5-20 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration Manually Including Devices to Data Collection The Device Selector in Include devices page displays the list of devices not managed by Campus Manager, but present in DCR. From this list you can select and add devices that need to be managed by Campus Manager. This Manual mode of including devices can work along with the Auto mode or can work independently. This implies: You can manually include devices even when you are in Auto management mode. Whereas if you are in Manual mode, Auto mode policies are not applicable. If you switch from Auto mode to Manual mode, the Auto mode policies will not be retained. However, the devices that are already managed will be included in future Data Collections. The list of devices included manually is given preference over the policies set through Auto mode. For example, If you set a Data Collection filter to exclude the devices belonging to the address range 10.77.*.* or 10.77.[0-255].[0-255], but manually add 10.77.2.1, this device will be included in the consecutive Data Collection cycle. The policies that you set in Auto and Manual mode will come into effect only during the next Data Collection cycle. Click Show Included Devices, to see the list of manually included devices in this cycle. To manually include devices: Step 1 Select Campus Manager >Administration >Data Collection >Device Management > Include Devices. The Include Devices page is launched. The Device Selector in this page has two groups: All devices and Device Type Groups. If you have configured User defined groups, it is displayed here. Step 2 Select the list of devices from the groups. The devices that are already being managed by Campus Manager will not be present in the Add list. Step 3 Click Include. These devices will be included in the next Data Collection process. Note Any changes you make here will come into effect only in the next Data collection cycle.
5-21 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration Manually Included Devices Report This report gives the details of devices that are manually included from Campus. To view the report: Step 1 Go to Campus Manager >Administration >Data Collection >Device Management >Include Devices Step 2 Click Show Included Devices. The report displays information as described in Table 5-5: To exclude a device from the Included list, select the device and click Exclude. To get more clarity on Device Management, see FAQs. Manually Excluding Devices from Data Collection You can manually exclude devices from the list of devices managed by Campus Manager. The Device Selector in the Exclude page will list the devices that are currently managed in Campus Manager and the manually included devices. This manual mode of excluding devices can work with Auto mode or independently. This implies: You can manually exclude devices even when you are in Auto management mode. Whereas if you are in Manual Mode, Auto mode policies are not applicable If you switch from Auto mode to Manual mode, the Auto mode policies will not be retained. However, the devices that are already managed will be included in future Data Collections. The list of devices excluded manually are given preference over the policies set through Auto mode. For example, If you set a Data Collection filter to include the devices belonging to the address range 10.77.*.* or 10.77.[0-255].[0-255], but manually exclude 10.77.1.3, the device 10.77.1.3 will be excluded in the Data Collection process. The changes made in Auto and Manual mode will come into effect only during the next Data Collection cycle. Click Show Excluded Devices to see the list of manually excluded devices in this cycle. Table 5-5 Manually Included Devices Report Field Description IP Address IP Address (IPv4 or IPv6 address) of the device. Device Name Name of the device. Management State Indicates whether the device is currently managed in Campus.
5-22 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration To manually exclude devices: Step 1 Select Campus Manager >Administration >Data Collection >Device Management > Exclude Devices. The Exclude Devices page is displayed with the following groups: All Devices Device Type Groups User Defined Groups (If any) Step 2 Select the devices from the list which you want to remove. Step 3 Click Exclude. These devices will be excluded from the list of devices managed by Campus Manager. Note Any changes you make here will come into effect only in the next Data collection cycle Manually Excluded Devices Report This report gives the details of devices that you manually excluded from Campus Manager. To view the report: Step 1 Select Campus Manager >Administration >Data Collection >Device Management > Exclude Devices. The Exclude Devices page is launched. Step 2 Click Show Excluded Devices. The report displays information as given in Table 5-6: To include a device from the Excluded list, choose the device and click Include. For more information on Device Management, see FAQs. Table 5-6 Manually Excluded Devices Report Field Description IP Address IP Address (IPv4 or IPv6 Address) of the device. Device Name Name of the device.
5-23 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration Using Advanced Search in CM Device Selector You can use the Advanced Search icon to specify a set of rules for advanced search. Advanced search is based on the Grouping Services attributes of Grouping Services Server of Campus Manager. In the Advanced Search dialog box, you can create rules to search for devices.Figure shows the Advanced Search dialog box. The dialog box contains the following fields and buttons as mentioned in Table 5-7 Usage Notes The following are the usage notes for Advanced Search: If you have not selected any device nodes, then advanced search is applied only for All Devices node. You can either enter the rules directly in the Rule Text field, or select the components of the rule from the Rule Expression fields, and form a rule. Each rule expression contains the following: object type.variable operator value Object TypeThe type of object (device) that is used to form a group. VariableDevice attributes, based on which you can define the group. See the Rules Editor. OperatorOperator to be used in the rule. The list of possible operators changes based on the Variable selected. ValueValue of the rule expression. The possible values depend upon the variable and operator selected. Depending on the operator selected, the value may be free-form text or a list of values. Table 5-7 CM Advanced Search Dialog Box Field Description Device Name Name of the device. Object Type Type of object (device) that is used to form a group. Variable Device attributes based on which you can define the group. See Rules Editor. Operator Operator to be used in the rule. The list of possible operators changes based on the Variable selected. Value The value of the rule expression. The possible values depend upon the variable and operator selected. Depending on the operator selected, the value may be free-form text or list of values. The wildcard characters are not supported. Add Rule Expression Used to add the rule expression to the group rules. Rule Text Displays the rule. Check Syntax Verifies that the rule syntax is correct. Use this button if you have entered the rules manually. Search Used to search for devices based on the defined rule.
5-24 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration If you are entering the rule expressions manually, the rule expression must follow this syntax: object type.variable operator value If you are entering more than one rule expression, you must enter logical operators OR, AND or EXCLUDE after every rule expression. You must use Check Syntax button only when you add a rule manually or when you modify a rule expressions in the Rule Text. The advanced search operation is not case-sensitive. To delete the rules in the Rule Text box, select the complete rule including the logical operator and press the Delete key on your keyboard. If you want to perform a new search, click Clear All before selecting any new devices. For information on the rules used to perform advanced search, refer Rules Editor. Scheduling Data Collection To schedule data collection: Step 1 Select Campus Manager > Administration > Data Collection > Schedule Data Collection. The Data Collection Schedule dialog box appears. Step 2 Modify the data collection settings as described in Table 5-8. Select a schedule and click Edit to edit the schedule. Select a schedule and click Delete to delete the schedule. Click Add to add a new schedule. Step 3 Click OK to save the changes or click Cancel to exit. Table 5-8 Data Collection Schedule Settings Field Description Usage Notes Schedule Days, Hour, Min Days on which and the time at which data collection is scheduled. The optimum data collection schedule depends on the size of the network and the frequency of network changes. The default data collection schedule is every 4 hours, on the 4-hour mark, daily: 04.00, 08.00, 12.00, 16.00, 20.00, 24.00 Note that time is in the 24-hour format. Recurrence Pattern Select the days of the week on which data collection is to be scheduled. This field is available only when you are adding or editing a schedule.
5-25 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration Best Practices Be cautious while scheduling Data Collection: Data Collection consumes significant resources on the network management system. Use the Polling option to see the device and link status without running data collection. For more details on polling see, Device Poller Device Poller Campus Manager polls the entire network for device and link status periodically.This feature allows you to: Configure the time interval at which the network is polled. Poll only a critical set of devices. Use this option to see the device and link status without running Data Collection. Since Data Collection consumes significant system resources, you can simply poll the network and view the device and link status in Topology maps. Adding Critical Devices to the Device Poller To add a device to the Critical Devices list from Topology Map: Step 1 Launch a Topology map. Step 2 Right click a device and select Add device to Critical Poller. To add a device to the Critical Devices list from N-Hop View Portlet: Step 1 Launch N-Hop View Portlet. Step 2 Go to the configuration screen and select Poll devices. For complete details on N-Hop view portlet, see N-Hop View Portlet. Caution If the critical set of devices is more than 30, the amount of traffic generated as part of polling cycle will use a large of bandwidth. To configure Device Poller: Step 1 Go to Campus Manager > Administration > Data Collection > Device Poller. The Device Poller screen is displayed. Step 2 Configure the device poller options as specified in Table 5-9.
5-26 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Data Collection Administration Step 3 Click Apply to save the configuration. Table 5-9 Device Poller Options Field Description Usage Notes Polling Details All Devices Specifies that all devices in the network will be polled at the specified interval. By default the whole network is polled every 2 hours. Critical Devices Specifies that only critical devices in the network will be polled at the specified interval. You can configure this option when you need to poll a few devices in the network more frequently. By default the critical devices are polled every five minutes. Time Interval Time interval at which the specified devices are polled periodically. The time interval is added to the completion time of Data Collection. For example, you have configured the following: Data Collection is scheduled to run at 07:00 hours Time interval is set to 4 hours. If Data Collection completes at 08:00 hours, the next polling will happen at 12:00 hours (8 +4). Configure this option to change the interval from the default value. Show Devices For Critical Devices: Displays the list of critical devices in the network. Thefollowing information about the Critical Devices is displayed: IP Address DeviceName You can choose any device and click Delete to remove it from the Critical Device poller list. For All Devices: Launches the Data Collection metrics report. Thefollowing information about the devices in the network is displayed: IP Address DeviceName DeviceType Neighbors
5-27 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Configuring Topology Settings Configuring Topology Settings You can configure the following Topology Settings: Restrict Topology Maps to display only authorized devices, when Campus Manager is set to ACS mode. For details, see Restricted Topology View. Configure Campus Manager to fetch alert information from DFM, and display it in Topology Maps. For details, see Configuring DFM Polling. Restricted Topology View Topology Maps display all the devices discovered by Campus Manager. When Campus Manager is integrated with the ACS server, you can set Topology Maps to display only the devices you are authorized to view. To do that: Step 1 Go to Campus Manager > Administration > Topology > Restricted Topology View. The configuration screen is displayed. Step 2 Check Display Only the Authorized devices in Topology Maps. This option is enabled only when Campus Manager is integrated with the ACS server. Step 3 Click Apply. Topology Maps display only the devices you are authorized to view. If Topology Services is already launched, close it and relaunch for the change to take effect. Points to be Noted If you change the management IP address of an authorized device: It becomes an unauthorized device. The device is not shown in Topology maps in the consecutive relaunches. When the changed IP address is given as root in N-hop view portlet, it results in an error. To avoid the above mentioned issues, you must maintain the same management IP address for the device in Topology Services and in the ACS server. Configuring DFM Polling To display DFM information in Topology Maps and N-Hop view portlet, you have to enable polling as follows: Step 1 Go to Campus Manager > Administration > Topology > DFM Poller Settings. The configuration screen is displayed. Step 2 Check Poll DFM Server for alerts. If you try to apply the settings when DFM is not installed on a local or remote server, you will get an error message indicating the same. If DFM is installed, the list of DFM servers detected is displayed above this check-box.
5-28 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups You can enable this option, only if: DFM is installed in the local CiscoWorks server or on a remote CiscoWorks server in the master slave mode. AND Campus Manager has detected the DFM server. If DFM is installed after running Data Collection, either run Data Collection or restart ANI Server before enabling the above setting. Step 3 Set the time interval at which the polling should occur. DFM updates the latest alert information every 6 minutes. So the time interval can be a value between six minutes and fifty nine minutes, fifty nine seconds. Step 4 Click Apply. The settings are saved to the server and polling starts within six minutes of the configuration. In addition to this, you can restrict the type of DFM alert displayed in your machine. For example you can choose to display only critical alerts in Topology maps. To do that, see Modifying DFM Alert Settings. To restrict the type of alerts displayed in N-hop view Portlet, see Configuring the Portlet. The alert information fetched from DFM can be launched from Topology Maps and N-Hop view portlet, by right clicking on the required device. For details, see Starting CiscoWorks Applications From Topology Views. Understanding Groups A Group can be thought of as a convenience view that allows you to view a subset of the entire network based on the group rule defined while creating the view. These views, which are subsets of the Layer 2 views, can be accessed by a user or a set of users. These custom views are generated using a Campus Manager feature called Grouping Services that helps to manage groups of devices. Grouping Services determines the membership of a group by interpreting and applying the rule associated with the group. Hence, Topology Groups allows you to: Identify and view a set of objects corresponding to a view. Create and manage views. Define convenience views which are a subset of the Layer 2 map. This section explains: System Defined Groups User Defined Groups Overview of Subnet Based Groups Rules Editor Using Groups
5-29 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups Concept of a Group A group is a named set of devices. The group is characterized by a set of properties such as a name, description, type, access permission, and so on. Most importantly, a group has an associated rule. The rule determines the membership of a group, which may change whenever the rule is evaluated. Groups manage subgroups in a hierarchical organization. Two predefined top level Parent groups are available when you install Campus Manager: System Defined Groups User Defined Groups These groups are provided to categorize devices at your site, and each of these contains a list of all the devices in the Campus Manager Database. The groups under Administration > Groups and that under Topology Services > Topology Groups follow the same hierarchy. After you create a group through Administration > Groups, you must reopen the Topology Services to view the changes. If you have appropriate permissions, you can create subgroups under groups. Hence, each Child group is a subgroup of a Parent group. Note the following: The membership of a Child group will be a subset of its immediate Parent group. Changes in the properties of a Parent groupName, Rule, Evaluation Type, Access Permissions, impact all Child groups under it. When you remove a group, all Child groups under it are also removed. When a user is removed from the Campus Manager list of users, the groups created by the user are not removed. System Defined Groups A System Defined Group is a top-level container for standard groups that are accessible to and used by most Campus Manager users. These groups are pre-defined by Campus Manager. The predefined sub-groups under System Defined Groups are: All Unreachable Devices which contains set of all devices that are not reachable by Campus Manager. Subnet Based Groups which contains sub folders representing subnets (one folder per subnet) discovered in the network. Each folder contains the devices corresponding to those subnets. These subnet folders are of the form: subnet subnet mask eg: 10.77.209.48 255.255.255.240 You cannot: Change system defined groups Create any subgroups under system defined groups. Based on your requirements, you can create customized groups under User Defined Groups.
5-30 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups User Defined Groups User Defined Groups is a top-level container where individual Campus Manager users can create their own groups. Typically, the groups under User Defined Groups would be used and accessible to the user who created the group, and perhaps a small group of additional users, or these groups may be transient in nature. For example, if J oe Smith wants to create a group that contains all devices where he is the System Contact, and he uses the following rule to form this group: Device.SystemContact equals "Joe Smith" OR Device.SystemContact equals "jsmith" Dynamic Group A dynamic group is a group for which the membership list is always up-to-date. Whenever you view a dynamic group, it always displays the latest group membership list. Static Group A static group is a group for which the membership is refreshed only when you explicitly request it. Between re-evaluations, the Group Server stores the membership list and group definition of the static group. Overview of Subnet Based Groups Subnet based groups are automatically created when devices are managed. These are a part of System defined groups. You cannot create, edit or delete them. Subnet based groups help you work on smaller subsets of devices that are logically grouped. They are automatically deleted when all the devices in a subnet are deleted. This topic covers: Accessing Subnet Based Groups Understanding Subnet Based Groups Creating Groups Based on Subnet Accessing Subnet Based Groups To access Subnet based groups go to Campus Manager > Administration > Groups. This displays the Group Management page. The Group Selector field displays two groups, System Defined Groups and User Defined Groups. The Subnet Based Groups are created under System Defined Groups.
5-31 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups Understanding Subnet Based Groups The Subnet based groups use the following name format: Subnet -- Subnet Mask. The rule expression for Subnet Based Groups has the following components: Class.attribute operator "value" For example, Device.IP.Subnet equals "172.20.104.192" AND Device.IP.SubnetMask equals "255.255.255.240" The rule above will select all devices of subnet 172.20.104.192 and subnet mask 255.255.255.240. Creating Groups Based on Subnet When you need to create subnet based groups as per network requirements, you can do it under User defined groups. For example, the following rules might be used to create two groups based on the IP address subnet: Device.IP.Subnet equals "172.29.252.32" Device.IP.Subnet equals "172.29.252.64" The examples provided here are simple. However, the Grouping Service allows arbitrarily complex rules to be formed by combining rule expressions with AND, OR or the EXCLUDE operators. This gives the administrator the power and flexibility to create view partitions tailored to the needs of their site. Rules Editor Every group is defined by a set of rules. You may select an item from the drop down menus, enter a rule in the free-form Rule Text area, or use a combination of the two. A rule set contains a Boolean combination of individual rule expressions. A rule expression is made of the following components: Object Type Variable Operator IP Address Range Operator Value Object Type The type of devices which form the group. Rules are evaluated on the list of devices discovered. Campus Manager supports only one object type: Device Variable Any of the attributes of a device. Table 5-10 gives details on the available variables:
5-32 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups Operator The operator used in forming a rule. The following operators are available: equals contains When the variable DiscoveryStatus is used, equals is the only operator is available. When the all the variables, the following operators are available: equals contains startswith endswith When the variable is equal to IPAddress or IP.SubnetMask or IPv6.Subnet or IPv6.SubnetMask, the following operators are available: equals contains startswith endswith range IP Address Range Operator The range operator enables you to group the devices of the specified range of IP Addresses. You can select the range operator only for the IPAddress variable. You should enter the range of IP Addresses in the Value field, to create a group rule based on IP Address ranges. When you enter the IP Address range in the text field, you should: Specify the range with permissible values for one or more octets in the IP Address. The minimum limit in the range is 0 and the maximum limit is 255. Table 5-10 Device Attribute Description Attributes Description DiscoveryStatus Status of the Data Collection process. Hostname Name of the device. ImageVersion Software version running on the device. IP.Subnet IP address of the device with the subnet to which it belongs. IP.SubnetMask Subnet mask address of the device. IPAddress IP Address of the device. SysName Name of the device as configured by the Administrator. SysObjectID SysObjectID of the device as configured by the Administrator. SystemContact Contact for the device details as entered by the Administrator. SystemLocation Location of the device as entered by the Administrator.
5-33 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups Use the hyphen character (-) as a separator between the numbers within a range. Specify the range of IP Addresses within the [and] characters to create a group rule. For example, you can enter 10.10.10.[0-255] or 10.10.[0-255].[0-255] in the Value field. You should not: Enter numbers lesser than 0 and greater than 255 in the IP Address range. Enter any other characters other than the range separator (-). Enter the value of highest limit in the range as less than the value of smallest limit number. For example, you should not enter 10.10.10.[8-4]. Value A free flow operand forming the last part of the rule. When the variable DiscoveryStatus is used, only the following values are available: Never_Reachable Reachable Currently_Unreachable Example of Rule Let us consider a scenario where you need to define a rule for a set of devices in the State Street Campus. Campus Manager has devices at two locations: Bldg 1 Devices and Bldg 2 Devices. In this scenario, we will create rules for the System Defined Groups and the User Defined Groups. This section contains: Rule for a System Defined Group Rule for a User Defined Group Composite Rule Rule for Include Devices Rule for Exclude Devices Rule for a System Defined Group To create a System Defined Group whose member devices are located in Bldg. 1 Devices, the group rule is: Device.SystemLocation equals "Bldg 1 Devices" where Variable is SystemLocation Operator is equals Value is Bldg 1 Devices Similarly, to create a System Defined Group whose member device IP addresses is 172.20.121.10, the group rule is: Device.IpAddress equals "172.20.121.10" In addition you can use the contains operator to match a value anywhere in the attribute: Device.IPddress contains "10"
5-34 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups The above rule, will match devices with IP address like 172.20.10.3, 172.25.3.101 etc. To group all devices whose IP Addresses are within the range 10.10.0.0 to 10.10.50.255, the group rule is: Device.IPAddress range 10.10.[0-50].[0-255] Rule for a User Defined Group To create an User Defined group whose member devices have a common system contact person, J Smith Devices, the group rule is: Device.SystemContact equals "J Smith Devices" Composite Rule Composite rule contain more than one rule expression separated by a Boolean operator. The Boolean Operators OR, AND, or EXCLUDE appear in the Rules:Create dialog box only when you have entered at least one rule expression. When the composite rule has more than two simple rule expressions, you can adjust priorities among the expressions using opening and closing parenthesis. In the above example, to create a group whose member devices are labelled Lab Test Setup, have a common system contact person, J Smith Devices, the composite rule is: Device.DeviceLabel equals "Lab Test Setup" AND Device.SystemContact equals "J Smith Devices" Rule for Include Devices Simple Rule for Include Devices contains a common parameter: CMF:DCR:Device. The Device Management filters the devices based on the rule you have specified in the Defined Advanced Search Rules dialog box. For example, the rule type: :CMF:DCR:Device.DisplayName equals "joe" will select the device with the DisplayName joe. Rule for Exclude Devices Simple Rule for Exclude Devices contains a common parameter: Device.The Device Management filters the devices based on the rule you have specified in the Defined Advanced Search Rules dialog box. For example, the rule type: Device.HostName equals "Saturn" will filter the Devices with common host name, Saturn. For more information on creating groups, refer Creating Rules for Groups.
5-35 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups Using Groups The main tasks that you can perform using groups are: Creating Groups Modifying Groups Viewing Group Details Deleting a Group Recomputing Group Membership All actions begin from the Topology Groups administration page, unless otherwise specified. Access control to groups is controlled on a username basis. By default, read permission is granted to System Defined Groups, and read write and evaluate permissions are granted to User Defined Groups. The User Defined Groups folder is meant to hold a users private group and/or groups that are more transient in nature. Creating Groups You can create groups under System Defined Groups and User Defined Groups. To create Groups, you must select Campus Manager > Administration > Groups. Creating Groups involves: Creating Group Properties Creating Rules for Groups Creating Memberships
5-36 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups Creating Group Properties Access to group creation is based on permission levels. You can create groups under User Defined Groups. By default, only the CiscoWorks admin user can create groups under System Defined Groups. However, the admin user can modify the access permission to the System Defined Group to enable edit privilege (that is, create permission) to other Campus Manager user names. To create Group Properties: Step 1 Select Campus Manager > Administration > Groups. The Group Management window appears. Step 2 Click Create. The Properties: Create window opens. Step 3 Enter details as explained in Table 5-11: Table 5-11 Creating Properties Field Description Field Usage Notes Group Name The group name should be unique within the Parent group. However, it need not be so across groups. The same group name cannot be used in the same group hierarchy. Copy Attributes from Group 1. Click Select Group to copy attributes from a previously selected defined group. The Replicate Attributes dialog box appears. 2. Select the devices from the Replicate Attributes dialog box. 3. Click OK to select the devices or click Cancel to exit. Parent Group 1. Click Change Parent to change the Parent group under which you want to define the group. 2. Select the devices from the Select Parent window. 3. Click OK to select the devices or click Cancel to exit. Description You can enter a detailed description of the group identifying its characteristics in this field.
5-37 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups Step 4 Click Next. The Rules window appears. To enter the details in the Rules: Create dialog box, see Creating Rules for Groups. Creating Rules for Groups After entering the details for creating properties for the Group, you must create rules for the Group. To create rules for the Group, either you must use the parameters specified, or manually enter the rule text. To create rules using parameters: Step 1 Enter details for Rule Expression, in the Rules Window. Membership Update Select a membership update mode. AutomaticThe membership of the group is automatically recomputed each time the group is invoked. Only upon user requestThe membership of the group is recomputed only when an explicit request is made, using the Refresh option. If you select Automatic, the group will be a Dynamic group. If you select Only Upon User Request, the group will be a Static group. Visibility Scope Select the mode of visibility. Private Public Table 5-11 Creating Properties Field Description (continued) Field Usage Notes
5-38 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups Table 5-12 describes the fields in the Rule Expression area. Table 5-12 Rules: Create Field Description Field Description Select the Boolean expression. OR AND EXCLUDE The Boolean Operators OR, AND, or EXCLUDE appear in the Rules:Create dialog box only when you have entered at least one rule expression. For an example of Composite rule using boolean operatots, see Composite Rule. Object Type The type of devices that form the group. Rules are evaluated on the list of devices discovered. Campus Manager supports only one object type:Device Variable Attribute of a device. The available variables are: DiscoveryStatus HostName ImageVersion IP Subnet IP SubnetMask IPAddress IPv6 Subnet IPv6 SubnetMask SysName SysObjectID SystemContact SystemLocation For more details, see Rules Editor.
5-39 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups Step 2 Click Add Rule Expression. The Rule Text field shows the rule you are creating. You can also enter the rules directly in the Rule Text field. To see an example of a rule, see Example of Rule. Step 3 Click Check Syntax to validate the rules syntax entered. Step 4 Click View Parent Rules to view rules defined for the Parent Groups. Step 5 Click Next to create Memberships to specify the devices available to the group. For entering details for creating Memberships, see Creating Memberships. Creating Memberships You can create memberships to specify the devices available to the group. The devices appear in Available Objects From Parent Group or Objects Matching Membership Criteria, based on the properties and rules you specified in the previous steps. Available Objects From Parent Group is the set of objects in the Parent group not selected by the Child groups rule. To add the selected devices from the Available Objects From Parent Group list to the Objects Matching Membership Criteria list: Step 1 Select one or more IP addresses of the devices from the Available Objects From Parent Group list on the left pane. Step 2 Click Add. The devices appear in Objects Matching Membership Criteria list, based on the properties and rules you specified in the previous steps. Operator Operator used in forming a rule. For a variable equal to DiscoveryStatus, the only available Operator variables is equals. For all the variables, the available Operator variables are: equals contains startswith endswith Apart from the operator variables listed above, for variable equal to IPAddress or IP.SubnetMask or IPv6.Subnet or IPv6.SubnetMask, an extra Operator variables range is added. For more details, see Operator. Value Enter the desired value for the variable you have selected. Table 5-12 Rules: Create Field Description (continued) Field Description
5-40 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups If you want to remove devices from the Objects Matching Membership Criteria list, select the device from the list of Objects Matching Membership Criteria, and click Remove. Step 3 Click Next to view the summary of the details of the newly created group. Table 5-13 describes the entries in the Summary: Create table. Step 4 Click either: Finish to create the group, or Cancel to exit the wizard and go back to the Group Management window. Membership Update The membership of a group is governed by the rule associated with a group. The changes in the membership is reflected in the Network Topology View of the group. To view a topology view, select Campus Manager > Topology Views. Moreover, while groups with evaluation type Automatic have membership that is current, groups with evaluation type Only Upon User Request retain the membership at creation time or on subsequent re-evaluation. Two modes of membership updates are available: Automatic The membership of a group is recomputed automatically after every Data Collection. If the node or view has been displayed, you must close all of Topology Services and re-open it to display the revised group membership. Only Upon User Request The membership of the group is recomputed only when an explicit request is made, using the Refresh option. For more information on the Refresh option, see Recomputing Group Membership. Table 5-13 Create Group Summary Entry Description Entry Description Group Name Name of the group. Parent Group Name of the Parent group. Description Description for the group. Membership Update Automatic or Only Upon User Request. If you had selected Automatic, the group will be a Dynamic group. If you had selected Only Upon User Request, the group will be a Static group. Rules Rule you entered for the group. Visibility Scope Visibility scope that you selected.
5-41 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Understanding Groups Modifying Groups You can modify most attributes of a group in the Edit mode, except the Parent group. To modify groups: Step 1 Select a group, and click Edit. You can modify the Group Name, Description, and Membership Update Type. Step 2 Click Next. To modify group rule, edit the rule either using the Rule Expression fields or edit the rule in the Rule Text field and click Next. To add or remove devices from the Objects in Group, click Add or Remove, as appropriate and click Next. To modify access permissions, select the access levels in the Permission field and click Next. Step 3 Click Finish to save the modified groups. Viewing Group Details To view the attributes of a group: Step 1 Select Campus Manager > Administration > Groups. Step 2 Select a group. Group information is displayed in the right window. To view detailed attributes for the group, click Details. To view the rules attributes of the Parent group, click View Parent Rules. To view the list of devices in the group, click Membership Details. Deleting a Group You can delete a group and all Child groups under it. To delete a group: Step 1 Select Campus Manager > Administration > Groups. The Group Management window appears. Step 2 Select a group. Step 3 Click Delete to remove the group. Step 4 Click Yes to confirm. The selected group is deleted.
5-42 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Administration Reports Recomputing Group Membership You can re-evaluate and re-apply the rules of a group to recompute the membership of groups. To recompute group membership: Step 1 Select Campus Manager > Administration > Groups. Step 2 Select a group. Step 3 Select Refresh to recompute the membership of the group. Step 4 Click Yes to confirm. The group membership is recomputed. Using Administration Reports You can view an analysis of the ANI Server, details of devices discovered, Data Collection metrics, and list of devices supported using the Reports tab of Campus Manager Administration window. Analyzing ANI Server You can analyze the ANI server for its performance using the Analyze ANI Server option in the Reports tab of Campus Manager Administration window. To analyze the ANI server: Step 1 Go to Campus Manager > Administration > Reports. The Reports dialog box appears with a list of reports that you can generate. Step 2 Choose Analyze ANI Server and click Generate Report. The ANI Server details appear. Viewing Data Collection Metrics Data Collection Metrics report gives you details about the duration of each Data Collection and the count of devices for which data was collected. To view the Data Collection metrics: Step 1 Go to Campus Manager > Administration > Reports. The Reports dialog box appears with a list of reports that you can generate. Step 2 Choose Data Collection Metrics.
5-43 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Administration Reports Step 3 Enter the number of Data Collection cycles for which data is to be archived and click Apply. The Data Collection cycles will be removed from the metrics report only after the next Data Collection. It is not mandatory to set this property, whenever you launch the report. Step 4 Click Generate Report. The Data Collection metrics appear. Table 5-14 describes the columns of the Data Collection Metrics report. Viewing Data Collection Details You can launch this report from: Campus Manager Home page See Table 5-15 for the description of this report. Data Collection Metrics Report The Data Collection Metrics report displays the total number of Devices, the number of New Devices, and the number of Deleted Devices for which data was collected during the Data Collection cycle. You can click on the hyperlink in the above mentioned fields to view the Data Collection Details page. See Table 5-15 for the description of this report. Table 5-14 Data Collection Metrics Field Description Start Time Time at which Data Collection was started. Percent Complete Percentage of Data Collection that has been completed. End Time Time at which Data Collection was completed. Total Time Total time taken for Data Collection. Total Devices Total number of devices from which data was collected. When you click on the hyperlink, the Data Collection Detail page appears. New Devices Number of devices from which data was collected. When you click on the hyperlink, the Data Collection Detail page appears. Devices Deleted Number of devices that were deleted. When you click on the hyperlink, the Data Collection Details page appears. Devices Per Hour Number of devices in each hour for which data was collected. Objects Per Hour Number of objects in each hour for which data was collected.
5-44 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Administration Reports Viewing List of Devices Supported You can view the icon, name and object ID of the supported devices using the Device Support option. This list does not indicate whether you have these devices in your network. To view the devices supported: Step 1 Go to Campus Manager > Administration > Reports. The Reports dialog box appears with a list of reports that you can generate. Step 2 Select Device Support and click Generate Report. The details of supported devices appear. Table 5-16 describes the columns of the Devices Supported report. Table 5-15 Data Collection Detail Field Description IPAddress IP address (IPv4 or IPv6 address) of the device for which data is collected HostName DNS name of the device DeviceName DCR display name of the device DeviceType Type of the device for which data is collected - the device family it belongs to. Neighbors Host names of the neighboring devices Table 5-16 Devices Supported Report Field Description Icon Icon of the device. Name Name of the device. OID sysobject ID of the device.
5-45 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Other Admin Settings Using Other Admin Settings The following Administrative settings can be done from this page: Discrepancies At the end of Data Collection, Campus Manager computes the Discrepancies & Best Practice Deviations present in the network. You can configure Campus Manager to: Receive Syslog messages for the required Discrepancies and Best Practice Deviations. Include only the required Discrepancies and Best Practice Deviations in reports, for which you need complete details. For details, see Configuring Discrepancy Reporting and Syslog Message Generation. Purge Settings You can configure purging interval for Campus Manager Report J obs and Archives. For details, see Purging Reports J obs and Archived Reports. RME Server Credentials Campus Manager uses the CLI framework (cwcli) of Resource Manager Essentials (RME) for the following functionalities: Fixing discrepancies and best practices deviations Enabling MAC notification traps Inter-VLAN Routing To invoke the CWCLI commands from a remote client, you need to provide the credentials of the RME Server that you need to access. For details, see Setting RME Credentials Configuring Discrepancy Reporting and Syslog Message Generation You can customize the Discrepancy Report and the Best Practice Deviation Report to display only those discrepancies about which you want to be notified. To customize the reports: Step 1 Select Campus Manager > Administration > Discrepancies, from the LMS Portal. Alternatively, if you are in Campus Manager Administration page, click Other Admin Settings and choose Discrepancies from the Table of Contents (TOC). The discrepancies page appears. You can view the list of Network discrepancies, and Discrepancies configured to send Syslog messages by clicking the corresponding View Details link. Step 2 Click Configure to do the required configuration. The Configuring Network Discrepancies page appears. To include a Discrepancy or Best Practice Deviation in the Report, check the box next to it. Checking all the boxes results in a report displaying all Discrepancies/Best Practice Deviations in the network. To exclude a Discrepancy or Best Practice Deviation from the corresponding report, uncheck the box.
5-46 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Other Admin Settings Step 3 Select Configure Syslog to receive Syslog messages for the selected Discrepancies and Best Practice Deviations. Step 4 Click Next. The list of selected Discrepancies and Best Practice Deviations appears. Step 5 Select Send Syslogs and enter the name of the server in the Syslog Server field. Step 6 Click Next. A summary of the selected Discrepancies and Best Practice Deviations appears. Step 7 Click Finish. You can use the filters to display Discrepancy/Best Practice Deviation reports for specific devices, link or network types. This makes it easy to find a particular Discrepancy/Best Practice Deviation for a particular type. You can use more than one filter at the same time, but results will vary. If you select more than one filter in the same top-level category, Boolean OR is used. For example, if you select Duplex, Speed under Link, any link or port that fulfils at least one filter criteria will be displayed in the report. If you select more than one filter from different top-level categories, Boolean AND is used. For example, if you select both a Link type and a Port type filter from the discrepancy filter, any link that fulfils both filter criteria will appear in the report. Purging Reports Jobs and Archived Reports You can purge jobs or report archives in Campus Manager. By default, purging is disabled. To enable the Purge option for report jobs and archives: Step 1 Select Campus Manager > Administration > Purge Settings. Alternatively, if you are in Campus Manager Administration page, click Other Admin Settings tab and choose Purge Settings from the Table of Contents (TOC). The Report Settings dialog box appears. You can specify the Purge Policy for archives or jobs here. Step 2 Check the Purge Archives Older Than to specify the number of days, or weeks, or months to purge archives. For instance, if you select 44 days, Campus Manager purges archives that are older than 44 days. Step 3 Check the Purge Jobs Older Than to specify the number of days, or weeks, or months to purge jobs. For instance, if you select 2 weeks, Campus Manager purges jobs that are older than 2 weeks. Step 4 Click Save.
5-47 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Other Admin Settings Setting RME Credentials Campus Manager uses the CLI framework (cwcli) of Resource Manager Essentials (RME) for the following functionalities: Fixing discrepancies and best practices deviations Enabling MAC notification traps Inter-VLAN Routing CLI framework (cwcli) is a Command-Line Interface (CLI). CLI framework (cwcli) offers remote access facilities that allow you to invoke cwcli commands from the client in the same way as they run on the RME server. To invoke the CWCLI commands from a remote client, you must enter the credentials of the RME Server that you need to access. For more details on CWCLI, see the section, cwcli Framework in the User Guide for Resource Manager Essentials 4.3. CWCLI feature uses various protocols to configure devices. Details of this is available in the help page for RME > Admin> Config Mgmt > Transport Settings, and in the User Guide for Resource Manager Essentials 4.3. To set RME credentials: Step 1 Go to Campus Manager > Administration > RME Server Credentials. Alternatively, if you are in Campus Manager Administration page, click Other Admin Settings tab and select RME Server Credentials from the Table of Contents (TOC). The RME Credentials dialog box appears. Step 2 Enter details in the RME Credentials dialog box. Table 5-17 describes the fields in the RME Credentials dialog box. If you have specified https as the server protocol, make sure that the Peer Server Certificate is properly imported. Peer Server Certificate is mandatory for communication between CiscoWorks servers in SSL mode. Table 5-17 RME Credentials Field Explanation RME Server Name DNS name or IP address of the RME server. local host or 127.0.0.1 should not be given. RME Server Port Port number of the RME server. For example, 1741. For https, the port number is 443. RME Server Protocol Protocol used by RME server. For example, http or https. User Name User name of the RME server. User Password Password of the RME server. Verify User Password Password of the RME server for confirmation.
5-48 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Setting Debugging Options To add Peer Server Certificate, go to Common Services > Server > Security> Peer Server Certificate Setup. Launch Help and follow the instructions to add the certificate. Step 3 Click OK to apply the changes or Click Cancel to discard the values you have entered. Possible Cause and Solution for Error Conditions If you cannot connect to the RME server, it could be because of the following reasons: RME Server name or IP address is wrong. Enter correct DNS name or IP address of the RME server. Do not enter local host or 127.0.0.1. RME Server Protocol is wrong. Enter either http or https as the server protocol. RME Server Port is wrong. Port number for http is 1741 and that for https is 443. RME Server is down. Try connecting to the server after it is up. RME Server is not installed in the specified machine. Either: Install RME in the specified machine and try again. Or: Provide machine details where RME is installed. Peer Server Certificate is not imported properly If you have specified https as the server protocol, make sure that the Peer Server Certificate is properly imported. Peer Server Certificate is mandatory for communication between CiscoWorks servers in SSL mode. To add Peer Server Certificate, go to Common Services > Server > Security> Peer Server Certificate Setup. Launch Help and follow the instructions to add the certificate. Setting Debugging Options If you face issues while running Campus Manager, you can enable logging to debug the same. You can set debugging options for the following functions: Data Collection (see Setting up Debugging Options for Data Collection) Configuration and Reports (see Setting up Debugging Options for Configuration and Reports) Device Groups (see Setting Debugging Options for Device Groups) Topology (see Setting Debugging Options for Topology) User Tracking Server (see Debugging Options for User Tracking Server) Dynamic User Tracking (see Debugging Dynamic Updates)
5-49 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Setting Debugging Options User Tracking Reports (see Debugging Options for User Tracking Reports) Dynamic User Tracking Console (see Dynamic User Tracking Console) Setting up Debugging Options for Data Collection You can set the trace, and debugging, for Campus Manager Data Collection as follows: Step 1 Select Campus Manager > Administration >Debugging Options >Data Collection. The Debugging Options dialog box appears. Step 2 Modify the debugging options as specified in Table 5-18. Step 3 Click Apply. Table 5-18 Data Collection Debugging Options for Data Collection Field Description Usage Notes Enable Debug Select this option to enable logging for Data Collection. You can select the modules for debugging only if you select this option. Modules Specify the modules on which you need to enable debugging. Click Select to view the available modules and select the modules in which you want to enable debug. For details on Debug modules, see Selecting Data Collection Debug Modules File Name Name of the log file in which the trace messages are to be recorded. The default log file is NMSROOT\log\ani.log Maximum File Size (lines) Maximum size of the log file in lines None Enable Device Level Debugging Device IP(s) IP Addresses (IPv4 or IPv6 Addresses) of devices for which you need to log debugging messages. You can enter multiple IP addresses, separated by commas. This field is enabled only when the Device Level Debugging option is enabled.
5-50 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Setting Debugging Options Selecting Data Collection Debug Modules Table 5-19 describes the debug modules available for Data Collection in Campus Manager. Table 5-19 Data Collection Debug Modules Module Description framework Constructs and maintains data in the memory. Provides framework for Campus Manager features. Enable debugging for this module only when requested by TAC. This is because enabling debugging for this module creates huge logs. topo Provides network topology computation and layouts. Enable debugging for this module if you have problems with Topology computation of devices. vlad Discovers VTP domains, VLANs, port-in-VLAN configurations Performs VLAN configuration tasks Determines Spanning Tree state Enable debugging for this module if you have problems with VTP, VLAN reports, and configuration. ccm Discovers Cisco CallManager (CCM). Enable debugging for this module if you encounter issues with data collected for CCM. vmpsadmin Discovers end-user hosts on the network Records end-user host information in the ANI database Manages requests for scheduling user and host discoveries, ping sweeps, database queries, and updates to user and notes information Enable debugging for this module if you have problems with User Tracking. dcrp Provides computation of network discrepancies. Enable debugging for this module if you have problems in Discrepancy reports. status Enables status polling on previously discovered devices. Enable debugging for this module if you have problems with device and link status polling. apps Discovers application hosts such as MCS. Enable debugging for this module if you encounter issues with data collected on application hosts. stp Discovers all STP related information from the network. Enable debugging for this module if you have problems with STP reports and configuration.
5-51 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Setting Debugging Options Click OK to save the selected modules or click Cancel to exit. Setting up Debugging Options for Configuration and Reports If you need information on Configuration and Reports in Campus Manager, you can enable debugging for the same. To do this: Step 1 Select Campus Manager > Administration > Debugging Options >Configuration and Reports. The debugging page appears. Step 2 Select the level of debugging. It can be any one of the following: INFO Only informational messages are recorded in the log file. DEBUG All messages related to Configuration and Reports are recorded in the log file. FATAL Messages related to fatal errors are recorded in the log file. This is the default option. The Log File Name field specifies the location and name of the log file. The default log file is NMSROOT\log\Campus.log Step 3 Click Apply. stpeng Performs STP configuration tasks Provides basic STP analysis for migration from one STP type to another Enable debugging for this module if you have problems with STP reports and configuration. devices Provides specific information, if any, available for device categories. Enable debugging for this module if you have problems specific to a particular device type. Table 5-19 Data Collection Debug Modules (continued) Module Description
5-52 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Setting Debugging Options Setting Debugging Options for Device Groups If there are errors related to System defined or User defined groups in Campus Manager, you can enable debugging for the same. Its done as follows: Step 1 Select Campus Manager > Administration > Debugging Options >Device Groups. The debugging page appears. Step 2 Select the level of debugging. It can be any one of the following: INFO Only informational messages are recorded in the log file. This is the default option. DEBUG All client side messages are recorded in the log file. FATAL Messages related to fatal errors are recorded in the log file. The Log File Name field specifies the location and name of the log file. The default log file is NMSROOT\log\CampusDeviceSelector.log Step 3 Click Apply. Setting Debugging Options for Topology You can enable debugging for Topology Services client side activities. The debugging information will be available in the J ava Console. To display J ava Console: Step 1 Select Start > Settings > Control Panel > Java. Step 2 Select the Advanced tab. The corresponding tree structure is displayed. Step 3 Go to the tree and select Java Console > Show Console. Step 4 Click Apply and then OK. The J ava console is displayed when you launch Topology Services. Note In case you close the J ava Console, to reopen it, close the Topology window and relaunch it.
5-53 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Setting Debugging Options To enable debugging: Step 1 Select Campus Manager > Administration > Debugging Options >Topology. The debugging page appears. Step 2 Select the level of debugging. It can be any one of the following: TRACE Only informational messages are displayed in the J ava Console. DEBUG All Topology Services client side messages are displayed in the J ava Console. ERROR Messages related to all errors are displayed in the J ava Console. This is the default option. Step 3 Click Apply. To change log level settings: Step 1 Close the Topology Services window. Step 2 Change the settings in the Campus Manager Administration page. Step 3 Re-launch Topology services.
5-54 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Using Campus Manager Job Browser Using Campus Manager Job Browser The Campus Manager J ob Browser enables you to view the status of all Campus Manager J obs (User Tracking jobs, Campus Manager reports). The job details that you can view here include the job ID, the job type, the job status, the job description, the job owner, the time the job is scheduled to run at, the time of job completion, and the schedule type. To open the job browser, select Campus Manager > Job Management. The Campus Manager J ob Browser appears. You can filter the jobs by any specified criteria using the Show Only drop-down list. Select your criteria. The jobs pertaining to that category are displayed. Table 5-20 displays the fields in the Campus Manager J ob Browser. Table 5-20 Campus Manager Job Browser Column Description J ob ID Unique ID of the job. For example, 1007.0. J ob IDs have N.x format, where x stands for the number of instances of that job. For example, 1007.4 indicates that the J ob ID is 1007 and it is the fifth instance of that job. J ob Type Type of job. The jobs include, User Tracking jobs, Campus Manager reports. Description Description of the job. Owner Username of the job creator. Scheduled At Date and time at which the job was scheduled. Completed At Date and time at which the job was completed. Run Status J ob states include: Running Waiting for approval Scheduled (pending) Succeeded Succeeded with Info Failed Crashed Cancelled Suspended Rejected Missed Start Failed at Start
5-55 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Administration Command Line Interface Click the Refresh icon to refresh the Campus Manager job browser. Use the Stop and Delete buttons to stop or delete jobs: Stop buttonStops or cancels a running job. You will be prompted to confirm the cancellation of the job. However, the job is stopped only after the devices currently being processed are successfully completed. This is to ensure that no device is left in an inconsistent state. Delete buttonDeletes the selected job from the job browser. You can select more than one job to delete. You will be asked to confirm the deletion. Note You cannot delete a running job. Administration Command Line Interface This section describes how to administer Campus Manager database from the command line. This is explained in the following topics: Replacing Corrupted Database Re-initializing the Database Deleting all Active Entries from User Tracking, and Restarting Servers Deleting all Inactive Entries from User Tracking, and Restarting Servers Deleting all History Entries from User Tracking, and Restarting Servers Deleting all User Tracking Entries, and Restarting Servers Restoring the Original Data in the Server Restoring Data from Another Server Performance Tuning Tool This section also explains Configuration Settings for SNMPv3 Devices Schedule Type Type of job scheduledaily or periodic. Status Provides the status of the current jobs. The status of the current jobs is displayed as succeded or failed. It also displays the failure reasons. Table 5-20 Campus Manager Job Browser (continued) Column Description
5-56 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Administration Command Line Interface Replacing Corrupted Database If you have a corrupted database, you can use the database administration tools to restore the database from a previous backup. However, if you do not have a previous backup, you must re-initialize the database. When you run this command, if Data Collection is running, it is automatically stopped and then restarted when the database initialization is complete. Caution If you re-initialize the database, information from discovered devices will be lost. However, user and host information is retained. Replace the database only if recommended by a Cisco technical representative. Note Your login determines whether you can use this option. Re-initializing the Database From the command prompt or shell window, enter: On Solaris: NMSROOT/campus/bin/reinitdb.pl On Windows: perl NMSROOT\campus\bin\reinitdb.pl The following message appears: This will erase all data from the database. Are you sure [y/n] ? If you enter y, it erases all data (database tables Wbu*...) from the server. Deleting all Active Entries from User Tracking, and Restarting Servers From the command prompt or shell window, enter: On Solaris: NMSROOT/campus/bin/reinitdb.pl -ut -active On Windows: perl NMSROOT\campus\bin\reinitdb.pl -ut -active where active entries are hosts that are currently logged in Deleting all Inactive Entries from User Tracking, and Restarting Servers From the command prompt or shell window, enter: On Solaris: NMSROOT/campus/bin/reinitdb.pl -ut -inactive On Windows: perl NMSROOT\campus\bin\reinitdb.pl -ut -inactive where inactive entries are hosts that are currently not logged in Deleting all History Entries from User Tracking, and Restarting Servers From the command prompt or shell window, enter: On Solaris: NMSROOT/campus/bin/reinitdb.pl -ut -history On Windows: perl NMSROOT\campus\bin\reinitdb.pl -ut -history where history entries are complete entries. That is, hosts that have a login and logout in the past.
5-57 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Administration Command Line Interface Deleting all User Tracking Entries, and Restarting Servers From the command prompt or shell window, enter: On Solaris: NMSROOT/campus/bin/reinitdb.pl -ut -all On Windows: perl NMSROOT\campus\bin\reinitdb.pl -ut -all Restoring the Original Data in the Server From the command prompt or shell window, enter: On Solaris: NMSROOT/campus/bin/reinitdb.pl -restore On Windows: perl NMSROOT\campus\bin\reinitdb.pl -restore Note Before executing the -restore command, you should stop the daemon manager and start again manually. For details, see Using Daemon Manager. Restoring Data from Another Server When you take database backup for Campus Manager in one server and restore it in another server, the NMSROOT logfile location may not be the same in both servers. In that case, Campus Manager will log messages to the log file stored in the default NMSROOT location in the restored machine. where NMSROOT is the root directory where you installed CiscoWorks. Performance Tuning Tool When you get out of memory errors in Campus, the following command can be used to tune the performance: NMSROOT/bin/perl NMSROOT/campus/bin/CMPTT.pl ProcessName HeapSize MaxPermSize ProcessName should be either one of the following: ANIServer UTMajorAcquisition Heap size should be multiples of 512 and should not exceed 1536 MB. Ensure you have enough swap space in the server before tuning the heap size. MaxPermSize will set the J VM MaxPermSize option to 64m.
5-58 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Administration Command Line Interface Configuration Settings for SNMPv3 Devices Campus Manager supports the following Authentication protocols for SNMP v3: md5 SHA Campus Manager supports the following Privacy protocols for SNMP v3: des 3des aes128 aes192 aes256. For using various Campus Manager features in devices running SNMPv3, you must make specific configurations on the devices. The commands that need to be configured are: Configuring MIB Views Configuring Access Groups Configuring Device with Context Name Configuring a New User Configuring Password for a User Relating a User to a Group Configuring Privacy Protocol Configuring MIB Views For Catalyst devices, enter the following command: set snmp view campusview 1.3.6.1 included nonvolatile For IOS devices, enter the following command: snmp-server view campusview oid-tree included Configuring Access Groups You must set the access rights for a group with a certain security model in different security levels. For Catalyst devices, enter the following command: set snmp access campusgroup security-model v3 authentication read campusview write campusview nonvolatile For IOS devices, enter the following command: snmp-server group campusgroup v3 auth read campusview write campusview access access-list Configuring Device with Context Name For Catalyst devices, enter the following commands: set snmp access campusgroup security-model v3 authentication read campusview write campusview context vlan- prefix nonvolatile
5-59 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Administration Command Line Interface Context exact is also supported. The following is an example: set snmp access campusgroup security-model v3 authentication read campusview write campusview context vlan-1 exact nonvolatile For IOS devices, enter the following command: snmp-server group campusgroup v3 auth context vlan-1 read campusview write campusview IOS image versions prior to12.4 support only exact context name. IOS image versions 12.4 or higher, support both exact or prefix context names. You need to configure the device with and without context name, since Data Collection manages the device without context name and User Tracking requires context name to contact the device. Configuring a New User For Catalyst devices, enter the following command: set snmp user campususer authentication md5 For IOS devices, enter the following command: snmp-server user campususer campusgroup v3 auth md5 password1 Configuring Password for a User For Catalyst devices, enter the following command: set snmp user campususer authentication md5 password1 For IOS devices, enter the following command: snmp-server user campususer campusgroup v3 auth md5 password1 Relating a User to a Group Using a specified security model you can relate a user to a group. For Catalyst devices, enter the following command: set snmpw group campusgroup user campususer security-model v3 nonvolatile For IOS devices, enter the following command: snmp-server user campususer campusgroup v3 Configuring Privacy Protocol For Catalyst devices: set snmp user campususer authentication md5 password1privacy des password2 For IOS devices: snmp-server user campususer campusgroup v3 auth md5 password1 priv des password2
5-60 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 5 Administering Campus Manager Starting Campus Manager Applications Starting Campus Manager Applications The Campus Manager Applications are: Topology Services User Tracking VLAN Port Assignment Network Discrepancies You can select these applications from: Campus Manager > Visualization > Topology Services Campus Manager > User Tracking Campus Manager > Configuration > VLAN Port Assignment Campus Manager > Reports, then choose Report Generator to launch reports on Discrepancies or Best Practices Deviations. Security After a period of inactivity, the LMS Portal page times out and is no longer accessible. Close all browser instances and relaunch CiscoWorks. C H A P T E R
6-1 User Guide for Campus Manager 5.2 OL-18011-01 6 Generating Reports You can perform all your reporting related tasks from a single locationThe Reports tab (Campus Manager > Reports). You can perform the following tasks: Managing report jobs. You can view the output for completed jobs, abort or delete jobs, etc. See Using the Reports J ob Browser. Generating immediate reports or scheduling them for a later point of time. See Using the Report Generator. Managing report archives. You can view an archived report. A report is archived when a scheduled report job is completed successfully. See Viewing Archived Reports. Performing administrative tasks. You can do administrative operations on reports such as purging the archives, or report jobs. See Purging Reports J obs and Archived Reports. Using the Reports Job Browser You can manage Report J obs using the Reports J ob browser. You can also view the output of completed jobs, stop running jobs or delete jobs if required. Note View the Permission Report (Common Services > Server > Reports) to check whether you have the required privileges to perform this task. To open the Reports J ob Browser, select Campus Manager > Reports > Report Jobs. The Reports J ob Browser page appears with a detailed list of all scheduled report jobs.
6-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 6 Generating Reports Using the Reports Job Browser The columns in the Reports J ob Browser page are: Table 6-1 Reports Job Browser Column Description J ob ID Unique ID assigned to the job when it is created. For periodic jobs such as Daily, Weekly, etc., the job IDs are in the number.x format. The x represents the number of instances of the job. If you click the J ob Id link, reports of the successful jobs is displayed on the screen. For example, 1007.4 indicates that this is the fourth instance of the job ID 1007. J ob Type Type of Reportfor instance, Discrepancies. Description Description of the job provided by the job creator. (Alphanumeric characters). Owner Username of the job creator. Scheduled At Date and time the job was scheduled at. Completed At Date and time the job was completed at. Schedule Type Specifies the type of schedule for the job: OnceRuns the report once at the specified date and time. DailyRuns daily at the specified time. WeeklyRuns weekly on the day of the week and at the specified time. MonthlyRuns monthly on the day of the month and at the specified time. For periodic jobs, the subsequent instances of jobs will run only after the earlier instance of the job is complete.
6-3 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 6 Generating Reports Using the Reports Job Browser Use the Show Only drop-down list to filter results based on J ob Type. Click View to launch the respective report of the job selected in the J ob Browser page. You can stop a running job from the Reports J ob Browser. Select the job and click Stop. You are prompted for a confirmation before the job is stopped. You can select only one job to stop. You can delete a job from the Reports J ob Browser. Select the job and click Delete. You are prompted for a confirmation before the job is deleted. You can select more than one job to delete. Status Provides the status of the current jobs. The status of the current jobs is displayed as succeded or failed. Run Status J ob states include: Running Waiting for approval Scheduled (pending) Succeeded Succeeded with Info Failed Crashed Cancelled Suspended Rejected Missed Start Failed at Start Table 6-1 Reports Job Browser (continued) Column Description
6-4 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 6 Generating Reports Using the Report Generator Using the Report Generator Using the Report Generator of Campus Manager, you can generate immediate reports or schedule reports to be run at a later time. You can generate reports for the following: Best Practices Deviations Device Attributes Discrepancies Port Attributes VLAN To use the report generator: Step 1 Select Campus Manager > Reports > Report Generator. The Campus Manager Reports dialog box appears, in the Report Generator page. Step 2 From the first drop-down list, select the application for which you want to generate a report. Campus Manager Reports is selected by default. Step 3 Select a Report from the list of available reports for the selected application. You can also schedule the reports as jobs. That is, you can specify the date, time, and frequency at which the reports are to be generated. The Campus Manager Reports dialog box appears for the selected report. For details of how to enter information, see the respective chapters or sections in the User Guide. To generate: Best Practices Deviations Report, see Viewing Best Practices Deviations Reports Device Attributes Report, see Displaying Device Attributes Discrepancies Report, see Viewing Discrepancy Reports Port Attributes Report, see Displaying Port Attributes VLAN Report, see Displaying VLAN Reports If you want to reset the information that you have entered into the Campus Manager Reports dialog box, and revert to the default report settings, click Reset. Step 4 Click Submit. The report is generated if the Run Type is set to Immediate. For any other Run Type, the report is created as a job. You can view the job from the Campus Manager Report J ob Browser (Campus Manager > Reports > Report Jobs). Successfully generated reports are stored in the Archives. You can access the reports archives by selecting Campus Manager > Reports > Report Archives.
6-5 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 6 Generating Reports Viewing Archived Reports Viewing Archived Reports The report output that is created from a scheduled report is stored in the reports archive. The archive displays the list for completed report jobs and you can view or delete them. To view or delete archived reports: Step 1 Select Campus Manager > Reports > Report Archives. The Archives dialog box displays all archived reports. The columns in the Archives dialog box are: Step 2 Select the required report. Step 3 Click View. The archived report that you selected, appears. If you want to delete an archived report, select the report and click Delete. You are prompted to confirm the deletion. Note Immediate Run Type reports are not archived by Campus Manager. Table 6-2 Report Archives Column Description Report Description Description of the report, that was entered at creation time. Report Type Type of Archived ReportVLAN Report, Port Attributes Report, and so on. Creation Time The date (yyyy-mm-dd) and the time (hh:mm:ss) the report was created.
6-6 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 6 Generating Reports Purging Reports Jobs and Archived Reports Purging Reports Jobs and Archived Reports You can purge jobs or report archives in Campus Manager. By default, purging is disabled. To enable the Purge option for report jobs and archives: Step 1 Select Campus Manager > Admin > Other Admin Settings > Purge Settings The Report Settings dialog box appears. You can specify the Purge Policy for archives or jobs here. Step 2 Check the Purge Archives Older Than checkbox to specify the number of days, or weeks, or months to purge archives. For instance, if you select 44 days, Campus Manager purges archives that are older than 44 days. Step 3 Check the Purge J obs Older Than checkbox to specify the number of days, or weeks, or months to purge jobs. For instance, if you select 2 weeks, Campus Manager purges jobs that are older than two weeks. Step 4 Click Save.
6-7 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 6 Generating Reports Purging Reports Jobs and Archived Reports
6-8 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 6 Generating Reports Purging Reports Jobs and Archived Reports C H A P T E R
7-1 User Guide for Campus Manager 5.2 OL-18011-01 7 Tracking Users User Tracking application of Campus Manager allows you to track end stations. This chapter contains the following sections: Understanding User Tracking Using User Tracking Administration Understanding Dynamic Updates Debugging Options Understanding User Tracking Reports Using User Tracking Reports Integrating CiscoWorks WLSE User Tracking Command Line Interface Understanding UTLite User Tracking Utility User Tracking Debugger Utility Understanding User Tracking User Tracking helps you to locate and track the end hosts in your network. In this way, you get the information required to troubleshoot and analyze any connectivity issues. The application identifies all end users connected to the discovered Cisco access layer switches on the network, including printers, servers, IP phones PCs and wireless hosts. User Tracking collects the details of the end users and the layer 2 connections, and updates User Tracking table in the Campus Manager database. This is done through automated polling of the network, by User Tracking (UT) Major Acquisition process. In addition to polling the network, Dynamic UT process receives details from the end users and update the database dynamically. User Tracking also computes subnet related data and updates the database with complete host information. Thus you get latest information about the changes in connections on your network. You can also configure User Tracking to collect usernames of the end hosts connected in the network. The user names are collected from the UTLite process installed in UNIX hosts, Primary Domain Controller (PDC), or Novell Directory Services (NDS). This makes it easier for you to locate and track specific users on your network.
7-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding User Tracking You can sort and query the User Tracking table that contains details such as VLANs, switches and switch ports to which the end users are connected. Predefined reports such as the reports on duplicate IP addresses or MAC addresses, multiple MAC addresses enable you to accurately locate the end users. Switch Port reports give you information on: Recently down ports Ports which are in unused condition for the specified interval Connected ports and Free ports Percentage utilization of ports for each device These reports give a clear picture of the switch port utilization in the network and help you in doing capacity planning for the network. For complete details on switch port reports, see Understanding Switch Port Usage Reports. This topic covers: Using User Tracking Accessing UT Data Various Acquisitions in User Tracking Using User Tracking You can use User Tracking to: Display information about the connectivity between the devices, users, and hosts in your network. For example, you might want to identify all users connected to a particular subnet, or all hosts on a particular switch. Display information about the IP phones registered with discovered Media Convergence Servers. Use simple queries to limit the amount of information User Tracking displays. Configure or limit the User Tracking acquisition by subnets. Create and save simple and advanced queries. Modify, add, and delete username and notes. You can configure User Tracking Acquisition settings to collect usernames during UT Major Acquisition and update UT table. The user names are collected from the UTLite process. Customize User Tracking table layouts. For example, you can design a layout that displays only the MAC addresses of hosts on your network. View User Tracking reports that identify Switch Port usage, duplicate IP addresses, duplicate MAC addresses, duplicate MAC and VLAN names, and ports with multiple MAC addresses. You can also view History Reports for Switch port utilization, and the connection and disconnection of endhosts and users from your network. You can set the schedule for generating the reports, and also generate the reports for a subset of devices. Launch Device Center, host center, phone center.
7-3 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding User Tracking Accessing UT Data The following are the ways to access User Tracking data: Quick Reports You can generate End hosts or IP Phones report based on the given filter criteria For example, you can generate reports on end hosts which belong to a specific VLAN. For more details, see Viewing Quick Reports Scheduled Reports You can schedule reports that run at the specified date and time. You can generate immediate reports or schedule them to run once or at repititive intervals. For more details, see Using Report Generator Custom Reports You can customize the layout and columns displayed in the reports to suit your needs. For more details, see Using Custom Reports Command Line Interface You can generate various User Tracking reports from the Command Line Interface also. For more details, see User Tracking Command Line Interface Data Extraction Engine Data Extraction Engine is a Campus Manager UTility that allows you to generate User Tracking data in XML format. For more details, see Overview of Data Extraction Engine Object Finder You can search for Device details, the J ob details, the End host details using the Object Finder For more details, see the User Guide for LMS Portal 1.2. User Tracking Utility CiscoWorks User Tracking Utility 1.1.1 is a Windows desktop utility that provides quick access to useful information about users or hosts discovered by Campus Manager User Tracking application. You can use UTU search band to search for the users or hosts in your network. You can search using user name, host name or IP address, or MAC address. For more details, see User Tracking Utility
7-4 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding User Tracking Various Acquisitions in User Tracking This section explains the various acquisitions that can be done using Campus Manager, to get information about the end users. User Tracking Major Acquisition Discovers all the end hosts that are connected to the devices managed by Campus Manager. For details on the various options that can be set before starting an acquisition, see Modifying Acquisition Settings. User Tracking Acquisition can also be initiated from the CLI prompt. To do so, enter the following command: NMSROOT/campus/bin/ut cli performMajorAcquisition u userid -p password where NMSROOT is the directory where you have installed CiscoWorks. For more details, see User Tracking Command Line Interface. User Tracking Minor Acquisition Minor acquisition occurs on a device if any of the following changes take place: A new endhost or IP phone is added to the network. Port state changes (when the port comes up or goes down). A new VLAN is added to the network. There is a change in the existing VLAN. Minor acquisition updates the Campus database, only with the changes that have happened in the network. It is triggered at regular intervals. The default for these intervals is 60 minutes. You can configure the interval at which the acquisition takes place. For details on modifying the acquisition interval, see Modifying Acquisition Schedule User Tracking IP Phone Acquisition Discovers all phones registered in Cisco Call Managers (CCM), that are managed by Campus Manager. Subnet based User Tracking Major Acquisition User tracking subnet based acquisition would run only on those subnets that are configured in Campus Manager. Campus Manager discovers end hosts on all the VLANs available in the configured subnets. Do subnet based acquisition, when you need details about the end hosts connected to a particular subnet or a select set of subnets. The acquisition completes faster, since it is not run on all devices managed by Campus Manager. For details on running subnet based acquisition, see Configuring Subnet Acquisition Single device on-demand User Tracking Acquisition This discovers the end hosts on all the VLANs available in the selected device. Hence this acquisition is useful for collecting information only on end hosts connected to the specified device. For details on initiating this type of acquisition, see Configuring User Tracking Acquisition Actions
7-5 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Understanding Network and Campus Manager Dependencies For User Tracking to display user and host data, Campus Manager must perform Data Collection before User Tracking discovers end hosts and collects user data. Data Collection is done for active and properly configured devices in your network. Therefore, before using User Tracking, you must: Step 1 Set up your network devices so that they can be discovered. This includes enabling Cisco Discovery Protocol (CDP), Integrated Local Management Interface (ILMI) and SNMP. Step 2 Run Data Collection. For more details on Data Collection, see Viewing Summary of Data Collection Settings. Using User Tracking Administration You can perform the following administrative tasks using User Tracking Administration: Modify Acquisition settings. Before you start collecting information about the hosts in your network, you can set various options that control the way in which Acquisition happens. For example, you can set Campus Manager to perform DNS lookup, while resolving the IP address of a host. For complete details, see Modifying Acquisition Settings Schedule Acquisition. You can set the day and time of the week when you want to run Major Acquisition. The time interval at which Minor Acquisition happens in the network can also be set. For more details, see Modifying Acquisition Schedule Configure Ping Sweep options for Acquisition. You can configure Campus Manager to perform Ping Sweep on selected subnets, during Acquisition. For more details, see Modifying Ping Sweep Options Configure Subnet Acquisition. You can trigger acquisition on a single subnet or a select set of subnets. Subnet based acquisition collects details about the end hosts that are connected to a particular subnet or a select set of subnets. This Acquisition completes faster, since it is not run on all devices managed by Campus Manager. For more details, see Configuring Subnet Acquisition Configure end host and IP phone data delete interval. You can modify the time interval for deleting entries from the End Host Table, IP Phone Table, or the History Table from the database. For more details, see Modifying Delete Interval
7-6 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Configure UT Acquisition to discover end hosts connected to non-link trunk ports. Normally UT Acquisition only discovers end hosts that are connected to access ports. If you enable this feature, UT Acquisition also discovers end hosts that are connected to non-link trunk ports. For more details, see Configuring Trunk for End Host Discovery Specify Purge Policy. You can specify the intervals when you want old reports and jobs to be purged. You can save the Purge Policy, so that the older jobs and archives are purged at the specified interval. For more details, see Specifying Purge Policy Specify Domain Name display. You can specify the way in which domain names are to be displayed in User Tracking Reports. For more details, see Specifying Domain Name Display Import information on end hosts. You can import user names and notes for end hosts that are already discovered by User Tracking, from a file. For more details, see Importing Information on End Host Users Enable Dynamic User Tracking. Dynamic Updates are asynchronous updates that are based on SNMP MAC notifications traps. Campus Manager tracks changes about the end hosts and users on the network to provide real-time updates, based on these traps. For more details, see Understanding Dynamic Updates Enable Debugging options. When you face issues in running User Tracking, logging can be enabled for debugging purposes. For more details, see Debugging Options Viewing Acquisition Information You can view acquisition information using the Acquisition tab of the Campus Manager User Tracking window. To view acquisition information: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Click Acquisition. The acquisition information appears.
7-7 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Interpreting Acquisition Information Acquisition Information window displays the fields described in Table 7-1. Table 7-1 Acquisition Information Field Description Field Description Acquisition status Status of the User Tracking Major Acquisition process. It can be either Idle or Running. Last acquisition type Type of User Tracking acquisition that you had performed last time. Types of acquisition are: MajorUser Tracking Major Acquisition DevicesUser Tracking Acquisition for a device SubnetsUser Tracking Acquisition for subnets IP PhonesUser Tracking Acquisition for IP phones Acquisition start time Date and time when User Tracking started the Acquisition process. This is displayed in the format dd mon yyyy hh:mm:ss. Acquisition end time Date and time when User Tracking stopped the Acquisition process. This is displayed in the format dd mon yyyy, hh:mm:ss time zone. Number of acquisitions Number of major and minor acquisitions performed. Number of host entries Number of hosts found after User Tracking acquisition. Number of duplicate MAC Number of MAC addresses that have duplicate entries in the list of hosts found. Number of duplicate IP Number of IP addresses that have duplicate entries in the list of end hosts found. Number of CCM hosts Number of Cisco CallManagers in the list of devices found after Data Collection. Number of IP phone entries Number of IP phones available in the Campus Manager managed network. Last Campus data collection completed at Date and time of the previous Campus Manager Data Collection process. This is displayed in the following format: dd mon yyyy hh:mm:ss time zone. Campus data collection status Status of the Campus Manager Data Collection process. It can be either Idle or Running.
7-8 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Configuring User Tracking Acquisition Actions You can trigger the following acquisitions from this page: Device based Acquisition Subnet based Acquisition IP Phone Acquisition To configure the required acquisition: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Acquisition >Actions. The Acquisition Actions dialog box appears. Step 3 Configure Acquisition Actions as specified in Table 7-2. Table 7-2 Acquisition Actions Field Description Usage Notes Select a type You can select the type of acquisition. Type of acquisition can be: Device Subnet IP Phones When you select a type of acquisition the appropriate fields are displayed. Scope Selection Select the All hosts and users check box to acquire information about all hosts and users in your network. If you do not select the All hosts and users check box, the device selection field is enabled and you can enter the name or IP address of the device for which you require data. Device Selection Device Name or IP Address Enter the name or IP address of the device about which data is to be acquired. Click Select to select the device from the list of available devices. Subnets Type Selection You can choose to get data about a particular subnet or all the configured subnets. If you choose to acquire data about a particular subnet, the subnet selection fields are enabled. Subnet Selection Subnet ID Select the ID/IDs of the subnet/subnets on which you need to get data. This field is enabled only if you select the Subnet option in the Type Selection area. Click Select to select the subnet ID from the list of available subnets.
7-9 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration You do not have to specify any details for the IP Phones option. Step 4 Click Start Acquisition. Using User and Host Acquisition You can modify the Acquisition settings and Acquisition schedule using the User and Host Acquisition option in the Administration tab of the Campus User Tracking window. This section contains: Modifying Acquisition Settings Configuring Rogue MAC List Modifying Acquisition Schedule Specifying Purge Policy Specifying Domain Name Display Modifying Ping Sweep Options Configuring Subnet Acquisition Modifying Delete Interval Importing Information on End Host Users Modifying Acquisition Settings You can modify User Tracking Acquisition settings using the Acquisition Settings option of the Administration tab in Campus User Tracking window. This section contains: Modifying Acquisition Settings from UI UT Behaviour in DHCP Environment for Missing IP address Configuring Properties That Support Duplicate MAC Address Configuring User Tracking Properties from the Backend Subnet Mask Enter the subnet mask. If you select the subnet ID, the subnet mask is automatically entered. Acquire Only VLAN Specific to Subnet Select this check box to get data only about the VLANs specific to the subnet. If you select this check box, only the work stations associated to the VLANs that are mapped to the selected subnets will be acquired. If you do not select this check box, work stations associated to all the available VLANs in the selected subnets will be acquired. Table 7-2 Acquisition Actions (continued) Field Description Usage Notes
7-10 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Modifying Acquisition Settings from UI To modify acquisition settings: Step 1 Select Campus Manager > Administration > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Administration > Acquisition > Acquisition Settings. The Acquisition Settings dialog box appears. Step 3 Modify the acquisition settings as specified in Table 7-3. Table 7-3 Acquisition Settings Field Description Field Description Usage Notes Enable User Tracking for DHCP Environment Enables User Tracking for DHCP Environment. If you enable this property, it allows you to control inclusion and exclusion of Duplicate MAC addresses in the Acquisition. To understand the behavior of User Tracking in case of missing IP address, see UT Behaviour in DHCP Environment for Missing IP address. For details on properties that support Duplicate MAC address, see Configuring Properties That Support Duplicate MAC Address. Enable User Tracking on Access Points Enables User Tracking on Access Points This is enabled by default which allows UT Major Acquisition process to collect Access point information. However, WlseUHIC cannot collect Wlse related end host information. If disabled, it precludes Access point acquisition. However, WlseUHIC collects Wlse related end host information. Get user names from UNIX hosts Select this option to allow Acquisition to collect the active usernames of UNIX hosts. UNIX user names are updated at the end of major acquisitions. Collects information only for users, who are logged into the console port of the UNIX hosts. Get user names from hosts in NT and NDS Allows Campus Manager to collect active user names on the Windows or Novell Directory Service (NDS) servers. This option helps you to: Collect information only for users who are currently logged into the network. Collect information from NDS hosts. You must use NDS 5.0 or later. You must install UTLite script, since it is a prerequisite.
7-11 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Step 4 Click Apply to save the modifications in the settings. Step 5 Click Start Acquisition to start User Tracking Acquisition with the modified settings. Use DNS to resolve host names Resolves host names using DNS. User Tracking performs DNS Lookup for a host to resolve its IP address. When you choose this option the Advanced button is enabled. Click on this to launch the Advanced UT Acquisition Settings window. The following options are available: DNS threads Number of parallel threads allowed for name resolution. The default value is 1. Maximum number of threads allowed is 12. DNS Timeout Time duration for which UT waits for response from the DNS server, for name resolution. The value should be entered in milli seconds. The default value is 2000 milliseconds (2 seconds). Enter values and click OK to save changes. User Port Number Specify the UDP port number from where logon and logoff messages are received from hosts in Windows and NDS. You must use the default port number unless it is already in use. This port number must match the port indicated in the login script. Rogue MAC Detection Enable notification when Rogue MACs are detected in the network. Campus Manager sends e-mails to the specified addresses, when unauthorized end hosts are detected in the network. E-Mail Specify the E-mail IDs to be notified when Rogue MACs are detected in the network. You can enter multiple E-mail IDs separated by commas. This field is enabled only when you check the Rogue MAC Detection field. Define Rogue MACs Specify the list of Rogue MACs in the screen that is launched. For details, see Configuring Rogue MAC List. New MAC Detection Enable notification when new MACs are detected in the network. Campus Manager sends e-mails to the specified addresses, when new end hosts are detected in the network. E-Mail Specify the E-mail IDs to be notified when new end hosts are detected in the network. You can enter multiple E-mail IDs separated by commas. This field is enabled only when you check the New MAC Detection field. Table 7-3 Acquisition Settings Field Description (continued) Field Description Usage Notes
7-12 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration UT Behaviour in DHCP Environment for Missing IP address Selecting the Enable User Tracking for DHCP Environment property allows you to control inclusion and exclusion of Duplicate MAC addresses in UT Acquisition. Campus Manager will not get the IP address of end hosts, if the Router is not reachable or if it is excluded from DCR. In such cases, behaviour of User Tracking after enabling Enable User Tracking for DHCP Environment property, is as explained in Table 7-4. The conventions used in Table 7-4 are: MACx MAC address of the endhost IPx IP address of the endhost Device x Device to which the end host is connected. Time in xx:xx format Time entries in the Last seen column NA Not Available. Note The explanation given for scenarios 1 and 2 holds good, irrespective of the value set for Enable User Tracking for DHCP Environment property. Table 7-4 UT Behaviour in DHCP Environment for Missing IP address Scenario Explanation What gets Updated in Database Scenario1: Missing IP Address MAC1 NA Device 1 6:35 For an endhost, if the IP address is not available in the first UT acquisition, but is available in the next, the IP address field in the database is updated with the value that is currently discovered. MAC1 IP1 Device 1 6:40 MAC1 IP1 Device 1 6:40 Scenario 2: Missing IP Address MAC1 IP1 Device 1 6:45 For an endhost, if the IP address is available in the first UT acquisition, but is not available in the next, the older value for IP address is retained in the database. MAC1 IP1 Device 1 6:50 MAC1 NA Device 1 6:50 Scenario 3: Single MAC, Multiple IP Addresses MAC1 IP1 Device 1 6:55 For an endhost with Single MAC address but multiple IP addresses, if UT does not get the IP address in the current acquisition, it retains the older values in the database. MAC1 IP1 Device 1 7:00 MAC1 IP2 Device 1 6:55 MAC1 IP2 Device 1 7:00 MAC1 IP3 Device 1 6:55 MAC1 IP3 Device 1 7:00 MAC1 NA Device 1 7:00 Scenario 4: Dynamic change in IP Address
7-13 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Configuring Properties That Support Duplicate MAC Address The following properties can be configured in the ut.properties file stored in NMSROOT/campus/etc/cwsi/ where NMSROOT is the root directory where you installed CiscoWorks. Table 7-5 lists the properties that support Duplicate MAC Address MAC1 IP1 Device 1 4:00 For an endhost with different IP addresses at different points of time, if UT does not get the IP address in the current acquisition, it retains the value that was last discovered. MAC1 IP1 Device 1 4:00 MAC1 IP2 Device 1 5:00 MAC1 IP2 Device 1 5:00 MAC1 IP3 Device 1 6:00 MAC1 IP3 Device 1 7:00 MAC1 NA Device 1 7:00 Scenario 5: Endhost moving between devices MAC1 IP1 Device 1 4:00 When an end host moves between devices, if UT does not find the IP address in the current acquisition, it retains the IP address value that was last discovered for that device. MAC1 IP1 Device 1 6:00 MAC1 IP1 Device 2 5:00 MAC 1 NA Device 1 6:00 Table 7-4 UT Behaviour in DHCP Environment for Missing IP address Scenario Explanation What gets Updated in Database Table 7-5 Properties Supporting Duplicate MAC Address Property Description UT.DuplicateMac.Include_SwitchPorts List of switchports connected to endhosts, for which duplicate MAC entries need to be included in UT Major, UT Minor, UT device based, and UT subnet based Acquisition. UT.DuplicateMac.Exclude_SwitchPorts List of switchports connected to endhosts, for which duplicate MAC entries need to be excluded in UT Major, UT Minor, UT device based, and UT subnet based Acquisition. UT.DuplicateMac.Include_Switches List of switches connected to end hosts, for which duplicate MAC entries need to be included in UT Major, UT Minor, UT device based, and UT subnet based Acquisition. UT.DuplicateMac.Exclude_Switches List of switches connected to end hosts, for which duplicate MAC entries need to be excluded in UT Major, UT Minor, UT device based, and UT subnet based Acquisition.
7-14 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration For the above list of properties: Values should be separated by commas. IP addresses of the devices should be given. Port numbers should be given along with the devices IP address as deviceip:port. The Exclude list takes precedence over the Include list. The usage scenario for the above lists is as follows: If you use the Include list OR the Exclude list alone, the duplicate MAC addresses will be included or excluded as specified. For example, if you set the Include list as, UT.DuplicateMac.Include_Switches=X,Y Duplicate MAC addresses will be allowed only for endhosts connected to Switches X and Y. Duplicate addresses will not be allowed for any other endhost. If you set both Include and Exclude list as, UT.DuplicateMac.Include_Switches=X,Y UT.DuplicateMac.Exclude_Switches=A,B Duplicate MAC addresses will not be allowed for endhosts connected only to Switches A and B. Duplicate addresses will be allowed for all other end hosts, even for those connected to switches not specified in the Include list. Thus when an Exclude list is set, the Include list is ignored. UT.DuplicateMac.Include_Vlans List of VLANs associated with endhosts, for which duplicate MAC entries need to be included in UT Major, UT Minor, UT device based, and UT subnet based Acquisition. UT.DuplicateMac.Exclude_Vlans List of VLANs associated with endhosts, for which duplicate MAC entries need to be excluded in UT Major, UT Minor, UT device based, and UT subnet based Acquisition. UT.DuplicateMac.Include_Subnets List of subnets associated with endhosts, for which duplicate MAC entries need to be included in UT Major, UT Minor, UT device based, and UT subnet based Acquisition. UT.DuplicateMac.Exclude_Subnets List of subnets associated with endhosts, for which duplicate MAC entries need to be excluded in UT Major, UT Minor, UT device based, and UT subnet based Acquisition. Table 7-5 Properties Supporting Duplicate MAC Address Property Description
7-15 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration The above examples hold good for the Include/Exclude lists of Switchports, Subnets and VLANs. The order of priority for the property list is as follows: a. SwitchPorts b. Switches c. VLANs d. Subnets The SwitchPorts list has the highest priority, followed by Switches, VLANs and Subnets list. For example, if you set UT.DuplicateMac.Include_SwitchPorts=10.77.211.33:3/2 UT.DuplicateMac.Exclude_Switches=10.77.211.33 Although the switch 10.77.211.33 is in the Exclude list, a switchport belonging to that switch is also present in the Include list. So Duplicate MAC addresses will be allowed for that port on the switch. Thus the SwitchPorts list has higher priority over the Switches list. Configuring User Tracking Properties from the Backend This section explains the new user configurable properties that have been added to UT. You can configure properties that control DNS name resolution and history reports, by editing them in the file ut.properties, stored in NMSROOT/campus/etc/cwsi/ where NMSROOT is the root directory where you installed CiscoWorks.
7-16 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Table 7-6 lists the new properties added to UT: Table 7-6 Configuring User Tracking Properties Property Default Value Description HistoryHostPurgeTime 10 days Purges history entries which are older than the specified time. The value should be provided in minutes. For example, If you want to purge entries older than 10 days, set HistoryHostPurgeTime=14400 UT.nameResolution both Name resolution for end hosts using J ava APIs J NDI and InetAddres.This property can have the following values: wins (Use only InetAddress) dns (Use only J NDI) wins,dns (First InetAddress then J NDI) both (J NDI first and InetAddress next) UT.nameResolution.dnsTimeout 2000 Time duration for which UT waits for response from the DNS server, for name resolution. The value should be entered in milliseconds. UT.nameResolution.winsTimeout 2000 Time duration for which UT waits for response from the DNS server, for name resolution.The value should be entered in milliseconds. This property must be enabled only for windows server. UTMajorUseDNSCache false Uses cache memory for name resolution in subsequent User Tracking discoveries. User Tracking performs DNS Lookup for a host only if the IP address of the host is being resolved for the first time.It does not perform DNS Lookup for every Major Acquisition. This helps the application to reduce the number of queries during User Tracking Acquisition. This in turn reduces the time taken for Acquisition process. UT.RunLookupAnalyzer OFF To analyze the performance of DNS servers and provide the following information in the NMSROOT\log\ut.log file: DNS Server Efficiency for each DNS Server Overall Summary of DNS Servers Namelookup related settings in ut.properties file Issues found and recommendations to overcome them Set the value to ON to turn on the feature. You need not enable debugging for UT to get the LookupAnalyzer data in the ut.log file. For details on running Lookup Analyzer utility from the command prompt and example output of the utility, see Using Lookup Analyzer Utility, page 7-91
7-17 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Configuring Rogue MAC List MAC Addresses that are not authorized to exist in your network are termed as Rogue MAC addresses. When you enable the Rogue MAC notification feature, you need to define the list of MAC addresses that are to be classified as unauthorized addresses in the network. You can also import MAC addresses to Acceptable OUI either from a file or directly from UT. If you import the MAC Addresses from a file or directly from UT, the MAC addresses in the file are converted to OUIs before you add them to the Acceptable OUI list. To do so: Step 1 Go to Campus Manager > Administration > User Tracking > Acquisition Settings. The User Tracking Acquisition settings window appears. Step 2 Click Define Rogue MACs. The Rogue MAC Configuration window appears. The lists displayed in the window are: Rogue MAC/OUI List Acceptable MAC/OUI List Step 3 Click Add MAC/OUI to add new entries to the list. The Add MAC/OUI window appears. The Organizationally Unique Identifier (OUI) is a 24-bit number. It is used as an identifier to uniquely identify the vendor, manufacturer, or other worldwide organization. An OUI reserves a block of each type of derivative identifier, such as MAC addresses, group addresses, Subnetwork Access Protocol protocol identifiers, and so on. It is used to identify an network interface controller (NIC), network protocol, or MAC addresses for Ethernet. In case of MAC addresses, OUI is combined with a 24-bit number to form the address. The first three octets of the address are the OUI.
7-18 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration The Add MAC/OUI page is as explained in Table 7-7: Step 4 Select any of the following: Manual Add a. Select the required OUIs from the list displayed in OUI List. b. Click either the Add to Rogue MAC List or the Add to Acceptable MAC List, based on your requirement. The MAC or OUIs that you enter in the ADD MAC or in the OUI textbox will be added to the list that you selected. Table 7-7 Populating the MAC/OUI list Property Description Select Mode Provides the following options to add MAC addresses to MAC/OUI List: Manual Enables you to add MAC/OUI to either the Acceptable MAC/OUI List or to the Rogue MAC/OUI list. The Manual Add option is selected by default. Import from file Enables you to import MAC Addresses from a file to the Acceptable MAC/OUI List Import from UT Enables you to import MAC Addresses directly from UT to Acceptable MAC/OUI List Add MAC/OUI Enter the MAC Address or OUI in the text box provided. The values should be separated by spaces, tabs, or commas. You can also enter values on separate lines. The address can have only hexa decimal numbers separated by hyphen. Example: 00-c0-1d-99-06-b6 OUI List Displays predefined values in Campus Manager. You can select values from the list, to add to the Rogue OUI or Acceptable OUI list. To add more values to the list, add them to the Property file: NMSROOT/campus/etc/cwsi/OUI.properties where NMSROOT is the directory where you installed CiscoWorks. To get the latest OUIs listed by IEEE, see http://standards.ieee.org/regauth/oui/index.shtml
7-19 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Import From File a. Click Browse and browse to the folder location and choose the file to be imported b. Click the Import to Acceptable OUI list. The MACs are converted to OUIs before you add them to the Acceptable MAC/OUI list. Import From UT Click the Import to Acceptable OUI list. The MACs are converted to OUIs prior to adding them to the Acceptable MAC/OUI List. It is mandatory that the file that is imported to Acceptable MAC/OUI list must include the header - MAC Address followed by MAC Address entries. For example: In the example, the file to be imported includes a MAC Address column with MAC Address entries. MAC Address MAC 1 MAC 2 MAC 3 The newly added values are reflected in the Rogue MAC Configuration screen. Step 5 Check Consider unqualified MAC as Rogue When you check this, Campus Manager treats any new MAC address coming into the network as Rogue MAC. This is if it is not defined in the Acceptable MAC list. Step 6 Click any of the following: Save Saves the settings to the server. They come into effect in the next UT Major Acquisition cycle. If Dynamic User Tracking is running, notification for new or Rogue MACs detected in the network, are sent immediately. If WLSE is integrated with Campus Manager, notification for wireless MACs detected in the network is sent. Delete Deletes entries Cancel Cancels changes and closes the window.
7-20 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Modifying Acquisition Schedule You can modify UT acquisition schedule using the Acquisition Schedule option of the Administration tab in Campus User Tracking window. To modify acquisition schedule: Step 1 Select Campus Manager > Administration > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Administration > Acquisition > Schedule Acquisition. The Acquisition Schedule dialog box appears. Step 3 Modify the acquisition schedule as specified in Table 7-8. Step 4 Select the schedule and do any of the following: Click Edit to edit the schedule. Click Delete to delete the schedule. Click Add to add a new schedule. Step 5 Click OK to save the changes or Cancel to cancel the changes. Step 6 Click Apply after adding or editing a schedule. Table 7-8 Acquisition Schedule Field Description Field Description Usage Notes Minor Acquisition Specify the periodicity in minutes at which a minor acquisition should take place. None. Major Acquisition Specify the time at which a major acquisition is to take place. Specify the days of the week on which a major acquisition is to be scheduled. None. Days, Hour, Min Days on which and the time at which a major acquisition is to be carried out. You can add new schedules and edit or delete existing schedules. Recurrence Pattern Select the days of the week on which a major acquisition is to be scheduled. This field is available only when you are adding or editing a schedule.
7-21 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Modifying Ping Sweep Options A ping sweep (also known as an ICMP sweep) is a basic network scanning technique used to determine which range of IP addresses map to live end hosts (computers). You can use a single ping to find out whether a specific end host exists on the network. A Ping Sweep consists of ICMP (Internet Control Message Protocol) ECHO requests sent to multiple hosts. If a given address is live, it will return an ICMP ECHO reply. Ping sweeps are among the older and slower methods used to scan a network. When Ping Sweep is enabled in Campus Manager, the UTPing program in NMSROOT/campus/bin will be invoked during acquisition to send out a sweep of pings for each subnet. Before collecting information from a device, the subnets connected to the device are pinged. This serves as a connectivity check, as well as loads the ARP table of the layer 3 device with the latest information. After pinging, acquisition process starts collecting end host information from the device. You can modify Ping Sweep option from the Admin tab in Campus User Tracking window. To modify Ping Sweep options: Step 1 Select Campus Manager > Administration > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Administration > Acquisition > Ping Sweep. The Ping Sweep dialog box appears. Step 3 Choose any of the following: Disable Ping Sweep Perform Ping Sweep on all subnets Exclude subnets from Ping Sweep When you choose Exclude subnets from Ping Sweep, select the subnets that you want to exclude from Ping Sweep. You can select subnets from the list of available subnets and add to the list of subnets to be excluded. Step 4 Specify the Wait Interval, if Ping Sweep is enabled. Wait Interval is the time duration between pinging subnets. The interval ensures that the network is not flooded with ping packets. For example, assume that you have included 4 subnets for pinging, and set the wait interval to 10 seconds. If Subnets 1 and 2 are connected to Device 1, and Subnets 3 and 4 are connected to Device 2, then 10 seconds lapse between pinging Subnets 1 and 2. After pinging both the subnets, acquisition starts on Device 1. Same happens with Device 2. Step 5 Click Apply. User Tracking does not perform Ping Sweep on large subnets. For more details, see Notes on Ping Sweep Option.
7-22 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Notes on Ping Sweep Option User Tracking does not perform Ping Sweep on large subnets, for example, subnets containing Class A and B addresses. Hence, ARP cache might not have some IP addresses and the User Tracking may not display the IP addresses. In larger subnets, the Ping process leads to numerous ping responses that might increase the traffic on your network and result in extensive use of network resources. You can increase the value of the wait interval. Wait interval helps the ping response traffic to settle, which may appear as Denial Of Service (DOS) or may affect the functioning of router by high CPU usage. To perform Ping Sweep on larger subnets, you can: Configure a higher value for the ARP cache time-out on the routers. To configure the value, you must use the arp time-out interface configuration command on devices running Cisco IOS. Use any external software, that will enable you to ping the host IP addresses. This will ensure that when you run User Tracking Acquisition the ARP cache of the router contains the IP addresses. Configuring Subnet Acquisition You can configure Campus Manager to perform User Tracking Acquisition on selected subnets. These configurations are used for User Tracking Major Acquisition and Configured Subnets based acquisition. You can choose to include or exclude specified subnets to perform User Tracking major acquisition. To configure Subnet acquisition: Step 1 Select Campus Manager > Administration > User Tracking. The Campus User Tracking window appears. Step 2 Select Administration > Acquisition > Configure Subnet Acquisition. The Configure Subnet Acquisition dialog box appears. Step 3 Select either of the following options: Perform acquisition on all subnets All the subnets are included for User Tracking Major Acquisition. If you select this option do not perform steps 4 and 5. Or Perform Subnet-based acquisition The action depends on the Filter value. Step 4 Select either of the following Filter values: Perform major acquisition on selected subnets All subnets added to the Selected Subnets list are included for User Tracking acquisition. Or Do not perform major acquisition on selected subnets All subnets added to the Selected Subnets list are excluded for User Tracking acquisition.
7-23 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Step 5 Select subnets from the list of Available Subnets and add them to the list of Selected Subnets. Step 6 Click Apply. Modifying Delete Interval Using this option, you can modify the time interval for deleting entries from the End Host Table, IP Phone Table or the History Table from the database. To modify the Delete Interval: Step 1 Select Campus Manager > Administration > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Administration > Acquisition > Delete Interval. The Delete Interval dialog box appears. Step 3 Specify delete intervals for end host, IP phone and history tables. Step 4 Either: Click Delete now to delete the entries immediately. If you select this step do not perform Step 5. Or Select Delete After Every Major Acquisition. If you select this option, Campus Manager will delete records older than the specified interval, after every UT Major Acquisition. Step 5 Click Apply. Configuring Trunk for End Host Discovery Normally UT Acquisition discovers end hosts connected only to access ports. If you enable this feature UT Acquisition discovers end hosts connected to non-link trunk ports also. Campus Manager classifies trunk ports as follows: Link ports Trunk ports connected to Cisco devices (Switch or Router). Non-link ports Trunk ports connected to end hosts or IP phones. Scenarios where a Trunk port is connected to an end host: In a switched network, many clients from different VLANs might access an enterprise resource, such as a database server. If the server has only a standard EthernetNIC, it can belong to only one VLAN. Clients that belong to a different VLAN would have to send their traffic to a router. The router forwards the frames to the database server. The problem with this approach is the latency introduced by the router. To overcome this, a trunk-capable NIC card can be placed in the server that understands multiple VLAN information. With this arrangement, an end station need not send its frame to the router. Instead it can directly access the file server. This makes the access much faster.
7-24 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration To configure trunk ports: Step 1 Select Campus Manager > Administration > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Administration > Acquisition > Configure Trunk for End Host Discovery. The corresponding page appears. Step 3 You can: Select Enable End Host Discovery on all Trunks to include all non-link trunk ports to UT Major Acquisition. After choosing this option, go to Step 9. Select Enable End Host Discovery on selected Trunks to include only the required set of non-link trunk ports to UT Major Acquisition. After choosing this option, go to Step 4. Select Disable End Host Discovery on Trunks to disable this feature. For this option, only the end hosts connected to access ports will be discovered by UT Major Acquisition. After choosing this option, go to Step 9. Step 4 Select the list of switches where end hosts are connected to trunk ports, from the device selector. Step 5 Click Show Trunks. This displays the list of non-link trunk ports from the selected switches. Non-link trunk ports in down state are also listed here. If you have selected devices that do not have non-link trunk ports, a message is displayed indicating the same. Change your selection to devices that have non-link trunk ports and click Show Trunks, to display the ports. Link ports are not listed here. Step 6 Select the list of trunk ports where end hosts are connected from the Available Trunks list. Step 7 Click Add. The selected ports are displayed under the Selected Trunks list. Step 8 Select either Discover End Hosts on Trunks to include the selected ports in UT Major Acquisition. Or Do not Discover End Hosts on Trunks to exclude the selected ports from UT Major Acquisition. Step 9 Click Apply. This saves the configuration on the server. After saving the configuration, run Data Collection. End hosts connected to trunk ports will be discovered in the successive UT Major Acquisition. For Dynamic User Tracking to track end hosts connected to trunk ports, enable SNMP traps in these ports. For details on Enabling SNMP traps, see Enabling SNMP Traps on Switch Ports.
7-25 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Administration Specifying Purge Policy You can specify the intervals at which old reports and jobs are to be purged, using the Purge Policy option. You can save the Purge Policy, so that the older jobs and archives are purged at the specified interval. To specify the Purge Policy: Step 1 Select Campus Manager > Administration > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Administration > Reports > User Tracking Purge Policy. The Report Settings dialog box appears. Step 3 Check the relevant check box: Purge Archives Older than Purge J obs Older than You must specify the period in days, or weeks, or months for which you want to retain the report archives or jobs. Step 4 Click Save. Specifying Domain Name Display You can specify the way in which domain names are to be displayed in User Tracking Reports, using the Domain Name Display option. To specify the Domain Name display: Step 1 Select Campus Manager > Administration > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Administration > Reports > Domain Name Display. The Report Settings dialog box appears. Step 3 Select the format for displaying the domain names in User Tracking Reports. You can: Show full domain name suffix Hide full domain name suffix Hide specified domain name suffix If you want to hide the specified domain name suffix, enter the domain name suffix in the field. Step 4 Click Save.
7-26 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding Dynamic Updates Importing Information on End Host Users You can import from a file, user names and notes for end hosts already discovered, using the End Host Table Import option of the Administration tab in the Campus Manager User Tracking window. To import information in end host users: Step 1 Select Campus Manager > Administration >User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Administration > End Host Table Import. The End Host Table Import dialog box appears. Step 3 Specify the name of the file from which you are importing the end host table data. Step 4 Click Apply. Note We recommend you to import file either of the format CSV or txt file. The imported file must have the following mandatory headers: MAC Address, User Name and Notes. For example: MAC1 Peter Finance department Understanding Dynamic Updates User Tracking generates reports on various functions and attributes of the end hosts and devices connected to your network that are managed by Campus Manager . These reports are generated by polling the network at intervals set by the network administrator. In addition to polling the network at regular intervals, Campus Manager tracks changes about the end hosts and users on the network to provide real-time updates. Dynamic Updates are asynchronous updates that are based on SNMP MAC notifications traps. When an endhost is connected to a switch managed by Campus Manager, an SNMP MAC notification trap is sent immediately from the switch to the Campus Manager Server, indicating an ADD event. This trap contains the MAC address of the end host connected to the switch. Similarly if an end host is disconnected from a switchport, an SNMP MAC notification trap is sent from the switch to the Campus Manager indicating a DELETE event. Thus Campus Manager provides real time data about end hosts coming into and moving out of the network. The difference between UTMajor Acquisition and Dynamic UT process is : Campus Manager collects data from the network at regular intervals for UTMajor Acquisition. In Dynamic UT, the devices send traps to Campus Manager as and when changes happen in the network. This implies that you need not wait till next UTMajor Acquisition cycle to see the changes that have happened in your network. This is an improvement over the earlier versions, where updates on endhost information happened based on the polling cycle.
7-27 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding Dynamic Updates As a result of Dynamic updates, the following reports contain up-to-date information: End-Host Report Contains information from UT Major Acquisition and the recently added end-hosts. History Report Contains information from UT Major Acquisition and the recently disconnected end-hosts/end-hosts that have moved between ports or VLANs. Switch Port reports Contains information about the utilization of switch ports. SNMP Traps are generated when a host is connected to the network, disconnected from the network or when it moves between VLANs or ports in the network. See Figure 7-1for an overview of Dynamic Updates. Figure 7-1 Overview of Dynamic Updates Configure devices to send traps Is it a DHCP environment? Enable DHCP snooping Dynamic UT configuration Configure Campus Manager as Primary listener Configure DFM/HPOV as Primary listener Configure Campus Manager as Secondary listener Yes Campus Manager starts processing dynamic updates Run UTLite Script (for Windows) No Switches should be managed by Campus Manager 1 8 2 1 7 3
7-28 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding Dynamic Updates To enable the Dynamic Updates feature: Switches must be managed by Campus Manager . Configure Campus Manager as a primary or secondary receiver of the MAC notifications. For details, see SNMP MAC Notification Listener. Configure all devices to send traps to the Trap Listener port of the Campus Manager server (This is the port number that you would have configured on Campus Manager Administration screen). For more details, see Enabling SNMP Traps on Switch Ports. Configure DHCP snooping on the switches Dynamic Host Configuration Protocol (DHCP) snooping is a security feature that filters untrusted DHCP message received from outside the network or Firewall, and builds and maintains a DHCP snooping binding table. Campus Manager queries the CISCO-DHCP-SNOOPING-MIB to get the IP address of the end-host connected. For details on configuring DHCP, see http://www.cisco.com/en/US/docs/ios/12_2/ip/configuration/guide/1cfdhcp.html User Tracking collects username and IP address through UTLite for Windows environment. For more details, see Understanding UTLite. In a Windows environment you can either install UTLite or configure DHCP snooping to get IP address of the end host. They can also co-exist. If you have neither installed UTLite nor enabled DHCP snooping, the IP address of the end-host connected will be updated only in the next UT Major Acquisition cycle. The ARP cache of the device should be populated with the IP address, for UT Major Acquisition to discover it. The User Tracking Dynamic Updates process includes: MAC User-Host Information Collector (MACUHIC) Process User Tracking Manager (UTManager) Process UTLite MAC User-Host Information Collector (MACUHIC) Process MAC User-Host Information Collector tracks wired end users dynamically. It receives MAC notifications from the switches either directly or through DFM or HPOV. After receiving the MAC notifications, MACUHIC validates the traps as follows: Checks whether the traps are generated from a switch managed by Campus Manager . Checks whether the source is an access port. If the traps are from valid sources: Updates Campus Manager database. Informs UTManager if the trap is received for an ADD event. User Tracking Manager (UTManager) Process UTManager receives the information from MACUHIC about the ADD MAC notification trap that is received. This information is not complete and can be completed using updates from DHCP or UTLite or from both. In the UTLite process, UTLite receives details of changes in username, and the time at which the host has logged in or logged out of the network.
7-29 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding Dynamic Updates UTLite UTLite is a utility that allows you to collect user names from Primary Domain Controllers, Active Directory, and Novell servers. To do this you need to install UTLite in the Windows Primary Domain Controllers and in the Novell servers. You can also install UTLite in an Active Directory server. For complete information, see Understanding UTLite. Figure 7-2 Processes Involved i n Dynamic Updates When an end-host is connected to your network, the following happens in the background. See Figure 7-2 for details: 1. The switch to which it is connected sends a MAC notification. 2. The MACUHIC process in Campus Manager receives the MAC notification either directly from the switch or through other applications like DFM or HPOV. 3. After processing this MAC notification, MACUHIC informs the UTManager. 4. Campus Manager updates the database with the username and IP Address received from the UTLite. Database does not contain the complete information about the end host. 5. UTManager finds the following details: Subnet, VTP domain, VLAN, Port duplex, and port speed from XML files generated after Data Collection. Hostname from DNS Server Campus Manager updates the database with the complete User Tracking information for the host. The User Tracking end host history reports, end host reports, reports on switch ports, wireless clients, duplicate MAC addresses, duplicate IP addresses, and so on use this updated information while generating reports. User Tracking Reports SNMP Traps sent by devices Campus Manager Campus Manager Database MACUHIC processes traps from wired hosts UTLITE sends user login/logout information UTM polls various external systems to get complete information about the hosts External Systems like DHCP Snooping MIB etc. 1 8 2 1 7 4
7-30 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding Dynamic Updates Viewing Dynamic Updates Process Status You can check whether the Dynamic Updates processes are running or not. To check the status: Step 1 Select Campus Manager > Administration > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Administration > Dynamic Updates. The Dynamic Updates Process Status window appears. If you have started the process already, the status window shows Dynamic Updates Processes are RUNNING. Step 3 Click Stop to stop the Dynamic Updates processes. The Stop button then toggles to Start, and the status window shows Dynamic Updates Processes are STOPPED. When you stop these processes, Campus Manager stops processing traps sent by devices. Step 4 Click Start to restart the Dynamic Updates processes. The Start button again toggles to Stop. Enabling SNMP Traps on Switch Ports You must configure the Cisco switches for sending SNMPv1/SNMPv2 MAC Notification Traps when a host is connected to or disconnected from that port. Even if the device is managed with SNMPv3, Campus Manager processes only SNMPv1/SNMPv2 traps. You can configure the ports Through Campus Manager Interface or Through Command Line Interface (CLI). Note Campus Manager supports only those switches which contain the Management Information Base (MIB) named MAC Notification, for enabling the SNMP traps. Through Campus Manager Interface Prerequisites to enable MAC Notification on switches through Campus Manger interface: The switches must be managed by RME. If the devices are managed in SNMP version 2 (SNMPv2), you need to configure the Read as well as the Write community strings to enable MAC Notification in the switches. Configure the RME server credentials in Campus Manager . For more details, see Setting RME Credentials. Note Campus Manager configures SNMP MAC Notification version 1 as the default version on switches for Dynamic Updates.
7-31 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding Dynamic Updates To enable MAC notification in switches: Step 1 Select Campus Manager > Administration > User Tracking, from LMS Portal. Step 2 Select Administration > Dynamic Updates > Device Trap Configuration. The Configure Trap on Devices dialog box appears. Step 3 Select the switches for which you want to enable the traps, from the Device Selector. Step 4 Click Selection to see the devices that you have selected. Step 5 Click Configure to configure MAC notification on the ports in the devices. The Configure MAC-Notification Trap on Ports dialog box appears. Table 7-9 describes the entries in the Configure MAC-Notification Trap on Ports dialog box. Step 6 Check the check boxes to select the ports that you want to enable SNMP traps. Step 7 Click Configure to enable the SNMP traps. An Information window appears. Step 8 Click OK. Table 7-9 Configure MAC-Notification Trap on Ports Field Description Field Description Add Campus Manager Server as Trap Receiver Check the check box to configure devices, to send SNMP traps to Campus Manager. To configure Campus Manager to listen to traps sent from devices, see Configuring SNMP Trap Listener. Trap Community Set a community string for the SNMP traps sent by devices. This property is enabled only when Campus Manager is the Primary receiver for SNMP traps. This string is added to the list of valid strings in the Dynamic User Tracking Configuration screen. Set as Dynamic User Tracking Default Check the check box to make this community string as the default for future configurations, if Campus Manager is the Primary Trap receiver. Filter Allows you to filter the ports listed, based on port name, device name and the device address (IP address of the device). Trap Receiver Port Port number that you entered for receiving traps. The default trap receiver port number of the Campus Manager server is 1431. Port Name of the port. Access ports as well as Non-link Trunk ports are listed. Device Name Name corresponding to IP address of the switch. Device Address IP address of the switch. Rows per page Select to view 10 to 50 rows on a page.
7-32 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding Dynamic Updates Through Command Line Interface If you do not have RME installed on your CiscoWorks server, you must configure the switches manually, for the switches to send MAC Notifications to the Campus Manager server. If you do not have RME installed on your CiscoWorks server, you must configure the switches manually, for the switches to send MAC Notifications to the Campus Manager server. See Commands to Enable MAC Notification Traps on Devices for a list of commands to be run on each device. For complete list of devices supported by Campus Manager, see http://www.cisco.com/en/US/products/sw/cscowork/ps563/products_device_support_tables_list.html SNMP MAC Notification Listener You must enable the switches to send SNMP MAC notifications to the listener, to avail the Dynamic Updates feature. After you enable the switches, you can choose either Campus Manager , CiscoWorks Device Fault Manager (DFM), or HP OpenView (HPOV) as the primary listener for MAC notifications. If you select Campus Manager as the Primary listener, the MAC notifications reach the application directly from the switches. If you select Campus Manager as the Secondary listener, (with HPOV or DFM as the primary listener), MAC notifications reach Campus Manager through HPOV or DFM. Note Even if the device is managed with SNMPv3, Campus Manager processes only SNMPv1/SNMPv2 traps. To select the MAC notification listener, see the following sections: Configuring SNMP Trap Listener HPOV as Primary Listener DFM as Primary Listener Configuring SNMP Trap Listener Campus Manager receives SNMP traps directly from the switches, unless you configure the port to direct the traps through HP Open View (HPOV) or CiscoWorks Device Fault Manager (DFM) applications. To configure the trap listener: Step 1 Select Campus Manager > Administration > User Tracking, from LMS Portal. Step 2 Select Administration > Dynamic Updates > Trap Listener Configuration. The Trap Listener Configuration dialog box appears. Step 3 Check Listen traps from Device to configure the trap reception directly from the devices This makes Campus Manager as the primary listener for receiving SNMP traps from devices. OR Check Listen traps from DFM/HPOV to receive the traps through these applications. In this case, DFM or HPOV act as the primary listener for SNMP traps from devices. They forward it to Campus Manager which acts as the secondary listener for traps.
7-33 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding Dynamic Updates If both options are enabled, Campus Manager can receive traps directly from devices, from HPOV and from DFM. Step 4 Enter the port number of the port through which you want to receive the traps, in the Trap Listener Port field. The default trap listener port number of the Campus Manager server is 1431. Step 5 Click Apply to save the details. HPOV as Primary Listener If you select HPOV as the primary listener, you must perform the following to receive the Dynamic Updates through Campus Manager : Install CiscoWorks Integration Utility Install Trap Adapter for HPOV The supported versions of HPOV are HPOV 7.50, HPOV 7.51 and HPOV 7.53. Install CiscoWorks Integration Utility You must have CiscoWorks Integration Utility (Integration Utility) installed on your system. Integration Utility is a utility that integrates CiscoWorks applications with third-party Network Management Systems (NMS). This utility is available as part of the DVD in the CiscoWorks LAN Management Solution 3.2. This integration utility adds Cisco device icons to topology maps, allows Cisco MIB browsing from NMS, and sets up menu items on the NMS to launch remotely installed CiscoWorks applications. See User Guide for CiscoWorks Integration Utility 1.7, for more details on the integration utility. Note You must install the Integration Utility on the same machine on which you have installed HPOV. Install Trap Adapter for HPOV Campus supports Trap Adapter for OpenView on Windows and Solaris operating systems. To install the adapter on Windows: Step 1 Locate the TrapListener.conf file in the NMSROOT/campus/hpovadapter/WIN/ directory. Step 2 Modify the Trap Receiver address and the port number to the Campus Manager values, in the file. Step 3 Set the LIB environment variable to HP OpenView lib directory. Step 4 Run the fwdTrap.exe program located in the same directory. The Trap Adapter gets attached to OpenView process and starts sending traps to the Campus Manager server. To install the adapter on Solaris: Step 1 Locate the TrapListener.conf file in the /opt/CSCOpx/campus/hpovadapter/SOL directory.
7-34 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding Dynamic Updates Step 2 Modify the Trap Receiver address and the port number to the Campus Manager values, in the file. Step 3 Set the LD_LIBRARY_PATH environment variable to HP OpenView lib directory. Step 4 Run the fwdTrap program located in the same directory. The Trap Adapter gets attached to OpenView process and starts sending traps to the Campus Manager server. Supported Platforms (Operating Systems) The supported platforms for the HP NNM and HPOV adapters are: DFM as Primary Listener If you select DFM as the primary listener, you must perform the following to receive MAC Notifications from the switches, thus availing the Dynamic Updates feature in Campus Manager . The default port number of DFM Server for receiving Traps from the switches is 9000. You must configure or verify this port number on the device, for the device to forward the Traps to DFM. The trapd.conf file has the details regarding the port number that receives the Traps at the DFM server. To enable DFM to forward the MAC Notifications, you must modify the trapd.conf file in the DFM server, at NMSROOT/object/smarts/conf/trapd directory. You can modify the file through the command line interface or through the application interface. You can configure the application to forward the MAC Notifications to Campus Manager Server in two ways: From LMS Portal Network Management System Supported Platforms HP Open View 7.53 Solaris 9 Solaris 10 Windows 2003 Standard Edition with Service Pack 1 or 2 Windows 2003 Enterprise Edition with Service Pack 1 or 2 Windows 2003 R2 Standard Edition Windows 2003 R2 Enterprise Edition HP Open View 7.51 Solaris 9 Solaris 10 Windows 2003 Standard Edition with Service Pack 1 Windows 2003 Enterprise Edition with Service Pack 1 Windows 2003 R2 Standard Edition Windows 2003 R2 Enterprise Edition HP Open View 7.50 Solaris 9 Windows 2003 Standard Edition with Service Pack 1 Windows 2003 Enterprise Edition with Service Pack 1
7-35 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding Dynamic Updates From the DFM Server
7-36 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding Dynamic Updates From LMS Portal Step 1 Select Device Fault Manager > Configuration. The Configurations page appears. Step 2 Select Other Configurations > SNMP Trap Forwarding. The Notification Services page appears. Step 3 Enter the Hostname and the port number of the Campus Manager server to which you want to forward the MAC Notifications. Step 4 Click Apply to configure. The trapd.conf file is modified and the DFMServer process is restarted. Note If you configure through CiscoWorks, Campus Manager server receives all Traps including MAC Notification. From the DFM Server Step 1 Access the DFM server using Telnet. Step 2 Enter pdterm DfmServer at the command line to stop the DFM server. Step 3 Navigate to NMSROOT/object/smarts/conf/trapd directory. Step 4 Edit the trapd.conf file in the directory to reflect the following changes. Enter: FORWARD: address OID generic type specific type \ host [:port] | [:port:community] [host [:port] | [:port:community] ...], where the explanation for each variable is provided in the trapd.conf file. Step 5 Enter pdexec DfmServer at the command line to restart the DFM server. Configuring Dynamic User Tracking You can configure certain properties in Dynamic User Tracking to enhance the security of the system. These properties make the server receive traps only from specified devices and with specified community strings. To configure properties for filtering SNMP Traps: Step 1 Select Campus Manager > Administration > User Tracking, from LMS Portal. Step 2 Select Administration > Dynamic Updates > Dynamic User Tracking Configuration. The Dynamic User Tracking Configuration page appears.
7-37 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding Dynamic Updates Step 3 Check Validate SNMP Community. Campus Manager validates the community string in SNMP traps, with the values you have set. You can add community strings only after checking this check-box. If you configure a device with SNMP v2 or v1 settings in DCR, then the device is initially queried with SNMP v2 by Campus Manager. If the query fails, CM will query the device with SNMP v1. If you configure a device with SNMPv3 settings in DCR, then the device is queried with SNMP v3. However, if the query fails, the same device will not be queried with SNMP v2 or v1. Step 4 Enter the community string in the Valid Community List text box and click Add. You can add the community strings one at a time. You can use the Delete button to remove the extra or erroneous strings. The default Trap community string that you might have added in the Device Trap configuration screen is also listed here. Step 5 Check Validate Trap Source. Campus Manager validates the source IP Address of the trap. You can add the list of IP Addresses only after checking this check-box. Step 6 Enter the IP Address in the text box provided and click Add. You can use the Delete button to delete extra or erroneous entries. Step 7 Click Apply to save changes to the server. To revert to the default values, click Reset. You can use any one of the options to filter SNMP traps. For example: If you set Validate SNMP Community = true (by checking the check-box) Community String = private, test Validate Trap Source =false then traps from all sources with community string private or test will be processed by Campus Manager. If you set Validate SNMP Community =true Community String = private, test Validate Trap Source =true Valid IP Addresses = 10.77.210.211, 10.77.210.212 then traps from the listed IP addresses, with the community string private or test will be processed by Campus Manager. In this case, Campus Manager first validates the community string and if it matches, validates the source address.
7-38 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Debugging Options Debugging Options When you face issues in running User Tracking, logging can be enabled for debugging purposes. Debug settings related to all User tracking functionality can be done here. You can enable debugging for: User Tracking Server side processes You can debug events related to all User Tracking server side processes. For details on this, see Debugging Options for User Tracking Server. Dynamic User Tracking You can set the debugging options required for Dynamic Updates. For details on this, see Debugging Dynamic Updates. User Tracking Client side activities You can debug events related to User Tracking client side activities. For details on this, see Debugging Options for User Tracking Reports. Dynamic User Tracking Console This feature helps you to troubleshoot the three major processes involved in Dynamic User Tracking updates. For details on this, see Dynamic User Tracking Console Table 7-10 explains the difference between Debugging dynamic updates and Dynamic User Tracking: Table 7-10 Difference Between the Debugging Methods Debugging Method Explanation Advantages Limitations Debugging Dynamic Updates Allows you to enable debugging for the various processes, which results in immediate logging. Complete information about trap processing starting from receiving traps, processing them, and information about various stages in MACUHIC, UTLite and UTManager. Interferes with the trap processing capability of Campus Manager. We recommend that you enable debugging for this module only when requested by TAC. Dynamic UT Console Error conditions that occurred while processing Dynamic Updates are stored in circular buffers, in the Campus Manager Server. If you need to see these conditions, you can download the errors in a file format. Does not interfere with the trap processing capability of the Campus Server Can be used to get only error conditions Circular buffers hold only the last 10 error conditions
7-39 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Debugging Options Debugging Options for User Tracking Server To debug events related to all User Tracking server side processes: Step 1 Go to Campus Manager > Administration > Debugging Options >User Tracking Server. The debugging page appears. See Table 7-11 for a description of the fields: Step 2 Click Apply. Table 7-11 User Tracking Server Side Debugging Options Field Description Usage Notes Enable Debug Check this option to enable logging for User Tracking Server side activities. You can select the modules for debugging only after you select this option. Modules Specify the modules on which you need to enable debugging. Click Select to view the available modules and select the modules in which debug is to be enabled. Table 7-12 lists the debug modules available for User Tracking Server. File Name Name of the log file in which the trace messages are to be recorded. The default log file is NMSROOT\log\ut.log Maximum File Size (lines) Maximum size of the file in lines Enable Device Level Debugging Device IP(s) IP addresses of devices for which you need to log debugging messages. You can enter multiple IP addresses, separated by commas. This field is enabled only when the Device Level Debugging option is enabled.
7-40 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Debugging Options Selecting User Tracking Server Side Debug Modules Table 7-12 describes the debug modules available for User Tracking Server in Campus Manager. Click OK to save the selected modules or click Cancel to exit. Debugging Dynamic Updates You can set the debugging options required for Dynamic Updates. Enabling debugging, records all the required information to the log files. To know the difference between Dynamic User Tracking Console and debugging Dynamic Updates, see Table 7-10. To enable debugging Dynamic Updates: Step 1 Go to Campus Manager > Administration > Debugging Options >Dynamic User Tracking. Or Go to Campus Manager > Administration > User Tracking > Administration > Debugging Options >Dynamic User Tracking. The debugging page appears. Step 2 Check Enable Debug to set the options. Step 3 Select the Service Name from the drop down list in the Service Name field. The framework modules appear in the Module Name column. The framework modules depend on the service that you select. Step 4 Select the debug level for each module. The debug level options are INFO, DEBUG, and TRACE. INFO logs minimum information required for debugging and is the default option. DEBUG is the next level of debugging. TRACE provides complete debugging information and creates huge logs. Table 7-12 User Tracking Debug Modules Module Description user tracking Provides user tracking functionality. Enable debugging for this if user tracking fails to discover end hosts as expected. framework Constructs and maintains data in the memory. Provides framework for Campus Manager features. Enable debugging for this module only when requested by TAC. This is because enabling debugging for this module creates huge logs. devices Provides specific information, if any, available for device categories. Enable debugging for this module if you encounter issues specific to a particular device type.
7-41 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Debugging Options Step 5 Enter the filename for the log file in the Log Filename field. The default log file for UT LITE is NMSROOT\log\utlite.log The default log file for MACUHIC is NMSROOT\log\macuhic.log The default log file for UTManager is NMSROOT\log\utm.log The default value for Log file size is 1,000,000 lines. You can give values between 1 and 2,147,483,647. Giving zero or negative values or alphabets results in errors. Step 6 Click Apply to save the settings. Dynamic User Tracking modules available for debugging are explained in Table 7-13: Note Enabling debugging for these modules creates huge logs which interferes with the Trap processing capability of Campus Manager. We recommend that you enable debugging for this module only when requested by TAC. Table 7-13 Dynamic User Tracking Debug Modules Module Description UT Lite control plane Handles configuration events related to: Log level Settings Log file Port number For example: If you changed the log file from X to Y, but logging still happens in X , enable debugging for this module. listener Listens to data sent by the UTLite script installed in the Windows/Novell server. Checks for the integrity of the data received. execution framework Handles code level execution of the data received. Enable debugging for this module to debug J ava related errors. execution Processes and validates the data received. UTLite receives MACAddress, IPAddress and User logged in for the end host. This information is updated to the database only if the endhost has been discovered in last UT Major Acquisition cycle or through Dynamic User Tracking. MACUHIC control plane Handles configuration events related to: Log level Settings Log file Port number listener Listens to SNMP traps sent by devices. Checks for the integrity of the data received.
7-42 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Debugging Options execution framework Handles code level execution of data received by MACUHIC. Enable debugging for this module to debug J ava related errors. decoder Validates the traps sent by devices by checking whether: The trap is sent by a device managed by Campus Manager. The SNMP version is correct execution Checks whether: The data received is duplicate data If the data is sent by a Link port or Access port. Dynamic UT does not process traps sent from link ports. Updates the database with information received and forwards it to UTManager for further processing. UTManager control plane Handles configuration events related to: Log level Settings Log file Port number listener Listens to data sent by UTLite and MACUHIC. Checks for the integrity of the data received. execution framework Handles code level execution of data received by UTManager. Enable debugging for this module to debug J ava related errors. decoder Validates the data received from UTLite, MACUHIC, SNMP data from DHCP Snooping MIB and the other data sent by external systems. execution Processes the data received and updates the database. es framework Handles queries sent to External Systems. es.snmp Handles SNMP queries sent to External Systems. es.subnet Performs subnet calculation based on the information sent by External Systems. es.db Handles database operations. Table 7-13 Dynamic User Tracking Debug Modules (continued) Module Description
7-43 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Debugging Options Debugging Options for User Tracking Reports You can debug events related to User Tracking client side activities as follows: Step 1 Go to Campus Manager > Administration > Debugging Options >User Tracking Reports. Or Go to Campus Manager > Administration > User Tracking > Administration > Debugging Options > User Tracking Reports. The debugging page appears. Step 2 Select the level of debugging. It can be any one of the following: INFO Only informational messages are recorded in the log file. This is the default option. FATAL Messages related to fatal errors are recorded in the log file. DEBUG All User Tracking client side messages are recorded in the log file. The Log File Name field specifies the location and name of the log file. The default log file is NMSROOT\log\Cmapps.log Step 3 Click Apply. Debugging is enabled for UT client side activities and the messages are recorded in the corresponding log file. Dynamic User Tracking Console This feature helps you to troubleshoot Dynamic User Tracking updates in a detailed way. Dynamic UT consists of three major processes: UTLite UTManager MACUHIC Each process monitors different error conditions using circular buffers in the memory. For each error condition, the buffer will have the count of error occurrences and the conditions under which the error occurred. You can write this information from the memory to a file if you need to, and troubleshoot based on that. To know the difference between Dynamic User Tracking Console and debugging Dynamic Updates, see Table 7-10.
7-44 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding User Tracking Reports To enable Dynamic User Tracking Console: Step 1 Select Campus Manager > Administration > User Tracking > Administration > Debugging Options >Dynamic User Tracking Console. The debugging page appears. Step 2 Select the Service name from one of the following: UTLite UTM MACUHIC The error conditions related to that process is listed under the Error Details section. Step 3 Select the error condition for which you need details and click Generate. A new file is generated with all the error details and stored in the Campus Manager server. Its also listed under the File list pane. Step 4 Select a file and: Click View to see the file contents. Click Download to save the file in your local machine. Click Delete to delete the file from the server. You can delete multiple files at the same time. Understanding User Tracking Reports User Tracking automatically locates servers and end-user workstations, and Cisco Voice over IP (VoIP) telephone handsets and their connections to Cisco switches. During this acquisition process it also tabulates specific connection information about the end station. The Reports section displays various options to view, create and schedule various reports that User Tracking provides. User Tracking Data Migration When you upgrade from older versions of Campus Manager to Campus Manager 5.x, complete details about end hosts and IP phones are migrated. This helps you retain data from the earlier database. For complete details on Data Migration, see Data Migration Guide for LAN Management Solution 3.0
7-45 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Using User Tracking Reports The Reports section displays various options to view, create and schedule various reports that User Tracking provides. This section contains: Viewing Quick Reports Exporting and Printing Reports Viewing Report J obs List Viewing J ob Details Using Report Generator Viewing Duplicates Report Viewing End Hosts Reports Interpreting Active End Hosts Report Viewing IP Phones Reports Viewing MAC Reports Interpreting MAC Reports Viewing Reports on Wireless Clients Understanding Switch Port Usage Reports Understanding History Report Using Custom Reports Using Custom Layouts Using Archived Reports
7-46 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Viewing Quick Reports You can view the reports on end hosts or IP phones, based on the filter criteria for which you want to generate the report. To view the reports: Step 1 Select Campus Manager > User Tracking > Reports. The Quick Report dialog box appears. Step 2 Enter the required information as given in Table 7-14. Step 3 Click Submit. The selected type of report is appears in the standard layout. The data displayed depends on the query expression specified. For details on the report, see Interpreting End Host Reports. You can also view all end hosts or IP phones in your network using User Tracking. For more details, see Viewing End Hosts Reports and Viewing IP Phones Reports. Table 7-14 Viewing Quick Reports Field Description Usage Notes Select a type Select the type of report that you wish to view. The two types of reports that are available are: End Hosts IP Phones QueryExpression Column Select a query expression based on which you want to generate the report. To view a list of valid query expressions, click the drop-down arrow. The information on the other query expressions are available in the corresponding report. Operator Logical operator for the query expression. To view a list of valid operators click the drop-down arrow. Pattern Pattern for the selected query expression. Enter the pattern for the selected query expression. The Pattern field is mandatory for all other Operator options except for is null and is not null. In the pattern field to search the pattern for MAC Address Column, you can use the following separators: dot (.) or colon (:). You can also search the pattern for MAC Address without any separator. For example: String for pattern FF:FF:FF:FF:FF:FF can be replaced with continuous string FFFFFFFFFFFF. For details on date formats and operator values, see Operator Values and Date Formats for Last Seen Column.
7-47 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Operator Values and Date Formats for Last Seen Column Table 7-15 lists the operators available for the Last Seen column and their corresponding values for Pattern field. Table 7-15 Operators Available and Their Values Operator Pattern Contains Does not contain Begins with Does not begins with Ends with Does not end with yyyy/mm/dd yyyy/mm/dd hh:mm:ss dd mmm yyyy, hh:mm:ss GMT dd mmm yyyy hh:mm:ss GMT dd mmm yyyy, hh:mm:ss dd mmm yyyy hh:mm:ss dd mmm yyyy hh:mm:ss GMT hh:mm:ss Matches Does not match yyyy/mm/dd hh:mm:ss dd mmm yyyy, hh:mm:ss GMT dd mmm yyyy hh:mm:ss GMT dd mmm yyyy, hh:mm:ss dd mmm yyyy hh:mm:ss Less than Greater than yyyy/mm/dd hh:mm:ss dd mmm yyyy, hh:mm:ss GMT dd mmm yyyy hh:mm:ss GMT dd mmm yyyy, hh:mm:ss dd mmm yyyy hh:mm:ss dd mmm yyyy Is between Is not between yyyy/mm/dd hh:mm:ss,yyyy/mm/dd hh:mm:ss dd mmm yyyy, hh:mm:ss GMT,dd mmm yyyy, hh:mm:ss GMT dd mmm yyyy hh:mm:ss GMT,dd mmm yyyy hh:mm:ss GMT dd mmm yyyy, hh:mm:ss ,dd mmm yyyy, hh:mm:ss dd mmm yyyy hh:mm:ss ,dd mmm yyyy hh:mm:ss dd mmm yyyy ,dd mmm yyyy Is in Is not in yyyy/mm/dd hh:mm:ss,yyyy/mm/dd hh:mm:ss dd mmm yyyy, hh:mm:ss GMT,dd mmm yyyy, hh:mm:ss GMT dd mmm yyyy, hh:mm:ss GMT,dd mmm yyyy, hh:mm:ss GMT dd mmm yyyy, hh:mm:ss ,dd mmm yyyy, hh:mm:ss dd mmm yyyy hh:mm:ss ,dd mmm yyyy hh:mm:ss
7-48 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Exporting and Printing Reports Campus Manager allows you to export and print reports. For details see, Exporting Reports Printing Reports Exporting Reports To export a report: Step 1 Click the Export icon at the top right of the screen. The Exporting Report dialog box appears. Step 2 Enter the format in which the report needs to be exported. You can export reports to CSV or PDF format. End Host Report and End Host History Reports can be exported only to CSV format. Step 3 Enter the range of rows or the row numbers that you want to export. Separate the rows and numbers by commas. Step 4 Click OK. The report is exported. Printing Reports To print a report: Step 1 Click the Print icon at the top right of the screen. The Printing Report dialog box appears. Step 2 Enter the number of rows that need to be printed. Step 3 Click OK. The report is printed. Restrictions on Printing Reports For End hosts report, End hosts history report and IP Phones report, you can print only 30,000 records at a time. If you want to print more than 30,000 records, do it in batches of 30,000. For End hosts report and End hosts history report, comma separated values are not accepted in the print range. For example, specifying the range as 10-40, 70-80 will not work. Specify the range as 10-40 to print from the 10th record to the 40th record. Repeat it for 70-80 range.
7-49 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Viewing Report Jobs List You can view a list of scheduled jobs and their current status using the Report Jobs option of Campus Manager User Tracking window. To view Report J obs: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Report Jobs. The Report J obs dialog box appears. See Table 7-16 Table 7-16 Report Jobs Column Description Column Description J ob ID Unique ID of the job. J ob IDs have N.x format, where x stands for the number of instances of that job. For example, 1007.4 indicates that it is the fifth instance of the J ob with ID 1007. Click on the J ob ID to launch the report. J ob Type Type of job. It includes: Duplicate IP Duplicate MAC Duplicate MAC and VLAN Ports with Multiple MAC End Hosts All Host entries History End Host History History Switch Port Utilization IP Phone All IP Phone entries Switch Port Report Switch Port Capacity Switch Port Report Switch Port Summary Switch Port Report Recently Down Switch Port Report Reclaim Unused Up Ports Switch Port Report Reclaim Unused Down Ports Wireless Report Wireless End Hosts Description Description of the job. Owner Username of the job creator. Scheduled At Date and time at which the job was scheduled. Completed At Date and time at which the job was completed.
7-50 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Note for Custom Reports Custom reports are generated by evaluating a query on a group of devices. They do not launch, if the group has been deleted or if the underlying query does not return any device. Viewing Job Details To view the details of a selected job: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Report Jobs. The Report J obs dialog box appears. Step 3 Check the check box against the job whose details you want to view. Step 4 Click View. The report is launched. You can also launch the report by clicking on the J ob ID. Run Status J ob states include: Running Waiting for approval Scheduled (pending) Succeeded Succeeded with Info Failed Crashed Cancelled Suspended Rejected Missed Start Failed at Start Schedule Type Type of job scheduleDaily or Periodic. Status Provides the status of the current jobs. The status of the current jobs is displayed as succeded or failed. Table 7-16 Report Jobs Column Description (continued) Column Description
7-51 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Stopping Jobs To stop a scheduled job: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Report Jobs. The Report J obs dialog box appears. Step 3 Check the check box against the job that you want to stop. Step 4 Click Stop. Deleting Jobs To delete a job: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Report Jobs. The Report J obs dialog box appears. Step 3 Check the check box against the job that you want to delete. Step 4 Click Delete. Using Report Generator The Report Generator in User Tracking allows you to view System-defined reports and Custom reports. You can also schedule to generate these reports immediately, once, daily, weekly, monthly or quarterly. You can generate the following reports using Report Generator: Select an Application Select a Report Duplicates Duplicate IP, Duplicate MAC, Duplicate MAC and VLAN, and Ports with multiple MAC. End Hosts All Host Entries. History End Host History, Switch Port Utilization. IP Phones All IP Phone Entries MAC Report Dormant MAC, New MAC and Rogue MAC report.
7-52 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports To use the report generator: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Report Generator. The Report Generator dialog box appears. Step 3 Select the Application for which you want to view reports. Step 4 Select the Report that you want to view. Step 5 Schedule the report by selecting the report type and the date on which you want the report to be generated. Step 6 Enter J ob Description and E-mail address, if any. Step 7 Set system preferences for receiving mail. Step 8 Click Submit to generate the report. The report is generated. To modify the settings, click Reset. Viewing Duplicates Report Duplicate report helps you to identify possible network discrepancies related to MAC Address or IP Address of the end hosts. Network Administrators can either correct them or ignore them, if they feel that these discrepancies will not affect the network. For example, Single MAC address may be detected in more than one port Single IP address assigned to more than one end host You need to take appropriate action based on the network condition. You can generate the following reports to get the details of all duplicate IP addresses, duplicate MAC addresses, duplicate VLANs, or ports with multiple MAC addresses. Duplicate IP addresses Duplicate MAC addresses Duplicate MAC and VLANs Ports with multiple MAC addresses. Switch Port Usage Recently Down, Switch Port Summary, Switch Port Capacity, Reclaim Unused Down Ports, and Reclaim Unused Up Ports. Wireless Report Wireless End Hosts Select an Application Select a Report
7-53 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Note Running Immediate Report on a large amount of data will take a long time to complete. We recommend that you run it as a Scheduled J ob. To view reports on duplicates: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Report Generator. The Report Generator dialog box appears. Step 3 Select Duplicates from the Select Application list. Step 4 Select the Report for the application that you want to view. Step 5 Schedule the report by selecting the report type and the date on which you want the report to be generated. Step 6 Enter J ob Description and E-mail address, if any. Step 7 Click Submit to generate the report. The report is generated. To modify the fields, click Reset. Interpreting Duplicate Reports Table 7-17 displays details of the columns in the duplicates report. Table 7-17 Duplicate Reports Column Description Field Description UserName Discovered username or the username that you have entered. You can edit this field. You can configure the Asynchronous Network Interface (ANI) Server to collect user names. See the ANI Server online help for further information. MACAddress Media Access Control (MAC) address of network interface card in end-user node. For Ethernet topology the MAC address is displayed in the format, xx-xx-xx-xx-xx-xx. Clicking on the value launches the Host Center page for that endhost. HostName Name of host. Clicking on the value launches the Host Center page for that endhost. IPAddress IP address of host. Clicking on the value launches the Host Center page for that endhost. Subnet Subnet of IP address. IPv6 Address IPv6 address of the host, if any
7-54 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Prefix Length Length of the IPv6 address prefix. Prefix IPv6 address prefix DeviceName Name corresponding to IP address of device. Clicking on the value launches the Device Center page for that device. Device IP address of device to which end user node is attached. Clicking on the value launches the Device Center page for that device. Port Port name in device to which a host is connected. Port Name User assigned port name (port label) Port State Configured port mode Port Duplex Operational duplex Port Speed Operational speed VTP Domain VTP Domain the port is associated with. VLAN VLAN name associated with port. VLAN ID VLAN identifier associated with the MAC address or port VLAN Type Ethernet, FDDI, unassigned, or unknown Parent VLAN Parent VLAN of the host. Secondary VLAN Secondary VLAN of the host. Last Seen Date and time when User Tracking last found an entry for this user or host in a switch. Last Seen is displayed in the format dd mon yyyy hh:mm:ss. Notes Notes on this entry, that you enter. dot1xEnabled Status of Dot 1x authentication on the device. Two status are: TrueWhen authentication is enabled on the device. FalseWhen authentication is disabled on the device. Associated Routers IP addresses of the routers associated with the host. Discrepancies Found Number of discrepancies found associated with the port. Best Practice Deviations Found Number of best practice deviations found associated with the port. Table 7-17 Duplicate Reports Column Description (continued) Field Description
7-55 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Viewing End Hosts Reports You can view a report on all end host entries using the End Hosts option in the Reports Generator dialog box. End hosts report also displays all active wireless clients, which are connected to your network. To view report on end hosts: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Report Generator. The Report Generator dialog box appears. Step 3 Select End Hosts from the Select Application list. Step 4 Select All Host Entries, from the Select Report list. Step 5 Schedule the report by selecting the report Type and the date on which you want the report to be generated. Step 6 Enter a description in the J ob Description field of the J ob Info area. Step 7 Enter a valid E-mail ID in the Email field, of the J ob Info area, to receive the report through mail. Step 8 Click Submit to generate the report. The report is generated. To modify the settings, click Reset. Interpreting End Host Reports This section contains the following topics: Launching CiscoWorks Assistant from End Host Report Duplicate MAC Entries in End Host Reports Handling Disconnected End Host entries in the Report Printing End Host Reports Filters in End Host Reports End Hosts ReportStandard Layout Columns End Hosts ReportAll Columns Layout
7-56 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Launching CiscoWorks Assistant from End Host Report To launch CiscoWorks Assistant from End Host Reports: Step 1 Click on MAC Address or Host name or IP address in the report. The Host center page is launched for that endhost. Step 2 Click Troubleshoot at the bottom of the page. CiscoWorks Assistant > End Host/ IP Phone Down page is launched. Launch the report based on the instructions provided in Help. This report displays the information that you need to troubleshoot and analyze the connectivity issues. Duplicate MAC Entries in End Host Reports Campus Manager lists endhosts, whose MAC address is seen in any of the managed devices at the time of running User Tracking Major Acquisition. It merges CAM table and ARP table entries from multiple switches and routers to gather information on end hosts. An endhost creates multiple ARP/CAM entries in different devices if the endhost: Is in DHCP environment and the IP Address changes often Moves from one port to another Moves from one VLAN to another The entries are removed from the device if ARP timeout/CAM timeout happens. Campus Manager treats the end host as a distinct entity, if any of the following information about the end host does not match: IP Address VLAN Port Device Name MAC Address For example, end hosts with same MAC Address but two different IP address are listed as two different entities in the end hosts report. Handling Disconnected End Host entries in the Report Campus Manager lists end hosts that are discovered during User Tracking Acquisition in the end hosts report. If any of these end hosts are found disconnected during subsequent acquisitions, their data is moved from End Host reports to History reports. This is the case with User Tracking Major Acquisition with no subnets configured. In case of all other Acquisitions, data about disconnected end hosts are moved from end host reports to history reports only if the device is reachable through SNMP, at the time of acquisition. For example, Assume there are five end hosts connected to device X, which have been discovered previously and data is available in End host reports. You start a device based UT Acquisition for that device X.
7-57 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports At the time of UT Acquisition assume that: Three end hosts are disconnected The device is unreachable through SNMP In this case, since the CAM table of that device is not read at the time of acquisition, data about the disconnected end hosts will remain in the End Host reports. They are not moved to History reports. Printing End Host Reports You can print only 30,000 records at a time. If you want to print more than 30,000 records, do it in batches of 30,000. Comma separated values are not accepted in the print range. For example, specifying the range as 10-40, 70-80 will not work. Specify the range as 10-40 to print from the 10th record to the 40th record. Repeat it for the 70-80 range. Filters in End Host Reports Filters in the report operate on the selected column and fetch records containing the user input value. In the pattern field to search the pattern for MAC Address Column, you can use the following separators: dot (.) or colon (:). You can also search the pattern for MAC Address without any separators. For example: String for pattern FF:FF:FF:FF:FF:FF can be replaced with continuous string FFFFFFFFFFFF. Table 7-18 displays details of the columns in End Hosts ReportStandard Layout. Table 7-18 End Hosts ReportStandard Layout Columns Column Description User Name Discovered username or the username that you have entered. You can edit this field. MAC Address Media Access Control (MAC) address of network interface card in end-user node. For Ethernet topology the MAC address is displayed in the format, xx-xx-xx-xx-xx-xx. If you click on the value it launches, the Host Center page for that endhost. Host Name Name of host. If you click on the value it launches, the Host Center page for that endhost. IP Address IP address of host. If you click on the value it launches, the Host Center page for that endhost. Subnet Subnet of IP address, which is displayed in the format String, xxx.xxx.xxx.xxx. Device Name Name corresponding to IP address of device. If you click on the value it launches, the Device Center page for that device. Port Port in device to which a host is connected. VLAN VLAN name associated with port. Status Displays status as Active for the end hosts that are detected as connected to the network. Displays status as Inactive for the end hosts that are detected as disconnected from the network.
7-58 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Table 7-19 displays details of the columns in End Hosts ReportAll Columns Layout. LastSeen Date and time when User Tracking last found an entry for this user or host in a switch. Last Seen is displayed in the format dd mon yyyy hh:mm:ss. Notes Notes on this entry, that you enter. Table 7-18 End Hosts ReportStandard Layout Columns (continued) Column Description Table 7-19 End Hosts ReportAll Columns Layout Field Description UserName Discovered username or the username that you have entered. You can edit this field. You can configure the Asynchronous Network Interface (ANI) Server to collect user names. See the ANI Server online help for further information. MACAddress Media Access Control (MAC) address of network interface card in end-user node. For Ethernet topology the MAC address is displayed in the format, xx-xx-xx-xx-xx-xx. Clicking on the value launches the Host Center page for that endhost. HostName Name of host. Clicking on the value launches the Host Center page for that endhost. IPAddress IP address of host. If you click on the value it launches, the Host Center page for that endhost. Subnet Subnet of IP address. IPv6 Address IPv6 address of the host, if any Prefix Length Length of the IPv6 address prefix. Prefix IPv6 address prefix DeviceName Name corresponding to IP address of device. If you click on the value it launches, the Device Center page for that device. Device IP address of device to which end user node is attached. If you click on the value it launches, the Device Center page for that device. Port Port name in device to which a host is connected. Port Name User assigned port name (port label) Port State Configured port mode Port Duplex Operational duplex Port Speed Operational speed VTP Domain VTP Domain the switch is associated with. VLAN VLAN name associated with port. VLAN ID VLAN identifier associated with the MAC address or port VLAN Type Ethernet, FDDI, unassigned, or unknown Parent VLAN Parent VLAN of the host.
7-59 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Interpreting Active End Hosts Report The End hosts that are currently connected to the network are termed as Active End Hosts. Active end hosts reports can be launched from the User Tracking Summary portlet in the Campus Manager view. For more details on Campus View and the portlets in it, see User Guide for LMS Portal 1.2. Filters in Active End Hosts Reports Filters in the report operate on the selected column and fetch records containing the user input value. The pattern field to search pattern for MAC Address Column is enhanced to include the following separators: dot (.) or colon (:). You can also search the pattern for MAC Address without any separators. For example: String for pattern FF:FF:FF:FF:FF:FF can be replaced with continuous string FFFFFFFFFFFF. Active End Hosts report can be displayed in two formats: Active End Hosts ReportStandard Layout Active End Hosts ReportAll Columns Layout Table 7-20 displays details of the columns in End Hosts ReportStandard Layout. Secondary VLAN Secondary VLAN of the host. Last Seen Date and time when User Tracking last found an entry for this user or host in a switch. Last Seen is displayed in the format dd mon yyyy hh:mm:ss. Notes Notes on this entry, that you enter. dot1xEnabled Status of Dot 1x authentication on the device. Two status are: TrueWhen authentication is enabled on the device. FalseWhen authentication is disabled on the device. Associated Routers IP addresses of the routers associated with the host. Discrepancies Found Number of discrepancies found associated with the port. If you click on the number it launches, the Discrepancies report. Best Practice Deviations Found Number of best practice deviations found associated with the port. If you click on the value it launches, the Best Practice Deviations report. Table 7-19 End Hosts ReportAll Columns Layout (continued) Field Description Table 7-20 Active End Hosts ReportStandard Layout Column Description User Name Discovered username or the username that you have entered. You can edit this field. MAC Address Media Access Control (MAC) address of network interface card in end-user node. For Ethernet topology the MAC address is displayed in the format, xx-xx-xx-xx-xx-xx. If you click on the value it launches, the Host Center page for that endhost.
7-60 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Table 7-21 displays details of the columns in End Hosts ReportAll Columns Layout. Host Name Name of host. If you click on the value it launches, the Host Center page for that endhost. IP Address IP address of host. If you click on the value it launches, the Host Center page for that endhost. Subnet Subnet of IP address, which is displayed in the format String, xxx.xxx.xxx.xxx. Device Name Name corresponding to IP address of device. If you click on the value it launches, the Device Center page for that device. Port Port in device to which a host is connected. VLAN VLAN name associated with port. LastSeen Date and time when User Tracking last found an entry for this user or host in a switch. Last Seen is displayed in the format dd mon yyyy hh:mm:ss. Notes Notes on this entry, that you enter. Table 7-20 Active End Hosts ReportStandard Layout (continued) Column Description Table 7-21 Active End Hosts ReportAll Columns Layout Field Description UserName Discovered username or the username that you have entered. You can edit this field. You can configure the Asynchronous Network Interface (ANI) Server to collect user names. See the ANI Server online help for further information. MACAddress Media Access Control (MAC) address of network interface card in end-user node. For Ethernet topology the MAC address is displayed in the format, xx-xx-xx-xx-xx-xx. Clicking on the value launches the Host Center page for that endhost. HostName Name of host. Clicking on the value launches the Host Center page for that endhost. IPAddress IP address of host. If you click on the value it launches, the Host Center page for that endhost. Subnet Subnet of IP address. IPv6 Address IPv6 address of the host, if any Prefix Length Length of the IPv6 address prefix. Prefix IPv6 address prefix DeviceName Name corresponding to IP address of device. If you click on the value it launches, the Device Center page for that device. Device IP address of device to which end user node is attached. If you click on the value it launches, the Device Center page for that device.
7-61 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Interpreting End Host Reports Viewing IP Phones Reports You can view a report on all IP phones in the network using the IP Phones option of the Report Generator dialog box. To view a report on IP phones: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Report Generator. The Report Generator dialog box appears. Step 3 Select IP Phones from the Select Application list. Step 4 Select the Report, from the Select Report list. Port Port name in device to which a host is connected. Port Name User assigned port name (port label) Port State Configured port mode Port Duplex Operational duplex Port Speed Operational speed VTP Domain VTP Domain the switch is associated with. VLAN VLAN name associated with port. VLAN ID VLAN identifier associated with the MAC address or port VLAN Type Ethernet, FDDI, unassigned, or unknown Parent VLAN Parent VLAN of the host. Secondary VLAN Secondary VLAN of the host. Last Seen Date and time when User Tracking last found an entry for this user or host in a switch. Last Seen is displayed in the format dd mon yyyy hh:mm:ss. Notes Notes on this entry, that you enter. dot1xEnabled Status of Dot 1x authentication on the device. Two status are: TrueWhen authentication is enabled on the device. FalseWhen authentication is disabled on the device. Associated Routers IP addresses of the routers associated with the host. Discrepancies Found Number of discrepancies found associated with the port. If you click on the number it launches, the Discrepancies report. Best Practice Deviations Found Number of best practice deviations found associated with the port. If you click on the value it launches, the Best Practice Deviations report. Table 7-21 Active End Hosts ReportAll Columns Layout (continued) Field Description
7-62 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Step 5 Schedule the report by selecting the report type and the date on which you want the report to be generated. Step 6 Enter J ob Description and E-mail address, if any. Step 7 Click Submit. The report is generated. Interpreting IP Phones Reports Filters in IP Phone Reports Filters in the report operate on the selected column and fetch records containing the user input value. The pattern field to search pattern for MAC Address Column is enhanced to include the following separators: dot (.) or colon (:). You can also search the pattern for MAC Address without any separators. For example: String for pattern FF:FF:FF:FF:FF:FF can be replaced with continuous string FFFFFFFFFFFF. Table 7-22 gives details of the columns in IP Phones ReportStandard Layout. Table 7-23 gives details of the columns in the IP Phones ReportAll Columns Layout. Table 7-22 IP Phones ReportStandard Layout Columns Column Description PhoneNumber Phone number. MACAddress Media Access Control (MAC) address of network interface card on the phone. For Ethernet topology the MAC address is displayed in the format, xx-xx-xx-xx-xx-xx. Clicking on the value launches the Host Center page for that endhost. IPAddress IP address of phone. CCM Address IP address of the Cisco CallManager. Status Status of the phone, as known to Cisco Call Manager PhoneType Can be SP30, SP30+, 12S, 12SP, 12SPplus, 30SPplus, 30VIP, SoftPhone, or unknown. PhoneDesc Description of the phone. DeviceName Name corresponding to IP address of device. LastSeen Date and time when User Tracking last found an entry. Last Seen is displayed in the format dd mon yyyy hh:mm:ss.
7-63 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Printing IP Phones Reports You can print only 30,000 records at a time. If you want to print more than 30,000 records, do it in batches of 30,000. Viewing MAC Reports You can generate reports to get information on new end-hosts, unauthorized endhosts, and idle end hosts in the network. To do that: Step 1 Select Campus Manager > User Tracking > Reports. The Campus Manager User Tracking window appears. Step 2 Select Reports > Report Generator. The Report Generator dialog box appears. Step 3 Select MAC Report from the drop down list. Step 4 Select one of the following from the sub-list: Dormant MAC MAC Addresses that are inactive for the specified number of days. New MAC MAC Addresses that are newly added to your network. Table 7-23 IP Phones ReportAll Columns Layout Field Description PhoneNumber Phone number. MACAddress Media Access Control (MAC) address of network interface card on the phone. For Ethernet topology the MAC address is displayed in the format, xx-xx-xx-xx-xx-xx. Clicking on the value launches the Host Center page for that endhost. IPAddress IP address of phone, which is appears in the format String, xxx.xxx.xxx.xxx. CCM Address Cisco CallManager IP address. Status Status of the phone, as known to Cisco Call Manager PhoneType Can be SP30, SP30+, 12S, 12SP, 12SPplus, 30SPplus, 30VIP, SoftPhone, or unknown. PhoneDescr Description of the phone. DeviceName Name corresponding to IP address of device. Device IP address of device to which IP phone is attached in the format String, xxx.xxx.xxx.xxx. Port Port name in device to which IP Phone is connected. Port Name User assigned port name (port label) LastSeen Date and time when User Tracking last found an entry. Last Seen appears in the format dd mon yyyy hh:mm:ss.
7-64 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Rogue MAC MAC Addresses that are not authorized to exist in your network. Step 5 Either: Specify the number of days. The Days drop-down list is editable. It allows you to specify a value, other than the ones listed. The maximum number of days that can be specified is 999. Or Specify the date from which you want to generate the report. For example, select 30 from the Date Since drop down list, to generate reports for the new, dormant, or rogue MACs found in the network for the past 30 days. Note The data in the Dormant MAC report depends on your Purge policy. If you have set the Purge policy to 30 days, the report lists the MACs that were dormant for the past 30 days. If the purge policy is set to 20 days, and you generate the report for 30 days, the Dormant MAC report will not contain any data. Step 6 Select the Run Type. It represents the periodic interval at which the report is generated. It can be one of the following: Immediate Once Daily Weekly Monthly Quarterly If you have selected Immediate report, go to Step 10. Step 7 Select the date and time at which the report is scheduled to run. Step 8 Enter J ob Description which is a required field. Step 9 Enter E-mail address if any, to send notification, when the scheduled job is completed. Step 10 Click Submit. If the Run Type is Immediate, the report is generated. For other Run Types the Report J ob number is displayed. You can view the list of jobs in the Report J obs page. For more details on this, see Viewing Report J obs List. Click Reset, to bring back the default settings.
7-65 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Interpreting MAC Reports The columns in New MAC, Dormant MAC and Rogue MAC reports are explained in Table 7-24. New MAC Report To mark a MAC as a Rogue MAC Step 1 In the New MAC Report page, select the New MAC Step 2 Click Mark As Rogue After the selected MAC is marked as Rogue, you cannot make any changes to the MAC selection as the checkbox used to select the MAC is disabled. Table 7-24 Column description for MAC Report Field Description User Name Name of the user logged into the end host. MACAddress Media Access Control (MAC) address of network interface card on the end host. For Ethernet topology the MAC address is displayed in the format, xx-xx-xx-xx-xx-xx. Host Name Host Name of the end host. IPAddress IP address of the end-host, which is appears in the format String, xxx.xxx.xxx.xxx. DeviceName Name of the device to which the end host is connected. Clicking on the value launches the Device Center page for that endhost. Device IP address of device to which the end-host is connected in the format String, xxx.xxx.xxx.xxx. Clicking on the value launches the Device Center page for that endhost. Port Port name in device to which the end-host is connected. VLAN ID VLAN ID to which the device belongs to. First Seen (For New MAC Report) Date and time when User Tracking first found the end host. First Seen date appears in the format dd mon yyyy hh:mm:ss. Last Seen (For Rogue MAC and Dormant MAC Report). Date and time when User Tracking last found the end host. Last Seen date appears in the format dd mon yyyy hh:mm:ss. Mark As Non-Rogue This button is available in the Rogue MAC Report page. Mark As Rogue This button is available in the New MAC Report page.
7-66 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Rogue MAC Report To mark a MAC as a Acceptable MAC Step 1 In the Rogue MAC Report page, select the MAC Step 2 Click Mark As Non-Rogue After the selected MAC is marked as Non-Rogue, the MAC is deleted from the Rogue MAC Report page. Understanding Switch Port Usage Reports You can generate the following switch port reports using Campus Manager , based on the status of the switch ports. Report on Recently Down Ports Reclaim Unused Down Ports Report Reclaim Unused Up Ports Report Switch Port Summary Report Switch Port Capacity Report You can use the Advanced Search feature to select the devices for which you want to generate reports. For more details on performing advanced search, see Using Advanced Search. For a detailed description of the features in Device Selector, see User Guide for Common Services 3.3 Group Selector can be used to create reports based on device groups. For details, see Using Group Selector. Campus Manager classifies trunk ports as follows: Link ports Trunk ports connected to Cisco devices (Switch or Router). Non-link ports Trunk ports connected to end hosts or IP phones. Report on Recently Down Ports Campus Manager generates report for recently down ports as follows: Link ports that were connected to a device in the previous Data collection, but found unconnected in the current Data Collection Access ports that were connected to an endhost in the last UT Major Acquisition cycle, but found unconnected in the current Data Collection If the ports are still in an Unconnected state when the next UT Major Acquisition cycle runs, they are classified as Unused Up or Unused Down ports. These ports are further moved to the Reclaim Unused Up Ports report or Reclaim Unused Down Ports report.
7-67 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Reclaim Unused Down Ports Report Campus Manager queries both link and access ports to generate the Unused Down report. It uses ports: That are administratively down and That were previously connected to an endhost or a device but are unconnected at least for a period of one day. You can generate reports on ports which have been in Unused Down state for a specified interval of time. Reclaim Unused Up Ports Report Campus Manager queries both link and access ports to generate the Unused Up report. It uses ports: That are administratively up and That were previously connected to an endhost or a device but are unconnected at least a day You can generate reports on ports that have been in Unused Up state for a specified interval of time. The data provided by the reports will be lost if you reinitialize the database. For information on reinitializing the database, see Re-initializing the Database. Note Reclaim Unused Up Ports and Reclaim Unused Down Ports reports are used to generate reports on both link or access ports that were previously connected to an endhost or a device, but are unconnected at least for a day. Switch Port Summary Report Switch Port Summary report gives the number of Connected, Free, and Free down ports in each switch. Ports that are administratively up but are not connected to a device or endhost are Free Ports. Ports that are administratively down and are not connected to a device or endhost are Free Down ports. This report also displays the sum total of Connected, Free and Free Down ports in each switch. This report lists all the Down ports in a switch, regardless of whether they were previously connected to an endhost or not. The number for Connected, Free and Free Down ports are given as links. Clicking on them launches a detailed report giving the Port, Port name, Administrative and Operational status of the ports for the selected device. For details on generating and viewing these reports, see Generating Switch Port Reports.
7-68 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Switch Port Capacity Report The Switch Port Capacity report lists switches that have crossed utilization threshold limits, along with the value of percentage port utilization. This report enables you to do capacity planning for network growth. Port Utilization for each switch is calculated as follows: % Port Utilization (per switch) =(Number of Connected ports/ Total number of ports) * 100 Greater than option lists the switches whose port utilization is greater than the specified threshold. Less than option lists the switches whose port utilization is less than the specified threshold. Between option lists the switches whose port utilization falls between the specified threshold limits. You can configure these reports as jobs, to get the list of switches that have crossed the threshold limits, at regular intervals. For details on Configuring reports as jobs, see Generating Switch Port Reports. Using Group Selector Group Selector allows you to create report jobs based on device groups.The Group Selector displays only the device groups that exist in the network and not the individual devices that form the group. When a report job is created based on a device group, Campus Manager evaluates that group at the time of running the job, and devices corresponding to that group are used in the report generation. In case of devices being included or deleted from the group after scheduling the report job, the report will reflect these changes, since Campus Manager dynamically evaluates the group information at the time of running the report job. For example, if you have 1. Created a User Defined Group, with devices ranging from 10.77.210.1 to 10.77.210.15. 2. Scheduled a Switch Port Summary report for this group. 3. Deleted Device 10.77.210.13 from the group. When the report job runs at the scheduled time, the resultant report will not contain information on 10.77.210.13. Group Selector is available for all Switch Port Reports and Switch Port Utilization History Report. Generating Switch Port Reports To view a report on Switch Port usage: Step 1 Select Campus Manager > User Tracking > Reports. The Campus Manager User Tracking window appears. Step 2 Select Reports > Report Generator. The Report Generator dialog box appears. Step 3 Select Switch Port Usage from the drop down list. Step 4 Select one of the following from the sub-list: Recently Down Reclaim Unused Down Ports Reclaim Unused Up Ports Switch Port Summary Switch Port Capacity
7-69 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports The Report Generator page appears. If you select the report for Switch Port Capacity, go to Step 5. If you select the report for Unused Up Access Ports or Unused Down Access Ports, go to Step 6. If you select either Recently Down or Switch Port Summary, go to Step 7. Step 5 For Switch Port Capacity report, specify the percentage value of utilization and the condition indicator. For example, select greater than and 90 from the drop down lists to generate a report on devices, where port utilization exceeds 90%. The utilization percentage drop-down list is editable. It allows you to specify a value, other than the ones listed. Step 6 For Report on Unused Up Access Ports or Unused Down Access Ports, either: Specify the number of days. The maximum number of days that can be specified is 999. Or Specify the date from which you want to generate the report. For example, select 30 from theUnused for drop down list, to generate report for ports that are in unused state for the past 30 days. The Unused for drop-down list is editable. It allows you to specify a value, other than the ones listed. Step 7 Select the device(s) from the Device Selector or Group Selector, for which you want to view the Port information. Step 8 Select the Run Type. It represents the periodic interval at which the report is generated. It can be one of the following: Immediate Once Daily Weekly Monthly Quarterly Step 9 Schedule the report by selecting the date on which you want the report to be generated. Step 10 Enter J ob Description and E-mail address, if any. Step 11 Click Submit. If the Run Type is Immediate, the report is generated. For other Run Types the report job number is displayed. You can view the list of jobs in the Report J obs page. For more details on this, see Viewing Report J obs List Using Advanced Search The Advanced Search feature in Device Selector helps you search for devices based on a set of search criteria which you specify in the Advanced Search window. You can either select the search criteria from the drop-down menu or enter Custom Search criteria in the Rule Text area, or use a combination of both. When you enter the search criteria manually, you can use the Check Syntax button to verify whether the Rule Expression you have entered is correct. You can define single or multiple search criteria based on which you can search for devices. Table 7-25 describes the device attributes available for defining rules.
7-70 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Operator The operator used in forming a rule. The following operators are available: equals contains In addition to the above, the following operators are also available for the variable IPAddress: startswith endswith contains When the variable DiscoveryStatus is used, only one operator is available, which is equals. Value A free flow operand forming the last part of the rule. When the variable DiscoveryStatus is used, only the following values are available: Never_Reachable Reachable Currently_Unreachable Table 7-25 Device Attribute Description Attributes Description DiscoveryStatus Status of the device after data collection has been completed. Host name Name of the device. ImageVersion Software version running on the device. IPSubnet Subnet address of the device's IP address. IPSubnetMask Subnet mask address of the device. IPAddress Single IP AddressNot a range of addresses. SysName Name of the device as configured by the Administrator. SysObjectID SysObjectID of the device. SystemContact Contact for the device details as entered by the Administrator. SystemLocation Location of the device as entered by the Administrator.
7-71 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Interpreting Switch Port Capacity Report Table 7-26 describes the columns of Switch Port Capacity Report: For more details on this, see Switch Port Capacity Report Interpreting Switch Port Usage Reports The following reports have information as described in Table 7-27: Reclaim Unused Up Ports Reclaim Unused Down Ports Recently Down ports Detailed Report on Connected Ports, Free ports and Free Down Ports Table 7-26 Switch Port Capacity Report Field Description Device Name Name of the device displayed as link. Upon clicking the link, it launches CiscoWorks Device Center where you can perform device-centric activities. IP Address IP Address (IPv4 or IPv6 Address) of the device displayed as link. Upon clicking the link, it launches CiscoWorks Device Center where you can perform device-centric activities. Usage (%) Usage of ports in the device, displayed as a percentage. This is the ratio between the connected ports and the total number of ports. Click the Usage link to view a detailed report of all ports in the device. Connected Ports/Total Ports Actual number of Connected Ports and actual number of total ports in the device. Table 7-27 Switch Port Usage Report Field Description Port Port or interface of the device. Port Name User assigned port name (port label) Operating Status Operating status of the port Admin Status Administrative status of the port Last Used (For Reports on Unused Up and Unused Down Ports) Date and time when the port was last used.
7-72 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Switch Port Capacity Report This report has three sections: Connected Ports The ports that are administratively UP and are connected to a device will be listed here. Free Ports The Ports that are administratively UP but are not connected to a device will be listed here. Free Down Ports The ports that are administratively down will be listed here. Interpreting Summary Report for Switch Ports The Switch Port Summary Report displays the details given in Table 7-28. Understanding History Report History reports help you to track the log in and log out information about the end hosts and the users in your network. They provide information about the end hosts that were connected to and disconnected from each switch port. History Reports can also track the various users who logged in and out of the end hosts. You can generate History reports to understand the utilization of switch ports. These reports help you to estimate the usage of ports and devices. You can also generate the reports based on the username of the host, MAC address, IP address, and device name. History reports also display all active wireless clients, which are connected to your network. Table 7-28 Summary Report Field/Column Description Field/Column Description Device Name Name of the device displayed as link. Upon clicking the link, it launches CiscoWorks Device Center where you can perform device-centric activities. IP Address IP Address of the device displayed as link. Upon clicking the link, it launches CiscoWorks Device Center where you can perform device-centric activities. Connected Ports Number of ports that are connected to a device/endhost. Click the number to view the details on the ports. Free Ports Number of ports that are administratively up but are not connected to any device/endhost. Click the number to view the details on the ports. Free Down Ports Number of ports that are administratively down and are not connected to any device/endhost. Click the number to view the details on the ports. Total Ports Total number of ports in that device (Sum of Connected, Free and Free Down ports).
7-73 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports This section contains: Viewing History Reports for Switch Port Utilization Interpreting History Reports for Switch Ports History Reports Based on Filters Interpreting End Host History Reports Viewing History Reports for Switch Port Utilization History Report for Switch Port Utilization helps you to view the log in and log out of end hosts for a set of selected devices. To view the User Tracking history report for switch port utilization: Step 1 Select Campus Manager > User Tracking > Reports > Report Generator. Step 2 Select History from the Select an Application drop down menu on the left, in the Report Generator window. Step 3 Select Switch Port Utilization from the Select a Report drop down menu on the right, in the Report Generator window. Step 4 Select the devices from Device Selector or the device groups from the Group Selector. For details on Group Selector, see Using Group Selector. Step 5 Specify the period for which you need the report in the Period area. You must specify the start and end dates, which defines the period for which User Tracking must generate the report. If you enter the same value for start and end dates, the application displays an error message. Step 6 Select a Run type from the drop down menu, in the Scheduling area to schedule the report generator according to your requirement. You can schedule it for generating the report immediately, once, daily, weekly, monthly or quarterly. If you choose to generate the report immediately, go to Step 10. Step 7 Set the date and time for generating the report, in the Scheduling area. Step 8 Enter a description to identify this job in the J ob Description field. Step 9 Enter a valid e-mail ID in the Email field, of the J ob Info area, to receive the report through mail. Step 10 Click Submit to generate the report or click Reset to modify the values that you have entered.
7-74 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Interpreting History Reports for Switch Ports The Report lists each switch with its ports and the usage time in hours. Table 7-29 describes the entries in the History Report for switch ports. Click the usage time value for a port. The History Report for that port appears. History Reports Based on Filters You can view the log in and log out information of the end hosts, by querying the database. To do this use username, MAC address, IP address, or device name. Report Generator in User Tracking helps you to view a report on the history of the end hosts. Note Running Immediate Report on a large amount of data will take a long time to complete. We recommend that you run it as a Scheduled J ob. To generate the reports on the log in and log out: Step 1 Select Campus Manager > User Tracking > Reports > Report Generator. Step 2 Select History from the Select an Application drop down menu on the left, in the Report Generator window. Step 3 Select End Host History from the Select a Report drop down menu on the right, in the Report Generator window. Step 4 Select the filter value from the Column drop down menu. The filter can be any one of the following: Username MAC Address can filtered using only a hyphen as a separator. It does not support dot (.) or colon (:) as a separator. IP Address Device Name Step 5 Select the variable option from the Operator drop down menu, to link the device credential with the value you want to enter. Step 6 Enter the filter value in the Value text box field, for which you want to generate the report. Apart from specific values, blank space and * can also be given. Step 7 Specify the period for which you need the report in the Selection Criteria area. You must specify the start date, start time and end date, end time. These dates define the period for which User Tracking must generate the report. Table 7-29 Switch Port Utilization Report Field Description Field Description Port Lists the names of the ports in the switch. Usage Time (Hrs, Mins & Sec) Duration of time for which the port is connected to a host or utilized.
7-75 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Step 8 Select Run Type from the drop down menu, in the Scheduling area to schedule the report generator according to your requirement. You can schedule it for generating the report immediately, once, daily, weekly, monthly or quarterly. If you choose to generate the report immediately, go to Step 12. Step 9 Set the date and time for generating the report, in the Scheduling area. Step 10 Enter a description to identify this job, in the J ob Description field, of the J ob Info area. Step 11 Enter a valid e-mail ID in the Email field, of the J ob Info area. Step 12 Click Submit to generate the report or click Reset to modify the values that you have entered. Interpreting End Host History Reports Table 7-30 describes the entries in the History Report. Printing End Host History Reports You can print only 30,000 records at a time. If you want to print more than 30,000 records, do it in batches of 30,000. Comma separated values are not accepted in the print range. For example, specifying the range as 10-40, 70-80 will not work. Specify the range as 10-40 to print from the 10th record to the 40th record. Repeat it for the 70-80 range. Table 7-30 End Host History Report Field Description Column Description User Name Discovered username or the username that you have entered. MAC Address Media Access Control (MAC) address of network interface card in end-user node. For Ethernet topology the MAC address is displayed in the format, xx-xx-xx-xx-xx-xx. IP Address IP address of the host. Device IP address of the device to which the host was connected. Port Port name in device to which the host was connected. VLAN VLAN name associated to the port Port Connect Date and time when the host or user was connected to the port. Port Connect is displayed in the format dd mon yyyy hh:mm:ss. Port Disconnect Date and time when the host or user was disconnected from the port. Port Disconnect is displayed in the format dd mon yyyy hh:mm:ss.
7-76 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Using Custom Reports You can customize the layout and columns displayed in the reports to suit your needs. For example, you can design a layout that displays only the MAC addresses of hosts on your network. You can create, view, edit, copy, and delete user-defined reports for end hosts and IP phones using the Custom Reports option. This section contains: Viewing List of Custom Reports Creating Custom Reports Editing Custom Reports Copying Custom Reports Deleting Custom Reports Viewing List of Custom Reports You can view the list of Custom reports using the Custom Reports option in the Reports tab of the Campus Manager User Tracking window. To view the list of Custom reports: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Custom Reports. The Custom Reports dialog box appears with the list of Available Reports. Creating Custom Reports You can create Custom reports by clicking Create in the Available Custom Reports dialog box. To create Custom reports: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Custom Reports. The Custom Reports dialog box appears with the list of Available Reports. Step 3 Click Create. You can use the Custom Reports wizard to customize and create reports. The Type selection page appears. Step 4 Select the type of devices for which you need the report, from: End HostContains all the devices managed by Campus Manager , including IP phones. IP PhonesContains only the IP phones managed by Campus Manager .
7-77 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Step 5 Click Next. The Group Selection page appears. Step 6 Select the devices from the Group Selection box. Step 7 Click Next. The Properties and Query Expression page appears. See Table 7-31. Step 8 Click View to launch the report and view details. Step 9 Click Next. The Summary page appears. The Custom Report Summary pane displays a summary of the values and options you have selected for the query to generate the report. Table 7-31 Properties and Query Pane Field Description Field Description Name Enter a name for the query you are going to create. Description Enter a description for the query you are going to create. Select a type Simple Advanced Select the type of query. Simple In the Query Expression area, select the radio button to search using any of the options or all the options that you select. Select the options for the query, from: ColumnSelect a query expression based on which you want to generate the report. OperatorSelect a logical operator for the query expression. PatternEnter a pattern for the selected query expression. The pattern field to search the pattern for MAC Address Column is enhanced to include the following separators: dot (.) or colon (:). You can also search the pattern for MAC Address without any separators. For example: String for pattern FF:FF:FF:FF:FF:FF can be replaced with continuous string FFFFFFFFFFFF. Advanced You can enter the query string in the Query Text area. Click Check Syntax to validate the query string. Select the options to create the query string, from the Query Expression area. You can choose the sort criteria and add the string for them. To query using the Last Seen option, you must enter the date in the format yyyy/mm/dd hh:mm:ss. For more details on operator values and date formats, see Operator Values and Date Formats for Last Seen Column.
7-78 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Editing Custom Reports You can edit custom reports by clicking Edit in the Available Custom Reports dialog box. To edit Custom reports: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Custom Reports. The Custom Reports dialog box appears with the list of Available Reports. Step 3 Select a report and click Edit. You can use the Custom Reports wizard to modify group, report properties, and query expressions. Copying Custom Reports You can copy Custom reports by clicking Copy in the Available Custom Reports dialog box. To copy Custom reports: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Custom Reports. The Custom Reports dialog box appears with the list of Available Reports. Step 3 Select a report and click Copy. You can use the Custom Reports wizard to modify the Name of the report, group, report properties, and query expressions. Deleting Custom Reports You can delete Custom reports by selecting a report from the Available Custom Reports dialog box and clicking Delete. To delete Custom reports: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Custom Reports. The Custom Reports dialog box appears with the list of Available Reports. Step 3 Select a report, and click Delete.
7-79 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Using Custom Layouts You can create or customize the columns displayed in Custom Reports using Custom Layouts option in the Reports tab of Campus Manager User Tracking window. This section contains: Viewing List of Custom Layouts Creating Custom Layouts Editing Custom Layouts Copying Custom Layouts Deleting Custom Layouts Viewing List of Custom Layouts You can view the list of Custom layouts using the Custom Layouts option in the Reports tab of the Campus Manager User Tracking window. To view the list of Custom layouts: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Custom Layouts. The Custom Layouts dialog box appears with the list of Available Layouts. Note Standard layouts are available after a fresh install. You can edit the standard layouts. However, you cannot delete them. Creating Custom Layouts You can create Custom layouts by clicking Create in the Available Custom Layouts dialog box. To create Custom layouts: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Custom Layouts. The Custom Layouts dialog box appears with the list of Available Layouts. Step 3 Click Create. Step 4 Select the type of report for which you want to create the layout. Step 5 Select the columns that you want displayed in the report from the Available Sources list. Step 6 Use the Up and Down arrow keys to arrange the columns in the order in which you want them displayed. Step 7 Click Add to add the selected columns to the Selected Sources list.
7-80 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Step 8 Specify the Name and Description of the customized layout. Step 9 Click OK. Editing Custom Layouts You can edit Custom layouts by clicking Edit in the Available Custom Layouts dialog box. To edit Custom reports: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Custom Layouts. The Custom Layouts dialog box appears with the list of Available Layouts. Step 3 Click Edit. Step 4 Select the columns that you want displayed in the report from the Available Sources list. Step 5 Click Add to add the selected columns to the Selected Sources list. Step 6 Select the columns that you want removed from the Selected Sources list. Step 7 Click Remove to remove these fields from the customized layout. Step 8 Specify the Description of the customized layout. Step 9 Click OK. Note Editing Standard Layout columns is seen only in Device Center and external applications. They are not seen in UT jobs. Copying Custom Layouts You can copy Custom layouts by clicking Copy in the Available Custom Layouts dialog box. To copy Custom layouts: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Custom Layouts. The Custom Layouts dialog box appears with the list of Available Layouts. Step 3 Click Copy. Step 4 Select the columns that you want displayed in the report from the Available Sources list. Step 5 Click Add to add the selected columns to the Selected Sources list. Step 6 Select the columns that you want removed from the Selected Sources list. Step 7 Click Remove to remove these fields from the customized layout.
7-81 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Step 8 Specify the Name and Description of the customized layout. Step 9 Click OK. Deleting Custom Layouts You can delete Custom layouts by selecting a layout from the Available Custom Layouts dialog box and clicking Delete. To delete Custom layouts: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Custom Layouts. The Custom Layouts dialog box appears with the list of Available Layouts. Step 3 Select the layout that you want to delete and click Delete. Using Archived Reports Reports are archived after the completion of a J ob. You can view and delete archived reports using the Archives option in the Reports tab of Campus Manager User Tracking window. This section contains: Viewing Archived Reports List Viewing Reports Deleting Archived Reports Viewing Archived Reports List You can view a list of archived reports using the Reports Archive option. To view a list of archived reports: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Archives. The Archives dialog box appears with the list of archived reports.
7-82 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Viewing Reports Campus Manager generates various reports. You can view them using: The Report Generator option in the Reports tab of Campus Manager User Tracking window (See Using the Report Generator Option) The Report J obs option in the Reports tab of Campus Manager User Tracking window (See Using the Report J obs Option) The Archives options in the Reports tab of Campus Manager User Tracking window (See Using the Archives Option) The Device Center feature of CiscoWorks and selecting a report pertaining to the device (See Using the Device Center) Using the Report Generator Option You can schedule jobs for generating reports. To do so: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Report > Report Generator. The Report Generator dialog box appears. Step 3 Select an application and a relevant report that you want to view Step 4 Click Submit. The report is generated. Using the Report Jobs Option You can view reports for the jobs that you have scheduled. To do so: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports >Reports Jobs. The Report J obs dialog box appears. Step 3 Select the job for which you want to view the report and click View.
7-83 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Using User Tracking Reports Using the Archives Option Reports are archived after the completion of a J ob. You can view a list of archived reports. To do so: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports >Archives. The Archives dialog box appears. Step 3 Select the report that you want to view and click View. Using the Device Center You can view a report pertaining to a specific device. To do so: Step 1 Go to the LMS Portal and select Device Troubleshooting >Device Center. The Device Center window appears. Step 2 Go to the Device Selector field and either: Enter the IP address or name of the device you want to select and click Go. Or Select a device from the device groups. The Campus Manager reports available for the selected device are displayed under the Reports column in the Functions Available area. Step 3 Click the report that you would like to view Details of Individual Reports Table 7-18 gives details of the columns in End Hosts Report - Standard Layout Table 7-22 gives details of the columns in IP Phones Report - Standard Layout Table 7-19 gives details of the columns in End Hosts Report - All Columns Layout Table 7-23 gives details of the columns in the IP Phones Report - All Columns Layout. Table 7-27 gives details of the columns in Switch Port Usage Report.
7-84 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Integrating CiscoWorks WLSE Deleting Archived Reports You can delete an archived report by selecting the report from the list of archived reports and clicking Delete. To delete an archived report: Step 1 Select Campus Manager > User Tracking. The Campus Manager User Tracking window appears. Step 2 Select Reports > Archives. The Archives dialog box appears with the list of archived reports. Step 3 Select the report that you want to delete and click Delete. Integrating CiscoWorks WLSE The CiscoWorks Wireless LAN Solution Engine (WLSE) is a management component of Cisco Structured Wireless-Aware Network solution (SWAN) that provides a centralized, systems-level solution for managing the entire Cisco Aironet WLAN infrastructure. Integrating WLSE with Campus Manager , provides you a single integrated view and support for wireless end hosts, in addition to the wired end hosts and Voice over IP (VoIP) phones that are already supported in User Tracking. Viewing Reports on Wireless Clients You can view the User Tracking Wireless report for the devices managed by Campus with WLSE integrated. The report is viewed using the Wireless End Hosts option in the Reports Generator dialog box. To view report on wireless end hosts: Step 1 Select Campus Manager > User Tracking > Reports. The Campus Manager User Tracking window appears. Step 2 Select Report Generator. The Report Generator dialog box appears. Step 3 Select Wireless End Hosts from the Select Application list. Step 4 Select All Wireless Entries, from the Select Report list. Step 5 Schedule the report by selecting Run Type and the date on which you want the report to be generated. Step 6 Enter a description to identify this job, in the J ob Description field, of the J ob Info area.
7-85 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Integrating CiscoWorks WLSE Step 7 Enter a valid e-mail ID in the Email field, of the J ob Info area, to receive the report through mail. Step 8 Click Submit to generate the report or Reset to modify the values that you have entered. If you click Submit, the Wireless LAN Report window appears. Interpreting Reports on Wireless Clients Table 7-32 displays details of the columns in Wireless LAN Report. Table 7-32 Wireless LAN Report Field Description Column Description User Name Discovered username or the username that you have entered. Host Name Name of end host. MAC Address Media Access Control (MAC) address of network interface card in end-user node. For Ethernet topology the MAC address is displayed in the format, xx-xx-xx-xx-xx-xx. Host Address IP address of the end host. AP Name Name of the access point. AP Address IP address of the access point. VLAN VLAN to which the end host belongs. SSID Service Set Identifiers (SSIDs) on the access point Client Role Type of the role of a wireless client. Client station, repeater access point, access point, bridge host, bridge, root bridge, and ethernet client are the different types of roles. Dot1x Authenticated State of the 802.1x authentication. Shows whether the device is 802.1x authenticated or not. 802.11 Associated State of the 802.11 association. Shows whether the device is 802.1x associated or not. Last Seen Date and time when User Tracking last found an entry for this user or host. Last Seen is displayed in the format dd mon yyyy hh:mm:ss.
7-86 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Command Line Interface User Tracking Command Line Interface You can run User Tracking commands from the command line in Solaris and Windows 2000. Enter ut -cli options -u username -p password. The options can be one or more of those shown in Table 7-33. Use the -prompt command if you do not want to enter your password from the command line. Using -prompt prevents other users from running ps and seeing your password. The -host option is required when you run the cli command on a remote Campus Manager Server. Table 7-33 User Tracking CLI Commands Option Arguments Function -prompt No keywords or arguments. This command is required if you do not enter your password from the command line. If -prompt is specified, User Tracking prompts you to enter your password. -help No keywords or arguments. Prints the command line usage. -ping {enable | disable} Enables the Ping Sweep option so that the ANI Server pings every IP address on known subnets before discovery. The default is the last setting used. For more details, see Modifying Ping Sweep Options. User Tracking does not perform Ping Sweep on large subnets, for example, subnets containing Class A and B addresses. Hence, ARP cache might not have some IP addresses and the User Tracking may not display the IP addresses. In larger subnets, the ping process leads to numerous ping responses that might increase the traffic on your network and result in extensive use of network resources. To perform Ping Sweep on larger subnets, you can: Configure a higher value for the ARP cache time-out on the routers. To configure the value, you must use the arp time-out interface configuration command on devices running Cisco IOS. Use any external software, which will enable you to ping the host IP addresses. This ensures that when you run User Tracking Acquisition, the ARP cache of the router contains the IP addresses.
7-87 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Command Line Interface -performMajorAcquisition No keywords or arguments. Acquires data about all users and hosts on the network and updates the Campus Manager database. This option starts an acquisition but does not wait for it to complete. -query This option takes one of the following arguments: Queries the Campus Manager database and updates the User Tracking table. all Gets all User Tracking entries. Similar to All Host Entries/simple query in the GUI. name Runs the named advanced/simple query, created earlier in the GUI. dupMAC Finds duplicate MAC addresses. dupIP Finds duplicate IP addresses. hub Finds ports with multiple MAC addresses (hubs). -queryPhone all Gets all IP Phone entries. name Runs the named advanced query, created earlier in the GUI. -layout layout_name Uses the specified main table layout while performing a query to fetch User Tracking display entries. -layoutPhone layout_name Uses the specified IP phone table layout while performing a query to fetch IP phone display entries. -host ANI Server device name or IP Address Specifies the host name or IP address of the Campus Manager Server. Use this argument when you need to run the cli command on a remote Campus Manager Server. -port ANI Server web port number Specifies the web server port number of the ANI Server. The default is 1741. -export filename Exports data to a text file. You must first specify the -query option to fetch the data that you want to export. -import filename Imports lost or deleted UserName and Notes fields from the last exported file. -importMACToAcceptableOUI filename Imports MACs and converts them to OUI and adds the MACs to the Acceptable OUI List. For example: cd NMSROOT/bin ut -cli -importMACToAcceptableOUI filename -u username -p password -stat No keywords or arguments. Displays statistical information, such as time of last acquisition, acquisition status, number of records in the User Tracking database, and so on. Table 7-33 User Tracking CLI Commands (continued) Option Arguments Function
7-88 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Command Line Interface For details on Importing User Tracking Data through CLI, see Importing User Tracking Data For details on Lookup Analyzer Script, see Using Lookup Analyzer Utility -debug No keywords or arguments. Enables trace and debug messages for the User Tracking client application. -wireless No keywords or arguments. Displays detailed information on Wireless clients connected to the network. If you enter this option along with the export option, data can be exported to a text file. For example: NMSROOT/campus/bin ut -cli -wireless -export c:/sample -u username -p password -switchPortCapacity For complete details on this, see Exporting Switch Port Usage Report. -switchPortreclaimreport For complete details on this, see Exporting Switch Port Usage Report -switchPortSummary For complete details on this, see Exporting Switch Port Usage Report Table 7-33 User Tracking CLI Commands (continued) Option Arguments Function
7-89 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Command Line Interface Exporting Switch Port Usage Report Switch Port Capacity report lists switches whose utilization percentage falls in the specified range. Switch Port Reclaim reports lists: Ports that are administratively up/down and Ports that were previously connected to an endhost or a device but are unconnected at least for a period of one day. Switch port usage reports can be generated from the command prompt as given in Table 7-34: Table 7-34 Switch Port Reports from the Command Prompt Purpose Command Switch Port Capacity Report To generate reports where the utilization is less than the specified percentage (for all devices managed by Campus) NMSROOT/campus/bin ut -cli -switchPortCapacity lessthan 60 -devices all -export c:/sample -u username -p password To generate reports where the utilization is less than the specified percentage (for specific devices) NMSROOT/campus/bin ut -cli -switchPortCapacity lessthan 60 -devices 10.77.2.1,10.77.3.4,10.77.5.6 -export c:/sample -u username -p password To generate reports where the utilization is greater than the specified percentage (for all devices managed by Campus) NMSROOT/campus/bin ut -cli -switchPortCapacity greaterthan 60 -devices all -export c:/sample -u username -p password To generate reports where the utilization is greater than the specified percentage (for specific devices) NMSROOT/campus/bin ut -cli -switchPortCapacity greaterthan 60 -devices 10.77.2.1,10.77.3.4,10.77.5.6 -export c:/sample -u username -p password To generate reports where the utilization falls between the specified range (for all devices managed by Campus) NMSROOT/campus/bin ut -cli -switchPortCapacity between 10 60 -devices all -export c:/sample -u username -p password To generate reports where the utilization falls between the specified range (for specific devices) NMSROOT/campus/bin ut -cli -switchPortCapacity between 10 60 -devices 10.77.2.1,10.77.3.4,10.77.5.6 -export c:/sample -u username -p password
7-90 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Command Line Interface where NMSROOT is the directory where you installed CiscoWorks. Note The above commands can be run in a Solaris machine. To run the same commands in Windows, replace all forward slash (/) with reverse slash (\). The report generated by the above options is saved as a file in the CSV format, at the specified location. For more details on Switch Port Usage reports, see Understanding Switch Port Usage Reports Switch Port Reclaim Report Generates reports for unused ports that are in up or down state. To generate Reclaim Unused Up Ports report (for all devices managed by Campus) NMSROOT/campus/bin ut -cli -switchPortReclaimReport type up days 2 -devices all -export c:/sample -u username -p password To generate Reclaim Unused Up Ports report (for specific devices) NMSROOT/campus/bin ut -cli -switchPortReclaimReport type up days 2 -devices 10.77.1.2,10.77.3.4 -export c:/sample -u username -p password To generate Reclaim Unused Down Ports report (for all devices managed by Campus) NMSROOT/campus/bin ut -cli -switchPortReclaimReport type down days 2 -devices all -export c:/sample -u username -p password To generate Reclaim Unused Down Ports report (for specific devices) NMSROOT/campus/bin ut -cli -switchPortReclaimReport type down days 2 -devices 10.77.1.2,10.77.3.4 -export c:/sample -u username -p password Switch Port Summary Report Generates reports that gives the number of Connected, Free, and Free down ports in each switch. To generate Switch Port Summary report for all devices NMSROOT/campus/bin ut -cli -switchPortSummary -devices all -export c:/sample -u username -p password To generate Switch Port Summary report for select devices NMSROOT/campus/bin ut -cli -switchPortSummary -devices 10.77.1.2,10.77.3.4 -export c:/sample -u username -p password Table 7-34 Switch Port Reports from the Command Prompt Purpose Command
7-91 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Command Line Interface Importing User Tracking Data You can import User Tracking data from previous releases of Campus Manager into the current database. The data from the old database, has to be exported into files as Comma Separated or Tab Separated values, through the Command Line Interface (CLI). It is mandatory to have the field MAC Address in the exported file. To import data: Step 1 Place the exported files under the directory: NMSROOT/campus/ etc/cwsi where NMSROOT is the directory where you have installed CiscoWorks. Step 2 Run the command: NMSROOT/campus/bin/utupgrade.pl import_filename The data is imported. Note Support for importing data, from the User Interface (UI) exported file is not provided in this release. Using Lookup Analyzer Utility Lookup Analyzer is an utility used to analyze the performance of DNS servers and provide the following information: DNS Server Efficiency for each DNS Server Overall Summary of DNS Servers Namelookup related settings in ut.properties file Issues found and recommendations to overcome them For Solaris: The utility file is NMSROOT/campus/bin/LookupAnalyzer.sh If dir is the directory where the file is present, run the following command to run the utility: dir#./LookupAnalyzer For Windows: The utility file is NMSROOT\campus\bin\LookupAnalyzer.bat If dir is the directory where the file is present, run the following command to run the utility: dir>LookupAnalyzer
7-92 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Command Line Interface Example output of the Lookup Analyzer script: Host IP: 172.20.123.74, DNS Server: 64.104.76.247, Time taken: 35, Status: FAILURE Host IP: 172.20.123.74, DNS Server: WINS, Time taken: 22, Status: FAILURE Host IP: 10.77.209.254, DNS Server: 64.104.128.248, Time taken: 18, Status: FAILURE .. .. DNS Server : 64.104.128.248 Success Count: 12 Failure Count: 76 Failure % : 86 % Total Time : 1 secs 561 ms Min Time : 0 ms Max Time : 52 ms Avg Time : 17 ms Server Efficiency(successCount/totalTime): 7.0 -------------------------------- DNS Server : 64.104.76.247 Success Count: 0 Failure Count: 76 Failure % : 100 % Total Time : 2 secs 729 ms Min Time : 0 ms Max Time : 61 ms Avg Time : 35 ms Server Efficiency(successCount/totalTime): 0.0 -------------------------------- DNS Server : WINS Success Count: 0 Failure Count: 76 Failure % : 100 % Total Time : 750 ms Min Time : 0 ms Max Time : 23 ms Avg Time : 9 ms Server Efficiency(successCount/totalTime): 0.0 -------------------------------- Overall Summary ----------------- Success Count: 12 Failure Count: 76 Failure % : 86 % ----------------- Current Namelookup Related Settings --------------------------------- UTMajorUseDNSSeperateThread: false UT.nameResolution: both UT.nameResolution.threadCount: 1 UT.nameResolution.winsTimeout: 2000 UT.nameResolution.threadThresholdPercentage: 10 UT.nameResolution.dnsTimeout: 2000 UTMajorUseDNSCache: false nameserver.usednsForUT: true DB.dsn: ani --------------------------------- ISSUES/RECOMMENDATIONS ----------------------- Issue #1: Failure Percent is greater than 20% Recommendation: Check all DNS/WINS entries and ensure proper hostnames are configured Issue #2: DNS reverse lookup is NOT done as separate process Recommendation: Enable UTMajorUseDNSSeperateThread=true in ut.properties Issue #3: Name Resolution DNS server order is not optimal
7-93 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding UTLite Recommendation: Change dns server order as 64.104.128.248=7.0, 64.104.76.247=0.0, WINS=0.0, Other Recommendations: * If hostnames in your network are less likely to change often, set UTMajorUseDNSCache=true * If reverse lookup failure % is more, try increasing UT.nameResolution.winsTimeout, UT.nameResolution.dnsTimeout and UT.nameResolution.threadThresholdPercentage * Optimal timeout values are: UT.nameResolution.winsTimeout=0, UT.nameResolution.dnsTimeout=48 The script can also be run by setting properties in the ut.properties file. For details, see Configuring User Tracking Properties from the Backend. Understanding UTLite UTLite is a utility that allows you to collect user names from Primary Domain Controllers, Active Directory, and Novell servers. To do this you need to install UTLite in the Windows Primary Domain Controllers and in the Novell servers. You can also install UTLite in an Active Directory server. UTLite sends traps to Campus Manager whenever a user logs in or logs out. UTLite traps are processed by Campus Manager at the rate of 150 traps per second, with a default buffer size of 76800. If you need a higher trap processing rate, say 300 traps per second, increase the buffer size to 102400. To increase the buffer size: Step 1 Enter pdterm UTLITE at the command line to stop the UTLite process. Step 2 Open utliteuhic.properties located at NMSROOT\campus\lib\classpath\com\cisco\nm\cm\ut\uhic\utlite\properties\ Step 3 Set Socket.portbuffersize=102400 Step 4 Enter pdexec UTLITE at the command line to start the UTLite process. Caution Increasing the buffer size beyond 102400 results in performance degradation of UTLite. To receive UTLITE events: Step 1 Open utliteuhic.properties located at NMSROOT\campus\lib\classpath\com\cisco\nm\cm\ut\uhic\utlite\properties\ Step 2 Change the property of URTlite state by changing the value from "URTlite.state=disable" to "URTlite.state=enable". Or
7-94 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding UTLite You can change the property of URTlite state by launching Campus Manager. Select the Acquisition Settings option from User Tracking > Administration > Acquisition. The Acquisition Settings page appears. In the Acquisition Settings page, check the Get user names from hosts in NT and NDS domains and click Apply. The UTLite script is supported on these platforms: Windows NT Windows 2000 Windows XP Windows 2003 Windows Vista Novell Directory Services (NDS) The UTLite script is not supported on these UNIX hosts: Solaris HP-UX AIX This section contains: Installing UTLite Script on Active Directory Installing UTLite Script on Windows Installing UTLite Script on NDS Uninstalling UTLite Scripts From Windows Uninstalling UTLite Scripts From Active Directory Uninstalling UTLite Scripts From NDS
7-95 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding UTLite Installing UTLite Script on Active Directory You must install the UTLite script on the Active Directory server and update the servers logon script to get user logon information from Active Directory hosts. You must have Administrator privileges on the Active Directory server to install the UTLite logon script. To install the script: Step 1 Copy the required files to the Active Directory server: a. Log into the Active Directory server as Administrator. b. Obtain the UTLite files from the Server Configuration: NMSROOT\campus\bin\UTLite33.exe NMSROOT\campus\bin\UTLiteNT.bat where NMSROOT is the directory in which you installed CiscoWorks. c. Copy the UTLiteNT.bat and UTLite33.exe files into the NETLOGON folder. NETLOGON is located at: %SystemRoot%\sysvol\sysvol\domain DNS name\scripts, where %SystemRoot% is usually c:\winnt and domain DNS name is the DNS name of the domain Step 2 Edit the UTLiteNT.bat file: a. Open the UTLiteNT.bat file. b. Locate the following line and replace domain and ipaddress with the domain name of the Windows domain controller and IP address of the computer running the Campus Manager server: start %WINDIR%\UTLite33 -domain domain -host ipaddress -port 16236 If port 16236 is already in use, enter a different number. This port number must match the number that you entered in the Use Port Number field, in the User Tracking > Administration > Acquisition > Acquisition Settings page. For more details, see Modifying Acquisition Settings. Step 3 Edit the logon script files to run the UTLiteNT.bat file when users log into the network by adding this line: UTLiteNT.bat Step 4 Update the domain controller's logon script for each Windows domain that you add. The first time users log into the network after you edit this script, UTLite33.exe is copied to the local WINDIR directory on their Windows client system.
7-96 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding UTLite Installing UTLite Script on Windows You must install the UTLite script on the primary domain controller and update the domain controller's logon script to get user logon information from Windows hosts. Do this once for each domain. You must have Administrator privileges on the primary domain controller to install the UTLite logon script. To install the script: Step 1 Copy the required files to the primary Windows domain controller: a. Log into the Windows primary domain controller as Administrator. b. Obtain the UTLite files from the Server Configuration: C:\Program Files\CSCOpx\campus\bin\UTLite33.exe C:\Program Files\CSCOpx\campus\bin\UTLiteNT.bat where C:\Program Files\ is the directory in which you installed CiscoWorks. c. Copy the UTLiteNT.bat and UTLite33.exe files into the NETLOGON folder. NETLOGON is located at %SYSTEMROOT%\system32\Repl\Import\Scripts, where, SYSTEMROOT% is the root directory for the Windows operating system files. Step 2 Edit UTLiteNT.bat file. a. Open the UTLiteNT.bat file. b. Locate the following line and replace domain and ipaddress with the domain name of the Windows domain controller and IP address of the computer running the Campus Manager Server: start %WINDIR%\UTLite33 -domain domain -host ipaddress -port 16236 If port 16236 is already in use, enter a different number. This port number must match the number that you entered in the Use Port Number field, in the User Tracking > Administration > Acquisition > Acquisition Settings page. For more details, see Modifying Acquisition Settings. Step 3 Edit the logon scripts. Edit users' logon script files to run the UTLiteNT.bat file when users log into the network by adding this line: UTLiteNT.bat Step 4 Update the domain controller's logon script for each Windows domain that you add. The first time users log into the network after you edit this script, UTLite33.exe is copied to the local WINDIR directory on their Windows client system.
7-97 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding UTLite Installing UTLite Script on NDS You must install the UTLite script on the Novell Server and update the domain controller's logon script, to get user logon information from Windows hosts. You only need to do this once for each domain. You must have ZenWorks installed and running on the Novell Server, and you must be using NDS 5.0 or later. To install the script: Step 1 Copy the required files to the Novell Server. Step 2 Log into the Novell Server as Administrator. Step 3 Obtain the UTLite files from the CiscoWorks Server: C:\Program Files\CSCOpx\campus\bin\UTLite33.exe C:\Program Files\CSCOpx\campus\bin\UTLiteNDS.bat where C:\Program Files\ is the directory in which you installed CiscoWorks. Step 4 Create a folder in \\Novell Server Name\SYS\public and copy UTLiteNDS.bat and UTlite33.exe to the folder. Step 5 Edit the UTLiteNDS.bat file: Step 6 Open the UTLiteNDS.bat file. Step 7 Locate the following line and replace domain and ipaddress with the domain name of the Windows domain controller and IP address of the computer running the Campus Manager server: start %WINDIR%\UTLite33 -domain domain -host ipaddress -port 16236 If port 16236 is already in use, enter a different number. This port number must match the number that you entered in the Use Port Number field, in User Tracking > Administration > Acquisition > Acquisition Settings page. For more details, see Modifying Acquisition Settings. Step 8 Edit the logon scripts. Step 9 Enter \\Novell_Server_Name\SYS\public\NaL.exe at the command prompt. Step 10 Click NWAdmin32 to run the Novell Netware Administrator program. Step 11 Right-click on the users or organizational units whose logon scripts you want to modify and select Details. Step 12 Click Login Script and enter: @\\%FILE_SERVER%\sys\public\your_folder_name\UTLiteNDS.bat where your_folder_name is the name of the folder you created in Step 1.
7-98 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users Understanding UTLite Uninstalling UTLite Scripts From Windows If you choose not to have Campus Manager server automatically collect user names, follow these instructions to properly remove the UTLite scripts. To uninstall the script: Step 1 Remove UTLiteNT.bat and UTLite33.exe files from each primary domain controller. Step 2 Remove the call to run UTliteNT.bat from users' logon scripts. Step 3 Delete UTLite33.exe from the WINDIR directory of all Windows clients. To quickly locate the WINDIR directory, enter set windir from a command prompt window on each client. Uninstalling UTLite Scripts From Active Directory If you choose not to have Campus Manager server automatically collect user names, follow these instructions to properly remove the UTLite scripts. To uninstall the script: Step 1 Remove UTLiteNT.bat and UTLite33.exe files from each Active Directory server. Step 2 Remove the call to run UTliteNT.bat from users' logon scripts. Step 3 Delete UTLite33.exe from the WINDIR directory of all Windows clients. To quickly locate the WINDIR directory, enter set windir from a command prompt window on each client. Uninstalling UTLite Scripts From NDS If you choose not to have Campus Manager server automatically collect user names, you must perform these steps to properly remove the UTLite scripts. To uninstall the script: Step 1 Remove UTLiteNDS.bat and UTLite33.exe files from the Novell Server. Step 2 Remove the line added to the login scripts for all users and organizational units. Delete UTLite33.exe from the WINDIR directory of all clients. To quickly locate the WINDIR directory, enter set windir from a command prompt window on each client.
7-99 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Utility User Tracking Utility CiscoWorks User Tracking Utility 1.1.1 is a Windows desktop utility that provides quick access to useful information about users or hosts discovered by Campus Manager User Tracking application. This section contains: Understanding UTU 1.1.1 Hardware and Software Requirements for UTU 1.1.1 Downloading UTU 1.1.1 Installing UTU 1.1.1 Accessing UTU 1.1.1 Configuring UTU 1.1.1 Searching for Users or Hosts Using Search Patterns Uninstalling UTU 1.1.1 Upgrading to UTU 1.1.1 Understanding UTU 1.1.1 User Tracking Utility 1.1.1 (UTU 1.1.1) allows users with Help Desk access to search for users or hosts discovered by Campus Manager User Tracking application. UTU comprises a server-side component and a client utility. To use UTU, Campus Manager must be installed and functioning on your machine, and accessible through the network. UTU 1.1.1 has the following additional features: Support for silent installation mode for easy deployment. Support for communication with Campus Manager server in Secure Sockets Layer (SSL) mode, as well as Non SSL mode. You can use the UTU search band to search for the Users/Hosts in your network. You can search using user name, host name or IP address, or MAC address. The default search criteria is Searching by Host.
7-100 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Utility Definitions Table 7-35 explains certain terms and definitions used in User Tracking Utility. Hardware and Software Requirements for UTU 1.1.1 Table 7-36 lists the minimum system requirements for UTU. Downloading UTU 1.1.1 UTU requires CiscoWorksUserTrackingUtility1.1.1.exe file to be downloaded and installed. To download UTU: Step 1 Locate the file CiscoWorksUserTrackingUtility1.1.1.exe at: http://www.cisco.com/cgi-bin/tablebuild.pl/cw2000-campus-crypto Step 2 Save the file to a temporary directory on your system. Table 7-35 Definitions Term Definition Host Any UNIX or Windows system discovered by User Tracking. Host Name Name of the discovered host. Campus Manager Server Host name or IP address of CiscoWorks server on which you have installed Campus Manager. Port Port number to which the host is connected. Port number on which Campus Manager is running on the CiscoWorks server. Subnet Subnet to which the host belongs. User Name Name of the user who has logged into the host. Table 7-36 System Requirements Requirement Type Minimum Requirements System Hardware IBM PCcompatible computer with Intel Pentium processor. System software Windows 2000 (Professional or Server) with Service Pack 4 or higher. User Tracking Utility is not supported on Windows Vista software. Memory (RAM) 128 MB Additional required software Campus Manager 5.2 Network Connectivity Campus Manager 5.2 must be running and accessible through the network
7-101 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Utility Installing UTU 1.1.1 UTU 1.1.1 supports installation in normal installation mode and silent installation mode. To install UTU 1.1.1 in normal installation mode: Step 1 Log into the system with local system administrator privileges. Step 2 Navigate to the directory that contains CiscoWorksUserTrackingUtility1.1.1.exe. Step 3 Double-click CiscoWorksUserTrackingUtility1.1.1.exe to begin installation. The User Tracking Utility Welcome screen appears. Step 4 Click Next. The Choose Destination Location dialog box appears. By default, UTU is installed in the directory C:\Program Files\CSCOutu. Step 5 Click Next to install UTU in the default directory. Or a. Click Browse to choose a different directory and click OK. b. Click Next to continue with the installation. The Configure CiscoWorks Campus Manager Server Details dialog box appears. Step 6 Enter the name or IP address of the server on which Campus Manager is installed. Step 7 Enter the HTTP port number of the Campus Manager server. The default port number is 1741. Step 8 Click Next. The following message appears: Is CiscoWorks LMS Server SSL Enabled? Step 9 Click Yes if the Campus Manager server is SSL enabled, otherwise, click No. The Configure LMS Server Authentication dialog box appears. You can also configure these server details after installation. Step 10 Enter a valid CiscoWorks Campus Manager Server user name and password. This is used to verify the validity of the user when searching for users or hosts. Step 11 Confirm the password and click Next. The Setup Complete dialog box appears. Step 12 Click Finish to complete the installation. User Tracking Utility 1.1.1 is installed at the destination location you specified in Step 5 above. However, it does not create a program group under Start > Programs. To access the utility, see Accessing UTU 1.1.1, page 7-102. To install UTU in silent mode: At the command prompt, enter: exe-location\CiscoWorksUserTrackingUtility1.1.1.exe a s f1file-location\setup.iss
7-102 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Utility where exe-location is the directory where you have CiscoWorksUserTrackingUtility1.1.1.exe file-location is the directory where you have the setup.iss file. Do not use space after the -f1 option. Use the complete path for file-location. For example: If the install directory for UTU is C:\utu, enter the following at the command prompt: c:\utu\CiscoWorksUserTrackingUtility1.1.1.exe -a -s -f1c:\utu\setup.iss To configure the server information, modify the setup.iss file before running the silent install. Edit the following fields: [SdShowDlgEdit2-0] szEdit1= hostname szEdit2= server-port Result=1 [AskYesNo-0] Result=1 <1- SSL Enabled, 0 - SSL Disabled> [SdShowDlgEdit3-0] szEdit1=username szEdit2=password szEdit3=password You cannot re-install UTU on a system that already has this application installed on it. You must check for existing installations of UTU before beginning a fresh installation. To confirm UTU installation on your system, right-click the taskbar and select Toolbars of your machine. You can find User Search Band option in the popup menu. Accessing UTU 1.1.1 To display the UTU desktop band on the taskbar: Step 1 Right-click the taskbar of the machine on which you installed UTU. Step 2 Select Toolbars > User Search Band, as shown in Figure 7-3. Figure 7-3 Selecting the Toolbar The UTU desktop band appears on the taskbar with the title User Information.
7-103 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Utility Configuring UTU 1.1.1 You must configure UTU only if you want to change the Campus Manager server configurations that you entered while installing UTU. To configure UTU: Step 1 Right-click the User Information search area on the taskbar of the machine on which you installed UTU. A popup menu appears. Step 2 Select Configure. The CiscoWorks Campus Manager Server Configuration dialog box appears. Step 3 Modify the settings as required. Step 4 Click Enable SSL for communicating with an SSL enabled server. The port number changes to 443, which is the default port for SSL. See Figure 7-4. Figure 7-4 Enabling SSL Step 5 Click OK to configure or Cancel to quit. Searching for Users or Hosts You can use UTU search band to search for the users or hosts in your network. You can search using user name, host name or IP address, or MAC address. The default search criterion is host name or IP address of the host. To search for users or hosts: Step 1 Enter host name or IP address in the User Information field on the taskbar of the machine. The default search criterion is host name or IP address of the host. To customize this search criterion: a. Right-click the Users Information search area. A popup menu appears with the default search criterion Host/IP as selected. b. Select User, Host/IP, or MAC Address from this popup menu. The selected criterion is set for future searches until you change the criterion.
7-104 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Utility Table 7-37 describes the search criteria in UTU 1.1.1. Step 2 Enter any value related to user name, host name, IP address, or the MAC address in the User Information field. For example, you can enter 10.77.208* in the User Information field. Step 3 Press Enter. If your server is not SSL enabled, go to Step 6. When you query for data from an SSL enabled server, the Certificate Viewer dialog box appears. See Figure 7-5. Figure 7-5 Certificate Viewer Step 4 Click Details to view the certificate details. You can verify the authenticity and correctness of the SSL server here. See Figure 7-6. Table 7-37 Search Criteria in UTU Search Criterion Description User User name of the hosts in the network. Host/IP Host name or IP address. MAC Address MAC address of the hosts in the network.
7-105 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Utility Figure 7-6 Certificate Details Step 5 Click Yes in the Certificate Viewer dialog box to accept and store the certificate. SSL connection is established with the server. If you click No, the certificate is not stored and no connection is established with the server. The Certificate Viewer dialog box appears only for the first time configuration. If you had clicked Yes the first time, you are not prompted to store the certificate during subsequent sessions. Step 6 Select an entry in the Select Entry popup box. UTU displays the search results. This is a list of user names, host names, IP addresses, or MAC addresses, in a Select Entry popup menu. Step 7 Select Copy All to Clipboard in the Select Entry popup to copy the complete search result. Another popup box appears with the details for that particular entry, as described in Table 7-38. Table 7-38 Details for Each Entry in Select Entry Box Entry Description User Name User name of the user logged in to the host. Host Name Name of the host discovered by User Tracking. MAC Address MAC address of the host. IP Address IP address of the host. Subnet Subnet to which the host belongs. Switch Device name or IP address of the switch. Port Port number to which the host is connected. Port State State of the port: Static or Dynamic.
7-106 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Utility The search results for the value you enter in the User Information field depends on the default search criterion. Using Search Patterns UTU searches for the user or hosts, which match the user name, host name or IP address, or MAC address. You can search for users or hosts by entering a pattern. For example if you enter Cisco, it displays users or hosts, where the user name or host name matches Cisco. Cisco*, it displays users or hosts that begin with the word Cisco 10.77.208* , it displays host IP addresses that begin with 10.77.208. Uninstalling UTU 1.1.1 Before you uninstall UTU 1.1.1, you must hide the UTU desktop band. To do that, right-click the taskbar of the machine on which you installed UTU, and deselect User Search Band in the Toolbars popup menu. To uninstall UTU 1.1.1: Step 1 Go to the Windows taskbar and select Start > Settings > Control Panel > Add/Remove Programs. The Add/Remove Programs dialog box appears. Step 2 Select CiscoWorks User Tracking Utility. Step 3 Click Change/Remove. The system prompts you to confirm uninstallation. Step 4 Click Yes. The Remove Programs From Your Computer dialog box appears. Step 5 Either: a. Click Yes The shared DLL, and UTBand.dll files, are removed. b. Click OK. VLAN VLAN to which the port of the switch belongs. Port Speed Bandwidth of the port of the switch. Port Duplex Port Duplex configuration details on the device. Last Seen Last time User Tracking discovered this host. Copy to Clipboard Copies the entries and the details to clipboard. Table 7-38 Details for Each Entry in Select Entry Box (continued) Entry Description
7-107 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Utility Or a. Click No. The uninstallation proceeds, but it does not completely uninstall UTU. To complete the uninstallation process, you must: b. Go to the command prompt and access the directory where you have installed UTU. The default directory is C:\Program Files\CSCOutu. Step 6 Enter regsvr32 /u UTBand.dll The following message appears: DLLUnregisterServer in UTBand.dll failed Step 7 Click OK. Step 8 Enter del UTBand.dll This removes the UTU installation completely from the machine. Step 9 Restart your system. Upgrading to UTU 1.1.1 You can upgrade User Tracking Utility from UTU 1.1 to UTU 1.1.1. When you install UTU 1.1.1 above UTU 1.1, UTU prompts you to uninstall the previous version. A message appears: WARNING: The setup program has detected a previous version of CiscoWorks User Tracking Utility. To install CiscoWorks User Tracking Utility 1.1.1, previous version of the product must be uninstalled. Do you want to uninstall CiscoWorks User Tracking Utility 1.1 now? Yes/No Click either Yes to upgrade, or No to quit. Re-installing UTU You must not install UTU on a system that already has this application installed on it. You must check for existing installations of UTU before beginning a fresh installation. To check for an existing installation of UTU: Step 1 Right-click the taskbar of the machine. Step 2 Select Toolbars. If the User Search Band option is displayed, UTU is already installed on the system. You must first uninstall the current installation of UTU, and then start the new installation .
7-108 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Debugger Utility User Tracking Debugger Utility The User Tracking Debugger Utility is a command line tool to help debug common problems with User Tracking. This section contains: Understanding Debugger Utility Using Debugger Utility Understanding Debugger Utility The utility displays a report on the reasons why User Tracking failed to discover end hosts on specific ports. In many cases, User Tracking may not perform as expected. This may be because of problems in other Campus Manager applications. For instance Campus Manager Server may have devices that are not discovered or inadequate VLAN discovery in Topology Services. You can run the utility to troubleshoot problems, or provide the report and log generated by the utility when you contact TAC for help in diagnosing problems. The debugger utility uses the data collected by Campus Manager Server and reports the reasons for the missing ports in User Tracking. This tool also has an SNMP component embedded which runs a SNMP query for the table as a part of verification for SNMP failure. For example, SNMP bugs in Catalyst operating system because of which User Tracking may fail to discover devices. This generates an Action Report that you can use to analyze the data. The Debugger Utility: 1. Checks the switch ports in a sequential order. 2. Reports violation of basic rules for each of the missing ports such as link ports and trunk ports. 3. Checks for SNMP retrieval of data, if the ports pass the validity check. 4. Generates an Action Report suggesting possible remedial actions to retrieve the valid missing ports. Using Debugger Utility The Debugger Utility is available at $NMSROOT/campus/bin/ (where $NMSROOT is the directory where you have installed CiscoWorks). To run the Debugger Utility, run the command: utdebug -switch switch-ip -port port1[,port2 ...] [-export filename] where, switch is the switch to which the end hosts are connected. ports are the ports on the switch which have missing end hosts User Tracking. -export filename specifies that the debug messages be stored in the file specified. If this option is not used, the messages are displayed on the console. For example, utdebug -switch 10.29.6.12 -port 5/12 utdebug -switch 10.29.100.10 -port Fa0/10 utdebug -switch 10.29.6.14 -port Gi6
7-109 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Debugger Utility
7-110 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 7 Tracking Users User Tracking Debugger Utility C H A P T E R
8-1 User Guide for Campus Manager 5.2 OL-18011-01 8 Discrepancies and Best Practices Deviations The Discrepancies Reporting module of Campus Manager allows you to view the discrepancies and best practices deviations in your network. This chapter contains the following: Understanding Discrepancies and Best Practices Deviations Interpreting Discrepancies Interpreting Best Practices Deviations Viewing Discrepancy Reports Viewing Best Practices Deviations Reports Customizing Discrepancies Reporting and Syslog Generation Understanding Discrepancies and Best Practices Deviations Campus Manager provides reports on discrepancies, such as network inconsistencies and anomalies or misconfiguration in the discovered network. This makes it easy to identify configuration errors such as link-speed mismatches on either end of a connection. Discrepancies are computed at the end of each data collection schedule. Campus Manager also reports Best Practices Deviations. These are variations from the normal or recommended practices in a network. These do not have any serious impact on the functioning of the network. Campus Manager allows you to: View Reports on Discrepancies. For details, see Viewing Discrepancy Reports View Reports on Best Practices Deviations. For details, see Viewing Best Practices Deviations Reports Acknowledge Discrepancies. For details, see Acknowledging Discrepancies Acknowledge Best Practices Deviations. For details, see Acknowledging Best Practices Deviations Resolve Discrepancies and Best Practices Deviations. Customize Discrepancies Reporting. For details, see Customizing Discrepancies Reporting and Syslog Generation.
8-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Discrepancies Fixing Discrepancies and Best Practices Deviations through Campus Manager The following Discrepancies can be fixed through Campus Manager: Link Duplex Mismatch Link Speed Mismatch Link Trunk/NonTrunk Mismatch Port Fast Enabled on Trunk Port The following Best Practices Deviations can be fixed through Campus Manager: BPDU Filter Disabled on Access Ports BPDU-Guard Disabled on Access Ports Loop Guard and Port Fast Enabled on Ports UDLD Disabled on Link Ports CDP Enabled on Access Ports High Availability not Operational Interpreting Discrepancies This section contains information on each of the discrepancy reported in Campus Manager. It describes the discrepancy, the impact it has on the network, and ways to resolve it. The user interface in Campus Manager displays commands you can use to make configuration changes on devices to resolve discrepancies. This section contains: Trunking Related Discrepancies VLAN-VTP Related Discrepancies Link Related Discrepancies Port Related Discrepancy Device Related Discrepancy Spanning Tree Related Discrepancy Trunking Related Discrepancies The trunking related discrepancies that Campus Manager reports are: Trunk Negotiation Across VTP Boundary Native VLANs Mismatch Trunk VLANs Mismatch Trunk VLAN Protocol Mismatch
8-3 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Discrepancies Trunk Negotiation Across VTP Boundary Campus Manager reports a discrepancy when the trunk mode on any end of the trunk link is set to Auto or Desirable. Dynamic Trunking Protocol (DTP) cannot be used for trunk negotiation across VTP domain boundary. This occurs when trunk mode on both sides has any of the following combinations: On/Auto On/Desirable Desirable/Auto Desirable/Desirable Off/Desirable Impact Trunk negotiation across VTP boundary (that is, trunk link connecting two devices that are part of different VTP domains) fails. Fix You cannot fix this discrepancy using Campus Manager. To fix the discrepancy on switches using Cisco IOS: Step 1 Make sure that the Trunk mode is ON, on both sides of the link. Step 2 Enter the following command: switchport trunk encapsulation dot1q | isl switchport mode trunk end Step 3 Enter the following command to check the status: show interfaces trunk Or show interface mod interface_id trunk To fix the discrepancy on switches using Catalyst operating system: Step 1 Make sure that the Trunk mode is ON, on both sides of the link. Step 2 .Enter the following command: set trunk mod/port on Dot1Q | ISL Step 3 Enter the following command to check the status: show trunk mod/port
8-4 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Discrepancies Native VLANs Mismatch Campus Manager reports a discrepancy when the native VLANs of all ports in a trunk do not match. This mismatch occurs when you have created a trunk port to connect another switch, and both ends are in different native VLANs. Note This discrepancy is applicable only for trunks that use 802.1q encapsulation. Impact The native VLAN must match on both sides of the trunk link, otherwise the traffic flow across the link is affected. The trunk continues to remain operational. Fix If you have altered the default native VLAN configuration, ensure that all trunks have the same native VLAN. Use the set vlan command for Cisco Catalyst operating system switches or the switchport trunk native vlan command for Cisco IOS switches to specify the native VLAN. You cannot fix this discrepancy through Campus Manager. For more information on configuring VLANs, see the document Creating and Maintaining VLANs at the following location: http://www.cisco.com/en/US/partner/products/hw/switches/ps637/ products_configuration_guide_chapter09186a008007f261.html Trunk VLANs Mismatch Campus Manager reports a discrepancy when the list of active or allowed VLANs between the two ends of a trunk do not match. Impact The trunk remains operational but the network traffic across the link is affected. Fix You can resolve this by modifying the list of allowed VLANs between the two ends of a trunk and ensuring that there is no mismatch. You cannot fix this discrepancy through Campus Manager. Trunk VLAN Protocol Mismatch Campus Manager reports a discrepancy when different trunk encapsulations are set on the two ends of a trunk. For example, when one end of a trunk is configured as ISL and the other as 802.1q, Campus Manager reports a discrepancy. ISL and 802.1q are the different encapsulation types that you can configure in a trunk VLAN. Impact The trunk remains operational when the trunk mode is set to On or No-negotiate with mismatching encapsulation types. However, the network traffic across the link is affected because of the mismatch.
8-5 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Discrepancies Fix Configure the same encapsulation type on both ends of the trunk. You cannot fix this discrepancy through Campus Manager. VLAN-VTP Related Discrepancies The VLAN-VTP related discrepancies that Campus Manager reports are: VTP Disconnected Domain No VTP Server in Domain with at least One VTP Client VTP Disconnected Domain Campus Manager reports a discrepancy if the devices that are part of the same VTP domain have different VTP configuration revision numbers. When a switch in the same VTP domain has a higher configuration revision number compared to the other switches, it could overwrite your server-configured switch with incorrect information. Impact The VLAN information is not dynamically shared across the VTP domain. Fix Ensure that you configure VTP Configuration Revision number consistently across devices of the same VTP domain. You cannot fix this discrepancy through Campus Manager. No VTP Server in Domain with at least One VTP Client Campus Manager reports a discrepancy when there is no VTP Server configured in a VTP domain. You can configure a switch to operate in any one of these VTP modesServer, Client, Transparent, and Off. Primary and secondary servers are two types of servers that may exist on an instance in the VTPv3 domain. A VTP client cannot store VLAN information. When a VTP client boots, it needs to reacquire the entire configuration that is propagated by VTP. The primary server can initiate or change the VTP configuration. The main purpose of a VTP secondary server is to back up the configuration that is propagated over the network. Impact Campus Manager reports a discrepancy when an existing VTP server or primary server goes down and there is no alternative or backup server. This can occur in a VTPv2 or VTPv3 domain that has only client mode devices. This could happen when the existing primary server or server mode device has gone down temporarily and if the server mode device does not come up. If you do not configure at least one server, the devices become unreachable. Campus Manager discovers only the client-mode devices in the domain and ignores the rest.
8-6 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Discrepancies Fix Configure at least one device as server in a VTP domain. If the device you have configured as server is temporarily down, configure another device as server. You cannot fix this discrepancy through Campus Manager. For more information on VTP domain, see the document Configuring VTP at the following location: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/configuration/guide/vtp.html Link Related Discrepancies The link related discrepancies that Campus Manager reports are: Link Duplex Mismatch Link Speed Mismatch Link Trunk/NonTrunk Mismatch Link Duplex Mismatch Campus Manager reports a discrepancy when there is a duplex mismatch between links. Duplex mismatch on 10/100Mb Ethernet links occurs when one port on the link is operating at half-duplex while the other port is operating at full-duplex. This happens when one or both ports on a link are reset and the auto-negotiation process does not cause both partners to have the same configuration. It also happens when you reconfigure one side of a link and do not reconfigure the other side. Impact Half-duplex device waits until no other devices are transmitting on the same LAN segment. However a full-duplex device transmits whenever it has something to send, regardless of other devices. If this transmission occurs while the half-duplex device is transmitting, the half-duplex device will consider this either a collision (during the slot time), or a late collision (after the slot time). Since the full-duplex side does not expect collisions, it does not realize that it must retransmit that dropped packet. A low percentage rate of collisions are normal with half-duplex, but not with full-duplex. If the switch port receives many late collisions, it usually indicates a duplex mismatch problem. See Figure 8-1.
8-7 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Discrepancies Figure 8-1 Duplex Mismatch Fix Campus Manager provides commands to resolve link duplex mismatch. Campus Manager displays commands to set the port speed to Auto. Setting the port speed to Auto will automatically make the link duplex to be negotiated between devices. To fix the discrepancy on switches using Cisco IOS: Step 1 Go to the Discrepancy report and click the hyperlink in the Summary field. The Discrepancy Detail dialog box appears. The Recommended Fix field displays the following command: duplex auto end where auto enables the autonegotiation capability. Step 2 Click Fix. A message appears indicating whether the discrepancy was successfully fixed or not. Collision Half-Duplex: Still runs carrier sense and collision detection A (root) Half-Duplex A Full-Duplex C X BPDU lost to be retransmitted Does not do carrier sense 1 3 0 8 7 6
8-8 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Discrepancies To fix the discrepancy on switches using Catalyst operating system: Step 1 Go to the Discrepancy report and click the hyperlink in the Summary field. The Discrepancy Detail dialog box appears. The Recommended Fix field displays the following command: set port speed mod/port auto where: mod/port refers to the number of the module and the port on the module auto specifies autonegotiation for transmission speed and duplex mode on 10/100 Fast Ethernet ports Step 2 Click Fix. A message appears indicating whether the discrepancy was successfully fixed or not. Link Speed Mismatch Campus Manager reports a discrepancy when there is a mismatch in the link speeds, that is, different link speeds on either side of a link (for 10/100 ports or for any group of links). The IEEE 802.3u autonegotiation protocol manages the switch settings for speed (10 Mbps or 100 Mbps) and duplex (half or full). There are situations when this protocol can incorrectly align these settings, reducing performance. A mismatch occurs under these circumstances: A manually-set speed or duplex parameter is different from the manually set speed or duplex parameter on the connected port. A port is in Autonegotiate modeand the connected port is set to full duplex with no autonegotiation. Impact Link speed mismatch results in reduced performance of the link. Fix Campus Manager displays commands to resolve link speed mismatch. To fix the discrepancy on switches using Cisco IOS: Step 1 Go to the Discrepancy report and click the hyperlink in the Summary field. The Discrepancy Detail dialog box appears. The Recommended Fix field displays the following command: speed auto end where auto enables the autonegotiation capability. Step 2 Click Fix. A message appears indicating whether the discrepancy was successfully fixed or not.
8-9 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Discrepancies To fix the discrepancy on switches using the Catalyst operating system: Step 1 Go to the Discrepancy report and click the hyperlink in the Summary field. The Discrepancy Detail dialog box appears. The Recommended Fix field displays the following command: set port speed mod/port auto where: mod/port refers to the number of the module and the port on the module auto specifies autonegotiation for transmission speed and duplex mode on 10/100 Fast Ethernet ports Step 2 Click Fix. A message appears indicating whether the discrepancy was successfully fixed or not. Link Trunk/NonTrunk Mismatch Campus Manager reports a discrepancy when there are trunking ports and non-trunking ports on either side of a link. This happens when one end of the trunk is set to On, and the other end is set to Off. Impact This results in the trunk not coming up, and there would be no traffic flow across the link. Fix Campus Manager resolves the discrepancy by setting the trunk modes on the switches to Desirable mode. To fix the discrepancy on switches using the Catalyst operating system: Step 1 Go to the Discrepancy report and click the hyperlink in the Summary field. The Discrepancy Detail dialog box appears. The Recommended Fix field displays the following command: set trunk mod/port desirable where: desirable causes the port to negotiate actively with the neighboring port to become a trunk link mod/port specifies the number of the module and the port or ports on the module Step 2 Click Fix. A message appears indicating whether the discrepancy was successfully fixed or not.
8-10 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Discrepancies To fix the discrepancy on switches using Cisco IOS: Step 1 Go to the Discrepancy report and click the hyperlink in the Summary field. The Discrepancy Detail dialog box appears. The Recommended Fix field displays the following command: switchport mode dynamic desirable end where dynamic desirable specifies an interface that actively attempts to convert the link to a trunk link. Step 2 Click Fix. A message appears indicating whether the discrepancy was successfully fixed or not. Port Related Discrepancy The port related discrepancy that Campus Manager reports is Port is in Error Disabled State. See Port is in Error Disabled State Port is in Error Disabled State Campus Manager reports a discrepancy when one or more of the switch ports in the discovered network have a status of errDisable. Causes of errDisable A port enters errdisable state for any of the following reasons: Channel misconfiguration Duplex mismatch BPDU port-guard UDLD Impact When a port is error-disabled, it is effectively shut down and no traffic is sent or received on that port. The port LED is set to the color orange and when you enter the show port command, the port status shows errdisable. Fix To recover from errDisable: Step 1 Identify and fix whatever caused the ports to become error-disabled (cable, NICs, EtherChannel, and so on). Step 2 Re-enable the port.
8-11 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Discrepancies You cannot fix this discrepancy through Campus Manager. For more information on the errDisable state, see the document Recovering From errDisable Port State on the CatOS Platforms at the following location: http://www.cisco.com/en/US/partner/tech/tk389/tk214/technologies_tech_note09186a0080093dcb.sht ml Device Related Discrepancy The device related discrepancy that Campus Manager reports is Devices With Duplicate Sysname. See Devices With Duplicate SysName, page 8-11 Devices With Duplicate SysName Campus Manager reports a discrepancy when it discovers two devices with the same SysName. Campus Manager stores the device details of only one of the two devices. Impact Campus Manager manages only one of these devices. Fix Assign unique SysName for all devices in the network. You cannot fix this discrepancy through Campus Manager. Spanning Tree Related Discrepancy The spanning tree related discrepancy that Campus Manager reports is PortFast Enabled on Trunk Port. See Port Fast Enabled on Trunk Port Port Fast Enabled on Trunk Port Campus Manager reports a discrepancy when PortFast is enabled on trunk ports. PortFast causes a spanning tree port to immediately enter the forwarding state, bypassing the listening and learning states. You must disable STP PortFast for switch-switch links. This is because, if you enable PortFast on a port that is connected to another Layer 2 device, such as a switch, you might create network loops. Impact If you enable PortFast on ports that connect two switches, spanning tree loops can occur if Bridge Protocol Data Units (BPDUs) are being transmitted and received on those ports. Fix Campus Manager provides commands for disabling PortFast on ports.
8-12 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations To fix the discrepancy on switches using the Catalyst operating system: Step 1 Go to the Discrepancy report and click the hyperlink in the Summary field. The Discrepancy Detail dialog box appears. The Recommended Fix field displays the following command: set spantree portfast mod/port disable where disable disables the spanning tree PortFast-start feature on the port. Step 2 Click Fix. A message appears indicating whether the discrepancy was successfully fixed or not. To fix the discrepancy on switches using Cisco IOS: Step 1 Go to the Discrepancy report and click the hyperlink in the Summary field. The Discrepancy Detail dialog box appears. The Recommended Fix field displays the following command: no spanning-tree portfast end This command disables PortFast on the given port. Step 2 Click Fix. A message appears indicating whether the discrepancy was successfully fixed or not. Interpreting Best Practices Deviations This section contains information on each of the Best Practice Deviation reported in Campus Manager. It gives a description of the Best Practice Deviation, the impact (if any) it has on the network, and ways to resolve it. The user interface in Campus Manager displays commands to make configuration changes on devices, to resolve some Best Practices deviations. This section contains: Channel Ports Related Best Practices Deviations Spanning Tree Related Best Practices Deviations Trunk Ports Related Best Practices Deviations VLAN Related Best Practices Deviations Link Ports Related Best Practice Deviation Access Ports Related Best Practice Deviation Cisco Catalyst 6000 Devices Related Best Practice Deviation
8-13 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations Channel Ports Related Best Practices Deviations The channel ports related best practices deviations that Campus Manager reports are: Non-channel Port in Desirable Mode Channel Port in Auto Mode Non-channel Port in Desirable Mode Campus Manager reports a Best Practice Deviation when a non-channel port is in the Desirable mode. There are four user-configurable channel modes: On Off Auto Desirable Port Aggregation Protocol (PAgP) packets are exchanged only between ports in Auto and Desirable modes. Ports configured in on or off mode do not exchange PAgP packets. To form EtherChannel between, it is best to have both switches set to the Desirable mode. This gives the most robust behavior if one side or the other encounters error situations or is reset. The default mode of the channel is Auto. Both Auto and Desirable modes allow ports to negotiate with connected ports to determine whether they can form a channel. The determination is based on criteria such as port speed, trunking state, and native VLAN. Ports can form an EtherChannel when they are in different channel modes if the modes are compatible. Examples of ports that can form an EtherChannel are: A port in desirable mode can successfully form an EtherChannel with another port that is in Desirable or Auto mode. A port in the Auto mode can form an EtherChannel with another port in the Desirable mode. A port in the Auto mode cannot form an EtherChannel with another port that is also in the Auto mode, since neither port initiates negotiation. A port in the On mode can form a channel only with a port in the On mode because ports in On mode do not exchange PAgP packets. A port in Off mode cannot form a channel with any port. Impact When a non-channel port is in the Desirable mode, the links will not be efficiently used.
8-14 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations Fix To fix the Best Practice Deviation on switches using Catalyst operating system: Step 1 Go to the Best Practice Deviation report and click the hyperlink in the Summary field. The Best Practice Deviation Detail dialog box appears. The Recommended Fix field displays the following command: set port channel mod/port mode auto Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not. To fix the Best Practice Deviation on switches using Cisco IOS: Step 1 Go to the Best Practice Deviation report and click the hyperlink in the Summary field. The Best Practice Deviation Detail dialog box appears. The Recommended Fix field displays the following command: channel-group Channel group number mode auto Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not. Channel Port in Auto Mode Campus Manager reports a Best Practice Deviation when a channel port is in Auto mode. There are four user-configurable channel modes: On Off Auto Desirable Port Aggregation Protocol (PAgP) packets are exchanged only between ports in Auto and Desirable mode. Ports configured in On or Off mode do not exchange PAgP packets. For switches to which you want to form an EtherChannel, it is best to have both switches set to Desirable mode. This gives the most robust behavior if one of the sides encounters error situations or is reset. The default mode of the channel is Auto. Both Auto and Desirable modes allow ports to negotiate with connected ports to determine if they can form a channel. The determination is based on criteria such as port speed, trunking state, and native VLAN. Ports can form an EtherChannel when they are in different channel modes if the modes are compatible. Examples of ports that can form an EtherChannel are: A port in Desirable mode can successfully form an EtherChannel with another port that is in Desirable or Auto mode. A port in Auto mode can form an EtherChannel with another port in Desirable mode.
8-15 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations A port in Auto mode cannot form an EtherChannel with another port that is also in Auto mode, since neither port initiates negotiation. A port in On mode can form a channel only with another port also in On mode, because ports in this mode do not exchange PAgP packets. A port in Off mode cannot form a channel with any port. Impact Channel port set to Auto mode is considered a Best Practice Deviation because it is not the recommended configuration. Cisco recommends that you set the channel port to Desirable mode. There is no serious impact on the network. Fix To fix the Best Practise Deviation on switches using the Catalyst operating system: Step 1 Go to the Best Practise Deviation report and click the hyperlink in the Summary field. The Best Practise Deviation Detail dialog box appears. The Recommended Fix field displays the following command: set port channel mod/port mode desirable which sets the port to desirable mode. Step 2 Click Fix. A message appears indicating whether the Best Practise Deviation was successfully fixed or not. To fix the Best Practise Deviation on switches using Cisco IOS: Step 1 Go to the Best Practise Deviation report and click the hyperlink in the Summary field. The Best Practise Deviation Detail dialog box appears. The Recommended Fix field displays the following command: channel-group Channel group number mode desirable which sets the port to desirable mode. Step 2 Click Fix. A message appears indicating whether the Best Practise Deviation was successfully fixed or not. Spanning Tree Related Best Practices Deviations The spanning tree related best practices deviations that Campus Manager reports are: BPDU Filter Disabled on Access Ports BPDU-Guard Disabled on Access Ports BackboneFast Disabled in Switch UplinkFast not Enabled Loop Guard and Port Fast Enabled on Ports
8-16 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations BPDU Filter Disabled on Access Ports Campus Manager reports a Best Practice Deviation when BPDU Filter is not enabled on access ports. Impact BPDU filtering allows you to avoid transmitting BPDUs on PortFast-enabled ports that are connected to an end system. When you enable PortFast on the switch, spanning tree places ports in the forwarding state immediately, instead of going through the listening, learning, and forwarding states. By default, spanning tree sends BPDUs from all ports regardless of whether PortFast is enabled. BDPUFilter can be enabled for each port or globally. When you enable BPDUFilter globally, it applies to all PortFast-enabled ports on the switch. When you disable PortFast on a port, the BPDU Filter that was globally enabled on the PortFast enabled port is also disabled. Fix Campus Manager provides commands for enabling BPDU Filter on access ports. To fix the Best Practice Deviation on switches using Catalyst operating system: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: set spantree bpdu-filter mod/port enable where: mod/port specifies the number of the module and the port on the module enable enables BPDU packet filtering Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not. To fix the Best Practice Deviation on switches using Cisco IOS: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: spanning-tree bpdufilter enable end where enable enables BPDU Filtering on the particular interface. Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not.
8-17 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations BPDU-Guard Disabled on Access Ports Campus Manager reports a Best Practice Deviation if PortFast is enabled and BPDU-Guard is not enabled on a port. BPDU-Guard prevents spanning-tree loops by moving a port into the errdisable state when a BPDU is received on that port. When you enable BPDU-Guard on the switch, spanning tree shuts down the interfaces that receive BPDUs instead of putting the interfaces into the spanning-tree blocking state. Impact Cisco recommends that you enable BPDUGuard to block incoming BPDUs on edge devices (end-hosts). The Cisco BPDUGuard feature, when enabled, informs the switch to disable PortFast ports if a BPDU is received on those ports. BDPUGuard can be enabled on each port or globally. When you enable BPDUGuard globally, it applies to all PortFast-enabled ports on the switch. Fix Campus Manager displays commands for enabling BPDU Filter on access ports. To fix the Best Practice Deviation on switches using Catalyst operating system: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: set spantree bpdu-guard mod/port enable where: mod/port specifies the number of the module and the port on the module enable enables BPDUGuard Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not. To fix the Best Practice Deviation on switches using Cisco IOS: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: spanning-tree bpduguard enable end where enable enables BPDUGuard on the particular interface. Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not.
8-18 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations BackboneFast Disabled in Switch Campus Manager reports a Best Practice Deviation when BackboneFast is enabled on one of the switches and not enabled on all other switches in a switch cloud. Cisco recommends that BackboneFast be enabled on all switches running STP. It can be added without disruption to a production network. Impact If you do not enable BackboneFast on all devices, it might lead to undesirable effects on the spanning tree operation. BackboneFast provides rapid convergence from indirect link failures. By adding functionality to STP, you can reduce convergence times from the default of 50 seconds to 30 seconds. Figure 8-2 shows an example topology with no link failures. Switch A, the root switch, connects directly to Switch B over link L1 and to Switch C over link L2. The port on Switch C that connects directly to Switch B is in the blocking state. Figure 8-2 BackboneFast Example Before Indirect Link Failure If link L1 fails, Switch C detects this failure as an indirect failure, because it is not connected directly to link L1. Switch B no longer has a path to the root switch. BackboneFast allows the blocked port on Switch C to move immediately to the listening state without waiting for the maximum aging time for the port to expire. BackboneFast then transitions the port on Switch C to the forwarding state, providing a path from Switch B to Switch A. This switchover takes approximately 30 seconds. Figure 8-3 shows how BackboneFast reconfigures the topology to account for the failure of link L1. L1 L2 L3 Switch C Switch A (Root) Switch B Blocked port 1 1 2 4 1
8-19 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations Figure 8-3 BackboneFast Example After Indirect Link Failure Fix Enable BackboneFast on all switches in a switch cloud. To enable BackboneFast Globally on a Catalyst operating system: Step 1 Enter the command: set spantree backbonefast enable Step 2 Enter this command to check the status: show spantree backbonefast To enable BackboneFast Globally on Cisco IOS: Step 1 Enter the command: spanning-tree backbonefast Step 2 Enter this command to check the status: show spanning-tree backbonefast You cannot fix this Best Practice Deviation through Campus Manager. For more information on Spanning Tree related configuration, see the document Configuring Spanning Tree PortFast, UplinkFast, and BackboneFast at the following location: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/configuration/guide/stp_enha.ht ml L1 L2 L3 Switch C Switch A (Root) Switch B Link failure 1 1 2 4 4 BackboneFast transitions port through listening and learning states to forwarding state
8-20 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations UplinkFast not Enabled Campus Manager reports a Best Practice Deviation when UplinkFast is not enabled on switches. Note This Best Practice Deviation is not applicable if the device is not an access layer switch. Cisco recommends that you enable UplinkFast for switches with blocked ports, typically at the access layer. Do not use on switches without the implied topology knowledge of a backup root linktypically, distribution and core switches in Cisco's multilayer design. It can be added without disruption to a production network. Impact UplinkFast provides fast STP convergence after a direct link failure in the network access layer. It operates without modifying STP, and its purpose is to speed up convergence time in a specific circumstance to less than three seconds, rather than the typical 30-second delay. Figure 8-4 shows an example topology with no link failures. Switch A, the root switch, is connected directly to Switch B over link L1 and to Switch C over link L2. The port on Switch C that is connected directly to Switch B is in the blocking state. Figure 8-4 UplinkFast Example Before Direct Link Failure If Switch C detects a link failure on the currently active link L2 (a direct link failure), UplinkFast unblocks the blocked port on Switch C and transitions it to the forwarding state without going through the listening and learning states, as shown in Figure 8-5. This switchover takes approximately 1 to 5 seconds. L1 L2 L3 Switch C Switch A (Root) Switch B Blocked port 1 1 2 4 1
8-21 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations Figure 8-5 UplinkFast Example After Direct Link Failure Fix Enable UplinkFast on all access layer switches. To enable Uplink Fast on Catalyst operating system: Step 1 Enter the command: set spantree uplinkfast enable Step 2 Enter this command to check the status: show spantree uplinkfast To enable Uplink Fast on Cisco IOS: Step 1 Enter the command: spanning-tree uplinkfast Step 2 Enter this command to check the status: show spanning-tree uplinkfast You cannot fix this Best Practice Deviation through Campus Manager. For more information on Spanning Tree related configuration, see the document Configuring Spanning Tree PortFast, UplinkFast, and BackboneFast at the following location: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/configuration/guide/stp_enha.ht ml L1 L2 L3 Switch C Switch A (Root) Switch B UplinkFast transitions port directly to forwarding state Link failure 1 1 2 4 2
8-22 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations Loop Guard and Port Fast Enabled on Ports Loop Guard Assume that a switch port is receiving BPDUs, and is in the blocking state. The port makes up a redundant path. It is blocking because it is neither a Root Port nor a Designated Port. If, the flow of BPDUs stops, the last known BPDU is retained until the Max Age timer expires. When the Max Age timer expires, that BPDU is flushed, and the switch thinks there is no longer a need to block the port. The port moves through the STP states until it begins to forward traffic. The switch then forms a bridging loop. In its final state, the port becomes a Designated Port. To prevent this situation, you can use the loop guard STP feature. When you enable this feature, loop guard keeps track of the BPDU activity on nondesignated ports. While BPDUs are received, the port is allowed to behave normally. When BPDUs are missing, loop guard moves the port into the loop-inconsistent state. The port is effectively blocking at this point to prevent a loop from forming and to keep it in the nondesignated role. After BPDUs are received on the port again, loop guard allows the port to move through the normal STP states and become active. In this way, Loop Guard automatically governs ports without the need for manual intervention. STP PortFast STP configures meshed topology into a loop-free, tree-like topology. When the link on a bridge port goes up, STP calculation occurs on that port. The result of the calculation is the transition of the port into forwarding or blocking state. The result depends on the position of the port in the network and the STP parameters. This calculation and transition period usually takes about 30 to 50 seconds. At that time, no user data passes through the port. Owing to this, some user applications can time out during the period. To allow immediate transition of the port into forwarding state, enable the STP PortFast feature. PortFast immediately transitions the port into STP forwarding mode upon linkup. This way the port still participates in STP. So if the port is to be a part of the loop, the port eventually transitions into the STP blocking mode. Impact Enabling both the above features in a port, gives unpredictable results. Hence Campus Manager flags it as a Best Practice Deviation. Fix If you fix the above Best Practice Deviation through Campus Manager, it disables the Port Fast feature in the port. To fix the Best Practice Deviation on switches using the Catalyst operating system: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: set spantree portfast disable Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not.
8-23 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations To fix the Best Practice Deviation on switches using Cisco IOS: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: spanning-tree portfast disable Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not. Trunk Ports Related Best Practices Deviations The trunk ports related best practices deviations that Campus Manager reports are as follows: Non-trunk Ports in Desirable Mode Trunk Ports in Auto Mode Non-trunk Ports in Desirable Mode Campus Manager reports a Best Practice Deviation when non-trunk ports are set to Desirable mode. Impact Cisco recommends that you set trunk to Off on all non-trunk ports. This helps eliminate wasted negotiation time when bringing host ports up. If a non-trunk port is set to Desirable, it attempts to become a trunk port if the neighboring port is in Desirable or Auto mode, although that is not the intended behavior. Fix To fix the Best Practice Deviation, set the trunk mode to Off on all non-trunk ports. To fix it through Campus Manager, on switches using the Catalyst operating system: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: set port host mod/port Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not.
8-24 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations To fix it through Campus Manager, on switches using Cisco IOS: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: switchport mode access Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not. Table 8-1 lists all possible combinations of trunk mode configurations and when Campus Manager reports a Best Practice Deviation. Table 8-1 Trunking Configuration 1 1. Information in brackets indicate the trunking state of the interface. Modes On Auto Desirable Nonegotiate Off On None. (Trunking) Reports Best Practice Deviation. (Trunking) None. (Trunking) None. (Trunking) Reports Best Practice Deviation. (Not Trunking) Auto Reports Best Practice Deviation. (Trunking) None. (Not Trunking) Reports Best Practice Deviation. (Trunking) Reports Best Practice Deviation. (Not Trunking) None. (Not Trunking) Desirable None. (Trunking) Reports Best Practice Deviation. (Trunking) None. (Trunking) Reports Best Practice Deviation. (Not Trunking) Reports Best Practice Deviation. (Not Trunking) Nonegotiate None. (Trunking) Reports Best Practice Deviation. (Not Trunking) Reports Best Practice Deviation. (Not Trunking) None. (Trunking) Reports Best Practice Deviation. (Not Trunking) Off Reports Best Practice Deviation. (Not Trunking) None. (Not Trunking) Reports Best Practice Deviation. (Not Trunking) Reports Best Practice Deviation. (Not Trunking) None. (Not Trunking)
8-25 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations Trunk Ports in Auto Mode Campus Manager reports a Best Practice Deviation when trunk ports are set to Auto mode. Impact Cisco recommends an explicit trunk configuration of Desirable at both ends. Auto mode indicates a static property and the port will not initiate the trunking link, if the neighbor does not initiate it. See Table 8-1 for different trunk mode combinations. Fix To fix the Best Practice Deviation on switches using the Catalyst operating system: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: set trunk mod/port desirable Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not. To fix the Best Practice Deviation on switches using Cisco IOS: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: switchport mode dynamic desirable Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not. VLAN Related Best Practices Deviations The VLAN related best practices deviations that Campus Manager reports are as follows: VLAN Index Conflict VLAN Name Conflict VLAN Index Conflict Campus Manager reports a Best Practice Deviation when there is a conflict in the VLAN Index. A VLAN Index conflict occurs in case of a VTP domain which has Server mode and Transparent or Off mode devices, where a same VLAN index has different VLAN name in transparent and server mode devices in the domain.
8-26 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations Impact There is no serious impact on the network connectivity. It is considered as a Best Practice Deviation because Campus Manager cannot manage a VTP domain where the same VLAN index has different VLAN names in transparent and server mode devices. Fix Assign the same name for a VLAN Index in both the transparent and server modes of the VTP domain. You cannot fix this Best Practice Deviation through Campus Manager. VLAN Name Conflict Campus Manager reports a Best Practice Deviation when there is a conflict in the VLAN Name. A VLAN Name conflict occurs in case of a VTP domain which has Server mode and Transparent or Off mode devices, where a VLAN part of the transparent mode device in the domain has the same name as VLAN part of the server mode device in the domain. Impact There is no serious impact on the network connectivity. It is considered as a Best Practice Deviation because Campus Manager cannot manage a VTP domain with devices where a VLAN part of the transparent mode device in the domain has the same name as VLAN part of the server mode device in the domain. Fix Resolve the conflict by assigning different names for the VLAN part of the transparent mode and the server mode devices. You cannot fix this Best Practice Deviation through Campus Manager. Link Ports Related Best Practice Deviation The link port related Best Practice Deviation that Campus Manager reports is UDLD Disabled on Link Ports. See UDLD Disabled on Link Ports
8-27 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations UDLD Disabled on Link Ports Campus Manager reports a Best Practice Deviation if UniDirectional Link Detection (UDLD) is disabled on link ports. Impact If you disable UDLD, it could result in Spanning Tree loops. Unidirectional links are often caused by a failure not detected on a fiber link, or by a problem with a transceiver. Figure 8-6 Unidirectional Links In Figure 8-6, suppose the link between A and B is unidirectional and drops traffic from A to B while transmitting traffic from B to A. Suppose that B should be blocking. It has previously been stated that a port can only block if it receives BPDUs from a bridge that has a higher priority. In this case, all these BPDUs coming from A are lost and bridge B eventually forwards traffic, creating a loop. To detect the unidirectional links before the forwarding loop is created, Cisco designed and implemented the UniDirectional Link Detection (UDLD) protocol. This feature is able to detect improper cabling or unidirectional links on Layer 2 and automatically break resulting loops by disabling some ports. For maximum protection against symptoms resulting from uni-directional links, we recommend that you enable aggressive mode UDLD on point-to-point links between Cisco switches, where you have set the message interval to the default 15 seconds. Fix Campus Manager provides commands to enable UDLD on link ports. To fix the Best Practice Deviation on switches using Catalyst operating system: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: set udld enable mod/port where enable enables the UDLD information display. Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not. B Blocking A X X BPDU lost this way B unblocks its port and can forward traffic this way...... 1 3 0 8 7 7
8-28 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations To fix the Best Practice Deviation on switches using Cisco IOS: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix displays the following command: udld port end This command enables UDLD in normal mode by default on all interfaces. Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not. Access Ports Related Best Practice Deviation The access ports related Best Practice Deviation that Campus Manager reports is CDP Enabled on Access Ports. See CDP Enabled on Access Ports CDP Enabled on Access Ports Campus Manager reports a Best Practice Deviation when Cisco Discovery Protocol (CDP) is enabled on the access port of a switch. CDP is enabled by default and is essential to gain visibility of adjacent devices and for troubleshooting. It is also used by network management applications to build Layer 2 topology maps. Impact In parts of the network where a high level of security is required (such as Internet-facing de-militarized zones), you should turn off CDP. Fix Campus Manager provides commands to disable CDP on switches. To fix the Best Practice Deviation on switches running Catalyst operating system: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: set cdp disable mod/port Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not.
8-29 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Interpreting Best Practices Deviations To fix the Best Practice Deviation on switches running Cisco IOS: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: no cdp enable Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not. Cisco Catalyst 6000 Devices Related Best Practice Deviation The Cisco Catalyst 6000 devices related Best Practice Deviation that Campus Manager reports is High Availability not Operational. See High Availability not Operational High Availability not Operational Enabling High Availability on switches is applicable only for Cisco Catalyst 6000 devices. Campus Manager reports a Best Practice Deviation when there are two supervisor engines in Cisco Catalyst 6000 devices and High Availability is not enabled. Impact High Availability: Is a critical requirement for most networks. Switch downtime must be minimal to ensure maximum productivity in a network. Allows you to minimize the switch-over time from active supervisor engine to the standby supervisor engine, if the active supervisor engine fails. Allows the active supervisor engine to communicate with the standby supervisor engine, keeping feature protocol states synchronized. Provides a versioning option that allows you to run different software images on the active and standby supervisor engines. You can enable High Availability using Command Line Interface (CLI).
8-30 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Viewing Discrepancy Reports Fix As a general practice with redundant supervisors, we recommend that you enable High Availability feature for normal operation. Campus Manager provides commands for enabling High Availability. To fix the Best Practice Deviation on switches using Catalyst operating system: Step 1 Go to the Best Practices Deviations report and click the hyperlink in the Summary field. The Best Practice Deviation Details dialog box appears. The Recommended Fix field displays the following command: set system highavailability enable Step 2 Click Fix. A message appears indicating whether the Best Practice Deviation was successfully fixed or not. For more information on Supervisor engines and High Availability, see the document Configuring Redundancy at the following location: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/6.x/configuration/guide/redund.htm l Viewing Discrepancy Reports To view discrepancy reports: Step 1 Go to the LMS Portal and select Campus Manager > Reports > Reports Generator. The Report Generator page appears. Step 2 Select Discrepancies from the list of available reports. The Report Generator page has options to configure the report you want to view. Table 8-2 describes the options that you can configure to generate a Discrepancy Report.
8-31 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Viewing Discrepancy Reports Step 3 Click Submit to generate the Discrepancy Report. The Discrepancy Report appears if you had set the Run Type to Immediate. For any other Run Type, the report is created as a job. For details on viewing, stopping, and deleting the scheduled report job, see Using the Reports J ob Browser Table 8-2 Generating Discrepancy Reports Option Usage Notes Device Selector Click Selection tab to choose the device groups for which you want discrepancies to be reported. A list of all the available System Defined Groups and User Defined groups appears. Check the checkbox next to the device group for which you want discrepancies to be reported. Report Options Click Unacknowledged to view a report of the discrepancies that are not acknowledged. Click Acknowledged to view a report of only the acknowledged discrepancies. Click Both to view a report of both acknowledged and unacknowledged discrepancies. Severity Selector You can select the severity level of the discrepancies for which you want to generate a report. The different severity levels are Medium and High. Type Selector 1. Select the discrepancies from Available Types, for which you want the report to be displayed. You can select multiple entries by pressing Ctrl or Shift while clicking. 2. Click Add. The selected discrepancies are added to Selected Types. You can also double-click on a discrepancy from Available Types to add it to Selected Types. To remove a discrepancy from Selected Types, select the discrepancy and click Remove. Scheduling 1. Select the Run Type for the jobImmediate, Once, Daily, Weekly, Monthly. 2. For jobs with Run Type anything other than Immediate, select the Date and Time for the job to run. The Date and J ob Info fields are disabled when you select Immediate as the Run Type for the job. J ob Info 1. Enter a description for the job in the Description field. The text you enter is displayed in the Campus Manager job browser. This is a mandatory field. 2. In the E-mail field, enter the e-mail ID to which you want the job completion status to be sent.
8-32 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Viewing Discrepancy Reports To clear the values you entered click Reset. Understanding Discrepancy Reports This section explains: Viewing Details on Discrepancies Fixing Discrepancies The Discrepancy Report is displayed in a tabular format. Table 8-3 describes the fields in a Discrepancy Report. Table 8-3 Discrepancy Reports Field Description Acknowledge If you have launched: Unacknowledged Discrepancy Report You can acknowledge discrepancies from this report. For details on acknowledging a discrepancy, see Acknowledging Discrepancies. Acknowledged Discrepancy Report You can unacknowledge discrepancies from this report. For details on unacknowledging a discrepancy, see Unacknowledging Discrepancies. Acknowledged and Unacknowledged Discrepancy Report The Acknowledge column displays Yes for Acknowledged discrepancies and No for Unacknowledged Discrepancies. Type Brief description of the discrepancy. Severity The severity level of the discrepancy. Discrepancies are categorized according to their severity as medium, or high. Summary The IP addresses of the devices that are affected by the discrepancy are displayed here. Click the hyperlink to view more details on the discrepancy. For more information, see Viewing Details on Discrepancies. Fix States if the discrepancy can be fixed through Campus Manager. A link is provided, clicking on which takes you to the Fix Page. For details on fixing discrepancies, see Fixing Discrepancies. First Found The date and time when the discrepancy was first discovered by Campus Manager. Remarks If a fix has been attempted on the discrepancy, it is shown here. The RME J ob ID for the fix operation is also shown here.
8-33 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Viewing Discrepancy Reports Acknowledging Discrepancies Discrepancies that do not having serious impact in the network, can be acknowledged. You can also acknowledge a discrepancy that you no longer want to see in the Discrepancy Report. If you acknowledge it, it is removed from the report. To acknowledge a discrepancy: Step 1 In the Discrepancy Report, check the checkbox corresponding to the discrepancy. Step 2 Click Acknowledge. The acknowledged discrepancy does not appear in the report, the next time you generate it. Unacknowledging Discrepancies If you want the acknowledged discrepancy to reappear in the Discrepancy Report, you need to unacknowledge it. To unacknowledge a discrepancy: Step 1 In the Discrepancy Report, check the checkbox corresponding to the discrepancy. Step 2 Click UnAcknowledge. The unacknowledged discrepancy appears in the report, the next time you generate it. Viewing Details on Discrepancies To get detailed information on a discrepancy, click the hyperlink in the summary column of the Discrepancy Report. The Discrepancy Details dialog box appears. Table 8-4 explains Discrepancy Details: Table 8-4 Discrepancy Details Field Description Type Name of the discrepancy. Severity Severity level of the discrepancy. Discrepancies are categorized according to their severity as low and high. First Found Date and time when the discrepancy was first discovered by Campus Manager. Description IP addresses of the devices which cause this discrepancy are displayed here. Detail Brief summary of the discrepancy.
8-34 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Viewing Discrepancy Reports Fixing Discrepancies This page displays information about the Discrepancy detected in the network and helps you fix it through appropriate commands. Table 8-5 describes the fields in the Discrepancy Details dialog box. Command Format Commands should be entered in the following format in the Fix column: [IP Address or Host Name] command1 command2 Table 8-5 Discrepancy Details Field Description Type Name of the discrepancy. Severity Severity level of the discrepancy. Discrepancies are categorized according to their severity as low and high. First Found Date and time when the discrepancy was first discovered by Campus Manager. Description IP Addresses of the devices which cause this discrepancy are displayed here. Detail Brief summary of the discrepancy. Recommended Fix If the discrepancy can be fixed through Campus Manager: A set of commands is displayed that will be used to resolve the discrepancy. You can edit the commands provided by Campus Manager, to suit your network requirements. Caution Make sure that you do valid changes to the commands. Campus Manager does not check the correctness of the commands, after you edit it. So, if the commands are incorrect, the results will be unpredictable. If the discrepancy cannot be fixed through Campus Manager: This field will be blank. You can enter commands to fix the discrepancy. See Command Format for details on the format to be used. Campus Manager uses the cwcli interface of Resource Manager Essentials (RME) to resolve discrepancies. For details on setting RME Credentials, see Setting RME Credentials
8-35 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Viewing Discrepancy Reports If the commands have to be run for more than one device: [IP Address1 or Host Name1] command1 command2 [IP Address2 or Host Name2] command1 command2 For example: [172.20.5.82] interface Gi49 speed auto [172.20.5.6] interface Gi2/1 speed auto Notes on Fixing Discrepancies For fixing Discrepancies, Campus Manager uses RME CiscoWorks CLI (CWCLI) framework. Set the following from Campus Manager to access the RME Server: RME Server Name RME Server Port RME Server Protocol User Name User Password For complete details on this, see Setting RME Credentials. While fixing Discrepancies through Campus Manager: Enter the correct RME Server Credentials If you enter the wrong RME server or IP Address or if the RME server is down, the fix fails. To overcome this, ping RME server from the Campus Manager server and ensure connectivity. Enter the correct port numbers for the selected protocols Port number for http is 1741 and for https is 443. The fix fails if you enter the wrong port numbers. Enter the valid RME username and password The fix fails when the username or password is incorrect. Enter valid SNMP credentials TFTP uses SNMP credentials for RME CWCLI. So ensure that correct SNMP read/write credentials are available while using TFTP as transport protocol in RME.
8-36 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Viewing Best Practices Deviations Reports Enter correct Device Credentials RME CWCLI updates the device configuration with the transport protocols configured in RME > Admin >Config Management >Transport Settings dialog box. To update the device configuration, RME uses the protocols in the available order. If the fix fails for one protocol, RME tries again with the next protocol according to the specified order. For the fix to succeed, ensure that the correct credentials are set for the devices. The credentials need to be configured in the CommonServices >Device and Credentials page. Ensure that the device on which the fix is applied is managed in RME. Check whether the device is managed in RME when you are fixing the Discrepancy on a remote RME Server. If the device is not managed in RME, the job is not created for that device and the fix fails. When RME job status shown Partially successful but fix fails: When either deploy or fetch configuration is successful, J ob Status in RME J obs/Archive Management is shown as Partial Success. However, the Fix status in Campus Manager is shown as fail. Fix is successful only when both deploy and fetch are successful. For example, when trying to deploy configuration with TFTP, the operation may be successful. However, fetching configuration may fail because of timeouts for the TFTP operation. This could happen if the configuration is large. In this case, select RME > Admin > System Preferences > RME device Attributes and increase TFTP Timeout in the dialog box. Viewing Best Practices Deviations Reports This section explains Understanding Best Practices Deviations Reports. To view Best Practices Deviations reports: Step 1 Go to the LMS Portal and select Campus Manager > Reports > Reports Generator. The Report Generator page appears. Step 2 Select Best Practices Deviations from the list of available reports. The Report Generator page has options to configure the report you want to view. Table 8-6 describes the options that you can configure to generate a Best Practices Deviations Report.
8-37 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Viewing Best Practices Deviations Reports Step 3 Click Submit to generate the Best Practices Deviations Report. The Best Practices Deviations report appears if you had set the Run Type to Immediate. For any other Run Type, the report is created as a job. For details on viewing, stopping, and deleting the scheduled report job, see Using the Reports J ob Browser You can click Reset to clear the values you entered. Table 8-6 Generating Best Practices Deviations Report Option Usage Notes Device Selector Click Selection to choose the device groups or devices for which you want Best Practices Deviations to be reported. A list of all the available System Defined Groups and User Defined groups, and devices appears. Check the checkbox next to the device group or a particular device for which you want Best Practice Deviations to be reported. Report Options Click Unacknowledged to view a report of the best practices deviations that are not acknowledged. Click Acknowledged to view a report of only the acknowledged best practices deviations. Click Both to view a report of both acknowledged and unacknowledged best practices deviations. Type Selector 1. Select the best practices deviations from Available Types, for which you want the report to be displayed. You can select multiple entries by pressing Ctrl or Shift while clicking. 2. Click Add. The selected best practices deviations are added to Selected Types. You can also double-click on a Best Practice Deviation from Available Types to add it to Selected Types. To remove a Best Practice Deviation from Selected Types, select the Best Practice Deviation and click Remove. Scheduling 1. Select the Run Type for the jobImmediate, Once, Daily, Weekly, Monthly. For jobs with Run Type anything other than Immediate, select the Date and Time for the job to run. The J ob Info and Date fields are disabled when you select Immediate as the Run Type for the job. J ob Info 1. Enter a description for the job in the Description field. The text you enter is displayed in the Campus Manager job browser. This is a mandatory field. 2. In the E-mail field, enter the e-mail ID to which you want the job completion status to be sent.
8-38 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Viewing Best Practices Deviations Reports Understanding Best Practices Deviations Reports This section explains: Viewing Details on Best Practices Deviations Fixing Best Practices Deviations The Best Practices Deviations Report is displayed in a tabular format. Table 8-7 describes the fields in this report. Table 8-7 Best Practices Deviations Report Field Description Acknowledge If you have launched: Unacknowledged Best Practise Deviations Report You can acknowledge Best Practise Deviations from this report. For details, see Acknowledging Best Practices Deviations. Acknowledged Best Practise Deviations Report You can unacknowledge Best Practise Deviations from this report. For details, see Unacknowledging Best Practices Deviations. Acknowledged and Unacknowledged Best Practise Deviations Report The Acknowledge column displays Yes for Acknowledged Best Practise Deviations and No for Unacknowledged Best Practise Deviations. Type Brief description of the Best Practice Deviation. Summary IP addresses of the devices which are affected by the Best Practice Deviation. Click the hyperlink to view more details on the Best Practice Deviation. For more information, see Viewing Details on Best Practices Deviations. Fix States if the Best Practice Deviation can be fixed through Campus Manager. A link is provided, clicking on which takes you to the Fix Page. For details on fixing Best Practice Deviation, see Fixing Best Practices Deviations. First Found Date and Time when the Best Practice Deviation was first discovered by Campus Manager. Remarks If a fix has been attempted on the Best Practice Deviation, it is shown here. The RME J ob ID for the Fix operation is also shown here.
8-39 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Viewing Best Practices Deviations Reports Acknowledging Best Practices Deviations You can acknowledge a Best Practice Deviation that you no longer want to see in the Best Practices Deviations Report. If you acknowledge it, it will no longer be available in the report. If you want the acknowledged best practice deviation to reappear in the Best Practice Deviation Report, you need to unacknowledge it. To acknowledge a Best Practice Deviation: Step 1 Check the checkbox in the Acknowledge column corresponding to the Best Practice Deviation. Step 2 Click Acknowledge. The Best Practice Deviation is not shown in the report, the next time you generate it. Unacknowledging Best Practices Deviations If you want the acknowledged Best Practise Deviations to reappear in the Best Practise Deviations Report, you need to unacknowledge it. To unacknowledge a Best Practise Deviation: Step 1 In the report, check the checkbox corresponding to the Best Practise Deviation. Step 2 Click UnAcknowledge. The unacknowledged Best Practise Deviation appears in the report, the next time you generate it. Viewing Details on Best Practices Deviations To get detailed information on a Best Practice Deviation, click the hyperlink in the summary column of the Best Practices Deviations Report. The Best Practices Deviations Details dialog box appears. Table 8-8 displays the following details: Table 8-8 Best Practices Deviations Details Field Description Type Name of the Best Practice Deviation. First Found Date and time when the Best Practice Deviation was first discovered by Campus Manager. Description IP addresses of the devices which cause this Best Practice Deviation. Detail Brief summary of the Best Practice Deviation.
8-40 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Viewing Best Practices Deviations Reports Fixing Best Practices Deviations This page displays information about the Best Practice Deviation detected in the network and helps you fix it through appropriate commands. Table 8-9 explains the Best Practice Deviation Details: Command Format Commands should be entered in the following format in the Fix column: [IP Address or Host Name] command1 command2 Table 8-9 Best Practices Deviations Details Field Description Type Name of the Best Practice Deviation. First Found Date and time when the Best Practice Deviation was first discovered by Campus Manager. Description IP addresses of the devices which cause this Best Practice Deviation. Detail Brief summary of the Best Practice Deviation. Recommended Fix If the Best Practice Deviation can be fixed through Campus Manager: A set of commands is displayed here that will be used to resolve the Best Practice Deviation. You can edit the commands provided by Campus Manager, to suit your network requirements. Caution Make sure that you do valid changes to the commands. Campus Manager does not check the correctness of the commands, after you edit it. So, if the commands are incorrect, the results will be unpredictable. If the Best Practice Deviation cannot be fixed through Campus Manager: This field will be blank. You can enter commands to fix the Best Practice Deviation. See Command Format for details on the format to be used. Campus Manager uses the cwcli interface of Resource Manager Essentials (RME) to resolve Best Practice Deviations. For details on setting RME Credentials, see Setting RME Credentials
8-41 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Viewing Best Practices Deviations Reports If the commands have to be run for more than one device: [IP Address1 or Host Name1] command1 command2 [IP Address2 or Host Name2] command1 command2 Example: [10.77.209.131] interface Fa0/1 no cdp enable interface Fa0/2 no cdp enable [cfm-sw1] interface Fa0/2 no cdp enable interface Fa0/3 no cdp enable Notes on Fixing Best Practices Deviation For fixing Best Practices Deviations, Campus Manager uses RME CiscoWorks CLI (CWCLI) framework. Set the following from Campus Manager, to access the RME Server: RME Server Name RME Server Port RME Server Protocol User Name User Password For complete details, see Setting RME Credentials. While fixing Best Practise Deviations through Campus Manager: Enter the correct RME Server Credentials If you enter the wrong RME server or IP Address or if the RME server is down, the fix fails. To overcome this, ping RME server from the Campus Manager server and ensure connectivity. Enter the correct port numbers for the selected protocols Port number for http is 1741 and for https is 443. The fix fails if you enter the wrong port numbers.
8-42 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Customizing Discrepancies Reporting and Syslog Generation Enter the valid RME username and password The fix fails when the username or password is incorrect. Enter valid SNMP credentials TFTP uses SNMP credentials for RME CWCLI. So ensure that correct SNMP read/write credentials are available while using TFTP as transport protocol in RME. Enter correct Device Credentials RME CWCLI updates the device configuration with the transport protocols configured in RME > Admin >Config Management >Transport Settings. To update the device configuration, RME uses the protocols in the available order. If the fix fails for one protocol, RME tries again with the next protocol according to the specified order. For the fix to succeed, ensure that the correct credentials are set for the devices. Select CommonServices >Device and Credentials and configure the credentials in the page. Ensure that the device on which the fix is applied is managed in RME. Check whether the device is managed in RME when you are fixing the Best Practice Deviation on a remote RME Server. If the device is not managed in RME, the job is not created for that device and the fix fails. When RME job status is shown as Partially successful but fix fails: When either Deploy or Fetch Configuration is successful, J ob Status in RME J obs/Archive Management is shown as Partial Success. But the Fix status in Campus Manager is shown as fail. Fix is successful only when both Deploy and Fetch are successful. For example, when trying to deploy configuration with TFTP, the operation may be successful. However, fetching configuration may fail because of timeouts for the TFTP operation. This could happen if the configuration is large. In this case, increase TFTP Timeout in RME > Admin > System Preferences > RME device Attributes. Customizing Discrepancies Reporting and Syslog Generation You can customize the Discrepancies Report and Best Practices Deviations Report to display only those discrepancies and Best Practice Deviations about which you want to be notified. To customize the reports: Step 1 Select Campus anager > Administration > Discrepancies, from the LMS Portal. Alternatively, if you are in Campus Manager Administration page, click Other Admin Settings and choose Discrepancies from the Table of Contents (TOC). The discrepancies page appears. You can view the list of Network discrepancies, and Discrepancies configured to send Syslog messages by clicking the corresponding View Details link. Step 2 Click Configure.
8-43 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Customizing Discrepancies Reporting and Syslog Generation The Configuring Discrepancies dialog box appears. To include a Discrepancy or Best Practice Deviation in the Reports, check the checkbox next to it. Checking all the checkboxes results in a report displaying all discrepancies and Best Practice Deviations in the network. To exclude a Discrepancy or Best Practice Deviation from the Reports, uncheck the corresponding checkbox. Step 3 Generate Syslog messages for the selected Discrepancies and Best Practice Deviations. To do this, check Configure Syslog and click Next. A list of the selected Discrepancies and Best Practice Deviations appears. Step 4 Check Send Syslogs and enter the name of the server in the Syslog Server field. Step 5 Select the Discrepancies and Best Practice Deviations for which you want to generate Syslog messages and click Next. A summary of the selected Discrepancies and Best Practice Deviations appears. Step 6 Click Finish. You can use the filters to display discrepancy reports for specific devices, link or network types. This makes it easy to find a particular discrepancy for a particular type. You can use more than one filter at the same time, but results will vary. If you select more than one filter in the same top-level category, Boolean OR is used. For example, if you select Duplex, Speed under Link, any link or port that fulfils at least one filter criteria will be displayed in the report. If you select more than one filter from different top-level categories, Boolean AND is used. For example, if you select both a Link type and a Port type filter from the discrepancy filter, any link that fulfils both filter criteria will appear in the report.
8-44 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 8 Discrepancies and Best Practices Deviations Customizing Discrepancies Reporting and Syslog Generation C H A P T E R
9-1 User Guide for Campus Manager 5.2 OL-18011-01 9 Using Topology Services Topology Services is an application that enables you to view and monitor your network including the links and the ports of each link. Topology Services displays the network topology of the devices discovered by Campus Manager through the Topology Maps. Besides these Maps, the application includes numerous reports that helps you to view the physical and logical connectivity in details. Note For information on launching Topology Services from Solaris client, see Launching Topology Services from Solaris Client. If the CiscoWorks server is not DNS resolvable from the client, see Launching Topology Services when the Server is not DNS Resolvable. This chapter contains: Understanding Topology Services Starting Topology Services Using Topology Services Legend Understanding Topology Services Main Window Using Topology Services Main Window Understanding Network Topology Views Using Network Views Using Topology Filters Using Find in Network Topology Views Understanding Summary View Upgrading Network Topology Views N-Hop View Portlet Using Microsoft Visio With Topology Views Working With Links Time Domain Reflectometry Reports Working With Devices Displaying Campus Reports Monitoring Protocol Filter by Port Viewing Data Collection Metrics
9-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Understanding Topology Services Topology Groups Topology Services Menu Reference Supported Protocols Understanding Topology Services You can use Topology Services to: View detailed network information about all devices (see Working With Devices), links (see Working With Links), and ports (see Displaying Port Attributes) in your network. Display the physical and logical services in your network. See Understanding Network Topology Views. Open network management tools from the network views. See Using VLANs. Segment your network logically and manage workgroups that use VLANs. View port, device, and trunk attributes; view and find port information in a VTP domain; and configure VLANs on a trunk. Display reports about inconsistencies or misconfigurations in your physical or logical network setup. Configure and manage Etherchannel and Trunk links between devices. Configure and Visualize Spanning Tree Protocol. Configure and manage IVR. Run TDR test between devices. Cross-launching CiscoWorks Applications from Topology Services The following Cisco Works applications can be launched from Topology Services: Resource Manager Essentials Device Fault Manager Virtual Network Manager Internetwork Performance Monitor CiscoWorks Assistant Health and Utilization Monitor For complete details, see Starting CiscoWorks Applications From Topology Views. This topic contains: Navigating in Main Window Using Network Views Working With Links
9-3 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Starting Topology Services Starting Topology Services Select Campus Manager > Visualization > Topology Services from the LMS Portal. You must install the J ava plug-in to access Topology Services from a client. If you are prompted to install the J ava plug-in, download and install it using the installation screens. The next time you start the application, it automatically uses the plug-in. For more information on the J ava Plug-in, see User Guide for CiscoWorks Common Services. While launching Topology Services, if the daemon is down or the ANIServer process is terminated. For daemon: Check whether the daemon is up and running by entering pdshow at the command prompt. You can restart the daemon by entering: For Windows: net start crmdmgtd. For Solaris: /etc/init.d/dmgtd For ANIServer: Check whether the ANIServer process is up and running by entering pdshow ANIServer at the command prompt. If the process is down, restart ANIServer by entering pdexec ANIServer at the command prompt and try again. Step 1 Verify that your network is set up properly. Step 2 Verify that the Campus Manager Server is set up properly and running. For information about the Campus Manager Server, see Campus Manager Applications This section contains the following: Prerequisites to Launch Topology Services Launching Topology Services when the Server is not DNS Resolvable Launching Topology Services from Windows Client Launching Topology Services from Solaris Client Prerequisites to Launch Topology Services To access Campus Manager Topology Services, we recommend that you install J ava Plug-in version 1.6.0_11. If the client machine is installed with the J RE Update version equal to or higher than the recommended version, then Topology Services is launched in the client machine. If the client machine is installed with an Update version equal to or higher than the recommended J RE version (1.6.0_11), then Topology Services will be launched only if either one of two versions is selected. If the user selects the recommended J RE as well as the higher Update version of J RE, Topology Services will be launched with the higher Update version of J RE. For example, CM 5.2 requires J RE 1.6.0_11 to launch Topology Services. If the client machine is installed with an Update version higher than J RE 1.6.0_11, say 1.6.0_12, and user selects J RE 1.6.0_12, then Topology Services is launched with J RE 1.6.0_12.
9-4 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Starting Topology Services Launching Topology Services when the Server is not DNS Resolvable The CiscoWorks client must be able to resolve the hostname of the CiscoWorks server to server's IP Address, through DNS. If the CiscoWorks server is not DNS resolvable, CiscoWorks client can access it with the IP address itself, by performing the following steps: Step 1 Open the orb.properties file Solaris: NMSROOT/lib/classpath Windows: NMSROOT\lib\classpath where NMSROOT is the directory where you have installed CiscoWorks. Step 2 Set the property as follows: jacorb.dns.enable=off Step 3 Go to Common Services > Server > Security Single-Server Management > Certificate Setup. The Certificate Setup page appears. Step 4 Enter the IP Address of the CiscoWorks Server in the Hostname textbox. Step 5 Populate the other columns as explained in the Common Services help. Step 6 Click Apply to generate the self-signed certificate. Step 7 Restart the daemons, as explained in Using Daemon Manager. You will be able to launch Topology Services with the IP address itself. Launching Topology Services from Windows Client In LMS 3.1, Visibroker is migrated to J acORB. While launching Topology Services, check whether the hostname is DNS resolvable or edit the hosts file in the Windows client. If the mapping is not available, you need to edit the hosts file by adding the IP Address details for the LMS Server in the following format: IPAddress Hostname The Hostname entry can be of the form hostname, example You can access the hosts file in the Windows client from the following location: %SYSTEMROOT%\system32\drivers\etc To launch the Topology Service from Windows Vista client, do the following: Step 1 Disable UAC when you download the jar files for the first time. Step 2 Launch the Topology Service. If you are unable to launch the Topology Service, go to Step 3. Step 3 Manually copy the jacorb-sign-1-3.jar, avalon-framework-4.1.5-sign-1-3.jar and logkit-1.2-sign-1-3.jar files from the location NMSROOT/campus/www/classpath in LMS server to J RE installed directory \lib\endorsed. Step 4 Assign full control permission to jre/lib folder.
9-5 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Services Legend Launching Topology Services from Solaris Client The Topology_Services.jnlp file has to be associated with the correct J ava application for Topology services to launch properly. You need to associate the jnlp file only once, when you access Topology Services for the first time. While launching Topology Services, check whether the hostname is DNS resolvable or edit the hosts file in the Solaris client. You can access the hosts file in the Solaris client from the following location: /etc If the mapping is not available, you need to edit the hosts file by adding the IP Address details for the LMS Server in the following format: IPAddress Hostname To associate the jnlp file with the correct J ava application: Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. A pop up window is displayed, prompting you to save or cancel the Topology_Services.jnlp file. Step 2 Click Save. Step 3 Go to the folder where you saved the file, right click and choose Open with. A pop up window is displayed. Step 4 Click Go here. Another pop up window is displayed. Step 5 Click Browse and locate the jre folder. For example, if your J ava plugin version is jre1.6.0_05, the directory can be /usr/java/jre1.6.0_05/bin Step 6 Associate the file with javaws, by choosing javaws from the above path. Step 7 Click Apply and close the pop up window. Step 8 Click on the Topology_Services.jnlp file to launch Topology services. Using Topology Services Legend The Topology Services Legend explains the use of icons and colors in network views. You can refer the Legend to identify devices in your network and their status. The Legend includes all manageable devices, including devices that might be in your network. Color indicators described in the Legend enable you to quickly determine the status of your network. To display the Legend: Step 1 Select Campus Manager > Visualization > Topology Services. The Topology Services Main Window appears. Step 2 Select Help > Legend from the menu. The Campus Manager Color and Icon Legend window opens. For details, see Table 9-1. Step 3 Click Close to close the window.
9-6 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Services Legend Table 9-1 Color and Icon Legend Symbol Description Icons Ethernet VLAN Filter On FDDI Ring Link Port Network Topology View (Topology Map) Switch Port Router Serial Bus Switch Switch Cloud Virtual Switching System (VSS)
9-7 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Services Legend Unknown VLAN WAN Switch Embedded Router Embedded Switch Embedded SBC End Station Integrated Communications System Layer 2 and Layer 3 Switch Router Application Server Hub Switch Probe Voice Gateway Table 9-1 Color and Icon Legend (continued) Symbol Description
9-8 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Services Legend Access Point Optical Services Router Cisco ONS Series Device Content Engine Content Server Switch DSL Switch Switch Stack Storage Switch Add Row Campus Manager Server Unknown Campus Manager Server Idle or Running Restricted Topology View Table 9-1 Color and Icon Legend (continued) Symbol Description
9-9 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Services Legend Broadband Router Cisco CallManager Cluster Commander Switch Device Navigate Down Link in Forwarding State Link in Blocking State Isolated VLAN Community VLAN Two-way Community VLAN Closed Folder Domain Folder Table 9-1 Color and Icon Legend (continued) Symbol Description
9-10 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Services Legend Open Folder Layer Map Route Switch Module (RSM) Switch Display All Rows Begin Stop Tree Unknown Device Zoom to Fit Icon Colors Major Fault (red) 1 OK (green) Links Active (black) Table 9-1 Color and Icon Legend (continued) Symbol Description
9-11 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Services Legend Table 9-2 lists the special scenarios for Layer 2/Layer 3 Switch Routers. For example, the switch is running Catalyst operating system and the router is an RSM or MSFC module, and if either the switch or the router is unreachable the topology map displays the icon as: Inactive (red) Not in network (red dashes) Unknown (blue) Link virtualization status as black link displays that both the interfaces connecting devices are a part of VRF Link virtualization status as cyan link displays only one interface is a part of VRF Link virtualization status as grey link displays no interface is a part of VRF 1. Device is not reachable using SNMP or the device is down. Table 9-1 Color and Icon Legend (continued) Symbol Description Table 9-2 Icons for Discrepancies of Layer 2/Layer 3 Switch Router Symbol Description Router is reachable, but switch is unreachable using SNMP. Router is unreachable using SNMP, but switch is reachable.
9-12 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Understanding Topology Services Main Window Understanding Topology Services Main Window You can access the LAN Edge, Layer 2, and Unconnected Devices network views of managed domains discovered in your network, and you can filter, access, or view network information or status. For more information, see Table 9-3. Table 9-3 Topology Services Main Window Components Item Description Usage Note Menu Contains Topology Services commands. See Topology Services Main Window Menu Reference for more information. Toolbar Provides quick access to frequently used menu options. To show or hide the toolbar, select View >Show Toolbar. Tree View Access the LAN Edge, Layer 2, and Unconnected Devices network views of managed domains. Right-click items that you want to display, and select View >Display View to display network views. Single-click items to display summary information in the Summary View. Summary View Displays configuration information about the items displayed in the Tree View. Click and drag column headings to change the order in which they appear. Status Bar Displays Topology Services system messages on the left and the Status button on the right. Click the color-coded Status button to open Campus Manager Server Status Information window. In this window you can view Data Collection status.
9-13 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Understanding Topology Services Main Window Understanding Tree View The Tree View displays the discovered network objects in a hierarchical list. This list includes managed domains and available network views. Table 9-4 Understanding Tree View Folder Item Description Domains VTP Domains Displays and monitors the details of the VLANs in your network. Sometimes includes special cases labeled NULL or NO_VTP. NULL Lists devices that are in transparent mode and that support VTP, but that do not have configured domain names. Each of these devices is identified in the list by its IP address. NO_VTPLists devices that do not support VTP. Each of these devices is identified in the list by its IP address. However, devices that do not support VTP but support VLANs (for example, Catalyst 2900XL Standard Edition switches) will be placed in the NO_VTP domain. Devices that do not support VLANs and VTP (for example, Catalyst 1900 Standard Edition switches) will be placed in the domain category of the neighbor device. Network Views LAN Edge View Shows network connectivity between Layer 3 devices that have routing characteristics. Devices without Layer 3 connectivity are displayed in switch cloud network views. Layer 2 View Displays Layer 2 information about your network, including LAN switches, routers, multilayer switching devices, hubs, and switch probes. Unconnected Devices View Displays devices for which connectivity information could not be obtained. VTP Views Displays devices that are participating in VTP domains, and their neighbors. Topology Groups System Defined Groups Displays a top-level container for standard groups that are accessible to and used by most Campus Manager users. This also includes a set of predefined groups. User Defined Groups Displays a top-level container where individual Campus Manager users create their own groups.
9-14 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Services Main Window Using Topology Services Main Window You can use Topology Services Main Window for displaying the discovered VTP domains, VLANs, and access the LAN Edge view, Layer 2 view, and the Unconnected Devices view. The topic contains: Navigating in Main Window Understanding the Status Bar Using Find in Main Window Navigating in Main Window You can display VTP domains and VLANs from the Main Window. You can also access the LAN Edge, Layer 2, and Unconnected Devices network views of managed domains discovered in your network, and you can filter, access, or view network information or status. Figure 9-1 displays the Topology Services Main Window. Figure 9-1 Topology Services Main Window
9-15 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Services Main Window Table 9-5 describes the areas in the Topology Services Main Window. 1 Menu 3 Topology Tree View 2 Toolbar 4 Device Summary View Table 9-5 Using Main Window Item Description Usage Notes Menu Contains Topology Services commands. See Topology Services Main Window Menu Reference for more information. Toolbar Provides quick access to frequently used menu options. To show or hide the toolbar, select View > Show Toolbar. Tree View Displays discovered VTP domains and VLANs. Access the LAN Edge, Layer 2, and Unconnected Devices network views of managed domains. Right-click items that you want to display, and select View >Display View to display network views. Single-click items to display summary information in the Summary View. Summary View Displays configuration information about the items displayed in the Tree View. Click and drag column headings to change the order in which they appear. Status Bar Displays Topology Services system messages on the left and the Status button on the right. Click the color-coded Status button to view status. This dialog box displays the Data Collection status. It also displays the time at which the most recent Data Collection was completed.
9-16 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Services Main Window Understanding the Status Bar The status bar displays information about the current status of the Topology Services application, and includes a button that you can click to view the current network Data Collection statistics. Figure 9-2 describes sections of the Status Bar. Figure 9-2 Status Bar Table 9-6 describes different parts of a Status Bar. 1 Topology filter results 4 Topology map results 2 Discovery status button 5 Topology map status 3 Restricted View Icon Table 9-6 Status Bar Field Descriptions Field Description Topology Services Messages about the status of Topology Services appear on the left side of the status bar. These messages typically are displayed at the start and end of a task that is performed within Topology Services. Discovery Status A color-coded Data Collection Server status message appears in a button on the right side of the status bar: GreenDenotes that Topology Services is able to communicate with the Data Collection Server. The status message is either Running, denoting that one or more discovery processes in the Data Collection server are in discovery; or Idle, denoting that there are no discoveries currently active in the Data Collection Server. RedDenotes that the Data Collection Server is down or unreachable. In this case, the status message is Unknown. Click this button to open the Discovery Information window. This window displays detailed information on all Discovery processes. Restricted View A lock icon appears when Campus Manager is integrated with ACS Server and Topology is set to display only authorized devices. For details, see Restricted Topology View.
9-17 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Understanding Network Topology Views Using Find in Main Window You can use Find to locate specific items in your network. Your search is restricted to either the Tree View or Summary View. You cannot search both views simultaneously in Topology Services. Select the view based on the item you want to locate. To use the Find option in the Main Window: Step 1 Select Edit > Find from the menu. Step 2 Enter the required information as described in the Main Window Find Field Descriptions table. Step 3 Click Next to find items that match your search criteria. Select Edit > Find Next to quickly repeat your last search. Understanding Network Topology Views A Network View is a graphical representation of the devices in your network. You can use Network Views to see different aspects of your network. Only devices and links discovered in your network are displayed. While you use Topology Services, the listed devices and links change dynamically to display what the Campus Manager Server discovers in your network. Network Views provide various abstract views of your network. Table 9-3 describes the Network Topology window components. You can use Network Views to see different aspects of your network. Only devices and links discovered in your network are displayed in topology maps. As you use Network Topology Views, the listed devices and links change dynamically to display devices and links that Data Collection detects in your network. Table 9-7 Main Window Find Field Description Field Description Usage Notes Search For Enter the search string Search by any string, partial or complete. Search In Select either of these views: Tree View Summary View The Find function searches only the selected item in the specified view, and those items that appear below your selection in the view. To search an entire view, you must select the first (top) item in that view. Options Select from these options: Ignore Case Exact Match Ignore CaseSelect this option to allow matches in any case. Exact MatchSelect this option to find entries that match the search string exactly.
9-18 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Understanding Network Topology Views Table 9-8 provides a list of functions that you can perform in Network Topology Views. This topic contains: Navigating in Network Topology Views Connecting Securely to Devices From Clients Displaying Network Views Navigating in Network Topology Views You can use Network Topology Views to see different aspects of your network. Only devices and links discovered in your network are displayed in network views. As you use network views, devices and links change dynamically to display changes that the Campus Manager Server discovers in your network. See Table 9-9: Table 9-8 Using Network Topology Views Function Description Displaying Network Views Access and display network views Changing Network Topology View Layouts Displays logical and physical services in your network Working With Links Displays information about the links between discovered devices Working With Application Servers Displays and access application servers in your network Displaying Port Attributes Displays information about the status of device ports in your network Displaying Aggregate Link Attributes Displays information about any aggregate links that you have created in your network Displaying Service Attributes Displays information about the available services in your network Customizing Network Topology Views Modifies network views to suit your individual network management needs Using Topology Filters Use filters or the Find function to locate specific devices, or specific kinds of devices Table 9-9 Network Topology View Features Item Description Usage Notes Menu Contains Topology Services commands. See Network Topology View Menu Reference for more information. Toolbar Provides quick access to frequently used menu options. To show or hide the toolbar, select View >Show Toolbar.
9-19 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Understanding Network Topology Views Figure 9-3 Network Topology View Topology Filters Allows you to filter and display devices and links. Filter device types, LANE components, link types, and discrepancies in your network. For more details on filters, see Using Topology Filters. Status Bar Displays Topology Services system messages on the left and the Discovery Status button on the right. This window displays Data Collection status. Click the color-coded Status to view the Data Collection statistics. 1 Menu 3 Topology Filters 2 Toolbar 4 Topology Map Table 9-9 Network Topology View Features (continued) Item Description Usage Notes
9-20 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Understanding Network Topology Views Connecting Securely to Devices From Clients You can connect securely to a device using SSH. To connect to a device from a client, Microsoft Windows clients must perform the SSH executable configuration. Solaris clients must use the default SSH client provided by the operating system. To connect to the devices securely: For Microsoft Windows Clients For Solaris Clients For Microsoft Windows Clients This section describes how to connect to the devices from Microsoft Windows clients. To specify the SSH Client You must provide the location of the SSH client executable in the appropriate property file. To connect to the device To specify the SSH Client Step 1 Create a file named campusmgr.properties. The SSH Client is the default connection type. If you select Putty as Client a. Choose SSH as the Connection Type b. Select Default Settings from the Saved Sessions list c. Click Save to save the default settings. To verify whether the default settings have been applied, close Putty and relaunch it Step 2 Write the following property in the file: CMSSH=SSH executable file name For example, If you are using Secure Shell: CMSSH=C:\\Progra~1\\SSHCOM~1\\SSHSEC~1\\ssh2.exe If you are using Putty: CMSSH=C:\\PROGRA~1\\putty\\putty.exe Step 3 Save the file in your home directory. For example, your home directory can be D:\Documents and Settings\admin.
9-21 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Understanding Network Topology Views To connect to the device Step 1 Select Campus Manager > Visualization > Topology Services. Step 2 Go to a Network Topology View and right-click a device icon, and select SSH from the popup menu Or Go to a Summary View and right-click a device entry, and select SSH from the popup menu. The SSH dialog box opens. Step 3 Enter the username in the User Name field. Step 4 Click OK to connect or click Cancel to disconnect. An SSH terminal window opens. For Solaris Clients This section describes how to connect to the devices from Solaris clients. To specify the SSH Client You must provide the location of the SSH client executable in the appropriate property file. To connect to the device To specify the SSH Client Step 1 Create a file named campusmgr.properties. Step 2 Write the following property in the file: CMSSH=SSH executable file name For example, If you are using Secure Shell: CMSSH=/usr/bin/ssh/ssh2.exe Step 3 Save the file in your home directory. For example, if your username is maria, your home directory will be /home/maria. To connect to the device Step 1 Right-click a device icon from a Network Topology View, and select SSH from the popup menu Or Right-click a device entry from a summary view, and select SSH from the popup menu. The SSH dialog box opens. Step 2 Enter the username in the User Name field. Step 3 Click OK to connect or click Cancel to disconnect. An SSH terminal window opens. .
9-22 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Understanding Network Topology Views Displaying Network Views A Network Topology View is a graphical representation of the devices in your network. To access and display several network and domain views: Step 1 Right-click a network view from the Tree View in the Topology Services Main Window. A popup menu appears. Step 2 Select Display View. The Network Topology window opens, displaying the specified network or domain view. See Table 9-9 for more information. Using Panner to View Topology Maps Figure 9-4 Panning the Topology Map 1 Menu 4 Topology Map 2 Toolbar 5 Navigator 3 Topology Filter 6 Panner Window
9-23 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Using Network Views You can select a network view from the Tree View to display different segments of your network in a Network Topology window. See Table 9-10 for a list of functions you can perform in Network Topology views. Table 9-10 Network View Item Descriptions Item Description Usage Notes LAN Edge View Shows network connectivity between Layer 3 devices that have routing characteristics. Devices without Layer 3 connectivity are placed in Switch Cloud network views. View: Device Attributes IPv6 Addresses. See Understanding IPv6 Support in Campus Manager Port Attributes. See Displaying Port Attributes Change Management IP Configure Inter-VLAN Routing Link Attributes Virtual Network Manager Aggregate Link Attributes Delete Links Switch Cloud View Displays the Layer 2 devices between two Layer 3 devices in your network. View: Device Attributes IPv6 Addresses Port Attributes Service Attributes Change Management IP Configure Inter-VLAN Routing VLAN Report Link Attributes Configure EtherChannel Create Trunk Virtual Network Manager Trunk Attributes TDR Report
9-24 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Layer 2 View Displays the Layer 2 information about your network, including LAN switches, routers, MLS devices, hubs, and switch probes. View: Device Attributes. See Displaying Device Attributes IPv6 Addresses Port Attributes. See Displaying Port Attributes. Service Attributes Change Management IP Configure Inter-VLAN Routing VLAN Report Link Attributes Configure EtherChannel Create Trunk Virtual Network Manager Trunk Attributes TDR Report End Host Report Switch Port Report Unconnected Devices View Displays devices for which connectivity information could not be obtained, including devices not supported by Topology Services. View: Device Attributes IPv6 Addresses Port Attributes VLAN Report Virtual Network Manager Change Management IP Configure Inter-VLAN Routing Link Attributes Table 9-10 Network View Item Descriptions (continued) Item Description Usage Notes
9-25 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views For complete details on launching other LMS applications, see Starting CiscoWorks Applications From Topology Views. This topic contains: Customizing Network Topology Views Changing Network Topology View Layouts Starting CiscoWorks Applications From Topology Views Modifying Network View Features Customizing Network Topology Views You can modify the Network Topology Views to change the location of device icons or links, save Network Topology Views, and remove devices from the Network Topology View. This section contains: Saving Network Topology View Layouts You can customize Network Topology Views by rearranging and dragging devices and links to different locations on the view. This allows multiple users to customize the way the Network Topology Views appear. To do this: Step 1 Make any changes you want to the Network Topology View. Step 2 Select File > Save Layout. VTP Views Shows the devices that are participating in VTP domains. VTP Views also shows the non-VTP devices connected directly to the VTP domain. View: Device Attributes Port Attributes Service Attributes VLAN Report Change Management IP Configure Inter-VLAN Routing Link Attributes Configure EtherChannel Create Trunk Virtual Network Manager Trunk Attributes TDR Report Table 9-10 Network View Item Descriptions (continued) Item Description Usage Notes
9-26 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Deleting Devices From Network View To delete devices from any Network Topology View. Step 1 Select the device you want to delete from the Network Topology View. Step 2 Select Edit > Delete Devices. This step only removes the device from the Campus Manager Server database. If the device still exists in your network and is discoverable by the Campus Manager Server, it reappears during the next Data Collection. If devices that you do not want displayed in Topology Services continue to reappear on the Network Topology View, go to Admin > Data Collection > Device Management > Exclude Devices and manually delete the device. This permanently deletes the device from Campus Manager. Changing Network Topology View Layouts To change the layout for each Network Topology View. Step 1 Go to a Network Topology View window and select View > Relayout. Step 2 Select a layout style. See Table 9-11. Starting CiscoWorks Applications From Topology Views This section contains: Launching RME from Topology Map Launching DFM from Topology Map Launching DFM Alert Reports Launching CiscoWorks Assistant from Topology Map Launching Internetwork Performance Monitor from Topology Map Table 9-11 Layout Style Style Description Circular Arranges devices in a circular pattern, resizes devices to fit in viewable area. Hierarchical Arranges devices in a hierarchical pattern, resizes devices to fit in viewable area. Symmetric Arranges devices in a compact pattern, resizes devices to fit in viewable area. Orthogonal Arranges devices in an angular pattern. Each link bends at right angles. Individual devices resize to show each link.
9-27 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Launching HUM from Topology Map Launching VNM from Topology Map Edge VLAN Configuration at Distribution Layer Edge VLAN Configuration at Access Layer with Trunk You can start some of the applications of CiscoWorks LAN Management Solution, from Topology maps. This section also instructs you on Modifying DFM Alert Settings. Table 9-12 gives the list of applications that can be launched: Table 9-12 Applications Invoked from Topology Maps Product Application Description Resource Manager Essentials (RME) NetConfig Enables you to make configuration changes to all RME supported network devices SWIM Software Management automates the steps associated with upgrade planning, scheduling, downloading software images, and monitoring your network. Device Fault Manager (DFM) DFM Fault History Report Fault History provides the history of DFM events and alerts. Show DFM Alerts Launches the DFM report. This report displays information on the alerts and events that are associated with the device.
9-28 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Virtual Network Manager Create VRF (Virtual Routing and Forwarding). VNM enables you to create VRF on the devices and interfaces in an Enterprise network. For more information on creating VRF, see Configuring VRF. Edit VRF Enables you to edit the VRF details configured on devices. For more information, see Editing VRF. Extend VRF Enables you to extend the VRF functionality to neighboring devices and interfaces. For more information, see Extending VRF. Edge VLAN Configuration Enables you to assign edge VLANs to a VRF instance. For more information, see Edge VLAN Configuration Troubleshooting. For more information on Troubleshooting, see Troubleshooting. Enables you to troubleshoot the end-to-end connectivity of devices participating in a VRF. You can troubleshoot using: Ping VRF. For more information on Ping, see Ping or Traceroute. Traceroute VRF. For more information on Ping, see Ping or Traceroute. Show Command VRF. For more information on Show Results, see Show Results. Software Upgrade Enables you to upgrade the software of the device to enhance its capability to participate in a VRF. Create VLAN Enables you to create VLAN for selected devices. For more information, see Configuring VLANs. CWA CiscoWorks Assistant CiscoWorks Assistant is a web-based tool that provides workflows to help you to overcome network management and software deployment challenges. CiscoWorks Assistant workflows contain functionalities that are available across LMS applications. These functionalities are grouped logically to setup and configure the LMS server. This helps you troubleshoot your network devices. Table 9-12 Applications Invoked from Topology Maps Product Application Description
9-29 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Note You can launch RME, DFM, CWA, IPM and HUM from Topology maps even if they are installed on different CiscoWorks servers, in a Master Slave setup. Launching RME from Topology Map Step 1 Select a device in the Layer 2 View. Step 2 Right click on the device and select Resource Manager Essentials. Step 3 Select either Software Management or NetConfig report. Resource Manager Essentials is launched. HUM Health and Utilization Monitor CiscoWorks HUM is a software application that allows the network administrator to monitor the health and utilization of devices connected to the network. HUM monitors the device for performance parameters such as CPU utilization, memory utilization, interface utilization, interface availability, device availability and so on. HUM does this by querying the device through Simple Network Management Protocol (SNMP). IPM Internetwork Performance Monitor Internetwork Performance Monitor (IPM) is a network management application that allows you to monitor the performance of multi-protocol networks. IPM monitors the network performance by configuring collectors on IP SLA (IP Service Level Agreement) capable source devices (routers) and collects the performance-related statistics from these devices. You can launch the following IPM workflows from Topology Services: Creating Colletors Showing Collectors Table 9-12 Applications Invoked from Topology Maps Product Application Description
9-30 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Launching DFM from Topology Map Step 1 Select a device in the Layer 2 View. Step 2 Right click on the device and select Device Fault Manager. Step 3 Select either Fault History Report or Show DFM Alert. Device Fault Manager is launched. For more details see, User Guide for Device Fault Manager. Launching DFM Alert Reports Step 1 Select a device in the Layer 2 View. Step 2 Right click on the device and select Show DFM Alert. Note You can launch DFM Alert reports, even if Campus Manager and Device Fault Manager are installed on different CiscoWorks servers, in a Master Slave setup. From N-Hop View Portlet, you can right click on any device and then click Show DFM Alert, to the see the alert associated with the device. When DFM information is polled and displayed in Topology Maps, and if an alert is associated with a device, you can see the following icons, displayed along with the devices: For more details see, User Guide for Device Fault Manager. Icon Indication Critical Warning Informational
9-31 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Launching CiscoWorks Assistant from Topology Map Step 1 Select any device and right-click. Step 2 Select Troubleshoot. The Device Troubleshooting Report page is launched. This page gives various details about the device. In case of devices that are down, the details in this page helps you to analyze why the device is unreachable. For more details, seeUser Guide for CiscoWorks Assistant. Launching Internetwork Performance Monitor from Topology Map Step 1 Select any device and right-click. Step 2 Select either: Create Collector Select Internetwork Performance Monitor> Create Collector to create Collectors page. You can create new collectors for the device. Or Show Collector Select Internetwork Performance Monitor> Show Collector to view the list of collectors associated with the device. You can create collectors only on devices that are IPSLA capable. For more details, seeUser Guide for Internetwork Performance Monitor. Launching HUM from Topology Map To launch HUM from the Topology map, select: Any device from the map and right-click and Select Device Dashboard. The Device Dashboard report is launched, that provides performance details for the device. Or Any link from the Topology map and right-click and Select Interface Report. The Interface Report for that particular link is launched, displaying the data for the last one hour. For complete details on the report, see User Guide for Health and Utilization Monitor.
9-32 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Launching VNM from Topology Map Step 1 Select any device from the map and right-click. You can select multiple devices. To select multiple devices, press Ctrl. Step 2 Select any of the following: Virtual Network Manager > Create VRF The Create VRF page with the selected devices is launched. You can create VRF on the selected device. Virtual Network Manager > Edit VRF The Edit VRF page appears with the selected devices and corresponding VRF details. You can Edit VRF on the selected device. Virtual Network Manager > Extend VRF The Extend VRF page appears with the selected devices and the VRF details of the selected devices is launched. You can extend VRF configuration details to the devices that are neighbors to the selected device. Virtual Network Manager > Edge VLAN Configuration The Edge VLAN Configuration workflow is used to access edge VLANs to a VRF instance. This provides an end-to-end virtualization. You can assign Edge VLAN to a VRF by associating it to a Switch Virtual Interface (SVI). You can assign VLANs to VRF at the edge, using the following options: To perform Edge VLAN Configuration at the Distribution Layer, see Edge VLAN Configuration at Distribution Layer To perform Edge VLAN Configuration at the Access Layer where Trunk exists on the selected device, see Edge VLAN Configuration at Access Layer with Trunk Virtual Network Manager > Troubleshooting The Ping or traceroute page is launched. You can troubleshoot the end-to-end connectivity of devices that participate in a VRF. You can troubleshoot using either Ping or Traceroute. Virtual Network Manager > Troubleshooting > Ping VRF. For more information on Ping, see Ping or Traceroute. Virtual Network Manager > Troubleshooting > Traceroute VRF. For more information on Ping, see Ping or Traceroute. You can view the results after troubleshooting using Virtual Network Manager > Troubleshooting > Show Results VRF. For more information on Show Results, see Show Results. Virtual Network Manager > Software Upgrade. The SWIM page is launched and it displays the selected devices. You can upgrade the device software to make it a VRF capable device. If the device is already VRF Capable, the image can be upgraded to the next available higher version. Virtual Network Manager > Create VLAN Using Virtual Network Manager, you can create VLAN. The VLAN configuration page from Campus Manager. The VLAN Configuration page guides you through the VLAN configuration process. See Figure 9-5.
9-33 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Figure 9-5 Launch Virtual Network Manager from Topology Services For more information on Virtual Network Manager, see Virtual Network Manager. Edge VLAN Configuration at Distribution Layer To achieve complete end-to-end VRF configuration, you must virtualize the Distribution Layer by using the Edge VLAN Configuration feature in Virtual Network Manager. Here, Access VLANs are mapped to a VRF instance to allow the data from the devices in the Distribution layer to participate in a VRF. VLANs are associated to a VRF by associating them to an SVI. Step 1 Launch TopologyView The Topology Services page appears. Step 2 Expand the Network View tree and select Layer 2 View. Step 3 Right-click the Layer 2 View and select Display View. The Layer 2 View page appears. Step 4 Select a VRF from the VRF filter under Topology Filters. If you do not select a VRF, you can perform Edge VLAN Configuration on only one device. Step 5 Select the devices from the Distribution Layer. Step 6 Right- click the selected device and select Virtual Network Manager > Edge VLAN Configuration If you directly select a device without selecting a VRF, you are prompted to select a VRF from the VRF Selector for the device window. The VRF selector displays a list of VRFs that are configured on the selected device.
9-34 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views The Edge VLAN Configuration: Select Devices page appears. The Device Selector does not display pure L3 devices. The devices selected in the map view are already selected in the Select Devices page. In this page, you can select more devices to perform Edge VLAN Configuration. For more information on the Edge VLAN Configuration, see Edge VLAN Configuration. Edge VLAN Configuration at Access Layer with Trunk Consider a scenario where VLAN is not configured on the interface of the selected devices with Trunk configured on the selected devices. To configure VLAN Step 1 Launch Toplogy View The Layer 2 View page appears. Step 2 In the Layer 2 View page, select the devices in the Access Layer. Step 3 Right-click and select Create VLAN. The VLAN Configuration page appears. For more information on Creating VLAN, see Configuring VLANs If Trunk is not configured on the selected device, you can create Trunk by following Step 4 and Step 5. Step 4 Select a link connecting devices from the Distribution Layer to the Access Layer Step 5 Right-click the link and select Create Trunk. The Create Trunk page appears. For more information on Creating Trunk, see Creating Trunk. Modifying DFM Alert Settings After configuring the settings in the Admin page, the Topology maps show all the Critical Warning and Informational alerts, by default. If you want to see only a certain type of alerts, you can change the settings as follows: Step 1 Select Campus Manager > Visualization > Topology Services. Step 2 Launch any Network Topology View. Step 3 Right click on the Topology map and choose DFM Alert Settings. Or Click View > DFM Alert Settings from the Topology Services menu. The following settings are displayed: Critical Warning Informational
9-35 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views These settings are checked by default. Step 4 Uncheck the required setting, for which you do not want to display the information. For example if you want to display only Critical alerts, leave the Critical option checked and uncheck the other two options. The DFM Alert settings is client specific. Therefore, the settings are applied only for your Topology maps and N-Hop View portlet. Other users connected to the same Campus Manager server can choose their own settings. Step 5 Click Apply to save the settings. The settings are saved to the server. Step 6 Close all Topology Windows and relaunch Topology Services for the change to take effect. Modifying Network View Features You can modify and customize various Network Topology View features to suit your operating environment. For example, you can change the display colors and view layout of the Network Topology View. You can also customize the view features for individual user roles, or modify the default features for all users. This section contains: Changing Network Topology View Properties for One User Role Changing Network Topology View Properties for All Users Setting Background Images for Topology Views
9-36 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Changing Network Topology View Properties for One User Role You can change client map properties for one user role without affecting the Network Topology View properties for other user roles. To do this: Step 1 Go to a Network Topology View and select Edit > Map Preferences. The Client Map Properties window opens. Step 2 Change the properties as described in Table 9-13. Table 9-13 Client Network Topology View Field Descriptions Field Description Colors Map Background Color of the background in Network Topology Views Map Foreground Color of the foreground in Network Topology Views Map Selection Color of the outline for selected links and devices Highlight Color Color that links and devices are highlighted in
9-37 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Step 3 Click Apply to apply these changes based on your current user role. Changing Network Topology View Properties for All Users To change the Network Topology View properties for all users: Step 1 Go to a Network Topology View and select Edit > Map Preferences. Step 2 Click Edit Defaults. The Client Default Properties window opens. Step 3 Change the Network Topology View properties as described in Table 9-14. Layout Style Hierarchical Reveals precedence relations Circular Portrays interconnected ring and star topologies Symmetrical Produces representations of complex networks Orthogonal Produces graph layouts with edges running parallel to x and y axes Label Display Fallback Rule Fallback Rule Allows you to set the order in which device labels appear in Network Topology Views Edit Defaults Allows you to edit the default properties for all users Restore Defaults Allows you to restore the default settings Table 9-13 Client Network Topology View Field Descriptions (continued) Field Description Table 9-14 Default Network Topology View Properties Field Description Colors Network Topology View Background Color of the background in Network Topology Views Network Topology View Foreground Color of the foreground in Network Topology Views Network Topology View Selection Color of the outline for selected links and devices Highlight Color Color that links and devices are highlighted in
9-38 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Step 4 To trim SysName based on Domain suffix, enable Trim Domain Suffix On Labels, specify Domain Suffix value and ensure that Truncate SysName On Labels is not enabled. Step 5 Click Apply to change the Network Topology View preferences for all users. Setting Background Images for Topology Views You can set an image as the background of the Network Topology Views in Topology Services. Campus Manager allows you to upload images and set the image, where the image is in GIF, J PEG, or J PG image formats. This section contains: Uploading the Image Selecting the Image Deleting the Image To set the background image: Step 1 Upload the image. Step 2 Set the image as the background image. Layout Style Hierarchy Reveals precedence relations Circular Portrays interconnected ring and star topologies Symmetrical Produces representations of complex networks Orthogonal Produces graph layouts with edges running parallel to x and y axes Label Display Fallback Rule Fallback Rule Allows you to set the order in which device labels appear in Network Topology Views Other Domain Suffix Lets you specify a domain suffix for all devices in your network Trim Domain Suffix On Labels Lets you shorten the domain suffix on Network Topology View labels Sysname Max Characters Allowed Lets you specify the maximum character length of device sysNames in the display Truncate Sysname On Labels Lets you enable or disable the truncation of sysNames in the display Table 9-14 Default Network Topology View Properties (continued) Field Description
9-39 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Network Views Uploading the Image To upload and set the background image: Step 1 Right-click any Network View from the Tree View in the Topology Services Main Window. Step 2 Select Display View from the pop up menu. The Network Topology window appears. Step 3 Select Edit > Map Preferences from the menu. The Client Map Properties window appears. Step 4 Click Upload Image, in the Map Background Image section. Step 5 Select the file from the list in the Upload Map Background Image window, and click Open. Selecting the Image After you finish uploading the image, you can select and set the background for each network view. To select an image for the background: Step 1 Select Edit > Map Preferences from the menu in the Network Topology Display view. The Client Map Properties window appears. Select an image from the drop-down menu for Background Image, in the Map Background Image section. If you do not want to set an image, select the default None. Step 2 Click Apply. Step 3 Click OK. Deleting the Image To delete the image from the list of images that you have uploaded. Step 1 Select Edit > Map Preferences from the menu from the Network Topology Display view. The Client Map Properties window appears. Step 2 Select an image from the drop-down menu for Background Image, in the Map Background Image section. Step 3 Click Delete Image.
9-40 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Understanding Cluster Switches Understanding Cluster Switches Campus Manager is now enhanced to discover Commander and member devices of a Switch Cluster. You can create and delete VLANs in these switches. You can configure switch clusters to manage a set of switches using a single IP address. Switch cluster is a group of switches connected to each other, where one switch is designated as the Command switch and upto 15 switches can be designated as Member switches. Communication to all these member switches is carried out through the command switch. The Command switch is the single point of contact for configuring, managing, and monitoring the cluster of switches. A member switch can not be a member of any other cluster at a point of time. Clustering the switches allows you to: Manage a group of switches using a single IP address, especially when you have a limited number of IP addresses. Manage switches regardless of them being distributed across Layer 2 or Layer 3 networks. The member switches are connected to the Command switch through one common VLAN. Designate standby Command switch to avoid losing connectivity with the member switches. Restrictions: Command switch cannot be a member or command switch of another cluster. Commander switches must connect to standby Command switches only through the management VLAN. For information on displaying Cluster switches in Topology maps, see Displaying Cluster Switches. Displaying Cluster Switches Campus Manager discovers and displays the switches participating in clustering and the devices connected to the cluster members. To display the cluster members: Step 1 Go to the Tree View in the Topology Services Main Window and right-click any Network View. Step 2 Select Display View from the pop up menu. The Network Topology window appears. The Map displays the Command switch using an icon, which you can see in Using Topology Services Legend. The member switches of the cluster displays the IP address of the Command switch and the member number, in the following format: IP address-Member Number. For example, 10.77.210.211-2, where 10.77.210.211 is the IP address of the Command switch and 2 is the member number. To display the IP address, select View > Display Labels > Show IP, from the Menu on Topology Map.
9-41 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Filters Using Topology Filters You can filter devices, links, and networking services, and locate these items on the Network Topology Views. Many different filters are available, but the availability of specific filters varies among each of the different Network Topology Views. You can use multiple filters at the same time to display more than one media type. This section contains: Link Virtualization Status Enabling RMON to Measure Bandwidth Utilization Customizing Bandwidth Utilization Filters Highlighting Filtered Devices To filter devices: Step 1 Start Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 2 Go to the Tree View in the Topology Services Main Window, right-click the Network View you want and select Display View from the pop up menu. The Network Topology View appears.
9-42 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Filters Step 3 Toggle any top-level item in the Topology Filters list to display additional options. Table 9-15 describes various filters. Table 9-15 Topology Filters Description Field Description Types Filter Device Types Filters by individual device; for example, Catalyst 5000. Link Types Filters by type of link; for example, Ethernet100M. Groups Filters by Topology Groups in the Map. The filter displays the number of Groups displayed in the Map, in parentheses. For example, Topology Groups (3). Services Filters by the service running on the device. For example, Cisco CallManager. Device Status Reachable Filters based on status of the device (reachable). Unreachable Filters based on status of the device (unreachable). Internal Routers Filters by the routers. For example, RSM/MSFC. Discrepancy Physical Filters by physical discrepancy; for example, link speed.
9-43 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Filters Network Address Filters Filters based on the protocols supported on the devices. For example, IPv6. STP Inconsistency Filters based on STP loop, PVID, device, or type inconsistencies. Spanning Tree Filters based on the spanning tree details of devices. Selecting the filter will result in a view listing the VLANs applicable to all the switches in the selected switch cloud. PoE Devices PoE Capable Devices Filters based on the Power over Ethernet (PoE) capability of the device. Selecting the filter will highlight the devices that are PoE capable in the displayed network view. PoE is the ability of the LAN switching infrastructure to provide power over the ethernet copper wire to an endpoint (device). TDR TDR Links Filters by the TDR enabled links. VRF Readiness Filters based on the readiness information of the following devices: VRF Capable Devices Represents the devices with necessary hardware support. However, the software must be updated to configure VRF. VRF Supported Devices Represents the VRF supported devices. You can filter devices based on only one Readiness filter at a given time. VRF List Filters based on the list of VRFs present in the Network Enterprise. The VRF Collection process collects the VRFs in your network. By default, the VRF collection process is scheduled to run after the Data Collection process has completed. To get the latest VRFs under VRF Filters, you must relaunch the Display View. When you select a VRF, the Map view displays the devices participating in the selected VRF along with the virtualization status of the links that connect two devices. You can view the following details based on the VRF filters: Devices participating in a VRF Link virtualization status of the link connecting any two devices in the Map view. For more information, see Link Virtualization Status You can filter devices based on only one VRF at a given time. VTP Trunk Encapsulation Filters based on the trunk encapsulation enabled on devices. VTP Devices Filters based on the devices running VTP. Table 9-15 Topology Filters Description (continued) Field Description
9-44 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Filters Link Virtualization Status You can get the virtualization status by hovering the mouse over the links displayed in the Map view in Topology Services. Grey links have both From and To interfaces that do not participate in the selected VRF. In the Figure 9-6, the Green VRF is selected. When you select the Green VRF, the Map view displays the number of devices and the interfaces participating in the Green VRF. The devices that are greyed out do not participate in the Green VRF. The devices participating in the Green VRF are highlighted in the Map view in Topology Services. The interface in grey means that both the interfaces (Gi4/9 and Fa4/0) do not participate in Green VRF. Figure 9-6 Grey Links - Neither Interfaces are a Part of VRF Bandwidth Utilization Low Filter for highlighting the links that are in the low utilization range. Medium Filter for highlighting the links that are in the medium bandwidth utilization range. High Filter for highlighting the links that are in the high bandwidth utilization range. Table 9-15 Topology Filters Description (continued) Field Description
9-45 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Filters Cyan links have only one interface that participate in the selected VRF. In the Figure 9-7, the Blue VRF is selected. When you select the Blue VRF, it displays the status of the devices and interfaces participating in the Blue VRF. Here, two devices are a part of the Blue VRF. The devices that are not participating in Blue VRF are greyed out. The interface in Cyan means that only one interface (Fa0/1) is participating in the Blue VRF. Figure 9-7 Cyan Links - Only One interface Part of VRF Black links represents the links with both from and to interfaces that participate in Green VRF. Black links have both From and To interfaces participating in the selected VRF. In the Figure 9-8, the Green VRF is selected. The selection of Green VRF displays the status of the devices and interfaces participating in the Green VRF. Here, four devices are a part of Green VRF. One devices is greyed out because it is not participating in the Green VRF. The interface in Black means that both interfaces (Fa0/0 and Fa0/1) are participating in Green VRF.
9-46 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Filters Figure 9-8 Black Links - Both From and To Interfaces Part of VRF You can filter devices based on only one VRF at a given time. Step 4 Select the check box next to any option to filter specific items. If you select multiple options from two different top-level filters (such as Types and VTP), your selection is an assumed Boolean AND expression. This requires that all criteria be met to highlight devices on the Network Topology View. Therefore, only those devices supporting active links of the selected type are displayed. If you select multiple options from the same top-level filter (such as Device and Link), your selection is an assumed Boolean OR expression. This requires that any criteria be met in order to highlight the selection on the Network Topology View. However, for discrepancy filters, selecting multiple options from the same top level filter will assume an AND operation. If you choose to filter by a Service, the application servers that are configured to run that service, are highlighted on the map. However, you must complete the Displaying Service Attributes procedure to determine whether the specified Service (or any other Service) is currently active on the application server. Step 5 Select Edit > Highlight Filtered to highlight the filtered items. To deselect items and check boxes that you have selected and return to the normal view, select Edit > Clear Highlighting.
9-47 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Filters This topic contains: Enabling RMON to Measure Bandwidth Utilization Customizing Bandwidth Utilization Filters Highlighting Filtered Devices Enabling RMON to Measure Bandwidth Utilization Bandwidth Utilization is the measure of traffic flowing across a link. Campus Manager highlights bandwidth utilization across links, in the Topology maps. It computes the bandwidth utilization by taking the best estimate of the mean physical layer network utilization on the links, during the sampling time interval. In Topology Map, Campus Manager can differentiate the links using colors, based on the bandwidth utilized by them. You can customize the filters to display bandwidth utilization. For more details, see Customizing Bandwidth Utilization Filters. This section contains: Modifying the Parameters Enabling RMON on All Ports in Selected Devices Enabling RMON on Selected Ports in Selected Devices Disabling RMON Note Campus Manager computes bandwidth utilization only on ethernet links, and not on any other type of link. To compute bandwidth utilization in Campus Manager, you must enable Remote Monitoring (RMON). Enabling RMON depends on two parameters. Parameters to Compute Bandwidth Utilization Enabling RMON depends on the following parameters: Bucket SizeNumber of samples (incoming and outgoing packets) that will be examined for a given point of time. IntervalDuration for which samples are to be collected. The default values for Bucket Size and Interval are 10 and 300 respectively. Though you cannot edit the values through the user interface of Campus Manager, you can reconfigure these values through command line interface. For more details see Modifying the Parameters. Campus Manager computes bandwidth utilization only for those devices that have the same parametric values as configured and displayed in the RMON Settings page. This application allows you to configure only the same parametric values on all link ports. This is to avoid conflicts in computation. Enabling RMON on Ports Campus Manager allows you to enable RMON on: All Ports in selected devices. For details, see Enabling RMON on All Ports in Selected Devices Selected Ports in selected devices, see Enabling RMON on Selected Ports in Selected Devices
9-48 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Filters Campus Manager highlights links in the Topology Map even if the devices are managed by other applications such as DFM, HPOV, or CiscoView. This topic contains: Modifying the Parameters Enabling RMON on All Ports in Selected Devices Enabling RMON on Selected Ports in Selected Devices Disabling RMON Modifying the Parameters The default Bucket Size is 10 and the Interval is 300 seconds. Campus Manager does not compute bandwidth utilization for the links whose ports have different Interval values. You can configure new values for the parameters in the ANIServer.properties file. To reconfigure the values, you must restart the ANI server so that the file takes the new value. For computing bandwidth utilization, Campus Manager takes only the latest values in the ANIServer.properties file. You must reconfigure the link ports according to the values set in the properties file for Topology Map to highlight the links. You must reconfigure the parametric values before you enable RMON on ports. Note You must configure the same value for Interval across the devices. To reconfigure the values: Step 1 Enter pdterm ANIServer at the command line to stop the ANI server. Step 2 Go to NMSROOT/campus/etc/cwsi/ANIServer.properties. Step 3 Modify the values of the properties, RMON.interval for Interval and RMON.bucketSize for the Bucket Size. The maximum value that you can enter for RMON.interval is 3600 seconds (One hour). Step 4 Enter pdexec ANIServer at the command line to start the ANI server. After modifying the bucket size and interval, enable RMON in devices as explained in Enabling RMON on All Ports in Selected Devices or Enabling RMON on Selected Ports in Selected Devices. You can use RMON.percentageTolerance property in the ANIServer.properties file to provide a value for the Interval in a range. This is a hidden property that creates a range for the Interval value. The property adds a value to the current interval that forms the upper limit and subtracts a value from the current interval that forms the lower limit of the range. The default hidden value is 10 percent of the interval. For example, if the value provided in the ANIServer.properties file is 300, the range will be 270-330. Thus, the samples are collected for the range of 270 to 330 seconds.
9-49 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Filters If you want to change this default value, you must: Step 1 Stop the ANI server. Step 2 Enter pdterm ANIServer at the command line to stop the ANI server. Step 3 Go to NMSROOT/campus/etc/cwsi/ANIServer.properties. Step 4 Enter RMON.percentageTolerance=value. Step 5 Start the ANI server. Step 6 Enter pdexec ANIServer at the command line to start the ANI server. Enabling RMON on All Ports in Selected Devices To enable RMON on all ports in selected devices: Step 1 Click Campus Manager > Visualization > RMON Configuration. The Enable RMON dialog box appears. The Device Selector pane displays a list of all devices. Step 2 Select the check box corresponding to the devices for which you want to enable RMON. The RMON Settings area displays the default Bucket Size required as 10; and the Interval in seconds as 300. For a Bucket Size of 10, and interval of 300 seconds, Campus Manager collects 10 samples of bandwidth utilization across links over a period of 50 minutes, with an interval of 5 minutes (300 seconds). To modify the Bucket Size and Interval, see Modifying the Parameters. If you modify the parameters, repeat all the steps listed in this section, for enabling RMON with the new parameters. Step 3 Check the Configure on all links check box to configure all the ports of the selected devices in the Device Selector. Step 4 Click Configure to enable RMON on all the ports in the selected devices. The following command is configured on the selected ports: rmon collection history integer owner ownername buckets bucket-number interval seconds Example: rmon collection history 4 owner campusmanager buckets 10 interval 300
9-50 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Filters Enabling RMON on Selected Ports in Selected Devices To enable RMON on selected ports in selected devices: Step 1 Click Campus Manager > Visualization > RMON Configuration. The Enable RMON dialog box appears. The Device Selector pane displays the list of devices. Step 2 Select the check box corresponding to the devices for which you want to enable RMON. The RMON Settings area displays the default Bucket Size required as 10; and the Interval in seconds as 300. For a Bucket Size of 10, and interval of 300 seconds, Campus Manager collects 10 samples of bandwidth utilization across links over a period of 50 minutes, with an interval of 300 seconds (5 minutes). To modify the Bucket Size and Interval, see Modifying the Parameters. If you modify the parameters, repeat all the steps listed in this section, for enabling RMON with the new parameters. Step 3 Uncheck the Configure on all Links check box since it is checked by default. Step 4 Click Select links to select the ports for which you want to enable RMON. It displays the list of ports in the selected devices. For details on the list displayed, see Table 9-16. TheSelect Links check box is enabled only when you uncheck the Configure on all links check box. Step 5 Select check boxes corresponding to the ports for which you want to enable RMON. Step 6 Click Configure to enable RMON on the selected ports. The following command is configured on the selected ports: rmon collection history integer owner ownername buckets bucket-number interval seconds Example: rmon collection history 4 owner campusmanager buckets 10 interval 300 Table 9-16 Select Links for RMON Configuration Column Description Column Description Port Name of the port. Device Name Name of the device where the port is connected. Device Address The IP address of the device. isLink True is displayed for link ports and False for a non-link port.
9-51 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Topology Filters Disabling RMON After you have enabled RMON on a device through Campus Manager, you can disable it using Command Line Interface (CLI) only. Commands to Disable RMON For a device running Cisco IOS, enter the following command at the CLI prompt: no rmon For a device running Catalyst operating system, enter the following command at the CLI prompt set snmp rmon disable Customizing Bandwidth Utilization Filters You can customize the three ranges of bandwidth utilization, which are low, medium, and high, provided in the Topology Filters. You can also customize the colors for the links in different ranges of bandwidth utilization. To customize the range of utilization and the color for the ranges: Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 2 Select Edit > Bandwidth Filter Settings. The Bandwidth Filter Settings window appears. Step 3 Select the percent of utilization and color you want to specify for each range. For example, if you want to displays links with utilization between 0 to 40% in Yellow, set From % to 0 To % to 40 Color to Yellow Step 4 Click Apply to save the changes. Now the links with 0 to 40% utilization will appear in yellow in all the topology maps.
9-52 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Find in Network Topology Views Highlighting Filtered Devices You can highlight the devices that you have filtered using the Topology filters.To do this: Step 1 Select the required Topology Filters from the Network Topology View. Step 2 Select Edit > Highlight Filtered from the menu. Or Right-click the topology map and select Highlight Filtered from the popup menu. The topology map highlights the devices that are being filtered. Step 3 To clear the highlight on the devices, select Edit > Clear Highlighted from the menu. Using Find in Network Topology Views You can locate specific devices in your network by searching for the device name or device address. You can do this by using the Find option. To do this: Step 1 Go to a Network Topology View and select Edit > Find. Step 2 Enter the required information as described in Table 9-17. To highlight the device in the Network Topology View window, click Find. Table 9-17 Network Topology View Field Descriptions Field Description Usage Notes Find Device By Select search criteria: Name IP Address Use the drop-down list box to find devices by device name or IP address. What Enter the desired search string Use this field to narrow the number of matches by entering part or all of the device name or IP address. Matches Lists devices that match the specified criteria Select the device from the list of matches. Add to current Network Topology View selection Selects the device without resetting the currently selected devices Use this option if you are selecting several devices, and want to add this device to those selected.
9-53 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Understanding Summary View Understanding Summary View You can use the Summary View to monitor the current configuration of your network and easily find devices in your network. The Summary View allows you to obtain summary information about the managed domains, logical components, and physical topology of your network. See Interpreting Summary Information for details on summary information. Note You can select multiple rows from the table and display the context sensitive menus. This topic contains: Highlighting Devices From Summary View Interpreting Summary Information Interpreting Network View Summary Information Interpreting Unconnected Device View Summary Information Highlighting Devices From Summary View You can select a device and choose to highlight the device in the Network View from the Summary View in the Topology Services Main Window. To do this: Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. The introduction page for Topology Services appears. Step 2 Click Launch Topology Services. The Topology Services Main Window appears. Step 3 Select the device listed in the Summary View. Step 4 Right-click the device and select Highlight Device from the popup menu. The Topology Map appears with the highlighted device. Interpreting Summary Information To interpret summary information see the following sub-sections: Interpreting Network View Summary Information Interpreting Topology Groups Summary Information
9-54 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Understanding Summary View Interpreting Network View Summary Information To display summary information about items in the network views, click a Network View from the Tree View in Topology Services. See Table 9-18 to interpret this information. Interpreting Unconnected Device View Summary Information To display summary information about items in the unconnected device views, click Unconnected Devices View from the Tree View in Topology Services. See Table 9-19 to interpret the fields in the Unconnected Devices View Summary. Table 9-18 Network View Field Descriptions Field Description Devices Number of devices displayed on the particular view. Switches Number of switches. Routers Number of routers. Device List Device Name Name of the device. IP Address IP address of the device. Device Type Product type. State Current status of device; that is, whether it is reachable or not. Table 9-19 Device View Summary Field Description Devices Number of devices displayed in the particular view. Switches Number of switches in the selected view. Routers Number of routers in the selected view. Device List Device Name Name of the device. IP Address IP Address of the device. Device Type Product type. State Current status of the device; whether it is reachable or not. Neighbors Devices that are physically connected to the selected device.
9-55 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Upgrading Network Topology Views Upgrading Network Topology Views After an upgrade installation or manual data import from Campus Manager 4.0, you may upgrade the Layer 2 View, LAN Edge View, or Unconnected Devices View that was saved in Campus Manager 4.0 to the new Campus Manager 5.2 format. If this upgrade is not performed, you can directly use the default views, with enhanced features, generated by Campus Manager 5.2. You can perform the following upgrade procedure more than once. To do this: Step 1 Go to the Topology Services Main Window and select File > Upgrade View layouts. The Upgrade Topology Views window appears. Step 2 Select the views to upgrade. Step 3 Click Upgrade to upgrade the views. Step 4 Select the corresponding views from the side panel in the Topology Main Window. Step 5 Select Display View.
9-56 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services N-Hop View Portlet N-Hop View Portlet N-Hop View portlet is a HTML based light weight feature and is available as a part of CiscoWorks Portal. This is much faster than the regular Campus Manger Topology services. This portlet displays a N-hop view from a specified device. It should be used to view a limited set of devices. See Configuring the Portlet for details on configuring this portlet. N-Hop view displays only the devices your are authorized to view, if Campus Manager is integrated with ACS and the option Set Topology to ACS mode is checked. For details, see Restricted Topology View. Using N-Hop view, even if more than 30 devices are present within the specified Hop Count of the root device, you can view a network of up to 30 devices only. You can view the other part of the network by randomly selecting a root device and specifying a Hop Count for the root device. To view the entire network, use Topology Services. Using N-Hop View: You can cross-launch the following CiscoWorks applications: CiscoView DeviceCenter Resource Manager Essentials CiscoWorks Assistant Health and Utilization Monitor Internetwork Performance Monitor Device Fault Manager To launch the applications, choose a device, right click and choose the required application. Note You can launch RME, DFM, CWA, IPM and HUM from Topology maps even if they are installed on different CiscoWorks servers, in a Master Slave setup. Resource Manager Essentials Select any device, right-click and choose SWIM It cross-launches to the RME Software Distribution page. This page enables you to distribute the images in your network. For more details, see User Guide for Resource Manager Essentials. Select any device, right-click and choose NetConfig It cross-launches to the RME NetConfig page. This page enables you to manage NetConfig jobs. The page allows you to apply a set of commands (a task) on selected devices. You can create your own custom tasks that run on multiple devices. For more details, see User Guide for Resource Manager Essentials. Launch CiscoWorks Assistant Select any device, right-click and choose Troubleshoot. The Device Troubleshooting Report page is launched. This page displays details about the device. In case of devices that are down, you can use these details to analyze why the device is unreachable. For more details, see User Guide for CiscoWorks Assistant.
9-57 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services N-Hop View Portlet Launch Health and Utilization Monitor Select any device from the map and right-click and choose Device Dashboard. The Device Dashboard report is launched, which provides performance details for the device. Select any link from the Topology map and right-click and choose Interface Report. The Interface Report for that particular link is launched, displaying the last one hour data. For complete details on the reports, see User Guide for Health and Utilization Monitor. Launch Internetwork Performance Monitor Select any IPSLA capable device, right click and choose Show Collector or Create Collector. The corresponding Collector Management page is launched. You can create collectors only on devices which are IPSLA capable. For more details, see User Guide for Internetwork Performance Monitor. Launch Device Fault Manager Select any device, right-click and choose Show DFM Alert, to the see the alerts associated with the device. Select any device, right click and choose DFM Fault History Report, to see the history of DFM events and alerts. For more details see, User Guide for Device Fault Manager. You can access a device using Telnet. To do so, choose a device, right click and choose Telnet. You can display the following information in the map: To view information, right click anywhere in the map and select the required value. The selected information is displayed for all devices. To hide the displayed information, right click anywhere in the map and select Show/Hide Labels. Move the mouse over the label to display this relevant information. You can drag the labels anywhere inside the map. To set it to its original position, right click in the map and choose Reset Draggables. To print the N-hop view, right click anywhere in the map and choose Print View. Before printing the N-hop view, we recommend that you provide the following browser settings: For Internet Explorer: 1. Go to Tools > Internet Options > Advanced Tab > Printing 2. Check Print background colors and images under Printing IP Address IP Address of the Device devicename Name of the device sysName sysName sysContact Contact person for that device sysLocation Physical location of the device sysOID Value of the System Object Identifier MIB variable of the device
9-58 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services N-Hop View Portlet For Mozilla Firefox: 1. Go to File > Page Setup > Format & Options Tab 2. Check Print Background (Colors & Images) under Options You can view the details about a single device/link. Click the link Show Properties at the top right corner (This link toggles between Show properties and Hide Properties). Choose a device or link. Properties of the device or link are displayed as explained below: Configuring the Portlet To configure the N-Hop View portlet: Step 1 Go to the LMS Portal and click CM from the menu. The Campus Manger view is launched. Step 2 Move the mouse over the top right corner of the N-Hop View portlet and choose Configuration. The configuration screen is displayed. Step 3 Enter the IP address or the Device name of the root device. If the device you specify is not managed by Campus Manager, it will display an error message. Step 4 Enter the number of hops in the Hop count field. The Network Topology map is drawn for the specified number of hops. Step 5 Add the device to the critical device poller by checking the Poll devices check-box. Campus Manager polls the network periodically. If you need to monitor the status of a certain device more frequently, add it to the critical device poller. For more information on Critical device poller, see Device Poller. Device Details Devicename Name of the device IP Address IP Address of the device status Indicates if the device is up or down imageVer Version details of the image installed in the device sysLocation Physical location of the device sysName sysName sysContact Contact person for that device sysOID Value of the System Object Identifier MIB variable of the device Link Details Link Status Indicates whether the link is up or down Device IP IP Address of the device. Shown for both devices between which the link is configured. Interface Interface in the device. Shown for both devices between which the link is configured.
9-59 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Microsoft Visio With Topology Views This device is removed from the critical device poller list when you close the N-Hop View portlet window. To display DFM alerts in N-Hop view, choose Show DFM Alerts. To display Critical alerts, choose Critical. To display Warning alerts, choose Warning. To display Informational alerts, choose Information. For the above feature to work, the DFM poller should be enabled. For details on this, see Configuring DFM Polling. Step 6 Select the time interval from the Refresh Every drop-down list. This interval can be in minutes or hours. By default, the portlet refreshes the Topology map every 5 minutes. If you set the time interval, it refreshes accordingly. For every refresh, the data is fetched from the last polling cycle of the critical device poller. Step 7 Click Save. Step 8 Click the back arrow to view the Topology map for the configured device. Using Microsoft Visio With Topology Views You can export the network clouds, aggregate links, device nodes, links, buses, and all associated labels into a Visio drawing. You can export Network Topology Views to Visio 2003 as an XML file. For more details, see Exporting Network Topology Views to Visio. Visio 2003 does not support CSV file format. To export Network Views to Microsoft Visio 2002 or previous versions, there are two options: 1. Export to .CSV file. To do so, Download the Cisco stencil file (cm_cisco.vss). This file stores images of Cisco devices that Visio uses to create the drawing. For more details, see Downloading the Cisco Visio Stencil File. Export Network Topology Views to Visio. For more details, see Exporting Network Topology Views to Visio. 2. Export to an XML file. For more details, see Exporting Network Topology Views to Visio.
9-60 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Using Microsoft Visio With Topology Views Downloading the Cisco Visio Stencil File You must download the Cisco stencil file if you want to export Network Topology views to Visio 2002 or previous versions. See Exporting Network Topology Views to Visio for more details. To do this: Step 1 Select File > Download Visio Stencil from a Network Topology View. Step 2 Navigate to the Solutions directory where Visio is installed. The directory path is usually Visio\Solutions Caution Do not change the default filename. Step 3 Click Save. Exporting Network Topology Views to Visio To export Network Topology views to Visio: Step 1 Select the devices you want to export from a Network Topology view. Step 2 Select File > Export ToVisio. Step 3 Select either of the following options: Export To csv... Saves the Network Topology view as a .CSV file, which you can open in Visio 2002 or previous versions and convert into a Visio drawing. When you open the saved text file in Visio, select comma as the delimiter to use. See the Visio manual on how to create drawings from external data. Or Export To xml... Saves the Network Topology view as a .VDX file, which you can open in Visio 2003. Proceed to Step 5. Step 4 Navigate to the directory where you saved the Cisco stencil file (cm_cisco.vss). Step 5 Accept the default or enter a filename. Step 6 Click Save. Note When you try to export more than 50 nodes from the Topology view, there will be loss of clarity in the exported Visio diagram.
9-61 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Links Working With Links You can use Network Topology Views to display information about links between discovered devices and the type of link connecting the devices. This section explains: Interpreting Link Tooltips Displaying Link Attributes Displaying Aggregate Link Attributes Interpreting Link Tooltips Link tooltips provide detailed information about links. They appear as popup windows as you move the cursor over different items in the discovered network. Some network types display additional information in the tooltips. Use Table 9-20 to help you interpret the tooltips that appear. Displaying Link Attributes You can display information about the links between devices in your network. From a Network Topology View, right-click a link and select Link Attributes from the popup menu, or select Reports > Link Attributes. The Link Attributes window opens. See Interpreting Link Attributes for more information. Table 9-20 Link Tooltip Item Descriptions Item Description Example Links Connecting switch name or IP address:slot/port (media type, media speed) 172.18.2.25:2/4 - 172.18.2.2:1/3 (Ethernet 100M) Buses Media type Ethernet bus, FDDI
9-62 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Links Interpreting Link Attributes See Table 9-21 to interpret the fields shown in the Link Attributes window. Displaying Aggregate Link Attributes The aggregation of multiple physical Ethernet links into a single, virtual link allows network managers to speed the flow of traffic through their networks, reaching speeds that would not be possible otherwise. For example, if you have no access to links any faster than 100 Mbps, you might aggregate four separate channels of 100 Mbps each into a single 400 Mbps channel. If there are any aggregate links between devices in your network, you can use Topology Services to display information about those aggregate links. To display information about the aggregate links: Right-click a link from a Network Topology View and select Aggregate Link Attributes from the popup menu Or Select Reports > Aggregate Link Attributes. The Aggregate Link Attributes window opens. See Interpreting Aggregate Link Attributes for more information. Table 9-21 Link Attribute Window Field Description From Device from which link originates To Device at which link ends Device Device name Interface Port to which link is connected on the originating and ending devices Type Media type of the link, such as Ethernet Speed Speed of the link, such as 10Mbps, which is 10 megabits per second, or 100Mbps, which is 100 megabits per second.
9-63 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Time Domain Reflectometry Reports Interpreting Aggregate Link Attributes See Table 9-22 to interpret the fields shown in the Aggregate Link Attributes window. Time Domain Reflectometry Reports Time Domain Reflectometry (TDR) is used to detect faults in a cable. TDR checks and locates open circuits, short circuits, sharp bends, crimps, kinks, impedance mismatches, and other such defects. Time Domain Reflectometry is required when the application cannot establish a link, or if the link does not perform as expected. This usually occurs if you: Replace a cable. Migrate from Fast Ethernet to Gigabit switch. Develop new cable plants. In such cases, the nature of the defect in the cables are important. To detect the defects, you can perform a TDR test on the link. The TDR test checks the various aspects of the performance of physical links and its reliability, and reports status and failure. This topic contains: Understanding Time Domain Reflectometry Using Time Domain Reflectometry Reports Understanding Time Domain Reflectometry Time Domain Reflectometry detects the defects by sending a signal through a cable, and reflecting it from the end of the cable. Open circuits, short circuits, sharp bends and other defects in the cable, reflects the signal back, at different amplitudes, depending on the severity of the defect. The TDR measures the time taken by the signal to reflect back and thus calculates the distance to the defect in the cable. When the signal reaches the end of the cable, it reflects at a very low amplitude. Table 9-22 Aggregate Link Attributes Field Description From Domain from which link originates To Domain at which link ends Device Device name Interface Port to which link is connected on the originating and ending devices Type Media type of the link, such as Ethernet Speed Speed of the link, such as 10 Mbps
9-64 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Time Domain Reflectometry Reports Using Time Domain Reflectometry Reports Campus Manager supports TDR Cable Diagnostic Test and generates a report listing the results of the test on Cisco Catalyst 6000 switches. This topic contains: Running TDR Test for a Link Running TDR Test For a Port. Running TDR Test for a Link To run the TDR test for a link: Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. Step 2 Select a view that contains the device for which you want to run TDR Test. This view in the Tree View in the Topology Services Main Window. Step 3 Right-click the view and select Display View. The Network Topology window for the selected view appears. Step 4 Select the link for which you want generate TDR Report. Step 5 Right-click the link. Step 6 Select TDR Report from the pop up menu. A message appears: Running TDR Report may affect data traffic in the link. Do you like to run the TDR Test. Step 7 Click Yes. The TDR Report window appears. See Table 9-23 for details on the report.
9-65 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Time Domain Reflectometry Reports After you generate the TDR Report you can: Print the TDR report. To do so select File > Print from the menu. Export the report to your machine. To do so select File > Export from the menu. To view the links that support TDR: Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. Step 2 Select a view that contains the device, for which you want to run TDR Test. This view is in the Tree View in the Topology Services Main Window. Step 3 Right-click the view and select Display View. The Network Topology window for the selected view appears. The Topology Filters pane has a filter, TDR. Step 4 Click TDR. Step 5 Check the check box for TDR Links. The supported links are highlighted. Table 9-23 Field Description for TDR Report on Links Column Description Local Device Name of the local device. Local Port Port of the local device. Pair Pair name corresponding to the local port. Local Pair Length Length of the cable from the local device. Local Pair Status Status of the local pair. Local Distance To Fault Distance to the defect on the cable pair, from the local port. Local Channel Channel to which the cable pair is connected. Remote Device Remote device connected to the local device. Remote Port Remote port on the remote device. Remote Pair Remote pair connected to the local pair. Remote Pair Length Length of the cable from the remote device. Remote Pair Status Status of the remote pair. Remote Distance to Fault Distance to the defect on the cable pair, from the remote port. Remote Channel Channel to which the cable pair is connected.
9-66 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Time Domain Reflectometry Reports Running TDR Test For a Port Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. Step 2 Select a view that contains the device that has the port for which you want to run TDR Test. This view is in the Tree View in the Topology Services Main Window. Step 3 Select the device that has the port for which you want to run TDR Test. Step 4 Right-click the device and select Port Attributes from the pop up menu. The Port Attributes window for the device appears. Step 5 Select the port for which you want to run TDR Test. Step 6 Select View > TDR Report from the menu. A message appears: Running TDR Report may affect data traffic in the link. Do you like to run the TDR Test. Step 7 Click Yes. The TDR report window appears. See Table 9-24, for more details on the TDR report. After you generate the TDR report you can: Print the TDR report. To do so, select File > Print from the menu. Export the report to your machine. To do so, select File > Export from the menu. Table 9-24 TDR Report on Ports Field Description Field Description Device Name of the device. Port Name of the port. Pair Pair name corresponding to the port. Pair Length Cable length from the device. Pair Status Status of the pair.
9-67 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Devices Working With Devices You can use a Network Topology View to display information about the routers and switches in your network. This section contains: Performing Data Collection for Devices Interpreting Device Tooltips Displaying Device Labels Displaying Device Attributes Viewing End Host Report Viewing Switch Port Report Displaying Port Attributes Setting Preferred Management Addresses Starting CiscoView Starting Telnet Starting Device Center Working With MLS Devices Working With Application Servers Displaying Device Service Modules Displaying Service Attributes Performing Data Collection for Devices You can perform data collection for each device or a group of devices from Topology Services. Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. Step 2 Select the device entry in Summary View, for which you want to perform the data collection. Step 3 Right-click the device entry and select Perform Data Collection from the popup menu. Or Select the device from the topology map. Step 4 Select Edit > Perform Data Collection, or right-click the device and select Perform Data Collection from the popup menu. The status bar displays the message: Request data collection for n device(s) accepted by ANI. The discovery status button on the status bar shows the status as Running. After the data collection is complete, the status bar displays a message: Data Collection done, and the discovery status on the status bar shows the status as Idle.
9-68 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Devices Interpreting Device Tooltips A tooltip is a text message that clarifies the purpose or meaning of a user interface element such as a button, a line, or an icon. Generally, tooltips appear whenever your pointer rests on any user interface element for which a tooltip has been defined. Tooltip messages are displayed against a colored background (typically yellow or lavender) in a rectangle that hovers above the user interface element being described. Tooltips in Topology Services provide detailed information about devices and links in Network Topology Views. Some device types display additional information in the tooltips. Tooltip for a device, for example, 172.18.2.11(C3900), contains the device name or the IP address, and the device type in parentheses. Displaying Device Labels To display device information labels in Network Topology Views. To do this: Step 1 Select View > Display Labels. from the Network Topology View. Step 2 Select either IP address, device name, or SysName to be displayed. This topic contains: Interpreting Device Labels Clearing Device Labels Interpreting Device Labels The device labels are then displayed. See Table 9-25. Clearing Device Labels To clear device information labels in the Network Topology Views. From a Network Topology View, select View > Display Labels > Clear Labels. The device labels are hidden. Table 9-25 Device Labels Field Description IP Address IP address of the device. Device Name Name of the device. SysName SysName of the device.
9-69 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Devices Displaying Device Attributes To display information about a specific device: Right-click a device icon from a Network Topology View, and select Device Attributes from the popup menu Or Select Reports > Device Attributes. The Device Attributes window opens. See Interpreting Device Attributes for more information. Viewing End Host Report To view End Host Report for a specific device: Right-click a device icon from a Network Topology View, and select End Host Report from the popup menu Or Select Reports > End Host Report. The Quick Report page appears. See Viewing Quick Reports for more information. Viewing Switch Port Report To view Switch Port Report for a specific device: Right-click a device icon from a Network Topology View, and select Switch Port Report from the popup menu Or Select Reports > Report Generator > Switch Port Report. The Report Genertor page appears. See Understanding Switch Port Usage Reports for more information. Interpreting Device Attributes See Table 9-26 to interpret the fields shown in the Device Attributes window. Table 9-26 Device Attributes Column Description Column Description Name Name of the device. IP Address IP address of the device. Type Cisco product name for the device, such as 7505 or 5500. Module Module type; set to default for devices without modules. ID Module identification (such as slot number for Cisco Catalyst 5000 series switches or switch number for Cisco Catalyst 3000 series switches). SubID Sub is the slot number and the ID is the box number for stackable devices, such as Catalyst 3000 series switches.
9-70 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Devices Displaying Port Attributes To display information about the status of the ports in your network. Right-click a device icon from a Network Topology View and select Port Attributes from the popup menu Or Select Reports > Port Attributes. The Port Attributes window opens. See Interpreting Port Attributes for more information. Interpreting Port Attributes See Table 9-27 to interpret the columns shown in the Port Attributes Report window. #NumPorts Total number of ports that the Campus Manager Server has discovered on the device or module. Versions Model-specific string that varies by device type. For example, Cisco Catalyst 5000 series switches display hardware (hw), software (sw), and firmware (fw) versions. However, only the hardware version is displayed for the Cisco Catalyst 3000 series switches. Status Device-specific status string. For example, the Cisco Catalyst 5000 series switches display faulty, no module, stopped, and running. The Cisco Catalyst 3000 series switches display Other, OK, Minor fault, and Major fault. Daughter Card Daughter cards added to modules (for example, the NetFlow Feature Card or the Uplink module for the Supervisor III engine on Cisco Catalyst 5000 series switches). Table 9-26 Device Attributes Column Description (continued) Column Description Table 9-27 Port Attributes Report Column Description Column Description Device Name Name of the device. Device IP IP address of the device. Port Name of the port. Port Description Description of the port that you have entered. Type Media type, such as Ethernet. AdminStatus Whether port has been brought down intentionally. OperStatus Whether port is active or inactive. isLink If checked, the port is linked to a switch. isTrunk If checked, the port is participating in a VLAN trunk.
9-71 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Devices To see the list of unused ports, select View > Unused Ports from the menu. To see the complete list of ports, deselect View > Unused Ports to view the complete list of ports. You can also save or print the lists. Setting Preferred Management Addresses Some devices, such as routers, can have multiple IP addresses. You can set a preferred management address to be used by Campus Manager using either of the following procedures. Note When you set an IP address as preferred management address, the IP address in the Device and Credential Repository also changes accordingly. To navigate from Topology Services Main Window: Step 1 Select a view that contains the device, for which you want to set the IP. This view is in the Tree View in Topology Services Main Window. Step 2 Select a device from the device list in any one of the summary tables. Step 3 Right-click and select Change Management IP from the popup menu. The Select Management IP Address window containing the multiple IP addresses of the selected device appears. Speed Port speed. Duplex Mode Half-duplex or full-duplex. Protocols Enabled Filter protocols on MLS (Multi Layer Switching) devices. Indicates the protocols that are allowed to pass through the port. For MLS devices, IP, IPX, and Other are valid options. For trunk ports or traditional filtered ports, All is always displayed. Protocols Seen Filter protocols on MLS devices. Indicates the protocol forwarded on that port. For MLS devices, IP, IPX, and Other are valid options. For trunk ports or traditional filtered ports, All is always displayed. VLAN Name of the VLAN. L2L3 Shows whether the port is in Layer 2 or Layer 3, switched or routed. J umboFrame J umbo frame status of the port. If you enable J umboFrame, The port supports a frame size greater than the standard Ethernet frame size of 1518 bytes Trunk Encapsulation Shows whether ISL or IEEE 802.1Q encapsulation is enabled on the switch port. TrunkMode Trunk mode of the port. The trunk modes are desirable, on, off, auto, or no negotiate isChannel Shows whether the port is part of an EtherChannel or not. Table 9-27 Port Attributes Report Column Description (continued) Column Description
9-72 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Devices Step 4 Select an IP Address (IPv4 or IPv6 Address). Step 5 Click Apply. Step 6 To view the changes, select View > Refresh Summary from the menu. To navigate from Topology View: Step 1 Select a view that contains the device, for which you want to change management IP, from the Tree View in the Topology Services Main Window. Step 2 Select View > Display View from the menu. A topology map appears. Step 3 Select a device icon from the map. Step 4 Right-click the device icon and select Change Management IP from the popup menu. The Select Management IP Address window containing the multiple IP addresses of the selected device appears. Step 5 Select an IP Address (IPv4 or IPv6 Address). Step 6 Click Apply. To view the changes, select View > Refresh Map from the menu. Starting CiscoView You can display specific device configuration and diagnostic information by starting CiscoView. CiscoView is a graphical user interface (GUI) based device management software application that provides dynamic status, statistics, and comprehensive configuration information for Cisco internetworking devices. CiscoView allows you to configure and monitor the port level information. To start CiscoView: Step 1 Start Campus Manager >Configuration > VLAN Port Assignment from the LMS Portal. The VLAN Port Assignment window appears. Step 2 Select the VTP domain and enter appropriate search criteria, if necessary. Step 3 Select the row that contains the device from the VTP Domain table. In the VTP Domain table, select the row that contains the device. Step 4 Right-click the selected row. Step 5 Select CiscoView from the popup menu. CiscoView page launches for the selected device.
9-73 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Devices Starting Telnet You can initiate a remote terminal connection with the Cisco Systems Console on a device that supports Telnet and that appears in the Topology map. To do this: Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 2 Select the port of the device from the Summary View. Step 3 Right-click the row and select Telnet from the popup menu. A Telnet session window opens. If you are using Internet Explorer 7.0, change the following settings to use Telnet: Step 1 Go to Start > Run. Step 2 Enter regedit in the textbox and click OK. The Registry Editor opens. Step 3 Click the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl, from the list displayed. Step 4 Go to the Edit menu and choose New > Key. Step 5 Enter FEATURE_DISABLE_TELNET_PROTOCOL as the name of the new Key. Step 6 Choose the above key, right click and choose DWORD. Step 7 Enter iexplore.exe as the value of the DWORD property. Step 8 Restart the browser.
9-74 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Devices Starting Device Center Device Center provides the summary of details for a device. The application launches troubleshooting tools, management tasks, and reports for the selected device. Since the application is based on a device-centric navigation paradigm, Device Center helps you to focus on device centric features and information from one location. After launching Device Center, you can change the device attributes, update inventory, and initiate telnet with a device that is selected from the Device Center Window. For more details on Device Center, see Using Device Center under User Guide for CiscoWorks Common Services 3.3. To launch Device Center from Topology Services. Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 2 Right-click a device entry from a Summary View, and select Device Center from the popup menu, Or, Right-click a device icon from a Network Topology View, and select Device Center from the popup menu. Device Center launches for that device. To launch Device Center from VLAN Port Assignment: Step 1 Start Campus Manager > Configuration > VLAN Port Assignment from LMS Portal. The VLAN Port Assignment window appears. Step 2 Select the VTP Domain and click Show All Ports or Get Ports. The VTP Domain table lists the ports that are in the selected VTP domain. Step 3 Right-click the device and select Device Center from the popup menu. Device Center launches for that device. Working With MLS Devices If you are using Multilayer Switching (MLS) in your network, Campus Manager displays MLS switches and routers in the network view. MLS provides high-performance Layer 3 switching for Cisco routers and switches. MLS switches IP data packets between subnets while using standard routing protocols for route determination. MLS also provides traffic statistics as part of its switching function. These statistics are used for identifying traffic characteristics for administration, planning, and troubleshooting. This topic contains:
9-75 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Devices Displaying MLS Reports You can obtain information about devices in your network that are participating in multilayer switching. Step 1 Go to a Network Topology View and click two or more multilayer switching (MLS) devices. If you do not know which devices are MLS devices, select Edit > Find. Step 2 Select Reports > Multi-Layer Switching > Route Processors to display the relationship between Layer 3 route processing devices in your network. Or, Select Reports > Multi-Layer Switching > Switch Engines to display the relationship between Layer 3 switching and forwarding devices in your network. Interpreting MLS Reports You can use MLS reports to display the relationships among multilayer switching (MLS) devices in your network. The Route Processors Report displays information about the routers in your network that support multilayer switching, and their relationship with the MLS switches. The Switching Engines Report displays information about the switches in your network that support Layer 3 switching (MLS), and their relationship with the MLS routers. This report also provides information about how the flow is Layer 3 switched. This topic contains: Interpreting the Route Processors Report Interpreting Switching Engines Report Interpreting the Route Processors Report See Table 9-28 to interpret information shown in the Route Processors report. Table 9-28 Field Description for Route Processor Report Field Description MLS Routers Lists the Multilayer Switching Route Processors that participate in MLS. The Route Processors are listed either by IP address or device name. MLS Switches Lists the Multilayer Switching Engines that perform Layer 3 switching for the routers listed in the MLS Routers field. The Switching Engines are listed either by IP address or device name.
9-76 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Devices Interpreting Switching Engines Report See Table 9-29 to interpret information displayed in the Switching Engines report. Note About Unified Icon Network Topology View of the Campus Manager displays a single icon for Cisco Catalyst 6000 with MSFC and Cisco Catalyst 5000 with RSM devices. The unified icon is Layer 2 and Layer 3 Switch Router icon. In previous versions of Campus Manager, the these devices were represented using different icons. Working With Application Servers Application servers are high-availability workflow systems that provide categories of service on a network, such as Cisco AVVID (Architecture for Voice, Video and Integrated Data) services. For example, a Media Convergence Server (MCS) is an application server providing such AVVID-related applications as Cisco CallManager. Cisco CallManager provides signaling and call control services to Cisco integrated multimedia applications as well as third-party applications. Cisco CallManager services can be distributed and clustered over an IP network, thereby allowing scale to 10,000 users and triple call processing redundancy. Table 9-29 Field Description for Switch Engines Report Field Description MLS Switches Lists the Switching Engines that perform Layer 3 switching (MLS) for the routers listed in the MLS Routers field. The Switching Engines are listed either by IP address or device name. MLS Routers Lists Route Processors that participate in MLS. Route Processors are listed either by IP address or device name. Flow Mask Destination-IP (DST)Switching Engine maintains one MLS entry for every destination IP address. All flows to the destination IP address use this MLS entry. This mode is used if there are no access lists on any of the MLS interfaces. Source-Destination-IP (SRC, DST)Switching Engine maintains one MLS entry for every source and destination IP address pair. All flows between the source and destination use this MLS entry regardless of the IP protocol ports (such as FTP). This mode is used if there is a standard access list on any of the MLS interfaces. IP-flow (SRC, DST, PORT)Switching Engine maintains one MLS entry for every IP-flow. A separate MLS entry is created for every flow in IP-flow mode. The IP-flow includes source IP address, destination IP address, protocol, and protocol ports. This mode is used if there is an extended access list on any MLS interface.
9-77 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Devices The Campus Manager Server component of CiscoWorks manages application servers, and Topology Services displays them in the Layer 2 view. You can access application servers and start Cisco CallManager from Topology Services. Topology Services cannot distinguish a Windows server (NT and 2000) from an application server running Cisco CallManager. Topology Services always displays a Windows server or a Media Convergence Server as an application server. To start an application server: Step 1 Right-click an application server icon from a Network Topology View and select Service Attributes from the popup menu. See Displaying Service Attributes for more details on the Service Attributes. Or Right-click an application server entry from a Summary View and select Service Attributes from the popup menu. The Service Attributes window opens. Step 2 Click Launch in the Launch column of the Service Attributes window. The application server starts. See the documentation included with the application server for more information. Displaying Device Service Modules To view the details on service modules for the devices: Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 2 Select a Cisco Catalyst 6000 device from the Switch Cloud in the LANEdge View. Step 3 Right-click the Cisco Catalyst 6000 device and select Service Modules from the pop up menu. The Service Modules window appears. Table 9-30 describes the fields shown in the Service Modules window.
9-78 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Working With Devices To print Service Modules information, select File > Print from the menu. To save the details to a text file, select File > Export from the menu. Displaying Service Attributes Services are server processes on the application servers in your network. Examples might include Cisco CallManager, Cisco Application Engine, and Cisco Trivial File Transfer Protocol (TFTP) Server. You can use Topology Services to display information about the available services in your network. To do this: Step 1 Select a view or a domain from the Tree View in the Topology Services Main Window. Step 2 Select View > Display View. The Network Topology Window opens. Step 3 Double-click Services in the Topology Filters list to expand the list of available services in the specified view or domain, and select a service from the list. Device icons in the network topology map become dimmed, except for those devices configured to run the specified service. The icons that are not dimmed in the map are highlighted. Step 4 Right-click a highlighted device, and select Service Attributes from the menu. The Software Service Attributes window appears. Table 9-30 Service Modules Field Descriptions Field Description Device Name Name of the device. Module IP Address IP Address of the module on the device. Device Type Cisco product name for the device, such as C6506. Module Type Type of module. Module ID Module identification, such as slot number. Module Status Current operational status, that is whether the module is active or inactive. Launch If IP Address is available, and Status is Ok, this button allows you to start the administration screen of the service. 1 1. In case of a switch with a VPN card, the launch point is enabled with the IP address of the switch.
9-79 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Displaying Campus Reports Interpreting Service Attributes See Table 9-31 to interpret the fields shown in the Software Service Attributes window. Displaying Campus Reports Campus Manager allows you to generate the following reports: Discrepancies. For details, see Viewing Discrepancy Reports. Best Practice Deviations. For details, see Viewing Best Practices Deviations Reports Port Attributes. For details, see Displaying Port Attributes. Device Attributes. For details, see Displaying Device Attributes. VLAN. For details, see Displaying VLAN Reports. To see these reports: Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 2 Select a view that contains the device, switch cloud, or the VTP Domain for which you want to view the report. This view is in the Tree View in the Topology Services Main Window. Step 3 Select Reports > Campus Reports from the menu. Or Select Campus Manager > Reports > Report Generator from the LMS Portal. The Campus Manager Report Generator dialog box appears. Step 4 Select the Campus Manager Reports from the left drop down list. Campus Manager Reports is selected by default. Step 5 Select the report you want to view from the right drop down list. The reports are: Best Practices Deviations Device Attributes Discrepancies Table 9-31 Software Service Attributes Field Descriptions Field Description Name Name of the device. IP Address IP Address of the device. Application Name Name of the service. Application Version Release number of the service. Installed on Installation date. Started at Time stamp. Status Current operational status. Launch Button that allows you to start the administration screen of the service.
9-80 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Monitoring Protocol Filter by Port Port Attributes VLAN Reports Step 6 Select the devices or the device groups from the Device Selector area. Step 7 Select the run type from the drop down menu, in the Scheduling area to schedule the report generator. You can schedule it for generating the report immediately, once, daily, weekly, or monthly. If you choose to generate the report immediately, go to Step 11. Step 8 Set the date and time for generating the report, in the Scheduling area. Step 9 Enter a description to identify this job, in the J ob Description field, of the J ob Info area. Step 10 Enter a valid e-mail ID in the Email field, of the J ob Info area, to receive the report through mail. Step 11 Click Submit to generate the report or click Reset to modify the values that you have entered. The report window for the report you selected, appears. Monitoring Protocol Filter by Port You can monitor protocol filtering by each port on devices that support this feature and have NetFlow Feature Cards installed. This section contains: Understanding Protocol Filtering Displaying Protocol Filter Information Understanding Protocol Filtering On Cisco Catalyst 5000 series switches with NetFlow Feature Cards installed, you can filter broadcast traffic by protocol on a port-by-port basis. You can display relevant ports on these switches and their protocol filtering status. This can help you troubleshoot end-user host connectivity problems based on mismatched protocols.
9-81 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Viewing Data Collection Metrics Displaying Protocol Filter Information You can display protocol filter information for each port on switches with NetFlow Feature Cards. Protocol filtering is supported on Ethernet VLANs only, and the ports must be non-trunking; trunking ports are members of all protocol groups. Verify that the port for which you want to display filter information is a non-trunking port. To display protocol filter information: Step 1 Go to a Network Topology View and click a device with a NetFlow feature card installed. Step 2 Select Reports > Port Attributes or right-click the device icon and select Port Attributes from the popup menu. Step 3 Compare the information in the Protocols Enabled and Protocols Seen fields. A mismatch between these fields implies connectivity problems. Viewing Data Collection Metrics To view a tabular report containing statistics for the last n Data Collection cycles. From the Topology Services main window, select Reports > Data Collection Report. The Data Collection Metrics window opens. See Table 9-32 for information displayed in the Data Collection Metrics window. Table 9-32 Data Collection Metrics Column Description StartTime Time at which the most recent Data Collection cycle began. PercentComplete Percentage of Data Collection that has completed so far in the current Data Collection cycle. EndTime Time at which the most recent Data Collection cycle completed. TotalTime Total time taken for the most recent Data Collection. Total Devices Total number of managed devices. New Devices Number of newly managed devices, not seen in the previous Data Collection cycle. Devices Deleted Number of devices that were seen in the previous Data Collection cycle, but not in the most recent Data Collection. Devices PerHour Number of devices managed per hour. Objects PerHour Number of objects managed per hour.
9-82 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Topology Groups Topology Groups The Topology Groups feature in Campus Manager allows you to create customized views, of the network, in which devices are grouped according to various criteria. A view may be considered as a group of devices or device elements. You can define the criteria (called a rule) that will determine the settings of your custom view. The rule will determine the group of devices to be displayed in the view. These groups are subsets of Layer 2 maps, the members being defined by a set of rule expressions. In a network with a large number of devices, a Topology Group helps you to perform operations in a subset of the large network. You can use Topology Groups Administration to manage the Topology Groups in your system. The following topics provide information about: Understanding Topology Groups Interpreting Topology Groups Summary Information Hierarchical Maps Understanding Topology Groups A Topology Group can be thought of as a convenience view that allows you to view a subset of the entire network based on the group rule defined while creating the view. These views, which are subsets of the Layer 2 views, can be accessed by a user or a set of users. These custom views are generated using a Campus Manager feature called Grouping Services, which helps manage groups of devices. Grouping Services determines the membership of a group by interpreting and applying the rule associated with the group. Hence, Topology Groups provides multiple benefits: Provides a channel to identify, and view a set of objects corresponding to a view. Facilitates the creation and management of views. Provides you with a way to define convenience views which are a subset of the Layer 2 map. See the following sections for a better understanding of Topology Groups concepts: Understanding Groups Using Groups
9-83 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Topology Groups Interpreting Topology Groups Summary Information You can display summary information about devices in Topology Groups. To do this: Step 1 Go to the Tree view in Topology Services, click a Topology Groups view. See Table 9-33 to interpret Topology Groups summary information. Hierarchical Maps Hierarchical maps are the Network Topology Views that display the devices listed under Topology Groups in a hierarchical organization. Each map displays the selected group as a cloud of devices. This section contains: Understanding Hierarchical Maps Viewing Hierarchical Maps Understanding Hierarchical Maps Hierarchical Maps provide a hierarchical view for the devices under the Topology Groups. These Maps display each Topology Group as a cloud. If a Topology Group contains a sub-group, the Network Topology View of the parent group displays a cloud icon to represent the sub-group. Similarly, each sub-group is displayed inside the corresponding parent group as a cloud icon. The Network Topology View for the parent topology Group displays an aggregate link for all the links from the sub-group to the devices in the parent group. If one or more devices in the sub-group of the Topology Group, are connected to the devices in the parent Topology Group, the hierarchical map of the parent group displays an aggregate link for all the links from the sub-group to the devices. If you double-click the sub-group cloud, you can view the Hierarchical map for the child group inside the parent group. Thus, hierarchical maps display the devices hierarchically till the last child group. Table 9-33 Interpreting Topology Groups Summary Information Field Description Devices Number of devices displayed in the particular view. Routers Number of routers. Device List Device Name Name of the Device. IP Address IP Address of the device. Device Type Product Type. State Current status of the device, whether it is reachable or not.
9-84 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Topology Groups Viewing Hierarchical Maps To view Hierarchical maps from the Topology Services window: Step 1 Select Topology Services > Topology Groups from the Campus Manager Main Window. Step 2 Select the Group that you want to view. Step 3 Select View > Display View from the menu. The Network Topology View window displays the hierarchical map for the selected group. If there are sub-groups, the Network Topology View displays each sub-group as a Cloud icon in the map represents the sub-group. Step 4 Right-click the Cloud icon in the Network Topology View and select Open. Or Double-click the cloud to view the sub-group. The Network Topology View window for the sub-group appears. Displaying the Device Label To display the name of the Cloud icon or the sub-group in the Network Topology View: Select the Cloud icon, select View > Display Labels, and select either IP address, Device name, or SysName. The Network Topology View displays the sub-group device category names. Filters for Topology Groups Filters are provided for the Topology Groups, in Network Topology Views. You can use these filters to filter the clouds, that are the sub-groups. For more details, see Using Topology Filters. Displaying Aggregate Links in Hierarchical Maps You can view the aggregate links between the clouds. The network view displays the aggregate links if a device in a cloud is linked to another cloud or the sub-group. Aggregate links may contain one or more links. For more details, see Displaying Aggregate Link Attributes. To view the aggregate links between the clouds, right-click the Cloud icon and select Show Aggregate Links. To clear the display of aggregate links, right the Cloud icon and select Clear Aggregate Links. Notes: The Groups under Campus Manager > Administration > Groups and under Topology Services > Topology Groups follow the same hierarchy. In Topology Groups, when you use the Find option using the device name or device IP address, the Find on Map window displays only the devices in the respective selected group, and does not display the devices in other sub-groups. For more details, see Using Find in Network Topology Views. After you create a Group through Campus Manager > Administration > Groups, you must reopen the Topology Services to view the changes. For more details, see Using Groups.
9-85 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Topology Services Menu Reference Topology Services Menu Reference See the command references for understanding the Topology Services windows. This section contains: Topology Services Main Window Menu Reference Network Topology View Menu Reference Topology Services Main Window Menu Reference Table 9-34 Topology Services Main Window Menu Descriptions Menu Command Toolbar Button Description File Print Prints Summary View. Export None Exports Summary View to a text file. Upgrade View Layouts None Upgrades any Layer 2 View, Unconnected Device View, and LAN Edge View that was saved in a previous version of Campus Manager. Exit None Exits Topology Services. Edit Rename None Renames a switch cloud. Copy None Copies selected text to the clipboard. Find Opens Find window to enable searching for items in the Tree View and Summary View. Find Next None Uses Find to search for next item that matches previously entered search criteria. Bandwidth Filter Settings None You can set the ranges of bandwidth utilization and color for the links to be highlighted in the Map. For more details, see Customizing Bandwidth Utilization Filters. View Show Toolbar None Shows or hides the toolbar. Reload None Refreshes Tree View contents. Refresh Summary Updates information in Summary View. Expand All None Expands selected folder in Tree View. Collapse All None Closes selected folder in Tree View. Display View None Opens Network Topology View for selected item in Tree View.
9-86 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Topology Services Menu Reference Reports Discrepancies None Displays discrepancies or anomalies in the discovered network. You can generate a report on the discrepancies. For more details, see Viewing Discrepancy Reports. Best Practices Deviations None Displays Best Practices Deviations page in Report Generator, where you can generate a report of Best Practices Deviations. For more details, see Viewing Best Practices Deviations Reports. Data Collection Report None Opens the Data Collection Metrics window. For more details, see Viewing Data Collection Metrics. Campus Reports None Displays the Report Generator page from where you can generate any of the five reports on: best practices deviations, device attributes, discrepancies, port attributes, or VLANs for VTP domain or the switch cloud. For more details, see Displaying Campus Reports. VLAN Report None Displays VLAN reports for devices, switch clouds, or VTP domains. You must select a VTP domain or a switch cloud for generating the report. Spanning Tree Configuration None Allows to generate reports and configure Spanning Trees on the network. Tools VLAN Management > Create Creates an Ethernet VLAN. This function can be performed only by users logged in as Network Administrators or System Administrators. VLAN Management > Delete Deletes the selected VLAN. This function can be performed only by users logged in as Network Administrators or System Administrators. PVLAN Management > Create None Creates Private VLAN. PVLAN Management > Delete None Deletes Private VLANs. VLAN Port Assignment Moves ports between VLANs in the same VTP domain. Window None None Switches between all open Topology Services windows. Table 9-34 Topology Services Main Window Menu Descriptions (continued) Menu Command Toolbar Button Description
9-87 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Topology Services Menu Reference Network Topology View Menu Reference Help Using Topology Services None Launches Topology Services Online help contents. Legend None Interprets icons in Topology Services. About None Shows version and copyright information for Topology Services. Table 9-35 Network Topology View Menu Descriptions Menu Command Toolbar Button Description File Save Layout Saves any changes you make to the Network Topology View (applies only to your user ID). Print >Print All Prints the entire Network Topology View, at the normal viewing level. Each page will have a corresponding column and row number with grid marks to align the pages. Print >Print Visible Prints what is visible the current screen, shrinking it to fit on one page. Export To Visio > Export To csv None Allows you to export the network map as a Visio drawing and save it in .csv format. Export To Visio > Export To xml None Allows you to export the network map as a Visio drawing and save it in XML format. Download Visio Stencil None Opens new browser window with a link for downloading the cm_cisco.vss stencil file. Close None Exits Network Topology View. Edit Undo None Reverses the last operation. Redo None Repeats the last operation. Find Finds devices by name or IP address. Select >All Devices None Selects all devices on the current Network Topology View. Select >All Links None Selects all links on the current Network Topology View. Table 9-34 Topology Services Main Window Menu Descriptions (continued) Menu Command Toolbar Button Description
9-88 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Topology Services Menu Reference Edit (Contd.) Select >All Highlighted Objects None Selects all highlighted devices on the current Network Topology View. Select >All Filtered Objects None Selects all filtered objects on the current Network Topology View. Highlight Filtered None Highlights devices that conform to selected filters. Clear Highlighted None Clears highlighting from Network Topology View. Perform Data Collection Rediscovers a selected device or a group of devices. This function can be performed only by users logged in as System Administrators. Delete Device(s) None Removes devices from the Network Topology View. Devices still in your network and manageable by Campus Manager will reappear on the Network Topology View after the next Campus Data Collection cycle. This function can be performed only by users logged in as Network Administrators or System Administrators. Delete Link(s) None Removes a link from the Network Topology View. This function can be performed only by users logged in as Network Administrators or System Administrators. Map Preferences None Edit Network Topology View settings such as color and layout style. View Show Toolbar None Shows or hides the toolbar. Show Grid None Shows or hides the grid. When moving devices with the grid on, the devices snap to the grid. Panner None Displays compact view of entire Network Topology View. Zoom In Focuses on a specific Network Topology View area. Table 9-35 Network Topology View Menu Descriptions (continued) Menu Command Toolbar Button Description
9-89 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Topology Services Menu Reference View (Contd.) Zoom Out Expands the focus to a larger area. Zoom to Selected Devices Focuses on selected devices. Fits selected devices in a Network Topology View window at the maximum size possible. Normal Returns to the default view. Fit in Window View all discovered devices. Display Labels > Show IP None Displays device IP addresses. Display Labels > Show Device Name None Displays device names. Display Labels > Show Sysname None Displays device sysNames. Display Labels > Clear Labels None Clears labels from Network Topology View. Relayout > Circular None Portrays interconnected ring and star topologies. Relayout > Hierarchical None Reveals precedence relations. Relayout > Symmetric None Provides representations of complex networks. Relayout > Orthogonal None Provides graph layouts with edges running parallel to x and y axes. View (Contd.) Refresh Map None Refreshes the display. DFM Alert Settings None Launches DFM Alert Settings Page. Table 9-35 Network Topology View Menu Descriptions (continued) Menu Command Toolbar Button Description
9-90 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Topology Services Menu Reference Reports Discrepancies None Displays discrepancies or anomalies in the discovered network. You can generate a report on the discrepancies. For more details, see Viewing Discrepancy Reports. Best Practices Deviations None Displays Best Practices Deviations page in Report Generator, where you can generate a report of Best Practices Deviations. For more details, see Viewing Best Practices Deviations Reports. Data Collection Report None Displays Data Collection Metrics report. For more details, see Viewing Data Collection Metrics. Device Attributes None Displays descriptive information about the selected device or devices. IPv6 Addresses None Displays the IPv6 Addresses report. For more details, see Viewing IPv6 Addresses Report. Service Attributes None Displays descriptive information about any application servers that are running on the selected device or devices. Port Attributes None Displays descriptive information about ports belonging to the selected device. Link Attributes None Displays descriptive information about the selected link or links. VLAN Report None Displays the VLAN Report for the selected devices in the Topology Map or for all devices in the Map. For more details, see Interpreting VLAN Reports. Multi-Layer Switching > Switching Engines None Displays relationship between Layer 3 route processing devices in network. Multi-Layer Switching >Route Processors None Displays relationship between Layer 3 switching and forwarding devices in your network. Table 9-35 Network Topology View Menu Descriptions (continued) Menu Command Toolbar Button Description
9-91 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Supported Protocols Supported Protocols The following concepts are important for understanding how to use Topology Services: Dynamic Trunking Protocol (DTP) IEEE 802.1Q You must make sure that the applicable protocols are implemented correctly in your network; otherwise, the information gathered might be incomplete. Inter-Switch Link (ISL) Protocol Inter-Switch Link (ISL) is a Cisco-proprietary protocol that allows VLAN trunking by maintaining VLAN information as traffic flows between switches and routers. You can pass VLAN information between devices by configuring links between the switches. If you want a link to carry more than one VLAN, you must use ISL. To use ISL, you must configure the ports on both sides of the link as trunk ports. When two VTP domains are interconnected using an ISL trunk between two LAN switches, by default, no VLAN traffic is forwarded. However, you can configure the ports on each switch to receive and forward specific VLANs. Tools RMON Data Collection > Disable None Disables RMON Data Collection. RMON Data Collection >Show Enabled Devices None Displays RMON enabled devices. Template Manager >Edit Database Traffic Templates None Creates, edits, or deletes database traffic templates. Template Manager >Edit Device Traffic Templates None Creates, edits, or deletes device traffic templates. Windows None None Switches between all open Topology Services windows. Help Using Network Views None Opens online help for the Network Topology View. Legend None Allows you to interpret icons in Topology Services. About None Shows Topology Services version and copyright information. Table 9-35 Network Topology View Menu Descriptions (continued) Menu Command Toolbar Button Description
9-92 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 9 Using Topology Services Supported Protocols To configure the ports, the VLANs on either side of the ISL trunk must be identical and share the same VLAN characteristics such as VLAN names, VLAN indexes, and so on. IEEE 802.1Q IEEE 802.1Q is the industry-standard for trunking. A standard for encapsulation protocol to carry traffic for multiple VLANs over a single link. You can use this standard when you want to interconnect a Cisco device with a trunk link to a non-Cisco device. You can use the encapsulation dot1q command on Cisco IOS version 12.0.1(t) or higher for the Cisco routers. C H A P T E R
10-1 User Guide for Campus Manager 5.2 OL-18011-01 10 Managing VLANs and VTP Campus Manager collects data about devices so that you can configure and manage Virtual LANs (VLANs) in your network. You must set up your LMS/Campus Manager server properly to ensure that Data Collection is successfully performed in your network. The Campus Manager configuration module helps you to manage your VLANs. You can configure and manage VLANs, PVLANs, Trunk, and also assign ports to VLANs. This chapter contains: Understanding Virtual LAN (VLAN) Using VLANs Configuring VLANs Creating Ethernet VLANs Interpreting VLAN Summary Information Understanding Private VLAN Using Private VLAN Understanding Inter-VLAN Routing Using Inter-VLAN Routing VLAN Trunking Protocol Understanding Trunking EtherChannel VLAN Port Assignment Using VLAN Port Assignment Usage Scenarios for Managing VLANs
10-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Understanding Virtual LAN (VLAN) Understanding Virtual LAN (VLAN) A Virtual Local Area Network (VLAN) allows you to create logical broadcast domains that can span across a single switch or multiple switches, regardless of physical positioning. A VLAN contains a group of devices on one or more LANs. These devices are configured in such a way that they can communicate as if they were all on the same network segment. VLANs are based on logical connections instead of physical connections, and hence they are extremely flexible. VLAN allows you to group ports on a switch to limit unicast, multicast, and broadcast traffic flooding. Flooded traffic originating from a particular VLAN is only flooded out to other ports belonging to that VLAN. This helps to reduce the size of broadcast domains and it allows groups or users to be logically grouped without being physically located in the same place. The following topics are covered in this section: Advantages of VLANs VLAN Components Using VLANs Advantages of VLANs VLANs provide the following advantages: Simplification of Adds, Moves, and Changes Controlled Broadcast Activity Workgroup and Network Security Simplification of Adds, Moves, and Changes Adds, moves, and changes are some of the greatest expenses in managing a network. Many moves require re-cabling and almost all moves require new station addressing and hub and router re-configuration. VLANs simplify adds, moves, and changes. VLAN users can share the same network address space regardless of their location. If a group of VLAN users move but remain in the same VLAN connected to a switch port, their network addresses do not change. If a user moves from one location to another but stays in the same VLAN, the router configuration does not need to be modified. Controlled Broadcast Activity Broadcast traffic occurs in every network. Broadcasts can seriously degrade network performance or even bring down an entire network, if the network is not properly managed. Broadcast traffic in a particular VLAN is not transmitted outside that VLAN. This substantially reduces overall broadcast traffic, frees bandwidth for real user traffic, and lowers the vulnerability of the network to broadcast storms.
10-3 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Understanding Virtual LAN (VLAN) You can control the size of broadcast domains by regulating the size of their associated VLANs and by restricting both the number of switch ports in a VLAN and the number of people using the ports. You can also assign VLANs based on the application type and the amount of application broadcasts. You can place users sharing a broadcast-intensive application in the same VLAN group and distribute the application across the network. Workgroup and Network Security You can use VLANs to provide security Firewalls, restrict individual user access, flag any unwanted network intrusion, and control the size and composition of the broadcast domain. You can: Increase security by segmenting the network into distinct broadcast groups. Restrict the number of users in a VLAN. Configure all unused ports to a default low-service VLAN. VLAN Components The VLAN components are: Switches that logically segment the end stations connected to it. Switches are the entry point for end-station devices into the switched domain and provide the intelligence to group users, ports, or logical addresses into common communities of interest. LAN switches also increase performance and dedicated bandwidth across the network. You can group ports and users into communities using a single switch or connected switches. By grouping ports and users across multiple switches, VLANs can span single-building infrastructures, interconnected buildings, or campus networks. Each switch can make filtering and forwarding decisions by packet and communicate this information to other switches and routers within the network. Routers that extend VLAN communication between workgroups. Routers provide policy-based control, broadcast management, and route processing and distribution. They also provide the communication between VLANs and VLAN access to shared resources such as servers and hosts. Routers connect to other parts of the network that are either logically segmented into subnets or require access to remote sites across wide area links. Transport protocols that carry VLAN traffic across shared LAN. The VLAN transport enables information exchange between interconnected switches and routers on the corporate backbone. This backbone acts as the aggregation point for large volume of traffic. It also carries end-user VLAN information and identification between switches, routers, and directly attached servers. Within the backbone, high-capacity links with high-bandwidth carry the traffic throughout the enterprise.
10-4 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using VLANs Using VLANs You can use Campus Manager to create, modify, and delete VLANs. You can use the Topology Services to create Ethernet VLANs. Campus Manager allows you to modify most of the VLAN characteristics that were entered when you created the VLAN, such as purpose, description, and LANE services. The following sections brief on the types of VLANs supported by Topology Services: Ethernet VLAN (See Ethernet VLANs) Private VLANs (See Understanding Private VLAN) Configuring VLANs You can configure VLANs using VLAN Configuration wizard. Creating VLAN To create VLANs, the VLAN Configuration wizard directs you through: 1. Selecting Devices or Entities 2. Creating VLANs 3. Assigning Ports to VLANs 4. Disallowing VLAN on Trunks 5. Understanding VLAN Creation Summary Deleting VLAN To delete VLANs, the VLAN Configuration wizard directs you through: 1. Deleting VLANs 2. Moving Affected Ports to New VLAN 3. Understanding VLAN Deletion Summary
10-5 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Configuring VLANs Selecting Devices or Entities You must select the devices or entities to be included in the VLAN. Domain Selector helps you to select devices in Switch Clouds and VTP Domains. To select devices or entities for a VLAN: Step 1 Select Campus Manager > Configuration > VLAN Configuration. The VLAN Configuration page appears. Step 2 Select the devices using the Device Selector or the Domain Selector from the VLAN Configuration dialog box.See Table 10-1 Step 3 Either: a. Click Create to create VLANs. The Create VLAN page appears. b. Go to Creating VLANs. Or a. Click Delete to delete the VLANs. The Select VLAN to Delete page appears. b. Go to Deleting VLANs. Table 10-1 VLAN Configuration Field Description Field Description Device Selector Lists all the devices in your network. Click the radio button to select the Device Selector. Domain Selector Lists the Switch Clouds and VTP Domains in your network. Click the radio button to select the Domain Selector. All Click All to view all the devices in the network. Check the checkboxes to select the devices. Selection Displays the devices that you have selected in the All pane.
10-6 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Configuring VLANs Creating VLANs After you select devices using the Device Selector or the Domain Selector and click Create in the VLAN Configuration page, the Create VLAN page appears. For more details, see Selecting Devices or Entities. You must enter the details as described in the Table 10-2. Click any of the following: Next to continue. The Assign VLANs to Port page appears. For details, see Assigning Ports to VLANs. Assigning ports to VLANs cannot be done for more than 100 devices at a time, since it results in memory issues. If you have selected more than 100 devices, click Finish to save VLAN creation. Do VLAN port assignment for 100 devices at a time. Cancel to exit. Finish to save changes. VLANs are created on the specified devices and the initial VLAN Configuration page appears. Creating VLANs on Transparent Devices When you create VLANS without checking the Create On All Transparent Switches option in the VLAN creation page, the following is the behavior of Campus Manager: Table 10-2 Create VLAN Field Description Field Description VLAN Name Enter a name for the new VLAN. VLAN Index Enter a number between 1 and 1024 to identify the VLAN. Create on all transparent switches Check the checkbox to include all switches that are VTP transparent. VTP transparent switches do not send VTP updates and do not act on VTP updates received from other switches. This checkbox is available only for VTP domain based VLAN creation. For more details on this, see Creating VLANs on Transparent Devices Copy running to start-up config Check the checkbox to copy the running configuration to the start-up configuration. Device Selected Access and Trunk ports listed in the VLAN Creation flow VLAN created on VTPv2 Server VTPv2 Server VTPv2 Client VTPv2Server VTPv3 Primary Server VTPv3 Server VTPv3 Client VTPv3 Primary Server VTPv3 Primary Server
10-7 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Configuring VLANs When you create VLANS with the Create On All Transparent Switches option in the VLAN creation page, the following is the behavior of Campus Manager: In the above tables, VTPv2 refers to VTP version 2 and VTP v3 refers to VTP version 3. Assigning Ports to VLANs A VLAN created in a management domain remains unused until you assign one or more switch ports to the VLAN. The Assign VLANs to Port page appears after you create the VLAN name and index. To assign ports to VLANs: Step 1 Select Campus Manager > Configuration > VLAN Configuration. The VLAN Configuration page appears. VTPv2 or VTPv3 Transparent device Selected Transparent device Selected Transparent device Device that has VTPv3 in Off Mode Selected Off Mode device Selected Off Mode device Device Selected Access and Trunk ports listed in the VLAN Creation flow VLAN created on Device Selected Access and Trunk ports listed in the VLAN Creation flow VLAN created on VTPv2 Server VTPv2 Server VTPv2 Client VTPv2 Transparent device VTPv2Server VTPv2 Transparent VTPv3 Primary Server VTPv3 Server VTPv3 Client VTPv3 Primary Server VTPv3 Transparent device VTPv3 Off Mode device VTPv3 Primary Server VTPv3 Transparent device VTPv3 Off Mode device VTPv2 or VTPv3 Transparent device VTPv2 or VTPv3 Transparent device VTPv3 Off Mode device VTPv2 or VTPv3 Transparent device VTPv3 Off Mode device Device that has VTPv3 in Off Mode VTPv3 Transparent device VTPv3 Off Mode device VTPv3 Transparent device VTPv3 Off Mode device
10-8 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Configuring VLANs Step 2 Select device or domain from the VLAN Configuration page. Step 3 Click Create. Step 4 Enter VLAN Name and VLAN Index in the Create VLAN page and click Next. The Assign Ports to VLAN page appears. Step 5 Select the ports and click Next. Table 10-3 describes the entries in the Assign Ports to VLAN page. Step 6 Click any of the following: Next to continue. The Disallow VLAN on Trunks page appears. Back to modify the Create VLAN page. Table 10-3 Assign Ports to VLAN Page Field Description Field Description VLAN Displays the name of the new VLAN. Filter Select any of the following criteria based on which you want to filter the list: Link Port Device Name Device Address Port Status VLAN Index VLAN Name Association type Or enter * or leave the field blank and click Filter to get all the records. Advanced Filter Click Advanced Filter to open Advanced Filter dialog box. Advanced filtering allows you to search ports using more search criteria. For more details on Advanced Filter, see Advanced Filter. Column Link Shows whether the port is connected to a switch or not. The value can either be True or False. Port Name of the port. Device Name Name of the device to which the port belongs to. Device Address IP address of the device to which the port belongs to. Port Status Status of the port. Shows whether the port is active or down. VLAN Index Index number for the VLAN to which the port belongs to. VLAN Name Name of the VLAN to which the port belongs to. Association Type Type of VLAN association.
10-9 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Configuring VLANs Cancel to exit. Finish to save changes. VLANs are created on the specified devices, selected ports are assigned to new VLAN and the initial VLAN Configuration page appears. For more details, see Disallowing VLAN on Trunks. Advanced Filter The Advanced Filter allows you to filter and choose the ports using various parameters and criteria, for assigning the ports to the VLAN. Table 10-4 describes the fields in the Filter Ports Window, when you click Advanced Filter from the Assign Ports to VLAN Window. Table 10-4 Filter Ports Field Description Field Description Match All Select the radio button to filter the ports that match all the selected parameters. Match Any Select the radio button to filter the ports that match any of the selected parameter. Parameter Select a parameter for which you want to filter the ports. Parameter is the attribute of a port. The values displayed for Assigning ports to VLANs are: Device Name Device Address Link Port Port Status Port Description VLAN Index VLAN Name Association Type The values displayed for Configuring Promiscuous ports are: Link Port Device Name Device Address VLAN Name Port Mode
10-10 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Configuring VLANs Click any of the following: More to add filter. Fewer to remove filter from the existing filters. You can add or remove only one filter at a time. Filter to filter the ports based on the values for the Parameters. Disallowing VLAN on Trunks You can select the links on which you do not want to allow Trunking in the newly created VLAN. After you Assign the ports to the VLAN (See Assigning Ports to VLANs), the End-to end VLAN wizard directs you to Disallow VLAN on Trunks page. To disallow trunking on the links in your VLAN, check the checkboxes corresponding to those links, and click Next. The VLAN Creation Summary page appears. Clicking Back takes you to the Assign Ports to VLAN page, where you can modify the port assignment. Clicking Finish saves the changes and takes you to the initial VLAN Configuration page. For more details, see Understanding VLAN Creation Summary. Table 10-5 describes the fields in the Disallow VLAN on Trunks page. Criteria Select the right criterion with respect to the parameter. The values are: contains begins with ends with is Value Enter a value corresponding to the parameter that you have selected. Table 10-4 Filter Ports Field Description (continued) Field Description Table 10-5 Disallowing VLAN on Trunks Page Field Description Field Description VLAN Name of the VLAN. Port1 Port on the first device linked to the VLAN. Device1 Name of the first device in the link. Device1 Address IP Address of the first device in the link. Domain1 Domain to which the device belongs to. Port2 Port on the second device linked to the VLAN. Device2 Name of the second device in the link. Device2 Address IP Address of the second device in the link. Domain 2 Domain to which the device belongs to.
10-11 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Configuring VLANs Understanding VLAN Creation Summary The VLAN Creation Summary page summarizes the operations that you performed through the VLAN Configuration wizard. The Summary provides the following information: VTP DomainLists the VTP domains. SummaryLists different parameters that you have entered. VLAN Creation ParametersLists the VLAN name and index, and the value of the parameters Create on all transparent switches and Copy running-config to startup-config. VLAN Port Assignment ParametersLists the VLAN name and index, and ports to which the VLAN is assigned to. VLAN Trunk Configuration ParametersLists the Trunks on which the VLAN is allowed or disallowed. Example: VLAN Creation Parameters VLAN Name: Test VLAN Index: 912 Create on all transparent switches : true Copy running-config to startup-config : true ----------------------------------------- VLAN Port Assignment Parameters VLAN Name: Test VLAN Index: 912 Operation: Assign the VLAN to selected port(s) Port : Fa4/28 Device: 10.77.209.43 Device Address: 10.77.209.43 ------------------------------------------ VLAN Trunk Configuration Parameters VLAN Name: Test VLAN Index: 912 Operation: Disallow VLAN on selected Trunk(s) Trunk: 10.77.209.52:2/1 => 10.77.209.61:2/25 Trunk: 10.77.210.211#2:Gi0/2 => 10.77.210.204:Gi1/0/24 Review the Summary, and click Finish to create the new VLAN, or click Back to modify the Disallow VLAN on Trunks page, or click Cancel to exit.
10-12 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Configuring VLANs Deleting VLANs You can delete the VLANs configured on the devices in your network. The VLAN Configuration wizard directs you to delete a VLAN. Step 1 Select Campus Manager > Configuration > VLAN Configuration. The VLAN Configuration page appears. Step 2 Select devices or entities from the VLAN Configuration page. For more details on selecting the devices, see Selecting Devices or Entities. Step 3 Click Delete. The Select VLAN to Delete page appears. Table 10-6 describes the fields in the Select a VLAN to Delete dialog box. Step 4 Click any of the following: Next to continue. The Move Affected Ports to New VLAN page appears. For more details, see Moving Affected Ports to New VLAN. Table 10-6 Select a VLAN to Delete Page Field Description Field Description Copy Running Config to Start-up Config Check the checkbox to copy the running configuration to start-up configuration. Delete on all Transparent Switches Check the checkbox to delete VLANs on all transparent switches. If you have created VLANs by checking Create on all transparent switches, it is mandatory that you check Delete on all Transparent Switches option to delete the VLANs created in VTP Domains. Filter Source Select the Filter type of the source: VLAN VLAN Name Domain Name Or enter * or leave the field blank and click Filter to get all the records. Select Select the radio button corresponding to the VLAN you want to delete. VLAN Index of the VLAN. VLAN Name Name of the VLAN. Domain Name Name of the domain in which the VLAN belongs to.
10-13 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Configuring VLANs Cancel to exit. The VLAN configuration appears. Finish to save changes. The selected VLANs are deleted from the devices. The ports in the deleted VLAN are automatically assigned to the default VLAN. The VLAN configuration page appears. Moving Affected Ports to New VLAN When you delete a VLAN, any port assigned to that VLAN becomes inactive. Such ports remain associated with the VLAN (and thus inactive), until you assign them to a new VLAN. You can move affected ports to a new VLAN using Campus Manager. You can move the ports in the VLAN you want to delete, to a new VLAN, only after you select the VLAN you want to delete. For more details on selecting a VLAN to delete, see Deleting VLANs. To move affected ports to a new VLAN: Step 1 Select Campus Manager > Configuration > VLAN Configuration. The VLAN Configuration page appears. Step 2 Select devices or entities from the VLAN Configuration page. For more details on selecting the devices, see Selecting Devices or Entities. Step 3 Click Delete. The Select VLAN to Delete page appears. Step 4 Select the radio button corresponding to the VLAN you want to delete and click Next. The Move Affected Ports to New VLAN appears. Table 10-7 describes the fields in the Move Affected Ports to new VLAN page. Step 5 Select the new VLAN from the Move affected ports to new VLAN drop-down menu. If you do not select any VLAN, the affected ports are moved to the default VLANVLAN 1. Step 6 Click any of the following: Next to continue. The VLAN Deletion Summary page appears. For more details, see Understanding VLAN Deletion Summary. Table 10-7 Move Affected Ports to New VLAN Page Field Description Field Description Port Affected port in the VLAN. Device Name Name of the device to which the port belongs to. Device Address IP address of the device. Port Status Status of the port. Connected To End Host, Network Device
10-14 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Configuring VLANs Back to modify the Select VLAN to Delete page. Cancel to exit. The VLAN configuration appears. Finish to save changes. The selected VLANs are deleted from the devices. The ports in the deleted VLAN are assigned to the VLANs selected by you. The VLAN configuration appears. Understanding VLAN Deletion Summary The VLAN Deletion Summary page summarizes the operations that you performed through the VLAN Configuration wizard to delete the VLAN. The Summary provides the following information: VLAN DeletionLists the domain name, name of the VLAN that is deleted, and the VLAN ID. Operation: Move the affected Ports to another VLANLists the name and ID of the new VLAN to which the ports have been moved, and lists the details of the ports including the name and IP address of the device. Example: VLAN Deletion: =================== VLAN Domain :DMZ_10.77.209.43(T) VLAN Deleted :VLAN0002 VLANId : 2 ------------------------------------------ Operation: Move the affected Ports to another VLAN New VLAN Name :internal VLAN 4 New VLAN Id :4 Port:Gi1/6 Device :172.20.118.182 Device Address :172.20.118.182 ------------------------------------------- Review the Summary and click Finish to delete the VLAN, or click Back to modify the Select VLAN to Delete page, or click Cancel to exit.
10-15 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Creating Ethernet VLANs Creating Ethernet VLANs You can use Topology Services to create Ethernet VLANs (which is the typical VLAN design). For details, see Ethernet VLANs. Ethernet VLANs An Ethernet VLAN is the typical VLAN design. This consists of a logical group of end-stations, independent of physical location on an Ethernet network. Catalyst switches support a port-centric or static VLAN configuration. All end stations that are connected to ports that belong to the same VLAN, are assigned to the same Ethernet VLAN. Creating Ethernet VLANs Before you create Ethernet VLANs, you must create a VTP domain in your network. Your login determines whether you can use this option. To create Ethernet VLANs in your network: Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 2 Select a VTP domain from the Tree View. Step 3 Select Tools > VLAN Management > Create > Ethernet from the menu. The VLAN Creation wizard appears. For more details, see Creating VLANs Interpreting VLAN Summary Information This section contains: Displaying VLAN Reports Interpreting VLAN Reports To display summary information about the VLANs in your network: From Tree View in Topology Services, open a VTP domain and select a VLAN. The Summary information is displayed in the right pane of the Topology services window. See Table 10-8 to interpret this information. Note Information on Bridge Number and Ring Number are not applicable to Ethernet VLANs.
10-16 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Interpreting VLAN Summary Information Displaying VLAN Reports Campus Manager allows you to generate VLAN reports for devices, switch clouds, or VTP domains. Step 1 Select Campus Manager > Reports > Report Generator. The Report Generator page appears. The left drop-down list displays Campus Manager Reports. Step 2 Select VLAN from Select a Report drop-down list. The VLAN page appears with the following information. See Table 10-9: Table 10-8 VLAN Field Description Field Description Ports Number of ports in the domain. Up Ports Number of active ports in the domain. ISL Index Inter-Switch Link (ISL) index of the VLAN. Port List Link A lightning bolt indicates a port that is connected to a switch. PortDescription Description about the port. PortName Name of the port. Device Name Name of device to which the port belongs. Device Address IP address of device to which the port belongs. Port Status Whether the port is active, down, dormant, or testing. isTrunk If checked, the port is configured as a VLAN trunk. Association Type Type of VLAN. Port Mode Displays mode of port. For example, PVLAN-Host, Promiscuous, or non PVLAN. Table 10-9 VLAN Page Field Description Field Description Scheduling Run Type Select a run type from the drop-down list. The following run types are available: Immediate, Once, Daily, Weekly, Monthly. If you select Immediate, the J ob Info fields and Scheduling Date will be dimmed. Note Launching immediate VLAN reports for more than 500 devices results in an error. You can schedule reports to run for all devices or launch immediate reports for less than 500 devices.
10-17 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Interpreting VLAN Summary Information Step 3 Click Submit to generate the report. The VLAN reports window appears. Or Click Reset to change the settings. You can open VLAN reports page from Topology Services. To open VLAN reports from Topology Services: Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 2 Select a view that contains the device, switch cloud, or the VTP Domain for which you want to view the report. This view is in the Tree View in the Topology Services Main Window. Step 3 Select Reports > VLAN Report from the menu. or Right-click the VTP Domain or the device, and select Display View. The Network Topology window appears. Step 4 Select the device or the switch cloud. Step 5 Right-click and select VLAN Report from the popup menu. or Select Reports > VLAN Report. The VLAN Report window appears. Date Select the date and time at which you need to generate the report. Format: 20 Apr 2005 at 01 20 Job Info J ob Description Enter a description for this report. E-mail Enter the e-mail id to which the report has to be sent. Table 10-9 VLAN Page Field Description (continued) Field Description
10-18 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Understanding Private VLAN Interpreting VLAN Reports The following information is displayed at the top of the report: Device Name Device IP Device Type Domain Table 10-10 describes the fields in VLAN Report. Understanding Private VLAN A Private VLAN (PVLAN) is a VLAN that isolates devices at Layer 2 (L2), from other ports within the same broadcast domain or subnet. PVLAN segregates traffic at L2 and converts a broadcast segment into a non-broadcast multi-access segment. PVLANs can stop L2 connectivity between end stations on a switch without distributing them into different IP subnets, thus preventing wastage of IP addresses. You can also assign a specific set of ports within a PVLAN, and thus control the connectivity among them. You can configure PVLANs and normal VLANs on the same switch. This topic contains Types of Private VLAN Ports Types of Private VLAN Ports The ports in a private VLAN are categorized as: Promiscuous Ports PVLAN Host Ports PVLAN Trunk Ports Table 10-10 VLAN Report Field Description Field Description VLAN ID VLAN index. VLAN Name Name of the VLAN to which the device belongs. Status Status of device can be operational or suspended. VLAN Type Types of VLANs to which the device is associated. The VLANs can be normal, primary, isolated, community, or two-way community VLANs. Associated Primary VLAN ID of the associated primary VLAN. MTU Size MTU size for the corresponding VLAN on that device. Media Type Explains in which media type the device operates. Device can be in ethernet, FDDI, or inactive.
10-19 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using Private VLAN Promiscuous Ports Promiscuous port communicates with all other interfaces and ports within a PVLAN. Such ports are used to communicate with external routers, local directories, network management devices, backup servers, administrative workstations, etc. Ports to the routing module in some switches are promiscuous in nature (for example, MSFC). PVLAN Host Ports A PVLAN host port is a port connected to a server or an end host that requires Layer 2 (L2) isolation. A host port exists in the PortFast mode and the BPDU Guard feature is enabled on these ports. These ports can be further classified into: Isolated Ports Community Ports This depends on the secondary VLAN to which the ports belong. Isolated Ports Isolated ports are completely isolated in L2, from other ports in the same PVLAN. These ports cannot receive the broadcasts from other ports within the same PVLAN, but receive broadcasts from promiscuous ports. Privacy for the VLAN is ensured at L2 level by blocking the traffic to all isolated ports, except the promiscuous ports. Broadcasts from an isolated port is always forwarded to all promiscuous ports. Community Ports Community ports communicate among themselves and with their promiscuous ports. These ports are isolated at L2 from all other ports in other communities, or isolated ports within their private VLAN. Broadcasts propagate only between associated community ports and the promiscuous port. PVLAN Trunk Ports Private VLAN Trunk ports are similar to Host ports that can carry multiple VLANs. A Trunk port carries the primary VLAN and the secondary VLANs to the neighboring switch. The Trunk port is unaware of PVLAN and will carry PVLAN traffic without any special action. Using Private VLAN A Private VLAN has four distinct parts: Primary VLAN Manages the incoming traffic from the promiscuous port to isolated, community, two-way community ports, and all other promiscuous ports, in the same primary VLAN. Isolated VLAN Isolated ports use this VLAN to communicate to the promiscuous ports. The traffic from an isolated port is blocked from reaching all adjacent ports within its private VLAN, except for its promiscuous ports.
10-20 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using Private VLAN Community VLAN A group of community ports use this unidirectional VLAN to communicate among themselves and to manage the outgoing traffic through the designated promiscuous ports from the private VLAN. Two-way community VLAN A group of community ports use this VLAN to communicate among themselves. This bidirectional VLAN manages the incoming and outgoing traffic for community ports and Multilayer Switch Feature Cards (MSFC). Isolated and community VLANs are called secondary VLANs. This section explains: Creating PVLAN Configuring Promiscuous Ports Deleting PVLAN While creating private VLANs, you: Must set VTP to Transparent or Off modes, for VTP version 2. Can create PVLAN on primary server, Transparent and Off modes for VTP version 3. Campus Manager enables you to: Create primary Private VLAN. Create isolated, community or two-way community VLANs. Associate secondary VLANs to primary VLANs. Assign ports to secondary VLANs. Configure promiscuous ports. Creating PVLAN To create a Private VLAN, you must designate one VLAN as primary and another as either isolated, community, or two-way community VLAN. Then, you can assign additional VLANs as secondary VLANs. After creating primary and secondary VLANs you must associate the secondary VLANs to the respective primary VLANs. Creating a private VLAN involves the following steps: Creating Primary VLAN Creating Secondary VLAN and Associating to Primary VLAN Associating Ports to Secondary VLAN
10-21 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using Private VLAN Creating Primary VLAN You must create primary VLAN before creating any other secondary VLAN. To create Primary VLANs: Step 1 Select Campus Manager > Configuration > PVLAN Configuration. The PVLAN Configuration page appears. Step 2 Select Create PVLAN from the TOC. Or Select Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 3 Select a VTP domain from the VTP Tree View, under the Managed Domain or Network View. Step 4 Select Tools > PVLAN Management > Create. The Create PVLAN page appears. Step 5 Select the devices using the Device Selector or the Domain Selector. For more details, see Step 2 of Selecting Devices or Entities. Step 6 Select Primary from the Private VLAN Type drop-down list. The Get Primary VLANs tab and the Associated Primary VLAN field is disabled. Step 7 Enter a name for the VLAN in the VLAN Name field. Step 8 Enter the VLAN index number for the new Primary VLAN, in the VLAN Index field. Step 9 Check the check boxes as required: To create private VLAN on all transparent switches. To copy Running to Startup config for IOS switches. The check box for creating private VLANs on all transparent switches, is enabled only when the VLAN contains a device in transparent mode. Step 10 Click Create to create primary PVLAN. Note You must create primary VLAN before creating any other secondary VLAN.
10-22 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using Private VLAN Creating Secondary VLAN and Associating to Primary VLAN After creating a primary VLAN, you can create secondary VLANs. Once you create a secondary VLAN, you must associate that to a primary VLAN. To do this: Step 1 Select Campus Manager > Configuration > PVLAN Configuration. The PVLAN Configuration page appears. Or Select Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 2 Select a view with a VTP domain, which has the devices listed for which you want to create PVLAN. This view is in the Tree View in the Topology Services Main Window. Step 3 Select Tools > PVLAN Management > Create. The Create PVLAN page appears. Step 4 Select one of the following options from the Private VLAN Type drop-down list: Isolated Community Two-Way Community Step 5 Select the Associated Primary VLAN. You can associate a secondary VLAN that you have created to a primary VLAN. VTP Domain field displays the domain you have chosen. You may enter the Private VLAN Name that you want to assign. Step 6 Select the Private VLAN Index. Step 7 Check the check boxes as required: To create private VLAN on all transparent switches. To copy Running to Startup config for IOS switches. The check box for creating private VLANs on all transparent switches, is enabled only when the VLAN contains a device in transparent mode. Step 8 Click Apply to create PVLAN or click Cancel to exit. Associating Ports to Secondary VLAN You must associate ports to the secondary VLAN that you have created. You can assign ports to a secondary VLAN as you assign for normal VLANs. For assigning ports to VLANs, see Using VLAN Port Assignment
10-23 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using Private VLAN Configuring Promiscuous Ports You must associate the promiscuous ports to the PVLANs you have created, to receive traffic from outside the PVLAN. You can configure only the ports on which Trunking is not enabled. To configure a Promiscuous Port: Step 1 Select Campus Manager > Configuration > PVLAN Configuration from the LMS Portal. The PVLAN Configuration page appears. Or From Topology Services Main Window, select the device that has the ports you require and select Tools > VLAN Port Assignment. The VLAN Port Assignment window appears. Step 2 Click Configure Promiscuous Ports from the TOC. The Configure Promiscuous Ports page appears. Step 3 Select a device or entities from the list using Device Selector or Domain Selector. Step 4 Click List Ports. The Port List displays the list of ports on the selected devices. You can filter the list using the Filter or Advanced Filter. Step 5 Select the ports from the ports listed in the table. Step 6 Click Configure. The Configure Promiscuous Port window appears. The Port Details table displays: Device Name Port Name Device IP Address IfName Step 7 Select the VLANs from the list of Available PVLANs. Step 8 Click Add to add to list of Mapped VLANs. Or Click Remove to remove the VLANs from the Map VLANs table. You can select the Copy Running to Start-up config check-box to copy the running configuration to the start-up configuration. Step 9 Click Apply to configure.
10-24 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using Private VLAN Deleting PVLAN To delete PVLAN: Step 1 Select Campus Manager > Configuration > PVLAN Configuration from the LMS Portal. Step 2 Click Delete PVLAN in the TOC. Or From Topology Services, select Managed Domains > VTP Domains from the Tree View in the Topology Services Main Window. Step 3 Select the PVLAN which you want to delete. Step 4 Select Tools > PVLAN Management > Delete. A VTP Domain Name: Delete Private VLAN Name appears. Step 5 Click List PVLANs to see a list of PVLANs. See Table 10-11. Step 6 Select the check box corresponding to the PVLAN you want to delete. To select all, select the check-box in the table heading. Step 7 Click Delete. Table 10-11 Fields in PVLAN List Field Description PVLAN List Filter You can select any of the following filter criteria: PVLAN Index PVLAN Name PVLAN Type Associated Primary Domain Enter the filter string, then click Filter. PVLAN Index Index value of the PVLAN. PVLAN Name Name of the PVLAN. PVLAN Type Type of PVLAN. Values are: Primary, Secondary, Community Associated Primary Name of the Associated Primary VLAN. Domain Domain to which the VLAN belongs to.
10-25 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Understanding Inter-VLAN Routing Understanding Inter-VLAN Routing Inter-VLAN Routing enables to route the traffic between different VLANs. This feature is required when an end station wants to communicate with another end station in a different VLAN. Devices within a VLAN can communicate with one another without the help of a router. On the contrary, devices in separate VLANs require a routing device to communicate with one another. Network devices in different VLANs cannot communicate with one another without a router to route the traffic between the VLANs. In most of the network environments, VLANs will be associated with individual networks or subnetworks. In a switched network, VLANs segregate devices into different collision domains and Layer 3 (L3) subnets. Configuring VLANs for inter-VLAN routing helps to control the size of the broadcast domain and to keep local traffic local. You can configure one or more routers to route traffic in the network. Layer 2 switches require a L3 routing device (either external to the switch or in another module on the same chassis). The new L3 Switches accommodate routing capabilities. The router or the switch receives a packet, determines the VLAN to which it belongs, and sends the packet to the appropriate port on the other VLAN. Using Inter-VLAN Routing Configuring Inter-VLAN Routing Campus Manager supports Inter-VLAN Routing configuration on devices like MSFC, RSM, and external routers with IPv4. Prerequisite for configuring Inter-VLAN Routing through Campus Manager Resource Manager Essentials is a prerequisite for configuring Inter-VLAN Routing using Campus Manager. If the server running Campus Manager does not have RME, you can use a remote server, which has the RME application. If you want to configure Inter-VLAN Routing on a device: Resource Manager Essentials must manage the devices. The device must have the same device name when managed by Campus Manager as well as Resource Manager Essentials. See the User Guide for Resource Manager Essentials 4.3 for more details on how to manage devices.
10-26 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using Inter-VLAN Routing Configuring Inter-VLAN Routing on RSM, MSFC, L2/L3 Devices To configure Inter-VLAN Routing on a VLAN interface: Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 2 Select a device from the Topology Services Tree View, under the Network Views. Step 3 Right-click the device and select Config Inter-VLAN Routing from the popup menu. The Configure Inter-VLAN Routing window appears. This window displays the Device Name and the Device IP of the selected device. Step 4 Select a device interface from Device interface configuration list. Step 5 Click Edit to edit an existing VLAN configuration. Or Click New to configure Inter-VLAN Routing for a new VLAN interface. You can edit IP Address, Admin Status, and Subnet Mask. See Table 10-12. You can also delete a Device Interface from the list of Interfaces for which you do not want to configure Inter-VLAN Routing. Step 6 Click Move to Interface Set. If you want to edit the configuration details again: a. Select the VLAN interface from the Interface Set. b. Click Delete from Interface Set c. Repeat the steps from Step 4. Step 7 Click Apply. You can configure Inter-VLAN Routing for more than one VLAN interface, at a time. The RME Server credentials window appears. Step 8 Enter RME Server, Server Port, User Name, and Password. See Table 10-13. Table 10-12 Configuring Inter-VLAN Routing Field Descriptions Field Description VLAN Interface 1 1. You can enter the VLAN interface name to create a new interface. You cannot edit an existing VLAN interface. Enter the VLAN interface. IP Address Enter the IP address for the interface Subnet Mask Enter the subnet mask address. Admin Status Select the Admin status: Up Down
10-27 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using Inter-VLAN Routing Step 9 Click OK. Inter-VLAN Routing is configured for all the VLAN interfaces in Interface Set. Configuring Inter-VLAN Routing on External Routers To configure Inter-VLAN Routing on a VLAN interface of an external router: Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 2 Select a device from the Topology Services Tree View, under the Network Views. Step 3 Right-click the device and select Config Inter-VLAN Routing from the popup menu. The RME Server credentials window appears. Step 4 Enter RME Server, Server Port, User Name, and Password. See Table 10-14 Step 5 Click OK. The Configure Inter-VLAN Routing window appears. Step 6 Select a device interface from Device interface configuration list. Step 7 Click Edit to edit an existing VLAN configuration. Or Click New to configure Inter-VLAN Routing for a new VLAN interface. Table 10-13 RME Server credentials Field Description Field Description RME Server Name of the RME server or the IP address Server Port 1 1. In Campus Manager, 1741 is the default port for http mode and 443 is the default port for SSL (https) mode. Enter the port number User Name Enter the user name Password Enter the password Table 10-14 RME Server Credentials Field Description Field Description RME Server Name of the RME server or the IP address. Server Port 1 1. In Campus Manager 1741 is the default port for http mode and 443 is the default port for SSL (https) mode. Enter the port number. User Name Enter the user name. Password Enter the password.
10-28 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP VLAN Trunking Protocol You can edit IP Address, Admin Status, Encapsulation, and Subnet Mask. See Table 10-15 You can also delete a device interface from the list of interfaces for which you do not want to configure Inter-VLAN Routing. Step 8 Click Move to Interface Set. If you want to edit the configuration details again: a. Select the VLAN interface from the Interface Set. b. Click Delete from Interface Set c. Repeat the steps from Step 2. Step 9 Click Apply. You can configure Inter-VLAN Routing for more than one VLAN interface, at a time. Inter-VLAN Routing is configured for all VLAN interfaces in the Interface Set. VLAN Trunking Protocol VLAN Trunking Protocol (VTP) is a Layer 2 multicast messaging protocol that maps VLANs across all media types and VLAN tagging methods between switches. In this way it maintains the VLAN configuration consistency throughout a network. VTP reduces the effort in adding, deleting, or renaming a VLAN at each switch, when the VLAN extends to other switches in the network. VTP minimizes misconfigurations and configuration inconsistencies that can result in a number of problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. With VTP, you can make configuration changes centrally on one switch and have those changes automatically communicated to all the other switches in the network. Table 10-15 Configuring Inter-VLAN Routing Field Descriptions Field Description VLAN Interface 1 1. You can enter the VLAN interface name to create a new interface. You cannot edit an existing VLAN interface. Enter the VLAN interface. IP Address Enter the IP address for the interface. Sub-Interface ID Enter the ID for the sub-interface. Admin Status Select the Admin status: Up Down Encapsulation Select the encapsulation: dot1Q ISL Subnet Mask Enter the subnet mask address.
10-29 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP VLAN Trunking Protocol The major function of VTP is to distribute VLAN information. You must configure VTP before you configure any VLAN. Using VTP, each switch in server mode displays the following: Management domain on the Trunk ports Configuration revision number VLANs and their specific parameters. For more details on VLAN, see Understanding Virtual LAN (VLAN), and for VTP Domains, seeVTP Domains. This topic contains: VTP Domains Understanding VLAN Trunking Protocol Version 3 Using VLAN Trunking Protocol (VTP) Using VTP Views VTP Domains A VTP domain is made up of one or more interconnected devices that share the same VTP domain name. A switch can be configured to be in only one VTP domain, and each VLAN has a name that is unique within a management domain. Typically, you use a VTP domain to ease administrative control of your network or to account for physical boundaries within your network. However, you can set up as many or as few VTP domains as are appropriate for your administrative needs. Consider that VTP is transmitted on all Trunk connections, including ISL, IEEE 802.1Q, 802.10, and LANE. VTP Domains display and monitor the details of the VLANs in your network. Sometimes includes special cases labeled NULL or NO_VTP. NULLLists devices that are in transparent mode and that support VTP, but do not have configured domain names. Each of these devices is identified in the list by its IP address. NO_VTPLists devices that do not support VTP. Each of these devices is identified in the list by its IP address. However, devices which do not support VTP but support VLANs (for example, Catalyst 2900XL Standard Edition switches) are placed in the NO_VTP domain. The devices that do not support VLANs and VTP (for example, Catalyst 1900 Standard Edition switches) are placed in the domain category of the neighbor device.
10-30 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP VLAN Trunking Protocol Components of VTP Domains Within a VTP domain, you can configure switches as follows: ServerVTP servers advertise their VLAN configuration to other switches in the same VTP domain and synchronize their VLAN configuration with other switches based on advertisements received over Trunk links. VTP server is the default mode. ClientVTP clients operate in the same way as VTP servers. However, you cannot create, change, or delete VLANs on a VTP client. VTP clients also do not broadcast VTP advertisements like the VTP servers do. TransparentVTP transparent switches do not participate in VTP. A VTP transparent switch does not display its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. Your VTP domain structure influences the behavior of Topology Services. Understanding VLAN Trunking Protocol Version 3 VTP version 3 can distribute a list of opaque databases over an administrative domain. VTP version 3 provides these enhancements to the previous VTP versions: Support for extended VLANs. Support for creating and advertising private VLANs. Support for VLAN instances and MST mapping propagation instances. Allows improved server authentication. Prevents you from adding the wrong database to a VTP domain. Allows interaction with VTP version 1 and VTP version 2. Support for configuring VTP version 3 on a per-port basis. Enables the network to propagate the VLAN database and other databases. VTP version 3 is a collection of protocol instances. Each instance handles one database, which is associated with a given feature. VTP version 3 runs multiple instances of the protocol by which it handles the configuration propagation of multiple databases that are independent of one another. Support for VTP Version 3 in Campus Manager Campus Manager supports the version 3 of VTP. Following are the major features supported in this release: Displays Primary server as a subfolder under the parent VTP domain: If your network contains devices running VTP version 3, the primary server is displayed as a subfolder under the parent Domain in the VTP Domains. Under Primary server folder, you can find all the server and client modes. Supports devices with VTP set to Off mode: The devices which are set to Off mode are supported as for the transparent mode devices. The Tree View displays the Off mode devices in subfolder under the parent domain.
10-31 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP VLAN Trunking Protocol Provides VTP filters: Topology Filters contains a filter for devices running VTP version 3 in the Network Topology view for the VTP Domains and VTP Views. You can enable the filters to view the primary, server, client, transparent, and Off mode devices. The Off mode devices in VTP version 2 and version 3 domains, are displayed under different subfolders of the parent domain, in the Tree View. When you change the configuration through Campus Manager, the Off mode devices are considered similar to the Transparent mode devices. For more details, see Figure 10-1. Figure 10-1 VTP Filters 1 Menu 7 Filter on for VTP devices 2 Toolbar 8 Check box dimmed for the filter 3 Topology map 9 Topology filter results
10-32 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP VLAN Trunking Protocol Supports creating Private VLANs in VTP version 3 environment. You can create a VLAN or PVLAN using a primary server domain or the parent domain. You can create a VLAN or PVLAN only on the Primary server, Transparent and Off mode devices, in a VTP version 3 environment. Notes on creating VLAN or PVLAN in VTP version 3 domain using Campus Manager You must select the parent VTP domain folder under the VTP domain Tree to create VLAN or PVLAN. To create VLAN or PVLAN on all transparent switches in the domain, you can check the check box Create VLAN on all transparent switches in the Creating VLAN or PVLAN windows. For more details, see Creating Ethernet VLANs and Creating PVLAN. You must select the primary domain subfolder under the VTP domain, while creating VLAN and PVLAN on the Primary server mode devices that has clients and secondary servers. You must select Transparent or Off mode subfolders under the parent VTP domain to create VLAN or PVLAN on a single Transparent or Off mode device respectively. Using VLAN Trunking Protocol (VTP) Using VLAN Trunking Protocol (VTP), each switch in server mode advertises its management domain on its Trunk ports, its configuration revision number, and its known VLANs and their specific parameters. Therefore, a new VLAN must be configured on only one device in the management domain, and the information is automatically learned by all other devices (not in VTP transparent mode) in the same management domain. After a device learns about a VLAN, it receives all frames on that VLAN from any Trunk port and, if appropriate, forwards them to each of its other Trunk ports. This topic contains: Displaying VTP Reports Using VTP Views 4 Filtered devices 10 Check box enabled for VTP Transparent devices 5 Filter collapsed 11 Expand icon for the filter 6 Filter dimmed
10-33 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP VLAN Trunking Protocol Displaying VTP Reports To display a VTP report for the VTP domains in your network. Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 2 Select a VTP domain under the VTP views for which you want to view the report. This view is in the Tree View in the Topology Services Main Window. The VTP Report, which is the Summary view, appears. Interpreting VTP Reports See Table 10-16 to interpret the fields shown in the VT Reports Summary view. Table 10-16 Field Description for VTP Report Field Description Link A lightning bolt indicates a port that is linked to a switch. Port Number of ports in the domain. IfName Interface Name. Device Name Name of the device to which the port belongs. Device Address Address of the device to which the port belongs. PortStatus Displays the status of the port, whether the port is active or dormant. isTrunk If the box is checked, the port is configured as a VLAN Trunk. VLAN Name of the VLAN. Association Type Type of VLAN Port Mode Displays the mode of the port. For example, PVLAN-Host, Promiscuous, or a non-PVLAN.
10-34 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP VLAN Trunking Protocol Using VTP Views VTP Views shows devices that participate in VTP domains. VTP Views also shows the non-VTP devices connected directly to the VTP domain. See Figure 10-2 Figure 10-2 VTP Tree View Use the VTP views to: Display Device Attributes Display Port Attributes Display Link Attributes Display information about multi-layer switching (MLS) devices in your network. See Displaying MLS Reports 1 VTP domain in the Topology Tree View 4 VLANs under the Transparent switch mode 2 Parent VTP domain 5 VTP Views under the Network View 3 Switch in Transparent mode 6 Parent VTP domain under VTP views
10-35 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Understanding Trunking Understanding Trunking A Trunk is a point-to-point link carrying traffic for several VLANs, and are typically used to connect switches. Instead of configuring several access links to carry multi-VLAN traffic, its economical to do it with a single trunk link. Trunking is hence a type of configuration on an interface which allows VLANs to span the entire network, instead of just one switch. The Trunked interface that connects to another network device is allowed to pass traffic for multiple VLANs, instead of only one VLAN as in a non-Trunked interface on a switch. This topic contains: Trunking Considerations Dynamic Trunking Protocol (DTP) Trunk Encapsulation Trunk Characteristics Encapsulation Types Creating Trunk Modifying Trunk Attributes Trunking Considerations While using a Trunk, consider the following: VLANs are local database of a switch. VLAN information is not passed between switches. Trunk links provide VLAN identification for frames traveling between switches. You can use either of the two Ethernet Trunking mechanisms: ISL and IEEE 802.1Q. Trunks carry traffic from all VLANs to and from the switch by default. However, they can be configured to carry only specified VLAN traffic too. Trunk links must be configured to allow Trunking on each end of the link. Dynamic Trunking Protocol (DTP) Dynamic Trunking Protocol (DTP) is a Cisco proprietary protocol. Trunk negotiation is managed by the DTP on a link between two devices. DTP is also used for negotiating the type of Trunking encapsulation to be used. Dynamic Trunking is the ability to negotiate the Trunking method with the other device, and DTP is a point-to-point protocol that supports auto-negotiation of both ISL and 802.1Q Trunks. DTP sends the VTP domain name in a DTP packet. Therefore, if you use DTP, and if the two ends of a link belong to a different VTP domain, the Trunk will not function. The Catalyst operating system options of auto, desirable, and on, and the IOS options of dynamic auto, dynamic desirable, and trunk, configure a Trunk link using DTP. If one side of the link is configured to Trunk and sends DTP signals, the other side of the link will dynamically begin to Trunk, if the options match correctly.
10-36 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Understanding Trunking To enable Trunking and not send any DTP signaling, you can use the option nonegotiate for switches that support that function. If you want to disable Trunking completely, you can use the off option for a Catalyst operating system switch or the no switchport mode trunk command on an IOS switch. DTP is a second generation Dynamic Inter-Switch Link Protocol (DISL) and allows the Cisco Catalyst devices to negotiate whether to use 802.1Q encapsulation. DISL and DTP do not negotiate Trunking in case of EtherChannelthey only negotiate whether to enable Trunking. Trunk Encapsulation The following Trunking encapsulations are available on all Ethernet interfaces: Inter-Switch Link (ISL)A Cisco-proprietary Trunking encapsulation. 802.1QAn industry-standard Trunking encapsulation. Trunk Characteristics Table 10-17 shows the DTP signaling and the characteristics of each mode. Table 10-17 Trunking Mode Characteristics Trunking Mode Frames Sent Description Final state (local port) on YES, periodic Trunking is active. The interfaces sends DTP signals that actively attempt to convert the link to a Trunk link. The interface becomes a Trunk interface if the neighboring interface is set to on, auto or desirable, and is running DTP. A port that is in on mode always tags frames sent out from the port. Trunking, unconditionally. auto YES, periodic These links will only become Trunk links if they receive a DTP signal from a link that is already Trunking or desires to trunk. This will only form a Trunk if the neighboring interface is set to on or desirable. This is the default mode for Catalyst operating system switches. The port will end up in Trunking state only if the neighboring interface wants to. desirable YES, periodic These links would like to become Trunk links and send DTP signals that attempt to initiate a Trunk. They will only become Trunk links if the other side responds to the DTP signal. This will form a Trunk if the neighboring interface is set to on, auto, or desirable and is running DTP. This is the default mode for all Ethernet interfaces. If the port detects that the neighboring interface is able to Trunk (remote in on, desirable or auto mode), it will end up in Trunking state. Otherwise, it will stay non-Trunking.
10-37 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Understanding Trunking Encapsulation Types The encapsulation type allows you to specify whether ISL or 802.1q should be used for Trunking. The parameter is only relevant if the module you are using is able to use both types of encapsulation. The parameter can have three different values as shown in table below. Creating Trunk To create trunk for a port: Step 1 Select Campus Manager >Configuration > Trunk Configuration from the LMS Portal. The Create Trunk page appears. Step 2 Select the device or domain from the list, and click Show Links. The Available Links pane displays the links for each device that you have selected. Table 10-18 describes the fields in the Available Links pane. nonegotiate NO Sets Trunking on and disables DTP. These will only become Trunks with ports in on or nonegotiate mode. Trunking, unconditionally. off YES This option sets Trunking and DTP capabilities off. This is usually the recommended setting for any access port since it prevents any dynamic establishments of Trunk links. Non Trunking, unconditionally. Table 10-17 Trunking Mode Characteristics (continued) Trunking Mode Frames Sent Description Final state (local port) Encapsulation Type Description and Trunking ISL Sets the port encapsulation to ISL. 802.1Q Sets the port encapsulation to 802.1q. negotiate Only available in auto or desirable Trunking modes: If the neighboring interface has encapsulation type set to negotiate, the Trunk will eventually be set up with ISL. If the interface is configured for ISL or 802.1q or only able to use ISL or 802.1q, the Trunking encapsulation used will be the same as the neighboring interface.
10-38 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Understanding Trunking Step 3 Click the radio button corresponding to the link to select link for which you want to create trunk. Step 4 Click Create Trunk. Or From Topology Map, right-click the link for which you want to create trunk, and select Create Trunk from the popup menu. The Create Trunk window appears. Table 10-19 describes the fields in the Create Trunk page. Table 10-18 Available Links Field Description Field Description Filter Select the filter type and then enter the string. Leave the field blank to display all. You can filter the list based on the Port1, Device1, Port2, or Device2. For example, if you want to see only the trunks on the selected devices which starts with IP address 10.77, select Device1 from the Filter type, then enter 10.77.* in the filter field and click Filter. Port 1 Port of the first device in the link. Device 1 IP Address (IPv4 or IPv6 Address) of the device to which the port1 belongs to. Port 2 Port of the second device in the link. Device 2 IP Address (IPv4 or IPv6 Address) of the device to which the port2 belongs to. Table 10-19 Create Trunk Page Field Description Field Description Device Information Device IP addresses of the devices forming the link. Port Port numbers of the devices forming the link. Trunk Settings Encapsulation Select the Encapsulation type for the trunk. Campus Manager supports: Dot1Q, ISL, Negotiate. Mode Trunking mode of the port is set to Desirable. Campus Manager supports only the Desirable mode. Configure VLANs on Trunk Allow Active VLANs Lists only the active VLANs. 1. Select the VLANs for which you do not want to configure Trunk. 2. Click Add to move the VLANs to Disallowed VLANs list. Disallow Active VLANs 1. Select the VLAN IDs of the VLANs, which must pass through the Trunk. 2. Click Remove to move the VLANs to the list of Allowed VLANs.
10-39 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Understanding Trunking To copy the running configuration to start-up configuration, select Copy Running to Start-up Config check-box . Step 5 Click Create to create the Trunk or click Close to exit. After you click Create, it will be idle for 2 minutes to see if the device goes down on setting the port to trunking mode. After 2 minutes, if the creation of trunk is successful, Data Collection for these devices is triggered. Only after the completion of Data Collection, you can see the newly configured trunk ports in the Modify Trunk Attributes page. Note If the trunk link is configured in a port that flaps between blocking and non-blocking states due to STP, then the port will be listed in both Create Trunk page and Modify Trunk Attributes page. To know whether the port is trunking or not, enable logging in the device and see the log messages. Modifying Trunk Attributes To modify trunk attributes: Step 1 Select Campus Manager > Configuration > Trunk Configuration from the LMS Portal. Step 2 Click Modify Trunk Attributes from the TOC. The Modify Trunk Attributes page appears. Step 3 Select devices from the device list, and click Show Trunks. The trunks configured on the devices are listed in the Trunk List. See Table 10-20. Configure VLANSs on Trunk Using Ranges Allow VLANs Enter VLAN IDs of the VLANs, which must pass through the Trunk in the range of 1 to 1005 and 1025 to 4094. The other VLANs are not supported for Trunking. Disallow VLANs Enter VLAN IDs of the VLANs, which must not pass through the Trunk, in the range of 1 and 4096. If you enter numbers into both fields, the VLAN indexes that you are disallowing will take precedence over VLAN indexes that you are allowing. For example, if you allow 1-1024 and disallow 1-100, VLANs with ISL indexes of 101-1024 will be allowed. Table 10-19 Create Trunk Page Field Description (continued) Field Description
10-40 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Understanding Trunking Step 4 Select the radio-buttons corresponding the trunk you want to modify, and click Modify Trunk. The Modify Trunk window appears. The Device Information pane displays the device IP address and the port number of all the devices you have selected. Step 5 Select the Trunk Settings a. Select Encapsulation: Dot1Q ISL Negotiate b. Mode Campus Manager 3.3 supports only the Desirable mode. Step 6 Configure VLANs on Trunk. Allow VLAN(s)Enter VLAN IDs of the VLANs, which must pass through the Trunk, in a range between 1 to 1005 and 1025 to 4094. The other VLANs are not supported for Trunking. * indicates that the VLANs were previously disallowed. Disallow VLAN(s)Enter VLAN IDs of the VLANs, which must not pass through the Trunk, in a range between 1 and 4096. Use the Add or Remove buttons to allow or disallow VLANs. To copy the running configuration to start-up configuration, select Copy Running to Start-up Config check-box. Step 7 Click Modify. Table 10-20 Trunk List Field Description Field Description Filter Select the filter type and then enter the string. Leave the field blank to display all. You can filter the list based on the Port1, Device1, Port2, or Device2. For example, if you want to see only the trunks on the selected devices which starts with IP address 10.77, select Device1 from the Filter type, then enter 10.77.* in the filter field and click Filter. Port 1 Port number of the port of the device at one side in the link that is configured for Trunking. Device1 IP Address (IPv4 or IPv6 Address) of the device to which the port1 belongs to. Port2 Port number of the port of the device at the other end of the link that is configured for Trunking. Device2 IP Address (IPv4 or IPv6 Address) of the device to which the port2 belongs to.
10-41 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP EtherChannel EtherChannel EtherChannel is a technology that bundles individual Fast Ethernet and Gigabit Ethernet links into a single logical link that would provide higher bandwidth. EtherChannels thus enable you to aggregate up to Gigabit Ethernet connections, providing up to 16 Gbps of bandwidth (in full duplex mode). The channel is treated as a single logical connection between two switches. If one of the connections fails in the EtherChannel, the other connections will be operating so that the connection is not down. This topic contains: Understanding EtherChannel Using EtherChannel Understanding EtherChannel EtherChannel provides incremental Trunk speeds between Fast Ethernet (FE) and Gigabit Ethernet (GE) by grouping multiple equalspeed ports into a logical port channel. EtherChannel combines multiple FEs up to 800 Mbps or GEs up to 8 Gbps, providing fault-tolerant, high-speed links between switches, routers, and servers. Campus Manager supports only PAgP, the aggregation protocol. When a user selects a port or link for configuring EtherChannel, the user is prompted with all available ports that can participate in the channel (Ports that are directly connected between devices). Admin Group ID attribute for each port is also provided under group attribute. User can change them accordingly to choose which ports need to aggregate into a channel. All ports that have same group value will participate in channel. Campus Manager supports only the Desirable mode for EtherChannel configuration. Campus Manager does not support EtherChannel configuration between a switch and router. Using EtherChannel Campus Manager allows you to: Aggregate multiple links between switches into one or more EtherChannels. Configure frame distribution parameters for EtherChannel load balancing. Configuring EtherChannel To configure EtherChannel: Step 1 Select Campus Manager > Visualization > Topology Services from the LMS Portal. The Topology Services Main Window appears. Step 2 Select a view that contains the devices for which you want to configure EtherChannel. This view is in the Tree View in the Topology Services Main Window. Step 3 Right-click the view and select Display View from the popup menu. The Network Topology View window appears.
10-42 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP VLAN Port Assignment Step 4 From the Network Topology View select the link on which you want to configure EtherChannel. Step 5 Right-click the link and select Configure EtherChannel. The EtherChannel Configuration window appears. Protocol field displays PAgP. Port Aggregation Protocol (PAgP) is the Protocol that is supported for configuring EtherChannel. Step 6 Select one of the Distribution Protocols from the drop-down menu: ip mac port leave default Select leave default when you do not want to configure distribution protocols. The Channel Mode field displays the mode of the port. Campus Manager supports only the Desirable mode for EtherChannel configuration. Step 7 Select one of these Distribution Address Types from the drop-down menu: source destination both leave default Select leave default when you do not want to configure distribution address type. Step 8 Select the link for which you want to configure EtherChannel. Step 9 Click Copy Running to StartUp config for IOS switches, if required. Step 10 Click Apply to continue or click Close to exit. VLAN Port Assignment VLAN Port Assignment is an application that displays device, port, and related VLAN information for an associated VTP domain in a tabular format and helps you manage ports on your network's VLANs. Use VLAN Port Assignment to: Assign or move ports to a VLAN. View port, device, and Trunk attributes. View and find port information in a VTP domain. Configure VLANs on a Trunk. Show and highlight a selected device or VLAN on a selected VTP domain. Note Assigning ports to VLANs cannot be done for more than 100 devices at a time, since it results in memory issues. Do VLAN port assignment for 100 devices at a time.
10-43 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP VLAN Port Assignment This topic contains the following sections: Understanding VLAN Port Assignment Starting VLAN Port Assignment Using VLAN Port Assignment Prior to using VLAN Port Assignment, you should understand the concepts of VLANs and VTP domains. For more details on this, see: Understanding Virtual LAN (VLAN) VTP Domains Understanding VLAN Port Assignment To enable end-user ports to participate in a specific VLAN, you must first assign the ports. You assign ports to specified VLANs. The VLANs allow the ports to share the same broadcasts. Ports that are not assigned to the VLAN cannot share these broadcasts. For more information about VLANs, see Understanding Virtual LAN (VLAN). For VLAN Port Assignment to work correctly, Campus Server must discover the network. Campus Server requires a properly configured network to complete network discovery. For information on the various settings, see Viewing Campus Manager Home Page. VLAN Port Assignment queries the ANI database based on criteria you enter. After you submit the query, VLAN Port Assignment displays the device, port, and related VLAN information for an associated VTP domain. This is displayed in a tabular format. You can use VLAN Port Assignment to: View and find port information in a VTP domain View port, device, and Trunk Attributes Show and highlight a selected device or VLAN in the VTP domain view Starting VLAN Port Assignment To start VLAN Port Assignment: Step 1 Verify that your network is set up properly. Step 2 Verify that the Campus Manager server is set up properly and running. See Analyzing ANI Server for more details. Step 3 Select Campus Manager > Configuration > VLAN Port Assignment from the LMS Portal. Or Select Topology Services > Tools > VLAN Port Assignment. If you are prompted to install the J ava plug-in, you can download and install the plug-in using the displayed installation screens. The next time you start the application, it will automatically use the plug-in.
10-44 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using VLAN Port Assignment Using VLAN Port Assignment This section contains: Configuring Trunk Attributes Displaying Attribute Summaries To assign ports to a VLAN: Step 1 Select Campus Manager > Configuration > VLAN Port Assignment from the LMS Portal. Or Select Topology Services > Tools > VLAN Port Assignment. The VLAN Port Assignment page appears. Step 2 Select device or domain from the list using Device Selector or Domain Selector. Step 3 Click List Ports. A list of ports in the selected devices or entities appears under the Port List. See Table 10-21 for the Port List : Table 10-21 Port List Field Description Field Description Filter Device Name Device Address Link Port Port Status Port Description VLAN Name VLAN Index Association Type Enter the filter string, and click Filter to filter the list based on the inputs. Leave this field blank to list all ports. Advanced Filter Click Advanced Filter to open Advanced Filter dialog box. Advanced filtering allows you to search ports using more search criteria. For more details on Advanced Filter, see Advanced Filter. Columns Link Shows whether the port is connected to a switch or not. The value can either be True or False. Port Name of the port. Device Name Name of the device to which the port belongs to. Device Address IP address of the device to which the port belongs to. VLAN Name Name of the VLAN to which the port belongs to.
10-45 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using VLAN Port Assignment Step 4 Select a VLAN from the VLAN drop-down list. To copy the running configuration to the start-up configuration, select Copy running to start-up config check-box. Step 5 Click Assign. Configuring Trunk Attributes Your login determines whether you can use this option. You must have either Network Administrator or System Administrator privileges. To configure Trunk Attributes: Step 1 Select Campus Manager > VLAN Port Assignment from CiscoWorks desktop. Or From Topology Services Main Window, right-click a trunk link from a network view and select VLAN Port Assignment from the popup menu. Step 2 In the VLAN Port Assignment window, select the VTP domain and enter appropriate search criteria, if necessary. Step 3 Select the row that contains the Trunking port. A port is a trunking port if the isTrunk field contains a check mark. Step 4 Select Reports > Trunk Attributes. To interpret this information, see Table 10-24. Step 5 Enter a range of ISL indexes between 1 and 4096 in the Allow VLAN(s) field to specify VLANs that you want to allow on this Trunk. The range of ISL indexes from one to 4096 is applicable only if the device supports 4096 VLANs. Step 6 Enter a range of ISL indexes between 1 and 1024 in the Disallow VLAN(s) field to specify VLANs that you want to prevent from using this Trunk. If you enter numbers into both fields, the ISL indexes that you are disallowing will take precedence over ISL indexes that you are allowing. For example, if you allow 1-1024 and disallow 1-100, VLANs with ISL indexes of 101-1024 will be allowed. Step 7 Click Apply to configure these attributes. Port Status Status of the port. Shows whether the port is active or down. Port Description Description for the port. Example: Intra-area 0.2.0.0 Resilient link VLAN Index Index number of the VLAN to which the port belongs to. Association Type Type of Association. Table 10-21 Port List Field Description (continued) Field Description
10-46 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using VLAN Port Assignment Displaying Attribute Summaries The following topics describe how to view status information about ports, devices, and trunks in your network: Displaying Port Attributes Interpreting Port Attributes Report Displaying Device Attributes Interpreting Device Attributes Report Displaying Trunk Attributes Interpreting Trunk Attributes Displaying Port Attributes To display information about the status of the ports in your network: Step 1 Select Campus Manager > Reports > Report Generator. The Reports Generator page appears. Step 2 Select Campus Reports from the Select An Application drop-down list. Step 3 Select Port Attributes from Select a Report drop-down list. The Port Attributes page appears. Step 4 Select a device or domain from the list. Step 5 Select the Scheduling Type. The default scheduling type is Immediate. You can set the time and date if you select any of the following scheduling types: Once, Daily, Weekly, Monthly. Enter a description for your job in the J ob Description field and enter the e-mail address to which the details has to be sent. Note Launching immediate Port Attributes reports for more than 500 devices results in an error. You can schedule reports to run for all devices or launch immediate reports for less than 500 devices. Step 6 Click Submit. For more information on Port Attributes, see Interpreting Port Attributes Report.
10-47 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using VLAN Port Assignment Interpreting Port Attributes Report To view the Port Attributes report for a device, select the device from the Go To: list. The Go To: list contains the device name and device IP address. Alternatively, you can scroll the page to view the report for the selected devices. The Port Attributes report contains the following information for a device: You can export or print the report. To export the report to a Common Services server, click the export button at the top right of the page. To print the page, click the printer icon on the top right of the page. Table 10-22 Port Attributes Report Fields Field Description Port Name of the port. Example: Fa4/0 Port Description Description for the port. Example: Intra-area 0.2.0.0 Resilient link Type Type of port. Example: 1000Base AdminStatus Administrative status of the port. OperStatus Operational status of the port. isLink Shows whether the port is connected to another device, which is managed in Campus Manager. isTrunk Shows whether the port is part of a trunk. Speed Speed at which the port is working. Duplex Mode Shows whether the port is in full-duplex mode or half-duplex mode. Protocol Enabled Protocol enabled on the port. Protocol Seen Protocols seen on the port. VLAN VLAN to which the port is part of. L2L3 Shows whether the port is routed or switched. J umbo Frame Displays whether J umbo Frames are enabled or disabled on the port. Trunk Encapsulation Shows the type of trunk encapsulation. Trunk Mode Shows the trunk mode. isChannel Shows whether the port is part of a channel.
10-48 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using VLAN Port Assignment Displaying Device Attributes To display information about a specific device. Step 1 Select Campus Manager > Reports > Report Generator. The Reports Generator page appears. Step 2 Select Campus Reports from the Select An Application drop-down list. Step 3 Select Device Attributes from Select a Report drop-down list. The Device Attributes page appears. Step 4 Select a device or domain from the list. Step 5 Select the Scheduling Type. The default scheduling type is Immediate. You can set the time and date if you select any of the following scheduling types: Once, Daily, Weekly, Monthly. Step 6 Enter a description for your job in the J ob Description field and enter the e-mail address to which the details has to be sent. Step 7 Click Submit. For more information on Device Attributes, see Interpreting Device Attributes Report. Interpreting Device Attributes Report To view the device attributes report for a device, select the device from the Go To: list. The Go To: list contains the device name, device IP address, and the device type. Report for each device is displayed in a table with the Device Name, Device IP Address, and Device Type as the table heading. Alternatively, you can scroll the page to view the report for the selected devices. The device attributes report contains the following information for a device: Table 10-23 Port Attributes Report Fields Field Description Module Name of the module Slot Number Slot in which the module is connected. Sub Module ID Sub module id of the device. #Ports Number of ports in the module. Version(s) Hardware and software version of the module. Example: hw:1.2 sw:12.2(25)EWfw:12.1(12r)EW Status Shows the status of the module. Daughter Card Daughter cards in the module. Empty means daughter cards are not available for the module.
10-49 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Using VLAN Port Assignment Displaying Trunk Attributes To display information about the status of the trunking ports in your network. Step 1 Select Campus Manager > Configuration > Trunk Configuration from the LMS Portal. The Trunk Configuration page appears. Step 2 Click Modify Trunk Attributes from the TOC. Step 3 Select device or domain from the list. Step 4 Click Show Trunks. A list of trunks appears. Step 5 Select the radio-button corresponding to a trunk. Step 6 Click Modify Trunk. The Modify Trunk Attributes window appears with the trunk attributes. For more information on Trunk Attributes, see Interpreting Trunk Attributes. Interpreting Trunk Attributes See Table 10-24 for details about the fields shown in the Trunk Attributes window. Table 10-24 Trunk Attributes Field Descriptions Field Description Device Information Device Device to which the port belongs. Port Name of the port. Trunk Settings Encapsulation Type of encapsulation the trunk is using. Supported encapsulation types are: Dot1Q, ISL, Negotiate. Mode Half-duplex or full-duplex. Configure VLANs on Trunk Allowed VLANs List of VLANs allowed. * sign indicates that the VLAN was previously disallowed. Disallowed VLANs List of disallowed VLANs. Use Add and Remove buttons to move VLANs between these lists.
10-50 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Usage Scenarios for Managing VLANs Usage Scenarios for Managing VLANs You can use the following scenarios to manage your network using Campus Manager. Configuring PVLANs in External Demilitarized Zone Scenario Web servers and Domain Name Servers (DNS) are connected to a Demilitarized Zone (DMZ) switch. The DMZ switch is configured with the VTP domain name, DMZ, where the switch is in transparent mode running VTP version 2. The servers belong to the same broadcast domain or VLAN. Understanding the Scenario This scenario would help you to isolate Layer 2 devices using PVLAN, and ensure that the DMZ servers do not send data across them, while internal and external hosts access these servers. DMZ servers must be accessible from external clients as well as from the internal network. DMZ servers eventually needs access to some internal resources, and the servers must not send data across. The servers must not initiate traffic from the DMZ switch to the Internet. The DMZ servers reply only to the traffic from the internal resources. Understanding Concepts Campus Manager provides an end-to end solution for configuring Private VLANs, the security feature which Campus Manager provides for managing LANs. You can configure PVLANs using Campus Manager. You can configure PVLANs in scenarios where Demilitarized Zone (DMZ) switches are configured without adhering to the right policies, leading to potential intrusions into your network. Demilitarized Zone Demilitarized Zone is a small subnetwork, which lies between a secure internal network, such as a corporate private LAN, and a non secure external network, such as the public Internet. DMZ contains devices like Web servers, FTP servers, SMTP servers and DNS that are accessible to the Internet traffic. DMZ servers process incoming requests from the Internet, and initiate connections to certain internal servers or other DMZ segments, such as database servers. DMZ servers must not send data or initiate any connection to the external networks. This shows that the necessary traffic flows on the basis of a trust model; but the model is not adequately enforced in many networks. Prerequisites In this scenario, you need the following applications and tools in Campus Manager. Topology Services PVLAN configuration user interface VLAN Port Assignment Promiscuous port configuration user interface VLAN report Path Analysis
10-51 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Usage Scenarios for Managing VLANs Reproducing Scenario To set up the scenario you must configure secondary VLAN on the servers, with isolated ports and community ports. The Firewall, the only device within the primary VLAN, must be defined in a primary VLAN with a promiscuous port. Step 1 Create a primary VLAN: VLAN 100. Enter VLAN 100 in the Private VLAN Name field to name the primary VLAN. For more details on creating primary VLAN, see Creating Primary VLAN. Step 2 Create a community VLAN: VLAN 50. a. Enter VLAN 50 in the Private VLAN Name field. b. Associate VLAN 50 to the primary VLAN, VLAN 100. For more details on creating secondary VLAN, see Creating Secondary VLAN and Associating to Primary VLAN. Step 3 Create an isolated VLAN: VLAN 60. a. Enter VLAN 60 in the Private VLAN Name field to name the isolated VLAN b. Associate VLAN 60 to the primary VLAN, VLAN 100. For more details on creating secondary VLAN, see Creating Secondary VLAN and Associating to Primary VLAN. Step 4 Assign ports, which are connected to the Web servers, to the community VLAN 50. Step 5 Assign ports, which are connected to the DNS servers, to the isolated VLAN 60. Step 6 Configure the port that connects to the Firewall as a promiscuous port and map the secondary VLAN 50 and VLAN 60 to this promiscuous port. For more details, see Configuring Promiscuous Ports. After you configure the promiscuous port, the secondary VLANs appear in the Mapped VLANs table. You have configured promiscuous port and mapped both secondary VLANs to the primary VLAN 100. If you want to map only the community VLAN 60, you must check the configurations, and map the other isolated VLANs. Check the Select to Unmap check box and click Apply to unmap the isolated VLAN from primary VLAN. Community VLAN 60 is unmapped from the primary VLAN. Verifying Configuration To verify the configuration for this scenario: Step 1 Select Campus Manager > Visualization > Topology Services from the CiscoWorks Homepage. The Topology Services Main Window appears. Step 2 From the Tree View in the Topology Services Main window, verify whether the new PVLANs are listed under DMZ VTP domain in transparent mode. Primary VLAN 100 is listed as a subfolder under the DMZ domain and the secondary VLAN under the Primary VLAN subfolder. Note that the icon for PVLANs is different from the icon for normal VLANs. Step 3 Generate VLAN Report for DMZ domain.
10-52 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 10 Managing VLANs and VTP Usage Scenarios for Managing VLANs Step 4 Verify whether the new primary VLAN and secondary VLANs are listed. The associated primary VLAN is also listed for the secondary VLANs. Step 5 Select Campus Manager > Diagnostics > Path Analysis from the CiscoWorks Homepage. Step 6 To confirm that the PVLAN configuration is functioning, you can: a. Run a trace between the Web servers. The resultant traces must be successful. b. Run a trace between any Web server and the DNS. The resultant trace must fail. c. Run a trace between the DNS servers. C H A P T E R
11-1 User Guide for Campus Manager 5.2 OL-18011-01 11 Managing Network Spanning Trees This chapter describes, the IEEE 802.1d Spanning Tree Protocol (STP), and how to use and configure Ciscos proprietary spanning-tree protocols, Per VLAN Spanning Tree (PVST), Multiple Spanning Tree (MSTP), and Multi-Instance Spanning Tree Protocol (MISTP) in a Campus network. It contains the following sections: Understanding Spanning Tree Protocol Spanning Tree Recommendation Reports Spanning Tree Reports: STP Visualizer Generating Reports and Configuring STP on the Network Spanning Tree Filters Understanding Spanning Tree Protocol Spanning Tree Protocol (STP) is a link management protocol that provides path redundancy while preventing undesirable loops in the network. Hence, STP is a loop-prevention protocol. It is a technology that allows Bridges to communicate with each other to discover physical loops in the network. The protocol then specifies an algorithm that Bridges can use to create a loop-free logical topology. In other words, STP creates a tree structure of loop-free leaves and branches that spans the entire Layer 2 network. To provide path redundancy STP spans all switches in an extended network. STP forces certain redundant data paths into a standby (blocked) state. This section describes the specific functions available to you when you use spanning-tree protocols. STP uses a distributed algorithm that selects one Bridge of a redundantly connected network as the root of a Spanning Tree-connected active topology. STP assigns roles to each port depending on what the ports function is in the active topology. Port roles are: RootForwarding port that is elected for the spanning-tree topology DesignatedForwarding port that is elected for every switched LAN segment AlternateBlocked port providing an alternate path to the root port in the Spanning Tree BackupBlocked port in a loopback configuration Designated, Alternate, and Backup states are specific to MST.
11-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Understanding Spanning Tree Protocol The switches that have ports with these assigned roles are called the root or designated switches. In Ethernet networks, only one active path may exist between any two stations. Multiple active paths between stations can cause loops in the network. When loops occur, some switches recognize the same stations on more than one side of the switch. This situation causes the forwarding algorithm to malfunction allowing the duplicate frames to be forwarded. The Spanning Tree algorithms provide path redundancy by defining a tree that spans all of the switches in an extended network and then forces certain redundant data paths into a standby (blocked) state. At regular intervals, the switches in the network send and receive Spanning Tree BPDUs that they use to identify the path. If one network segment becomes unreachable, or if the Spanning Tree costs change, the Spanning Tree algorithm reconfigures the Spanning Tree topology and reestablishes the link by activating the standby path. The Spanning Tree operation is transparent to end stations, which do not detect whether they are connected to a single LAN segment or a switched LAN of multiple segments. STP provides these advantages: Detection and elimination of loops Capability to automatically detect failed active paths and to utilize alternate paths User-configurable parameters that enable a network administrator to fine-tune the algorithm's performance These sections describe the following Spanning Tree Protocols in brief: Per VLAN Spanning Tree Protocol Multiple Spanning Tree Protocol Multiple Instance Spanning Tree Protocol Per VLAN Spanning Tree Protocol Per VLAN Spanning Tree Protocol maintains a separate instance of STP for each individual VLAN configured in the network. It allows a VLAN trunk to be forwarding for some VLANs while blocking for other VLANs. Since PVST treats each VLAN as a separate network, it has the ability to load balance traffic (at layer 2). It does this by forwarding some VLANs on one trunk and other VLANs on another trunk without causing a Spanning Tree loop. Multiple Spanning Tree Protocol Multiple Spanning Tree uses IEEE's RSTP as base Spanning Tree Protocol. MST uses only one BPDU for all instances. A disadvantage of PVST is that it adds a lot of overhead to your switching equipment. If a switch is configured to use MST, it must ascertain which of its neighbors are using which type of STP. It does this by configuring switches into common MST regions, where every switch in a region runs MST with compatible parameters. You can map a group of VLANs to instance.
11-3 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Recommendation Reports In most networks, a single MST region is sufficient, although you can configure more than one region. Within the region, all switches must run the instance of MST that is defined by the following attributes: MST configuration name (32 characters) MST configuration revision number (0 to 65535) MST instance-to-VLAN mapping table (4096 entries) Multiple Instance Spanning Tree Protocol Multiple Instance Spanning Tree Protocol (MISTP) allows you to group multiple VLANs under a single instance of Spanning Tree (an MISTP instance). An MISTP instance is a virtual logical topology that is defined by a set of bridge and port parameters. When you map VLANs to an MISTP instance, this virtual logical topology becomes a physical topology. Each MISTP instance has its own root switch and a different set of forwarding links, that is, different bridge and port parameters. Each MISTP instance root switch propagates the information that is associated with it to all other switches in the network. This process maintains the network topology. This is because it ensures that each switch has the same information about the network. MISTP builds MISTP instances by exchanging MISTP BPDUs with peer entities in the network. MISTP uses one BPDU for each MISTP instance An MISTP instance can have any number of VLANs that are mapped to it, but a VLAN can be mapped only to a single MISTP instance. You can move a VLAN (or VLANs) in an MISTP instance to another MISTP instance if it has converged. Spanning Tree Recommendation Reports Campus Manager Recommendation Reports aid deployment of Spanning Trees in the network. The following reports are available: Spanning Tree Reports: Optimal Root Recommendation Report Spanning Tree Reports: Number of Instances Recommendation Report Spanning Tree Reports: Instance Reduction Recommendation Report Spanning Tree Reports: VLAN to Instance Mapping Recommendation Report
11-4 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Recommendation Reports Spanning Tree Reports: Optimal Root Recommendation Report The Optimal Root Recommendation Report allows you to compute the optimal root in a switch cloud running Per VLAN STP, Cisco MISTP, or IEEE 802.1s. Step 1 Invoke Switch Cloud Map View from Topology Services. Step 2 Select any of the following: Reports > Per VLAN STP Recommendations > Optimal Root Recommendation Reports > Cisco MISTP Recommendations > Optimal Root Recommendation Reports > IEEE 802.1s Recommendations > Optimal Root Recommendation The Optimal Root Recommendation window appears. Step 3 In the Computation Criteria, select a computation type. Table 11-1 lists three computation types and their description. If you select Traffic Data, go to Step 4, else go to Step 5. Step 4 Select a traffic data source from the Traffic Details (Table 11-2). Step 5 Click Compute. The Recommended Roots table lists the optimal root devices. Table 11-1 Computation Types Field Description Least Depth Computes depth from each node in the switch cloud. Chooses the root in such a manner that the resulting Spanning Tree has minimum depth. Least Cost Computes cost for each node in the switch cloud. Computes maximum edge node cost for all the nodes by assuming current node as the root node. The node with minimum value for maximum edge node cost is considered as the optimal root. Traffic Data Computes a Spanning Tree, which provides optimal path for given percentage of traffic or selected nodes. Table 11-2 Traffic Details Field Description Data Source Select either of the following network traffic data sources: NAMSelect this option if you use Cisco Network Analysis Modules to collect data. Netflow Collector 3.6Select this option if you use NetFlow FlowCollector to collect data. Traffic File Name Enter the NAM or NetFlow traffic data filename.
11-5 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Recommendation Reports Step 6 Select a device, and click Highlight in Map to highlight the device icon in Switch Cloud Map. Step 7 Click Close to close the Optimal Root Recommendation window. Interpreting Optimal Root Recommendation The optimal root recommendation report helps you to select the best root for your network using any of the three methods: Least Depth Use this method to compute better overall convergence. Convergence time is based on the distance to the boundary nodes. The node with the least path cost to boundary nodes is recommended as optimal root. A device farther from the boundary nodes takes longer to propagate the topology change that has occurred than another node that is near the boundary nodes in the same switched environment. This directly affects the convergence time of the switched or bridged network. After this root is selected, you can make suitable adjustments to forward the delay timer of Spanning Tree protocol to take advantage of faster convergence. Least Cost The node with the least cumulative cost to all other nodes is recommended as root according to this method. When Spanning Tree root is computed based on this method it provides a better path between nodes in the switched environment assuming equal traffic distributions. In case of unbalanced switched environment where core switch A is connected to 10 other distribution switches and another core switch B is connected to only 5 of the distribution switches, this algorithm will suggest A as root as compared to B. Five switches that are not directly connected to B should take a longer path to other nodes if B is selected as root. If A is selected as root this problem could be avoided. Traffic Data In a switched or bridged network environment, when Spanning Tree is computed the primary aim is to eliminate loops and it may not provide shortest possible path between every node to every other node. Based on the traffic pattern a particular device may provide optimal path for a greater percentage of traffic than another. For example, a switched network containing nodesA, B, C, D, and E. Overall traffic is 95% localized between a set of nodes {A, B, and C}. A node which when selected as root, provides the shortest path between A, B, and C would be the ideal choice. This is regardless of whether it provides shortest path from D or E to any other nodes. In some cases you may not be able to get the shortest path between A, B, and C when trying to find the optimal root. In such cases, a root that provides most optimal path between A, B, and C is chosen.
11-6 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Recommendation Reports Spanning Tree Reports: Number of Instances Recommendation Report The Number of Instances Recommendation Report allows you to compute the number of instances in a switch cloud running Cisco MISTP or IEEE 802.1s. Step 1 Invoke Switch Cloud Map View from Topology Services. Step 2 Select either of the following: Reports > Cisco MISTP Recommendations > Instance Recommendation Reports > IEEE 802.1s Recommendations > Instance Recommendation The Number of Instance Recommendation window appears. Step 3 In the Computation Techniques area, select a computation type. Table 11-3 lists two computation techniques and their description. Step 4 Click Compute. The Recommended Number of Instances appears in the Results area. Step 5 Select a value from the Select Instance drop-down list. Step 6 Click Highlight in Map to highlight the device icon in Switch Cloud Map. Step 7 Click Close to close the Number of Instances Recommendation window. Interpreting Number of Instances Recommendation The number of instance recommendation is made based on two methods: Max instances for better link utilization method Use this method to compute better balanced link utilization. We recommend that you use the number of instances that is the least common multiplier of all the independent redundant paths, as the maximum number of instances. Min instances for better CPU utilization Use this method to compute a minimum number of instances so that CPU utilization is minimum. We recommend that the number of instances, which results in the maximum number of independent redundant paths is recommended. Table 11-3 Computation Techniques Field Description Max instances for better link utilization Computes the optimal number of Spanning Tree instances that can be run on the given switched network for optimizing network link resources Min instances for better CPU utilization Computes the optimal number of Spanning Tree instances that can be run on the given switched network for optimizing device CPU resources.
11-7 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Recommendation Reports Spanning Tree Reports: Instance Reduction Recommendation Report The Instances Reduction Recommendation Report allows you to compute the number of instances in a switch cloud running Cisco MISTP or IEEE 802.1s. Step 1 Invoke Switch Cloud Map View from Topology Services. Step 2 Select either of the following: Reports > Cisco MISTP Recommendations > Instance Reduction Recommendation Reports > IEEE 802.1s Recommendations > Instance Reduction Recommendation The Instance Reduction Recommendation window appears. Step 3 In the Computation Techniques area, select a computation type. Table 11-4 lists two computation techniques and their description. Step 4 Click Compute. The Recommended Number of Instances in displayed in the table. Step 5 Select a row, and click Highlight in Map to highlight the instances in Switch Cloud Map. Step 6 Click Close to close the Instance Reduction Recommendation window. Table 11-4 Computation Techniques Field Description Sub-tree Reduction Determine if one or more Spanning Tree instances are mergeable if the instances have a supertreesubtree relationship. Conditional Reduction Determines the Spanning Tree instances that can be merged based on the forwarding topology of the network. Table 11-5 Instance Reduction Results Field Description Instance Instance ID. Mergeable Instances Comma separated list of instance IDs which can be merged.
11-8 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Recommendation Reports Interpreting Instance Reduction Recommendation You can use the Instance Reduction Recommendations if your network contains multiple Spanning Tree instances that share the same forwarding topology. The Recommendation report allows you to determine Spanning Tree instances. These instances can be merged into a shared instance without any impact on convergence or operation. Fewer instances help you to optimize the utilization of memory and CPU resources of the switches. Instance reduction recommendation is made based on two methods: Sub tree reduction method Use this method to determine Spanning Tree instances, which can be merged when the switched network has an instance that spans across different sets of switches as compared to another instance. For example, instance A is considered a sub-tree of instance B if all the forwarding and blocking paths of instance A are in the same state in instance B. Instance A is a sub-tree of instance B if the forwarding and blocking paths of instance A exactly matches that of instance B. If the above case is satisfied, the report recommends merging of the two STP instances. Conditional reduction method Use this method to determine the Spanning Tree instances, which can be merged when the switched network has instances that share forwarding paths and root. Spanning Tree Reports: VLAN to Instance Mapping Recommendation Report The Number of Instances Recommendation Report allows you to compute the optimum number of VLANs to instances in a switch cloud running Cisco MISTP or IEEE 802.1s. Step 1 Invoke Switch Cloud Map View from Topology Services. Step 2 Select either of the following: Reports > Cisco MISTP Recommendations > VLAN to Instance Mapping Recommendation. Reports > IEEE 802.1s Recommendations > VLAN to Instance Mapping Recommendation. The VLAN to Instance Mapping Recommendation window appears. Step 3 In the Computation Metrics area, select a metric type. Table 11-6 lists the four computation techniques and their description. Table 11-6 Computation Techniques Field Description Number of VLANs Select a device (reference device), Spanning Tree instance that has least number of VLANs mapped to it. Optimal path for select devices Select multiple devices to find the Spanning Tree instance with least sub-optimality. Least instance load Select only one device (reference device). It recommends the Spanning Tree with the least load. Least instance load for selected devices Select multiple devices. It will recommend the Spanning Tree instance with the least traffic.
11-9 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Recommendation Reports If you select Least instance load or Least instance load for selected devices, go to Step 4, else go to Step 5. Step 4 Select a traffic data source from the Traffic Type drop-down list in the Traffic Details area. Table 11-7 lists the two types of data sources supported. Step 5 Click Compute. The Recommended Instance ID is displayed in the VLAN Instance Recommendation area. Step 6 Select a device, and click Highlight in Map to highlight the device icon in Switch Cloud Map. Step 7 Click Close to close the VLAN Instance Mapping Recommendation window. Interpreting VLAN to Instance Mapping Recommendation The number of instance recommendation is made based on four methods: Number of VLANs Use this method when the traffic or load on each of the VLANs is almost the same. This method assumes that an instance with least number of VLANs is optimal for mapping to a new VLAN. Hence, the Spanning Tree instances with the least number of VLANs mapped to it will be recommended. Optimal path for select devices You can provide the information on devices, which will be part of the new VLAN to be created. This method determines the optimal path for various available instances for the selected devices. Least instance load The projected traffic of the new VLAN you selected is used, and the instance which has least overall traffic is recommended. Least instance load for selected devices This method assumes that the devices you selected will be part of the new VLAN. Based on this information, the instance with the least load that is spread across the devices you selected is recommended. Table 11-7 Traffic Details Field Description Traffic Type Select either of the following network traffic data sources: NAMSelect this option if you use Cisco Network Analysis Modules to collect data. Netflow Collector 3.6Select this option if you use NetFlow FlowCollector to collect data. File Enter the NAM or NetFlow traffic data filename.
11-10 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Reports: STP Visualizer Spanning Tree Reports: STP Visualizer The STP Visualizer allows you to test changes to STP settings before you enforce them on a network. This section explains: Interpreting STP Visualizer STP Visualizer Notes To view the STP Visualizer: Step 1 Invoke Switch Cloud Map View from Topology Services. Step 2 Select Reports > STP Visualizer. The Spanning Tree Visualizer window appears. Step 3 From the Select Instance ID field, click Select. Depending on the Spanning Tree Protocol the device is running, one of the following appears: If the device is running PVST, the Select Instance dialog box appears. Go to Step 4. If the device is running MST, the Select Region dialog box appears. Go to Step 5. If the device is running MISTP, the Select Instance dialog box appears. Go to Step 6. Step 4 Enter the required information as described in Table 11-8. To view the devices in the VLAN Region, click Select. The ID of the selected Spanning Tree instance is displayed in the Selected Instance ID field. Step 5 Enter the required information as described in Table 11-9. Table 11-8 Selecting PVST or VLAN in Switch Clouds Field Description Usage Notes Select instance by type Select either of the following criteria: VLAN Name VLAN ID To view the valid values for the VLAN Name or VLAN ID field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the VLAN Name or VLAN ID. Matches Lists VLANs that match the specified criteria. Select the VLAN from the list of matches.
11-11 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Reports: STP Visualizer To view the Spanning Tree details of an MST Instance in the Network Topology View window, click Select. The ID of the selected Spanning Tree instance is displayed in Selected Instance ID field. Step 6 Enter the required information as described in Table 11-10. To view the Spanning Tree details of an MIST Instance in the Network Topology View window, click Select. The ID of the selected Spanning Tree instance is displayed in Selected Instance ID field. The devices in the VLAN instance appear in a table. Table 11-11 lists the fields in the table, their description, and usage notes for editable fields. Table 11-9 Selecting MST in Switch Clouds Field Description Usage Notes Select instance by region Select either of the following criteria: All Regions Region Name To view the valid values for the region field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering the region name (partially or fully). Matches Lists instances that match the specified criteria. Select the STP instance from the list of matches. Table 11-10 Selecting MISTP Instances in Switch Clouds Field Description Usage Notes Select instance by region Select either of the following criteria: All Instances Instance Name To view the valid values for the instance field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the instance name. Matches Lists instances that match the specified criteria. Select the instance from the list of matches. Table 11-11 Port Details Field 1 Description Usage Notes Device Name Name of the device. This field is not configurable. IP Address Displays the IP address of the device. This field is not configurable. Port Displays the port name. This field is not configurable. In case of device priority, this field displays NA.
11-12 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Reports: STP Visualizer To edit values of fields marked with an asterisk: a. Select rows. The selected rows are highlighted in the Edit Here section. b. To change the value of a field either double click the current value, or enter a new value. The changed values are displayed, highlighted in pink. c. Click Compute. Interpreting STP Visualizer The STP Visualizer allows you to: Try different Spanning Tree settings offline before you configure them on the network. Change settings and highlight devices on the Topology Map. STP Visualizer Notes STP Visualizer cannot suggest the correct configuration in the following scenarios: If any of the devices in the switch cloud does not support the required MIB (for example CISCO-STP-EXTENSIONS-MIB). In this case you may need to upgrade some of the device images to solve this issue. There are device families such as Cisco Catalyst 2900XL and Catalyst 3500XL, which do not support the CISCO-STP-EXTENSIONS-MIB. An error may be displayed, if these devices are present in the switch cloud. Type Displays the Spanning Tree type: Bridge priority of the device Port Priority or Cost or the port This field is not configurable. Existing Lists the current port priority or cost value. This field is not configurable. New* Lists the new port priority or cost that you have entered. Enter a new value. 1. Field marked with asterisk is editable. Table 11-11 Port Details (continued) Field 1 Description Usage Notes
11-13 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network If there are SNMP request timeouts during discovery of devices, STP Visualizer may not be able to proceed with the computation because of incomplete information about the devices. To resolve the problem, In this case you may need to select these devices and rediscover. If you are using SNMPv3, not all devices running SNMPv3 support context names for getting required Spanning Tree information from the devices. Only a few later images of Catalyst 6500 series devices support this feature. You may need to use SNMPv2 or SNMPv1 to resolve this problem. Generating Reports and Configuring STP on the Network You can generate reports and configure STP on switch clouds for the following: Reporting and Configuring PVST Port Reporting and Configuring MST Port Reporting and Configuring MISTP Port Reporting and Configuring PVST Device Reporting and Configuring MST Device Reporting and Configuring MISTP Device Reporting and Configuring MST Instance Reporting and Configuring MISTP Instance Reporting and Configuring PVST Trunk Reporting and Configuring MST Trunk Reporting and Configuring MISTP Trunk Reporting and Configuring PVST Port To configure PVST port on a switch cloud: Step 1 From the Summary View, select Reports > Spanning Tree Configuration. The Spanning Tree Configuration page appears. Step 2 Select the Port tab. The Spanning Tree Port Configuration page appears. Step 3 Select PVST from the Spanning Tree Type drop-down list. Step 4 From the Spanning Tree Instance field, click Select. The Select Instance dialog box appears. Step 5 Enter the required information as described in the Table 11-12.
11-14 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Step 6 Click Select to view the devices in the VLAN Instance. The devices in the VLAN instance appear in a table. Table 11-13 lists the fields in the table, their description, and usage notes for editable fields. Table 11-12 Selecting Spanning Tree Instances in Switch Clouds Field Description Usage Notes Select instance by type Select either of the following criteria: VLAN Name VLAN ID To view the valid values for the VLAN Name or VLAN ID field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the VLAN Name or VLAN ID. Matches Lists VLANs that match the specified criteria. Select the VLAN from the list of matches. Table 11-13 PVST Port Details Field 1 Description Usage Notes Device Name Name of the device. This field is not configurable. IP Address IP address of the device. This field is not configurable. Port Port number used for bridge forwarding. This field is not configurable. isLink Displays a check mark if the port is a link port. This field is not configurable. State State of the port. The possible states are: Blocking Forwarding Disabled This field is not configurable.
11-15 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Cost * Port cost value. The STP port path cost default value is derived from the media speed of a LAN interface. If there are redundant paths, STP considers port cost when selecting a LAN interface to place that into a forwarding state. You can assign lower cost values to LAN interfaces that you want STP to maintain in a forwarding state. If all LAN interfaces have the same cost value, STP puts the LAN interface with the lowest LAN interface number in the forwarding state and blocks other LAN interfaces. The possible cost range is 0 through 65535 (the default is media specific). STP uses the port cost value when the LAN interface is configured as an access port and uses VLAN port cost values when the LAN interface is configured as a trunk port. Priority * Port priority. If there are redundant paths, STP considers port priority when selecting a LAN port to put into the forwarding state. Priority is taken into account after examining cost and sending bridge ID. That is, if the cost and bridge ID is the same, priority is considered. If all LAN ports have the same priority value, STP puts the LAN port with the lowest LAN port number in the forwarding state and blocks other LAN ports. Values are multiples of 16 ranging from 0-240. The lower the number, the higher the priority. Designated Bridge Bridge ID for the designated bridge. The Designated Bridge provides the minimum root path cost on a LAN. Also, it is the only bridge allowed to forward frames to and from the LAN for which it is the designated bridge. This field is not configurable. Designated Port ID of the port that connects a LAN to the designated bridge. This field is not configurable. Table 11-13 PVST Port Details (continued) Field 1 Description Usage Notes
11-16 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network PortFast * State of the PortFast Interface Configuration feature: Enable or Disable. Select a value from the drop-down list. When enabled, PortFast causes a switch or trunk port interface to enter the Spanning Tree forwarding state immediately, bypassing the listening and learning states. Loop Guard * State of the Loop Guard feature: Enable or Disable. Select a value from the drop-down list. When enabled, Loop Guard works on non-designated ports and does not allow the port to become designated via max_age expiry. BPDU Guard * State of the BPDU Guard feature: Enabled, Disabled or Default. Select a value from the drop-down list. When enabled, BPDU Guard feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port. When the BPDU guard feature is enabled on the switch, Spanning Tree shuts down PortFast-configured interfaces that receive BPDUs, instead of putting them into the Spanning Tree blocking state. BPDU Filter * State of the BPDU filter feature: Enabled, Disabled or Default. Select a value from the drop-down list. When enabled, BPDU filtering allows you to avoid transmitting BPDUs on a port, usually connected to an end system. When you enable PortFast on the switch, Spanning Tree places ports in the forwarding state immediately, instead of going through the listening, learning, and forwarding states. Root Guard * State of the Root Guard feature: Enable or Disable. Select a value from the drop-down list. When enabled, Root Guard does not allow the port to become non-designated. 1. Fields marked with asterisk are editable. Table 11-13 PVST Port Details (continued) Field 1 Description Usage Notes
11-17 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network To edit values of fields marked with an asterisk: Select rows, and uncheck Read-only. The selected rows are highlighted in the Edit Here section. To change the value of a field, do either of the following: Double click the current value, and enter a new value or Select a value from the drop-down list. The new values are displayed, highlighted in pink. Step 7 Click Configure to make changes to the devices. Or Click Reset to return to the previous values without making any changes. Reporting and Configuring MST Port To configure MST port on a switch cloud: Step 1 From the Summary View, select Reports > Spanning Tree Configuration. The Spanning Tree Configuration page appears. Step 2 Select the Port tab. The Spanning Tree Port Configuration page appears. Step 3 Select MST from the Spanning Tree Type drop-down list. Step 4 From the Spanning Tree Instance field, click Select. The Select Instance dialog box appears. Step 5 Enter the required information as described in the Table 11-14. To view the devices in the VLAN Region, click Select. The devices running the selected MST instance appear in a table. Table 11-15 lists the fields in the table, their description, and usage notes for editable fields. Table 11-14 Selecting Spanning Tree Instances in Switch Clouds Field Description Usage Notes Select instance by region Select either of the following criteria: All Regions Region Name To view the valid values for the region field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the region name. Matches Lists instances that match the specified criteria Select the STP instance from the list of matches.
11-18 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Table 11-15 MST Port Details Field 1 Description Usage Notes Device Name Name of the device This field is not configurable. IP Address IP address of the device This field is not configurable. Port Port number used for bridge forwarding This field is not configurable. isLink Displays a check mark if the port is a link port This field is not configurable. LinkType Link type of the port. The possible link types are: Point-to-point link Shared medium By default, the switch derives the link type of a port from the duplex mode. A full-duplex port is considered as a point-to-point link while a half-duplex configuration is assumed to be on a shared link. This field is not configurable. Cost * Port cost value The STP port path cost default value is derived from the media speed of a LAN interface. If a loop occurs, STP considers port cost when selecting a LAN interface to place that into the forwarding state. You can assign lower cost values to LAN interfaces that you want STP to select first and higher cost values to LAN interfaces that you want STP to select last. If all LAN interfaces have the same cost value, STP puts the LAN interface with the lowest LAN interface number in the forwarding state and blocks other LAN interfaces. The possible cost range is 0 through 65535 (the default is media specific). STP uses the port cost value when the LAN interface is configured as an access port and uses VLAN port cost values when the LAN interface is configured as a trunk port.
11-19 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Priority * Port priority If a loop occurs, STP considers port priority when selecting a LAN port to put into the forwarding state. You can assign higher priority values to LAN ports that you want STP to select first and lower priority values to LAN ports that you want STP to select last. If all LAN ports have the same priority value, STP puts the LAN port with the lowest LAN port number in the forwarding state and blocks other LAN ports. Values are multiples of 16 ranging from 0-240. The lower the number, the higher the priority. State State of the port. The possible states are: Blocking Forwarding Disabled This field is not configurable. Status Indicates if the port lies in the boundary of an MST region. If yes, the status is shown as Boundary. If not, the field is left blank. In generic terms, a port is at the boundary of a region: If the designated bridge on its segment is in a different region Or If it receives legacy 802.1d BPDUs. Role Role of the port. The possible roles are: Root Designated Alternate Backup Disabled MST assigns port roles as follows: Root port or designated port role includes the port in the active topology. Alternate port or backup port role excludes the port from the active topology. This field is not configurable. Table 11-15 MST Port Details (continued) Field 1 Description Usage Notes
11-20 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Designated Bridge Bridge ID for the designated bridge. The Designated Bridge provides the minimum root path cost on a LAN. Also, it is the only bridge allowed to forward frames to and from the LAN for which it is the designated bridge. This field is not configurable. Designated Port Displays the ID of the port that connects a LAN to the designated bridge This field is not configurable. PortFast * Displays the state of the PortFast Interface Configuration feature: Enabled or Disabled Select a value from the drop-down list. When enabled, PortFast causes a switch or trunk port interface to enter the Spanning Tree forwarding state immediately, bypassing the listening and learning states. Loop Guard * Displays the state of the Loop Guard feature: Enable or Disable. Select a value from the drop-down list. When enabled, Loop guard works on non-designated ports and does not allow the port to become designated via max_age expiry. BPDU Guard * Displays the state of the BPDU Guard feature: Enabled, Disabled or Default. Select a value from the drop-down list. When enabled, BPDU Guard feature prevents loops by moving a nontrunking port into an enable state when a BPDU is received on that port. When the BPDU Guard feature is enabled on the switch, Spanning Tree shuts down PortFast-configured interfaces that receive BPDUs, instead of putting them into the Spanning Tree blocking state. Table 11-15 MST Port Details (continued) Field 1 Description Usage Notes
11-21 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network To edit values of fields marked with an asterisk, select rows, and uncheck Read-only. The selected rows are highlighted in the Edit Here section. To change the value of a field, do either of the following: Double click the current value, and enter a new value, or Select a value from the drop-down list. The new values appear, highlighted in pink. Step 6 Click Configure to make changes to the devices. Or Click Reset to return to the previous values without making any changes. Reporting and Configuring MISTP Port To configure MISTP port on a switch cloud: Step 1 From the Summary View, select Reports > Spanning Tree Configuration. The Spanning Tree Configuration page appears. Step 2 Select the Port tab. The Spanning Tree Port Configuration page appears. Step 3 Select MISTP from the Spanning Tree Type drop-down list. BPDU Filter * Displays the state of the BPDU filter feature: Enabled, Disabled or Default. Select a value from the drop-down list. When enabled, BPDU filtering allows you to avoid transmitting BPDUs on a port, usually connected to an end system. When you enable PortFast on the switch, Spanning Tree places ports in the forwarding state immediately, instead of going through the listening, learning, and forwarding states. Root Guard * Displays the state of the Root guard feature: Enabled or Disabled. Select a value from the drop-down list. When enabled, Root Guard does not allow the port to become non-designated. 1. Fields marked with asterisk are editable. Table 11-15 MST Port Details (continued) Field 1 Description Usage Notes
11-22 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Step 4 From the Spanning Tree Instance field, click Select. The Select Instance dialog box appears. Step 5 Enter the required information as described in the Table 11-16. To view the devices in the VLAN Instance, click Select. The devices running the selected MIST instance appear in a table. Table 11-17 lists the fields in the table, their description, and usage notes for editable fields. Table 11-16 Selecting Spanning Tree Instances in Switch Clouds Field Description Usage Notes Select device by instance Select either of the following criteria: All Instances Instance Name To view the valid values for the instance field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the instance name. Matches Lists instances that match the specified criteria. Select the instance from the list of matches. Table 11-17 MISTP Port Details Field 1 Description Usage Notes Device Name Name of the device This field is not configurable. IP Address IP address of the device This field is not configurable. Port Port number used for bridge forwarding This field is not configurable. isLink Displays a check mark if the port is a link port This field is not configurable. State State of the port. The possible states are: Blocking Forwarding Disabled This field is not configurable.
11-23 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Cost * Port cost value The STP port path cost default value is derived from the media speed of a LAN interface. If a loop occurs, STP considers port cost when selecting a LAN interface to place that into the forwarding state. You can assign lower cost values to LAN interfaces that you want STP to select first and higher cost values to LAN interfaces that you want STP to select last. If all LAN interfaces have the same cost value, STP puts the LAN interface with the lowest LAN interface number in the forwarding state and blocks other LAN interfaces. The possible cost range is 0 through 65535 (the default is media specific). STP uses the port cost value when the LAN interface is configured as an access port and uses VLAN port cost values when the LAN interface is configured as a trunk port. Priority * Port priority If a loop occurs, STP considers port priority when selecting a LAN port to put into the forwarding state. You can assign higher priority values to LAN ports that you want STP to select first and lower priority values to LAN ports that you want STP to select last. If all LAN ports have the same priority value, STP puts the LAN port with the lowest LAN port number in the forwarding state and blocks other LAN ports. Values are multiples of 16 ranging from 0-240. The lower the number, the higher the priority. Designated Bridge Bridge ID for the designated bridge. The Designated Bridge provides the minimum root path cost on a LAN. Also, it is the only bridge allowed to forward frames to and from the LAN for which it is the designated bridge. This field is not configurable. Designated Port ID of the port that connects a LAN to the designated bridge. This field is not configurable. Table 11-17 MISTP Port Details (continued) Field 1 Description Usage Notes
11-24 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network To edit values of fields marked with an asterisk, select rows, and uncheck Read-only. The selected rows are highlighted in the Edit Here section. To change the value of a field, do either of the following: Double click the current value, and enter a new value, or Select a value from the drop-down list. The new values appear, highlighted in pink. Step 6 Click Configure to make changes to the devices. Or Click Reset to return to the previous values without making any changes. PortFast * State of the PortFast Interface Configuration feature: Enabled or Disabled. Select a value from the drop-down list. When enabled, PortFast causes a switch or trunk port interface to enter the Spanning Tree forwarding state immediately, bypassing the listening and learning states. Loop Guard * State of the loop guard feature: Enable or Disable. Select a value from the drop-down list. When enabled, Loop Guard works on non-designated ports and does not allow the port to become designated via max_age expiry. BPDU Guard * State of the BPDU guard feature: Enabled, Disabled or Default. Select a value from the drop-down list. When enabled, BPDU Guard feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port. When the BPDU Guard feature is enabled on the switch, Spanning Tree shuts down PortFast-configured interfaces that receive BPDUs, instead of putting them into the Spanning Tree blocking state. BPDU Filter * State of the BPDU filter feature: Enabled, Disabled or Default. Select a value from the drop-down list. When enabled, BPDU filtering allows you to avoid transmitting BPDUs on a port, usually connected to an end system. When you enable PortFast on the switch, Spanning Tree places ports in the forwarding state immediately, instead of going through the listening, learning, and forwarding states. Root Guard * State of the Root guard feature: Enabled or Disabled. Select a value from the drop-down list. When enabled, Root Guard does not allow the port to become non-designated. 1. Fields marked with asterisk are editable. Table 11-17 MISTP Port Details (continued) Field 1 Description Usage Notes
11-25 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Reporting and Configuring PVST Device To configure PVST device on a switch cloud: Step 1 From the Summary View, select Reports > Spanning Tree Configuration. The Spanning Tree Configuration page appears. Step 2 Select the Device tab. The Spanning Tree Device Configuration page appears. Step 3 Select PVST from the Spanning Tree Type drop-down list. PVST details appear in text boxes. Table 11-18 lists the displayed fields and descriptions. Step 4 From the Spanning Tree Instance field, click Select. The Select Instance dialog box appears. Step 5 Enter the required information as described in the Table 11-19. To view the devices in the VLAN Instance, click Select. The devices in the VLAN instance appear in a table. Table 11-20 lists the fields in the table, their description, and usage notes for editable fields. Table 11-18 PVST Details Field Description Root Bridge IP address of the switch. Forward Delay Forward Delay timer. This determines how long each of the listening and learning states last before the port begins forwarding. HelloTime Hello timer. This is the number of seconds between STP configuration messages. The HelloTime determines how often the network device broadcasts hello messages to other network devices. Max Age Maximum age timer. This determines the amount of time protocol information received on a port is stored by the network device. Table 11-19 Selecting Spanning Tree Instances in Switch Clouds Field Description Usage Notes Select instance by type Select either of the following criteria: VLAN Name VLAN ID To view the valid values for the VLAN Name or VLAN ID field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the VLAN Name or VLAN ID. Matches Lists VLANs that match the specified criteria. Select the VLAN from the list of matches.
11-26 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Table 11-20 PVST Device Details Field 1 Description Usage Notes Device Name Name of the device. This field is not configurable. IP Address IP address of the device. This field is not configurable. Root ID ID of the bridge assumed to be root. On initialization, each bridge assumes itself as root. This field is not configurable. Root Port ID of the port, which is closest to the root. This field is not configurable. Cost Mode Type of Spanning Tree path cost mode configured on the device. Applies to all STP instances running on the device. When you change, the path cost of all ports are reassigned to the default path cost values based on the new Spanning Tree path cost mode and ports' speed. The possible values are: ShortShort cost is specified by 802.1d LongLong cost is specified by 802.1t This field is not configurable. Root Cost Cost of the root. This field is not configurable. Extended SysID * State of the extended system ID feature on the switch: Enable, Disabled, or Unknown Select a value from the drop-down list. STP uses the VLAN ID as the extended system ID. It uses the extended system ID plus a MAC address to make the bridge ID unique for each VLAN. For more details, see Understanding Bridge ID. Priority * Bridge priority The device with the lowest bridge identifier is considered the highest priority bridge and becomes the root bridge. By default, the bridge priority is set to 32768. Use the bridge priority command to set the priority that the bridge Spanning Tree uses to choose the root bridge in the network. Bridge priority can range from 0 to 65535. But if you have enabled MAC address reduction, the root bridge priority becomes a multiple of 4096 plus the VLAN ID.
11-27 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Backbone Fast * State of the Backbonefast feature: Enabled or Disabled. Select a value from the drop-down list. Uplink Fast * State of the Uplinkfast feature: Enabled or Disabled. Select a value from the drop-down list. When enabled, UplinkFast feature dramatically decreases the convergence time of the STP in the event of the failure of an uplink on an access switch. Loop Guard * State of the Loop Guard feature: Enable or Disable. Select a value from the drop-down list. When enabled, Loop Guard works on non-designated ports and does not allow the port to become designated via max_age expiry. PortFast Global * State of the PortFast Global Configuration feature: Enabled or Disabled. Select a value from the drop-down list. When enabled, PortFast causes a switch or trunk port to enter the Spanning Tree forwarding state immediately, bypassing the listening and learning states. If you configure the default on each port, this setting applies to interfaces. BPDU Filter * State of the BPDU Filter feature: Enabled, Disabled or Default. Select a value from the drop-down list. When enabled, BPDU filtering allows you to avoid transmitting BPDUs on a port, usually connected to an end system. When you enable PortFast on the switch, Spanning Tree places ports in the forwarding state immediately, instead of going through the listening, learning, and forwarding states. BPDU Guard * State of the BPDU Guard feature: Enabled, Disabled or Default. Select a value from the drop-down list. When enabled, BPDU Guard feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port. When the BPDU Guard feature is enabled on the switch, Spanning Tree shuts down PortFast-configured interfaces that receive BPDUs, instead of putting them into the Spanning Tree blocking state. 1. Fields marked with asterisk are editable. Table 11-20 PVST Device Details (continued) Field 1 Description Usage Notes
11-28 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network To edit values of fields marked with an asterisk, select rows, and uncheck Read-only. The selected rows are highlighted in the Edit Here section. To change the value of a field, do either of the following: Double click the current value, and enter a new value, or Select a value from the drop-down list. The new values are displayed, highlighted in pink. Step 6 Click Configure to make changes to the devices. Or Click Reset to return to the previous values without making any changes. Reporting and Configuring MST Device To configure MST port on a switch cloud: Step 1 From the Summary View, select Reports > Spanning Tree Configuration. The Spanning Tree Configuration page appears. Step 2 Select the Device tab. The Spanning Tree Device Configuration page appears. Step 3 Select MST from the Spanning Tree Type drop-down list. MST details appear in text boxes. Table 11-21 lists the displayed fields and descriptions. Step 4 From the Spanning Tree Instance field, click Select. The Select Instance dialog box appears. Table 11-21 MST Details Field Description Root Bridge IP address of the switch. Forward Delay Forward delay timer. This determines how long each of the listening and learning states last before the port begins forwarding. HelloTime Hello timer. This is the number of seconds between STP configuration messages. The HelloTime determines how often the network device broadcasts hello messages to other network devices. Max Age Maximum age timer. This determines the amount of time protocol information received on a port is stored by the network device.
11-29 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Step 5 Enter the required information as described in Table 11-22. To view the devices in the Instance, click Select. The devices in the instance appear in a table. Table 11-23 lists the fields in the table, their description, and usage notes for editable fields. Table 11-22 Selecting Spanning Tree Instances in Switch Clouds Field Description Usage Notes Select instance by region Select either of the following criteria: All Regions Region Name To view the valid values for the region field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the region name. Matches Lists instances that match the specified criteria Select the STP instance from the list of matches.
11-30 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Table 11-23 MST Device Details Field 1 Description Usage Notes Device Name Name of the device. This field is not configurable. IP Address IP address of the device. This field is not configurable. Root ID ID of the bridge assumed to be root. Upon initialization, the bridge assumes that it is root. This field is not configurable. Root Port Port ID of the port, which is closest to the root. This field is not configurable. Cost Mode Type of Spanning Tree path cost mode configured on the device. Applies to all STP instances running on the device. When you change the value, the path cost of all ports are reassigned to the default path cost values based on the new Spanning Tree path cost mode and ports' speed. The possible values are: ShortShort cost is specified by 802.1d LongLong cost is specified by 802.1t This field is not configurable. Root Cost Cost of the root. This field is not configurable. Extended SysID * State of the extended system ID feature on the switch: Enable, Disabled, or Unknown Select a value from the drop-down list. Priority * Bridge priority The device with the lowest bridge identifier is considered the highest priority bridge and becomes the root bridge. By default, the bridge priority is set to 32768. Use the bridge priority command to set the priority that the bridge Spanning Tree uses to choose the root bridge in the network. The range for bridge priority is 0 to 65535. The value should be a multiple of 4096.
11-31 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Region Name * Alphanumeric configuration name assigned to the MST region that the switch is part of. Enter a new name in the field to change the region name. For two or more switches to be in the same MST region, they must have the same VLAN-to-instance map, the same configuration revision number, and the same configuration name. Region Revision * MST configuration revision number (0 to 65535). Enter a new value in the field to change the revision number. For two or more switches to be in the same MST region, they must have the same VLAN-to-instance map, the same configuration revision number, and the same configuration name. Max. Hop Count Number of hops in an MST region after which a BPDU is discarded, and the information held for a port is aged. (1 to 40; default is 20). This field is not configurable. VLANs List of VLANs that form part of the MST region. This field is not configurable. Loop Guard * State of the Loop Guard feature: Enable or Disable. Select a value from the drop-down list. When enabled, loop guard works on non-designated ports and does not allow the port to become designated via max_age expiry. PortFast Global * State of the PortFast Global Configuration feature: Enabled or Disabled. Select a value from the drop-down list. When enabled, PortFast causes a switch or trunk port to enter the Spanning Tree forwarding state immediately, bypassing the listening and learning states. BPDU Filter * State of the BPDU filter feature: Enabled, Disabled or Default. Select a value from the drop-down list. When enabled, BPDU filtering allows you to avoid transmitting BPDUs on a port, usually connected to an end system. When you enable PortFast on the switch, Spanning Tree places ports in the forwarding state immediately, instead of going through the listening, learning, and forwarding states. BPDU Guard * State of the BPDU Guard feature: Enabled, Disabled or Default. Select a value from the drop-down list. When enabled, BPDU Guard feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port. When the BPDU Guard feature is enabled on the switch, Spanning Tree shuts down PortFast-configured interfaces that receive BPDUs, instead of putting them into the Spanning Tree blocking state. Table 11-23 MST Device Details (continued) Field 1 Description Usage Notes
11-32 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network 1. Fields marked with asterisk are editable.
11-33 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network To edit values of fields marked with an asterisk, select rows, and uncheck Read-only. The selected rows are highlighted in the Edit Here section. To change the value of a field, do either of the following: Double click the current value, and enter a new value, or Select a value from the drop-down list. The new values appear, highlighted in pink. Step 6 Click Configure to make changes to the devices. Or Click Reset to return to the previous values without making any changes. Reporting and Configuring MISTP Device To configure MISTP port on a switch cloud: Step 1 From the Summary View, select Reports > Spanning Tree Configuration. The Spanning Tree Configuration page appears. Step 2 Select the Device tab. The Spanning Tree Device Configuration page appears. Step 3 Select MISTP from the Spanning Tree Type drop-down list. MISTP details appear in text boxes. Table 11-24 lists the displayed fields and descriptions. Step 4 From the Spanning Tree Instance field, click Select. The Select Instance dialog box appears. Step 5 Enter the required information as described in the Table 11-25. Table 11-24 MISTP Details Field Description Root Bridge IP address of the switch. Forward Delay Forward Delay timer. This determines how long each of the listening and learning states last before the port begins forwarding. HelloTime Hello timer. This is the number of seconds between STP configuration messages. The HelloTime determines how often the network device broadcasts hello messages to other network devices. Max Age Maximum age timer. This determines the amount of time protocol information received on a port is stored by the network device.
11-34 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network To view the devices in the MISTP instance, click Select. The devices in the instance appear in a table. Table 11-26 lists the fields in the table, their description, and usage notes for editable fields. Table 11-25 Selecting Spanning Tree Instances in Switch Clouds Field Description Usage Notes Select device by instance Select either of the following criteria: All Instances Instance Name To view the valid values for the instance field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the instance name. Matches Lists instances that match the specified criteria. Select the instance from the list of matches. Table 11-26 MISTP Device Details Field 1 Description Usage Notes Device Name Name of the device. This field is not configurable. IP Address IP address of the device. This field is not configurable. Root ID ID of the bridge assumed to be root. Upon initialization, the bridge assumes that it is root. This field is not configurable. Root Port Port ID of the port, which is closest to the root. This field is not configurable. Cost Mode Type of Spanning Tree path cost mode configured on the device. Applies to all STP instances running on the device. When you change the value, the path cost of all ports will be reassigned to the default path cost values based on the new Spanning Tree path cost mode and ports' speed. The possible values are: ShortShort cost is specified by 802.1d LongLong cost is specified by 802.1t This field is not configurable. Root Cost Cost of the root. This field is not configurable.
11-35 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Extended SysID * State of the extended system ID feature on the switch: Enable, Disabled, or Unknown Select a value from the drop-down list. Priority * Bridge priority The device with the lowest bridge identifier is considered the highest priority bridge and becomes the root bridge. By default, the bridge priority is set to 32768. Use the bridge priority command to set the priority that the bridge Spanning Tree uses to choose the root bridge in the network. The range for bridge priority is 0 to 65535. The value should be a multiple of 4096. Backbone Fast * State of the Backbonefast feature: Enabled or Disabled. Select a value from the drop-down list. Uplink Fast * State of the Uplinkfast feature: Enabled or Disabled. Select a value from the drop-down list. When enabled, UplinkFast feature dramatically decreases the convergence time of the STP in the event of the failure of an uplink on an access switch. Loop Guard * State of the Loop Guard feature: Enable or Disable. Select a value from the drop-down list. When enabled, loop guard works on non-designated ports and does not allow the port to become designated via max_age expiry. PortFast Global * State of the PortFast Global Configuration feature: Enabled or Disabled. Select a value from the drop-down list. When enabled, PortFast causes a switch or trunk port to enter the Spanning Tree forwarding state immediately, bypassing the listening and learning states. Table 11-26 MISTP Device Details (continued) Field 1 Description Usage Notes
11-36 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network To edit values of fields marked with an asterisk, select rows, and uncheck Read-only. The selected rows are highlighted in the Edit Here section. To change the value of a field, do either of the following: Double click the current value, and enter a new value, or Select a value from the drop-down list. The new values appear, highlighted in pink. Step 6 Click Configure to make changes to the devices. Or Click Reset to return to the previous values without making any changes. Note Preferred VLANs are available only on Cisco Catalyst switches running Catalyst operating system. BPDU Filter * State of the BPDU Filter feature: Enabled, Disabled or Default. Select a value from the drop-down list. When enabled, BPDU filtering allows you to avoid transmitting BPDUs on a port, usually connected to an end system. When you enable PortFast on the switch, Spanning Tree places ports in the forwarding state immediately, instead of going through the listening, learning, and forwarding states. BPDU Guard * State of the BPDU Guard feature: Enabled, Disabled or Default. Select a value from the drop-down list. When enabled, BPDU Guard feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port. When the BPDU Guard feature is enabled on the switch, Spanning Tree shuts down PortFast-configured interfaces that receive BPDUs, instead of putting them into the Spanning Tree blocking state. 1. Fields marked with asterisk are editable. Table 11-26 MISTP Device Details (continued) Field 1 Description Usage Notes
11-37 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Reporting and Configuring MST Instance To configure MST instance on a switch cloud: Step 1 From the Summary View, select Reports > Spanning Tree Configuration. The Spanning Tree Configuration page appears. Step 2 Select the Instance tab. The Spanning Tree Port Instance Configuration page appears. Step 3 Select MST from the Spanning Tree Type drop-down list. Step 4 From the Device field, click Select. The Select Device dialog box appears. Step 5 Enter the required information as described in the Table 11-27. To view the MST instances that are running on the device, click Select. The instance and VLAN appear in a table. Table 11-28 lists the fields in the table, their description, and usage notes for editable fields. Table 11-27 Selecting Devices in Switch Clouds Field Description Usage Notes Select device by filter Select either of the following criteria: Name Device IP SysName To view the valid values for the filter field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the name, IP address or system name. Matches Lists devices that match the specified criteria. Select the device from the list of matches. Table 11-28 MST Instance Details Field 1 1. Fields marked with asterisk are editable. Description Usage Notes Instance MST instance that the device is part of. This field is not configurable. VLANS * VLANs that are mapped to the instance. Select a value from the drop-down list.
11-38 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network To edit the instance to VLAN mapping, select the particular instance, and uncheck Read-only. The selected rows are highlighted in the Edit Here section. To change the value of a field, do either of the following: Double click the current value, and enter a new value, Or Select a value from the drop-down list. The new values are displayed, highlighted in pink. Step 6 Click Configure to make changes to the devices. Or Click Reset to return to the previous values without making any changes,. Reporting and Configuring MISTP Instance To configure MISTP instance on a switch cloud: Step 1 From the Summary View, select Reports > Spanning Tree Configuration. The Spanning Tree Configuration page appears. Step 2 Select the Instance tab. The Spanning Tree Port Instance Configuration page appears. Step 3 Select MISTP from the Spanning Tree Type drop-down list. Step 4 From the Device field, click Select. The Select Device dialog box appears. Step 5 Enter the required information as described in Table 11-29. Step 6 To view the MST instances that are running on the device, click Select. The instance and VLAN appear in a table. Table 11-30 lists the fields in the table, their description, and usage notes for editable fields. Table 11-29 Selecting Devices in Switch Clouds Field Description Usage Notes Select device by filter Select either of the following criteria: Name Device IP SysName To view the valid values for the filter field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the name, IP address or system name. Matches Lists devices that match the specified criteria. Select the device from the list of matches.
11-39 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network To edit the instance to VLAN mapping, select the particular instance, and uncheck Read-only. The selected rows are highlighted in the Edit Here section. To change the value of a field, do either of the following: Double click the current value, and enter a new value, or Select a value from the drop-down list. The new values are displayed, highlighted in pink. Step 7 Click Configure to make changes to the devices. Or Click Reset to return to the previous values without making any changes. Reporting and Configuring PVST Trunk To configure PVST trunk on a switch cloud: Step 1 From the Summary View, select Reports > Spanning Tree Configuration. The Spanning Tree Configuration page appears. Step 2 Select the Trunk tab. The Spanning Tree Port Trunk Configuration page appears. Step 3 Select PVST from the Spanning Tree Type drop-down list. Step 4 From the Device field, click Select. The Select Device dialog box appears. Step 5 Enter the required information as described in the Table 11-31. Table 11-30 MISTP Instance Details Field 1 1. Fields marked with asterisk are editable. Description Usage Notes Instance MISTP instance that the device is part of. This field is not configurable. VLANS * VLANs that the device is part of. Select a value from the drop-down list.
11-40 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network The instance and VLAN appear in a table. Table 11-32 lists the fields in the table, their description, and usage notes for editable fields. Table 11-31 Selecting Devices in Switch Clouds Field Description Usage Notes Select device by filter Select either of the following criteria: Name Device IP SysName To view the valid values for the filter field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the name, IP address or system name. Matches Lists devices that match the specified criteria. Select the device from the list of matches. Table 11-32 PVST Trunk Details Field 1 1. Fields marked with asterisk are editable. Description Usage Notes Device Name Name of the device. This field is not configurable. IP Address IP address of the device. This field is not configurable. Port Trunk port on the device. This field is not configurable. isTrunk Displays a check mark if the port is a trunk port. This field is not configurable. Preferred VLANs * Preferred VLANs the trunk port is configured for. Preferred VLANs are VLANs you prefer to keep in forwarding mode on a trunk link. You can do this by setting the port instance cost of these VLANs to be lower than the other VLANs. When port instance cost is lowered these instances are made forwarding on the trunk as against the other. You can load balance VLAN traffic across multiple trunk links. For example, if you want to have some VLANs to use only a particular trunk link, then you can lower their STP cost so that they are preferred over that link.
11-41 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Uncheck Read-only, and select the trunk port. The selected rows are highlighted in the Edit Here section. Select the trunk port, and enter the VLANs that have to be preferred in the Edit Here section. To change the value of a field, do either of the following: Double click the current value, and enter a new value, or Select a value from the drop-down list. The new values appear, highlighted in pink. Step 6 Click Configure to make changes to the devices. Or Click Reset to return to the previous values without making any changes. Note Preferred VLANs are available only on Cisco Catalyst switches running Catalyst operating system. Reporting and Configuring MST Trunk To configure MST trunk on a switch cloud: Step 1 From the Summary View, select Reports > Spanning Tree Configuration. The Spanning Tree Configuration page appears. Step 2 Select the Trunk tab. The Spanning Tree Port Trunk Configuration page appears. Step 3 Select MST from the Spanning Tree Type drop-down list. Step 4 From the Device field, click Select. The Select Device dialog box appears.
11-42 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Step 5 Enter the required information as described in Table 11-33. The instance and VLAN appear in a table. Table 11-34 lists the fields in the table, their description, and usage notes for editable fields. Uncheck Read-only, and select the trunk port. The selected rows are highlighted in the Edit Here section. Select the trunk port, and enter the VLANs that have to be preferred in the Edit Here section. Table 11-33 Selecting Devices in Switch Clouds Field Description Usage Notes Select device by filter Select either of the following criteria: Name Device IP SysName To view the valid values for the filter field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the name, IP address or system name. Matches Lists devices that match the specified criteria. Select the device from the list of matches. Table 11-34 MST Trunk Details Field 1 1. Fields marked with asterisk are editable. Description Usage Notes Device Name Name of the device. This field is not configurable. IP Address IP address of the device. This field is not configurable. Port Port number used for bridge forwarding. This field is not configurable. isTrunk Displays a check mark if the port is a trunk port. This field is not configurable. Preferred Instance * Preferred instances the trunk port is configured for. Preferred VLANs are VLANs you prefer to keep in forwarding mode on a trunk link. You can do this by setting the port instance cost of these VLANs to be lower than the other VLANs. When port instance cost is lowered, these instances are made forwarding on the trunk as against the other. You can load balance VLAN traffic across multiple trunk links. For example, if you want to have some VLANs to use only a particular trunk link, then you can lower their STP cost so that they are preferred over that link.
11-43 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network To change the value of a field, do either of the following: Double click the current value, and enter a new value, or Select a value from the drop-down list. The new values appear, highlighted in pink. Step 6 Click Configure to make changes to the devices. Or Click Reset to return to the previous values without making any changes. Note Preferred VLANs are available only on Cisco Catalyst switches running Catalyst operating system. Reporting and Configuring MISTP Trunk To configure MISTP trunk on a switch cloud: Step 1 From the Summary View, select Reports > Spanning Tree Configuration. The Spanning Tree Configuration page appears. Step 2 Select the Trunk tab. The Spanning Tree Port Trunk Configuration page appears. Step 3 Select MST from the Spanning Tree Type drop-down list. Step 4 From the Device field, click Select. The Select Device dialog box appears. Step 5 Enter the required information as described in Table 11-35. The instance and VLAN appear in a table. Table 11-36 lists the fields in the table, their description, and usage notes for editable fields. Table 11-35 Selecting Devices in Switch Clouds Field Description Usage Notes Select device by filter Select desired criteria: Name Device IP SysName To view the valid values for the filter field, click the drop-down arrow. What Enter the desired string Use this field to narrow the number of matches by entering part or all of the name, IP address or system name. Matches Lists devices that match the specified criteria. Select the desired device from the list of matches.
11-44 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Generating Reports and Configuring STP on the Network Uncheck Read-only, and select the trunk port. The selected rows are highlighted in the Edit Here section. Select the trunk port, and enter the VLANs that have to be preferred in the Edit Here section. To change the value of a field, do either of the following: Double click the current value, and enter a new value, or Select a value from the drop-down list. The new values appear, highlighted in pink. Step 6 Click Configure to make changes to the devices. Or Click Reset to return to the previous values without making any changes. Note Preferred VLANs are available only on Cisco Catalyst switches running Catalyst operating system. Table 11-36 MST Trunk Details Field 1 1. Fields marked with asterisk are editable. Description Usage Notes Device Name Name of the device. This field is not configurable. IP Address IP address of the device. This field is not configurable. Port Port number used for bridge forwarding. This field is not configurable. isTrunk Displays a check mark if the port is a trunk port. This field is not configurable. Preferred Instance * Preferred instances the trunk port is configured for. Preferred VLANs are VLANs you prefer to keep in forwarding mode on a trunk link. You can do this by setting the port instance cost of these VLANs to be lower than the other VLANs. When port instance cost is lowered these instances are made forwarding on the trunk as against the other. You can load balance VLAN traffic across multiple trunk links. For example, if you want to have some VLANs to use only a particular trunk link, then you can lower their STP cost so that they are preferred over that link.
11-45 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Filters Spanning Tree Filters Topology Map provides two filters for STP enabled devices or links. These filters are available in the topology maps for Switch Clouds under LAN Edge View. STP Inconsistency STP Filters in Switch Cloud View Viewing STP Loop Inconsistency STP Inconsistency If your network has incorrect configurations, STP stops functioning and you may lose connectivity. STP Inconsistency detects these incorrect configurations in your network and changes the state to inconsistent for corresponding ports, thus preventing the ports from affecting the network. When you select the filter, Topology View highlights the link and device associated with that specific STP inconsistency. STP inconsistencies are computed during each data collection. Devices in the switched clouds are polled when the filter is applied. Topology Map provides four filters under STP Inconsistency: Loop (Viewing STP Loop Inconsistency) PVID (Viewing STP PVID Inconsistency) Root (Viewing STP Root Inconsistency) Type (Viewing STP Type Inconsistency) Spanning Tree These filters are based on the Spanning Tree details of devices. When you select the filter, topology map lists the Spanning Tree Instances applicable to all the switches in the selected switch cloud. Topology Map provides three filters under Spanning Tree: IEEE 802.1s Instance (Viewing Spanning Tree per IEEE 802.1s Instance) Cisco MIST Instance (Viewing Spanning Tree per Cisco MISTP Instances) VLAN (Viewing VLANs in Switch Clouds) Viewing STP Loop Inconsistency To view STP loop inconsistencies in switch clouds: Step 1 Invoke Switch Cloud Map View from Topology Services. Step 2 Select Topology Filters > STP Inconsistency > Loop. The link and devices with loop inconsistencies appear.
11-46 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Filters Viewing STP PVID Inconsistency To view STP PVID inconsistencies in switch clouds: Step 1 Invoke Switch Cloud Map View from Topology Services. Step 2 Select Topology Filters > STP Inconsistency > PVID. The link and devices with PVID inconsistencies appear. Viewing STP Root Inconsistency To view STP root inconsistencies in switch clouds: Step 1 Invoke Switch Cloud Map View from Topology Services. Step 2 Select Topology Filters > STP Inconsistency > Root. The link and devices with root inconsistencies are displayed. Viewing STP Type Inconsistency To view STP type inconsistencies in switch clouds: Step 1 Invoke Switch Cloud Map View from Topology Services. Step 2 Select Topology Filters > STP Inconsistency > Type. The link and devices with type inconsistencies are displayed. STP Filters in Switch Cloud View Spanning Tree Filter is available in Switch Cloud Maps in Topology Services. Spanning Tree information in a switch cloud provides a better picture of the Spanning Tree than displaying Spanning Tree information in the VTP domain map. Sometimes, the Spanning Tree root might not be part of VTP domain. The availability of STP Filters on Switch Cloud View resolves this problem. When you select the filter, it displays the list of Spanning Tree Instances that are applicable to all switches in the switch cloud, in a popup dialog box. The following information is provided for the selected Spanning Tree Instance in the Topology Map: Port states (forwarding or blocking) of Switches Highlighted Root Bridge.
11-47 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Filters Spanning Tree These filters are based on the Spanning Tree details of devices. When you select the filter, the Topology map lists the Spanning Tree Instances applicable to all switches in the selected switch cloud. Topology Map provides three filters under Spanning Tree: IEEE 802.1s Instance (Viewing Spanning Tree per IEEE 802.1s Instance) Cisco MIST Instance (Viewing Spanning Tree per Cisco MISTP Instances) VLAN (Viewing VLANs in Switch Clouds) Viewing Spanning Tree per IEEE 802.1s Instance You can specify the IEEE 802.1s instances by searching for the instance number. To do this: Step 1 From a Network Topology View, select Topology Filters > Spanning Tree > IEEE 802.1s Instance. The Select Instance window appears. Step 2 Enter the required information as described in Table 11-37. To view the Spanning Tree details of an IEEE 802.1s Instance in the Network Topology View window, click Select. Viewing Spanning Tree per Cisco MISTP Instances You can specify the MISTP instances by searching for the instance name. To do this: Step 1 From a network topology view, select Topology Filters > Spanning Tree > Cisco MISTP Instance. The Select Instance window appears. Step 2 Enter the required information as described in Table 11-38. Table 11-37 Selecting IEEE 802.1s Instances in Switch Clouds Field Description Usage Notes Select instance by region Select either of the following criteria: All Regions Region Name To view the valid values for the region field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the region name. Matches Lists instances that match the specified criteria. Select the STP instance from the list of matches.
11-48 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 11 Managing Network Spanning Trees Spanning Tree Filters To view the Spanning Tree details of an MISTP Instance in the Network Topology View window, click Select. Viewing VLANs in Switch Clouds You can specify VLANs by searching for the instance name. Step 1 From a Network Topology View, select Topology Filters > Spanning Tree > VLAN. The Select VLAN window appears. Step 2 Enter the required information as described in Table 11-39. To view the Spanning Tree details of the VLAN in the Network Topology View window, click Select. Table 11-38 Selecting Cisco MIST Instances in Switch Clouds Field Description Usage Notes Select device by instance Select either of the following criteria: All Instances Instance Name To view the valid values for the instance field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the instance name. Matches Lists instances that match the specified criteria. Select the instance from the list of matches. Table 11-39 Selecting VLANs in Switch Clouds Field Description Usage Notes Select VLAN Select either of the following criteria: VLAN Name VLAN ID To view the valid values for the VLAN field, click the drop-down arrow. What Enter the string Use this field to narrow the number of matches by entering part or all of the VLAN name or ID. Matches Lists the VLANs that match the specified criteria. Select the name or ID from the list of matches. C H A P T E R
12-1 User Guide for Campus Manager 5.2 OL-18011-01 12 Support for IPv6 This chapter the Internet Protocol version 6 (IPv6) support provided in Campus Manager. It contains the following topics: Understanding IPv6 Support in Campus Manager Viewing IPv6 Addresses Report Interpreting IPv6 Addresses Report Understanding IPv6 Support in Campus Manager IPv6 support in Campus Manager includes the following network scenarios: Devices that may have IPv6 configured on their interfaces, but which have at least one IPv4 interface. Devices are managed using IPv4. Hosts running IPv6 are supported in the User Tracking application. Note Virtual Network Manager does not support IPv6 Campus Manager has been updated as follows for IPv6 support: User Tracking Changes User Tracking Ping Sweep Applicability to IPv6 Subnets Topology Changes User Tracking Changes In User Tracking, hosts configured with IPv6 address are discovered and shown in the main table. IPv6 name lookup is done if IPv4 name lookup fails. That is, for a given IPv6 address, it returns the host name. IPv6 does not support reverse name lookup. All global unicast addresses are fetched and used for User Tracking computation but link local addresses are dropped. User Tracking end host reports have an IPv6 format. Select this format to view the IPv6 address, Prefix Length and Prefix of IPv6 enabled devices. Note User Tracking is not supported for IPv6 devices
12-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 12 Support for IPv6 Viewing IPv6 Addresses Report User Tracking Ping Sweep Applicability to IPv6 Subnets Ping Sweep functionality is currently available for Class C or smaller subnets. Since with IPv6 each of the networks can be larger than Class C networks and we cannot determine individual IPv6 addresses that can be present in a given network or sub-network, Ping Sweep is not on any of the IPv6 subnets. Topology Changes Topology Services provides the following for IPv6 support: IPv6 filter that lets you highlight the IPv6 devices Find option for IPv6 devices Table for devices running IPv6 Change Management IP Address displays IPv6 address, if the device is enabled with IPv6 option. Note IPv6 support for the following STP options has not been tested : Per VLAN STP Recommendations, Cisco MISTP Recommendations, and IEEE 802.1s Recommendations. Viewing IPv6 Addresses Report You can view IPv6 addresses report for IPv6 enabled devices. To view this report: Step 1 Right-click the LAN Edge View or Layer 2 View from Network Views in the Topology Services window. Step 2 Click Display View. The Network Topology window appears. Step 3 Select an IPv6 enabled device. Step 4 Right-click the device then select IPv6 Addresses, or choose Reports > IPv6 Addresses. The IPv6 Addresses report appears.
12-3 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 12 Support for IPv6 Interpreting IPv6 Addresses Report Interpreting IPv6 Addresses Report See Table 12-1 for interpreting the fields in the IPv6 Addresses Report. Table 12-1 IPv6 Addresses Report Field Description Interface Name Name of the IPv6 address interface. IPv6 Address IPv6 address of the device. An IPv6 address typically has four groups of 8 bits each. Example: 2001:5:A:3:0:0:0:2 Prefix Length Length of the prefix. This is a decimal value representing how many of the left-most contiguous bits of the address comprise the prefix. Prefix Address Prefix portion of the IPv6 address. This is similar to CIDR in IPv4 and is written in CIDR notation. An IPv6 address prefix is represented by the notation: IPv6-address/prefix-length Address Type Type of IPv6 address. Campus Manager supports unicast addresses. The Address Type can be global, link-local, or site-local. Global addresses are identified by the Format Prefix of 001. Addresses of this type are designed to be aggregated or summarized to produce an efficient routing infrastructure. Link-local addresses are used to communicate between hosts on the link with no router. Site-local addresses are used between nodes that communicate with other nodes in the same site. Site-local addresses are identified by the Format Prefix of 1111 1110 11.
12-4 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 12 Support for IPv6 Interpreting IPv6 Addresses Report C H A P T E R
13-1 User Guide for Campus Manager 5.2 OL-18011-01 13 Data Extraction Engine CiscoWorks Campus Manager Data Extraction Engine (DEE) is a utility to export Campus Manager application data. This utility provides servlet and command line access to Campus Manager application data (User Tracking, Topology and Discrepancy), and allows you to extract data in Extensible Markup Language (XML) format. This chapter contains: Overview of Data Extraction Engine The cmexport Command cmexport User Tracking cmexport Topology Command cmexport Discrepancy Command cmexport Manpage DEE Developers Reference Overview of Data Extraction Engine Data Extraction Engine (DEE) is a utility that provides servlet access to User Tracking, Layer 2 topology, and discrepancy data. It also includes a command line utility that you can use to fetch user tracking data, Layer 2 topology, and discrepancy data for devices discovered by Campus Manager server. This utility supports the following features: Generating user tracking data in XML format: Allows you to access servlet and command line utilities that can generate user tracking data for devices discovered by Campus Manager Server. Generating Layer 2 topology data in XML format: Allows you to generate the latest Layer 2 topology data including information on neighbor devices. Elements in XML file are created at the device level.
13-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine The cmexport Command Generating discrepancy data in XML format: Allows you to use Campus Manager discrepancy APIs to retrieve latest discrepancy data from Campus Manager server. Archiving XML Data: Data generated through CLI is archived at the following locations: where PX_DATADIR is either %NMSROOT%/files folder (on Windows) or /var/adm/CSCOpx/files directory (on Solaris). NMSROOT is the directory where you installed Campus Manager; timestamp is the time at which the log was written in YearMonthDateHourOfDayMinuteSecond format. You can also specify a directory to store the output. This utility does not delete the files created in the archive. You should delete these files when necessary. While generating data through the servlet, the output appears at the client terminal. Generating user tracking and configuration data in XML format using the Servlet: Allows you to generate and download the user tracking, topology and discrepancy XML files using the servlet. You must upload a payload XML file, which contains the cmexport and utexport command options and CiscoWorks user credentials. You should write your own script to invoke the servlet with a payload of this XML file. If the credentials are correct and options are valid, the servlet returns the exported file in XML format. The cmexport Command cmexport is the CiscoWorks Campus Manager command line interface for exporting discrepancy and Layer 2 topology data details into XML format. This section contains the following topics: Running cmexport Command cmexport Arguments and Options Table 13-1 Data Archive Locations For Location User Tracking PX_DATADIR/cmexport/ut/timestamput.xml Layer 2 Topology PX_DATADIR/cmexport/L2Topology/ timestampL2Topology.xml Discrepancy PX_DATADIR/cmexport/Discrepancy/ timestampDiscrepancy.xml
13-3 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine The cmexport Command Running cmexport Command This section contains: Command Line Syntax Commands Command Line Syntax The command line syntax of the utility is in the following format: cmexport command arguments options where: cmexport is the CiscoWorks Campus Manager command line interface for exporting User Tracking, Layer 2 topology, and discrepancy data details into XML format. command specifies which core operation is to be performed. arguments are the additional parameters required for each core command. options are the optional parameters, which modify the behavior of the specific DEE core command. The order of the arguments and options are not important. However, you must enter the core command immediately after cmexport. Commands Table 13-2 lists the command part of the cmexport syntax. You must invoke the cmexport command with one of the core commands specified in the above table. If you do not specify any core commands, cmexport can only execute the -v or -h options: Option -v displays the version of the cmexport utility Option -h (or null option) lists the usage information for this utility. cmexport Arguments and Options This section contains: Mandatory Arguments Optional Arguments Function-Specific Options Table 13-2 Command Descriptions Core Command Description ut Generates User Tracking data in XML format. l2topology Generates layer 2 topology data in XML format. discrepancy Generates discrepancy data in XML format.
13-4 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine The cmexport Command Mandatory Arguments The arguments that must be specified with all functions is: -u userid: Specifies the CiscoWorks userid. -p password: Specifies the password for CiscoWorks userid. If you want to avoid the -p option which will reveal the password in clear text in CLI, you must store your userid and password in a file and set a variable CMEXPORTFILE which points to this file. You must maintain this file and control access permissions to prevent unauthorized access. cmexport looks for current working directory if CMEXPORTFILE is set only to the file name instead of to the full path. If you use the -p option, even after setting the CMEXPORTFILE variable, the password is taken from the command line instead of from CMEXPORTFILE. This is not secure and we recommend that you do not use this option. You must enter the password in the file in the following format: userid password where userid is the CiscoWorks user name given in the command line. The delimiter between the userid and password is single blank space. You must provide the delimiter if the password is blank. Otherwise, cmexport will not validate the password. The password file can contain multiple entries with different user names. If there are duplicate entries the password that matches the first user name is considered. Note If -p password is used, the password is read from the command line instead of CMEXPORTFILE. This is not secure and we recommend that you do not use this option. Optional Arguments The arguments you can specify with any function are: -d debuglevel Sets the debug level based on which debug information is printed. There are two levels of debuggingTRACE and DEBUG. If you do not specify the-d option, logging will not occur. -l logfile Logs the results of the cmexport command to the specified log file name. By default the command output is displayed in the standard output.
13-5 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine The cmexport Command Function-Specific Options DEE supports the following function-specific option: -f filename If used with: User Tracking function Specifies the name of the file to which the user tracking information is to be exported. Topology function Specifies the name of the file to which the layer 2 topology information is to be exported. Discrepancy function Specifies the name of the file to which the discrepancy information is to be exported. Displaying Help To display help for cm export Enter the following at a CLI prompt: cmexport -h. This displays a list of options for cmexport. On Solaris, you can also enter the following at a CLI prompt: man cmexport Uses of cmexport If you enter: cmexport ut {u userid} p password host -f filename.xml User Tracking XML output for host will be generated and it is stored in the file filename.xml. If you want to export the latest topology details for all Layer 2 devices enter: cmexport L2Topology {u userid} p password -f filename.xml If you want to export the latest discrepancy details, enter: cmexport Discrepancy {u userid} p password -f filename.xml Notations The notations followed in describing the command line arguments are explained below: {argument}Argument is a mandatory parameter. [argument]Argument is an optional parameter. argumentArgument is a variable. argument 1 | argument 2Either argument 1 or argument 2 may be specified but not both. Table 13-3 lists the notations part of the cmexport syntax.
13-6 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine cmexport User Tracking -vDisplays the version of the cmexport utility. -hLists the options available and function of each option. cmexport User Tracking This topic describes the cmexport User Tracking command, and the various options available to you. It contains the following sections: Name Synopsis Description Mandatory Arguments Accessing Help Examples Name cmexport ut: CiscoWorks cmexport user tracking function Synopsis cmexport ut: {-u userid} [ -p password ] -host [ host-options ] | -phone [ phone-options ] [ options ] Table 13-4 lists the command part of the cmexport syntax. Table 13-3 Notations Descriptions Command Description ut cmexport ut {-u userid} [ -p password ] -host [ host-options ] | -phone [ phone-options ] [ options ] l2topology {-u userid} [-p password] [-f filename] discrepancy {-u userid} [-p password] [-f filename] empty [-v | -h]
13-7 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine cmexport User Tracking Description User Tracking (specified by ut) exports the user tracking data into an XML file based on a predefined schema. Mandatory Arguments The options that must be specified with the cmexport ut function are: -u userid: Specifies the CiscoWorks userid. -p password: Specifies the password for CiscoWorks userid. If you want to avoid -p option which will reveal the password in clear text in CLI, you must store your userid and password in a file and set a variable CMEXPORTFILE which points to this file. You must maintain this file and control access permissions to prevent unauthorized access. cmexport looks for current working directory if CMEXPORTFILE is set only to the file name instead of to the full path. If you use the -p option, even after setting the CMEXPORTFILE variable, the password is taken from the command line instead of from CMEXPORTFILE. This is not secure and we recommend that you do not use this option. The password must be provided in the file in the following format: userid password where userid is the CiscoWorks user name given in the command line. The delimiter between the userid and password is single blank space. Table 13-4 Command Descriptions Argument Can be one of the Following host-options -query queryname -query queryname -view viewname -layout layoutname -layoutlayoutname -view viewname -query queryname -layout layoutname -query queryname -layout layoutname -view viewname phone-options -queryPhone queryname -layoutPhone layoutname -queryPhone queryname --layoutPhone layoutname options -f filename -d debuglevel -l logfile
13-8 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine cmexport User Tracking You must provide the delimiter if the password is blank. Otherwise, cmexport will not validate the password. The password file can contain multiple entries with different user names. The password that matches the first user name is considered in case of duplicate entries. Note If -p password is used, the password is read from the command line instead of CMEXPORTFILE. This is not secure and we recommend that you do not use this option. -host: Specifies host data to be exported. -phone: Specifies phone data to be exported. Options The options you can specify with the ut function are: -d debuglevel Sets the debug level based on which debug information is printed. There are two levels of debuggingTRACE and DEBUG. If you do not specify the -d option, no logging will occur. -l logfile Logs the results of the cmexport command to the specified logfile name. By default the command output will be displayed in the standard output. -f filename The file option specifies the filename where the XML output is to be stored. If the filename is not specified with -f option, an XML file of the format timestamput.xml is stored in the following directory: PX_DATADIR/cmexport/ut -view Specifies the format in which the user tracking XML data is to be presented. It supports two optional arguments: a. switch: User Tracking data are displayed based on the type of switch. b. subnet: User Tracking data are displayed based on subnet in which they are present. The -view options are not case sensitive. -query queryname User Tracking host data is exported in XML format for the query provided in queryname. This option must be used with the -host argument. For this option: Create a Custom report for end hosts in the following screen: Campus Manager > User Tracking >Reports > Custom Reports. Use the Custom report name as a value here. -layout layoutname User Tracking host data is exported in XML format for the layout provided in layoutname. This option must be used with the -host argument. For this option: Create a Custom layout for end hosts in the following screen: Campus Manager > User Tracking >Reports > Custom Layouts. Use the Custom layout name as a value here.
13-9 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine cmexport Topology Command -queryPhone queryname User Tracking phone data is exported in XML format for the query given in queryname. This option must be used with the -phone argument. For this option: Create a Custom report for IP phones in the following screen: Campus Manager > User Tracking >Reports > Custom Reports. Use the Custom report name as a value here. -layoutPhone layoutPhone User Tracking phone data is exported in XML format for the layout given in layoutPhone. This option must be used with the -phone argument. For this option: Create a Custom layout for IP phones in the following screen: Campus Manager > User Tracking >Reports > Custom Layouts. Use the Custom layout name as a value here. Accessing Help Enter the following at a CLI: cmexport -h: Displays a list of options for cmexport. cmexport ut -h: Displays a list of options for the cmexport ut command. On Solaris, you can also enter the following at a CLI: man cmexport Examples Considering userid: admin, password: admin, queryname: host1Query, layoutname: host1Layout, queryphone: phone1Query, layoutphone: phone1Layout, filename: file1.xml, we can have the following: cmexport ut -u admin -p admin -host cmexport ut -u admin -p admin -phone cmexport ut -u admin -p admin -host -query host1Query -layout all cmexport ut -u admin -p admin -host -query host1Query -layout layoutname cmexport ut -u admin -p admin -phone -queryPhone phone1Query -layoutPhone phone1Layout cmexport ut -u admin -p admin -host -f file1.xml cmexport ut -u admin -view switch -host cmexport Topology Command This section contains: Name Synopsis Description Mandatory Arguments Accessing Help Examples
13-10 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine cmexport Topology Command Name cmexport L2Topology: CiscoWorks cmexport layer 2 topology function Synopsis cmexport l2topology {-u userid} [ -p password ] [ options ] where cmexport l2topology -h lists the options available and function of each option. Description Layer 2 Topology (specified by l2topology) exports the Layer 2 topology data into an XML file based on a predefined schema. Mandatory Arguments The options that you must specify with the cmexport L2Topology function are: The options that you must specify with the cmexport L2Topology function are: -u userid: Specifies the CiscoWorks user ID. -p password Specifies the password for CiscoWorks user ID. If you want to avoid -p option which will reveal the password in clear text in CLI, you must store your userid and password in a file and set a variable CMEXPORTFILE which points to this file. You must maintain this file and control access permissions to prevent unauthorized access. cmexport looks for current working directory if CMEXPORTFILE is set only to the file name instead of to the full path. If you use the -p option, even after setting the CMEXPORTFILE variable, the password is taken from the command line instead of from CMEXPORTFILE. This is not secure and we recommend that you do not use this option. The password must be provided in the file in the following format: userid password where userid is the CiscoWorks user name given in the command line. The delimiter between the userid and password is single blank space. Table 13-5 Command Description Argument can be one of the following options -f filename -d debuglevel -l logfile
13-11 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine cmexport Topology Command You must provide the delimiter if the password is blank. Otherwise, cmexport will not validate the password. The password file can contain multiple entries with different user names. The password that matches the first user name is considered in case of duplicate entries. Note If -p password is used, the password is read from the command line instead of CMEXPORTFILE. This is not secure and we recommend that you do not use this option. Options The options you can specify with the layer 2 topology function are: -d debuglevel Sets the debug level based on which debug information is printed. There are two levels of debuggingTRACE and DEBUG. If you do not specify the -d option, no logging will occur. -l logfile Logs the results of the cmexport command to the specified logfile name. By default the command output will be displayed in the standard output. -f filename The file option specifies the filename where the XML output is to be stored. If the filename is not specified with -f option an XML file of the format timestampL2Topology.xml is stored in the following directory: PX_DATADIR/cmexport/L2Topology Accessing Help Enter the following at a CLI: cmexport -h: Displays a list of options for cmexport. cmexport l2topology -h: Displays a list of options for the cmexport l2topology command. On Solaris, you can also enter the following at a CLI: man cmexport Examples Considering userid: admin, password: admin, filename: file1.xml, you can have the following: cmexport L2Topology -u admin -p admin cmexport L2Topology -u admin -p admin -f file1.xml cmexport L2Topology -u admin -l file.log
13-12 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine cmexport Discrepancy Command cmexport Discrepancy Command This section contains: Name Synopsis Description Mandatory Arguments Accessing Help Examples Name cmexport Discrepancy: CiscoWorks cmexport Discrepancy function. Synopsis cmexport discrepancy {-u userid} [ -p password ] [ options ] where cmexport discrepancy -help lists the options available and function of each option. Description Discrepancy (specified by Discrepancy) exports the Discrepancy data into an XML file based on a predefined schema. Mandatory Arguments The options that you must specify with the cmexport Discrepancy function are: -u userid: Specifies the CiscoWorks userid. -p password Specifies the password for CiscoWorks userid. If you want to avoid -p option which will reveal the password in clear text in CLI, you must store your userid and password in a file and set a variable CMEXPORTFILE which points to this file. You must maintain this file and control access permissions to prevent unauthorized access. cmexport looks for current working directory if CMEXPORTFILE is set only to the file name instead of to the full path. Table 13-6 Command Description Argument Can be one of the Following options -f filename -d debuglevel -l logfile
13-13 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine cmexport Discrepancy Command If you use the -p option, even after setting the CMEXPORTFILE variable, the password is taken from the command line instead of from CMEXPORTFILE. This is not secure and we recommend that you do not use this option. The password must be provided in the file in the following format: userid password where userid is the CiscoWorks user name given in the command line. The delimiter between the userid and password is single blank space. You must provide the delimiter if the password is blank. Otherwise, cmexport will not validate the password. The password file can contain multiple entries with different user names. The password that matches the first user name is considered in case of duplicate entries. Note If -p password is used, the password is read from the command line instead of CMEXPORTFILE. This is not secure and we recommend that you do not use this option. Options The options you can specify with the Discrepancy function are: -d debuglevel Sets the debug level based on which debug information is printed. There are two levels of debuggingTRACE and DEBUG. If you do not specify the -d option, no logging will occur. -l logfile Logs the results of the cmexport command to the specified log file name. By default the command output will be displayed in the standard output. -f filename The file option specifies the filename where the XML output is to be stored. If the filename is not specified with -f option an XML file of the format timestampDiscrepancy.xml is stored in the following directory: PX_DATADIR/cmexport/Discrepancy Accessing Help Enter the following at a CLI: cmexport -h: Displays a list of options for cmexport. cmexport discrepancy -h: Displays a list of options for the cmexport discrepancy command. On Solaris, you can also enter the following at a CLI: man cmexport Examples Considering userid: admin, password:admin, filename: file1.xml, you can have the following: cmexport Discrepancy -u admin -p admin cmexport Discrepancy -u admin -p admin -f file1.xml cmexport Discrepancy -u admin -d 2
13-14 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine cmexport Manpage cmexport Manpage This sections contains: Command Line Syntax Commands Arguments and Options Accessing Help Command Line Syntax The command line syntax of the utility is in the following format: cmexport command arguments options where: cmexport is the CiscoWorks Campus Manager command line interface for exporting User Tracking, Layer 2 topology, and discrepancy data details into XML format. command specifies which core operation is to be performed. arguments are the additional parameters required for each core command. options are the optional parameters, which modify the behavior of the specific DEE core command. The order of the arguments and options is not important. However, you must enter the core command immediately after cmexport. Commands Table 13-7 lists the command part of the cmexport syntax. You must invoke the cmexport command with one of the core commands specified in the above table. If no core command is specified, cmexport can execute the -v or -h options only: Option -v displays the version of the cmexport utility. Option -h (or null option) lists the usage information of this utility. Table 13-7 Command Description Core Command Description ut Generates User Tracking data in XML format. l2topology Generates Layer 2 topology data in XML format discrepancy Generates discrepancy data in XML format
13-15 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine cmexport Manpage Arguments and Options This sections contains: Mandatory Arguments Function-Specific Options Mandatory Arguments The options that must be specified with all functions are: -u userid: Specifies the CiscoWorks userid. Optional Arguments The options you can specify with any function are: -p password Specifies the password for CiscoWorks userid. If you want to avoid -p option which will reveal the password in clear text in CLI, you must store your userid and password in a file and set a variable CMEXPORTFILE which points to this file. You must maintain this file and control access permissions to prevent unauthorized access. cmexport looks for current working directory if CMEXPORTFILE is set only to the file name instead of to the full path. If you use the -p option, even after setting the CMEXPORTFILE variable, the password is taken from the command line instead of from CMEXPORTFILE. This is not secure and we recommend that you do not use this option. The password must be provided in the file in the following format: userid password where userid is the CiscoWorks user name given in the command line. The delimiter between the userid and password is single blank space. You must provide the delimiter if the password is blank. Otherwise, cmexport will not validate the password. The password file can contain multiple entries with different user names. The password that matches the first user name is considered in case of duplicate entries. Note If -p password is used, the password is read from the command line instead of CMEXPORTFILE. This is not secure and we recommend that you do not use this option. -d debuglevel Sets the debug level based on which debug information is printed. There are two levels of debuggingTRACE and DEBUG. If you do not specify the -d option, no logging will occur. -l logfile Logs the results of the cmexport command to the specified log file name. By default the command output will be displayed in the standard output.
13-16 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine DEE Developers Reference Function-Specific Options The following function-specific option is supported -f filename If used with the: User Tracking functionSpecifies the name of the file to which the user tracking information is to be exported. Topology functionSpecifies the name of the file to which the layer 2 topology information is to be exported. Discrepancy functionSpecifies the name of the file to which the discrepancy information is to be exported. Accessing Help Enter the following at a CLI: cmexport -h: Displays a list of options for cmexport. cmexport command -h: Displays a list of options for the cmexport command. On Solaris, you can also enter the following at a CLI: man cmexport DEE Developers Reference The cmexport command exports data to XML format, as per the schema defined. When you need data only for a few columns, remove the unwanted columns in the schema file. The schema files are available in the following path in the Campus Manager Server: NMSROOT/campus/bin (Solaris) NMSROOT\campus\bin (Windows) The following are the schemas used for exporting the user tracking data in XML format: Schema for User Tracking Data User Tracking Schema for Switch Data User Tracking Schema for Phone Data User Tracking Schema for Subnet Data Schema for Topology Data Schema for Discrepancy Data Using Servlet to Export Data from Campus Manager
13-22 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine DEE Developers Reference </xs:sequence> </xs:complexType> </xs:element> <xs:element name="Best-Practices-Deviation"> <xs:complexType> <xs:sequence> <xs:element name="Details" type="xs:string" /> <xs:element name="Type" type="xs:string" /> <xs:element name="Severity"> <xs:simpleType> <xs:restriction base="xs:string"> <xs:pattern value="High" /> <xs:pattern value="Medium" /> <xs:pattern value="Low" /> </xs:restriction> </xs:simpleType> </xs:element> <xs:element name="Description" type="xs:string" /> <xs:element name="FirstFound" type="xs:string" /> <xs:element name="Acknowledged" type="xs:string" /> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="Network-Discrepancy"> <xs:complexType> <xs:sequence> <xs:element name="Details" type="xs:string" /> <xs:element name="Type" type="xs:string" /> <xs:element name="Severity"> <xs:simpleType> <xs:restriction base="xs:string"> <xs:pattern value="High" /> <xs:pattern value="Medium" /> <xs:pattern value="Low" /> </xs:restriction> </xs:simpleType> </xs:element> <xs:element name="Description" type="xs:string" /> <xs:element name="FirstFound" type="xs:string" /> <xs:element name="Acknowledged" type="xs:string" /> </xs:sequence> </xs:complexType> </xs:element> </xs:schema> Using Servlet to Export Data from Campus Manager The servlet allows you to access DEE features using simple scripts. You can invoke DEE functions by running the script that connects to Campus Manager server and retrieves the data. You can send the commands to export user tracking, topology, and discrepancy data (cmexport and utexport) as HTTP or HTTPS requests to a special Campus Manager server URL. This URL identifies a servlet that accepts the request and authenticates the requesting user's identity and credentials before authorizing the information exchange. To export User Tracking data, use UTExportServlet. To export Discrepancy and Layer 2 Topology data, use CMExportServlet. To invoke cmexport and utexport commands, the servlet requires a payload file that contains details such as:
13-23 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine DEE Developers Reference User credentials The command you want to execute. Optional details such as log and debug options as inputs in XML format. The servlet then parses the payload file encoded in XML, performs the operations, and returns the results in XML format. You must create the payload file to include the input details and submit it when you ask for servlet access. Typically, servlet access is used when you need to use the data export feature from a client system. To use DEE export features, you can write a script to upload the payload file and perform the data export functions. See the following sample scripts: Sample Perl Script (test.pl) to Access the Servlet Sample J ava Code to Access the Servlet For example, if you are using the script test.pl, you can invoke the servlet in either of these modes: HTTP Mode HTTPS Mode HTTP Mode For Discrepancy and Layer 2 topology data export, enter: perl test.pl http://campus-server:1741/campus/servlet/CMExportServlet payload.xml For User Tracking data export, enter: perl test.pl http://campus-server:1741/cmapps/UTExportServlet payload.xml HTTPS Mode For Discrepancy and Layer 2 topology data export, enter: perl test.pl https://campus-server/campus/servlet/CMExportServlet payload.xml For User Tracking data export, enter: perl test.pl https://campus-server/cmapps/UTExportServlet payload.xml Sample Perl Script (test.pl) to Access the Servlet #!/opt/CSCOpx/bin/perl
use LWP::UserAgent; $| = 1; $temp = $ARGV[0] ;
$fname = $ARGV[1] ; if ( -f $fname ) { open (FILE,"$fname") || die "File open Failed $!"; while ( <FILE> ) { $str .= $_ ; } close(FILE); } url_call($temp);
#-- Activate a CGI:
13-24 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine DEE Developers Reference sub url_call { my ($url) = @_; my $ua = new LWP::UserAgent; $ua->timeout(5000); my $hdr = new HTTP::Headers 'Content-Type' => 'text/html'; my $req = new HTTP::Request ('GET', $url, $hdr); $req->content($str); my $res = $ua->request($req); my $result; if ($res->is_error) { print "ERROR : ", $res->code, " : ", $res->message, "\n"; $result = ''; } else { $result = $res->content; if($result =~ /Authorization error/) { print "Authorization error\n"; } else { print $result ; }
} } Sample Java Code to Access the Servlet import java.io.*; import java.net.URL; import java.net.HttpURLConnection; import java.lang.String; import java.lang.Byte; class CMExportServletRun { static void main (String args[]) { try { URL url = new URL("http://localhost:1741/campus/servlet/CMExportServlet"); String payload = "adminadminut_hostdee.log1"; HttpURLConnection con; InputStream is; //opens connection to servlet con = (HttpURLConnection)url.openConnection(); con.setRequestMethod("POST"); con.setRequestProperty("Content-type", "text/xml"); con.setDoOutput(true); con.setUseCaches(false); OutputStream bos = new BufferedOutputStream(con.getOutputStream()); PrintWriter out = new PrintWriter(bos); out.println(payload); out.flush(); out.close(); //prints out response from CMExportServlet byte [] strBytes=new byte[10];
13-25 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine DEE Developers Reference int noOfBytes = 0;
is = con.getInputStream();
BufferedReader bfr = new BufferedReader(new InputStreamReader(is)); String str = null ; while ( ( str = bfr.readLine()) != null ) { System.out.println(str); } } catch (Exception e) { System.out.println(e.toString()); } } } Payload File The payload file is an XML file, which contains inputs required for the DEE servlet to process requests for data export. Schema for the payload XML file is given in Schema for Payload File. Table 13-8 describes the elements in the schema. Table 13-8 Elements in the Schema Element Description username CiscoWorks user name. password Password for CiscoWorks username. command Command inside this tag can be ut_host, ut_phone, l2topology or discrepancy. view Use this option when you specify ut_host. This is optional. This specifies the presentation of the User Tracking data in the hierarchical format with either switch or subnet as the root. queryname User Tracking host data is exported in XML format for the query provided in queryname. You can use this option when you specify ut_host layoutname User Tracking host data is exported in XML format for the layout provided in layoutname. You can use this option when you specify ut_host queryphone User Tracking phone data is exported in XML format for the query given in queryphone. You can use this option when you specify ut_phone
13-26 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 13 Data Extraction Engine DEE Developers Reference This section also describes: Sample Payload File Schema for Payload File Sample Payload File <payload> <username>username</username> <password>password</password> <command>ut_host</command> <debug>1</debug> <view></view> </payload> Schema for Payload File You can use the following schema for creating the payload file in XML format. <?xml version="1.0" encoding="UTF-8"?> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified"> <xs:element name="payload"> <xs:complex Type> <xs:sequence> <xs:element name="username" type="xs:string"/> <xs:element name="password" type="xs:string"/> <xs:element name="command" type="xs:string"/> <xs:element name="view" type="xs:string"/> <xs:element name="queryname" type="xs:string"/> <xs:element name="layoutname" type="xs:string"/> <xs:element name="queryphone" type="xs:string"/> <xs:element name="layoutphone" type="xs:string"/> <xs:element name="debug" type="xs:string"/> </xs:sequence> </xs:complex Type> </xs:element> layoutphone User Tracking phone data is exported in XML format for the layout given in layoutPhone. You can use this option when you specify ut_phone debug Optional. Debug messages can be collected only if log file is specified in the log option. The debug level could be 1 or 2. You can set the value to: 1For basic debug information. 2For detailed debug information. This is optional. Table 13-8 Elements in the Schema (continued) Element Description C H A P T E R
14-1 User Guide for Campus Manager 5.2 OL-18011-01 14 Virtual Network Manager Virtual Network Manager (VNM) complements Campus Manager by extending the features of managing an enterprise to performing an end-to-end virtualization in an enterprise network seamlessly.Virtual Network Manager (VNM) is an application that works in conjunction with Campus Manager (CM), and Resource Manager Essentials (RME). Virtual Network Manager application assesses the VRF readiness of the devices by querying the MPLS/VPN MIB details of the Cisco devices in an Enterprise Network. The MPLS/VPN MIB hosts the details of VRFs and the interfaces participating in a VRF, in an network. Virtual Network Manager generates VRF Readiness Report to provide information on the VRF readiness that help administrators identify the devices with hardware and software support available, in contrast to the required support to configure VRF. Virtual Network Manager application is used to perform VRF configurations in an enterprise network. You can perform the VRF Configurations using the following configuration workflows: Create, Edit, Extend, and Delete VRF. You can assign multiple VLANs to a single VRF instance using the Edge VLAN Configuration workflow. Virtual Network Manager provides advanced capabilities to view the virtualization status of the links connecting devices, participating in a VRF. The link virtualization status is displayed in the Map view of Topology Services in Campus Manager. It also enables administrators to debug and troubleshoot an end-to-end connectivity of VRFs configured in an enterprise network. This chapter contains the following: Understanding Virtual Network Manager Workflow Virtual Network Manager Features Using VNM Features Getting Started with Virtual Network Manager Using VNM Home Page Administering Virtual Network Manager Topology Generating Reports Troubleshooting
14-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Understanding Virtual Network Manager Workflow Understanding Virtual Network Manager Workflow The main workflow of Virtual Network Manager is demonstrated in Figure 14-1: Figure 14-1 Virtual Network Manager Workflow The main workflows in Virtual Network Manager are: 1. Launch CiscoWorks Campus Manager Go to LMS Portal and select Campus Manager. The Campus Manager Application page appears. 2. Start Data Collection Campus Manager performs the Data Collection process to manage devices. For more information on Data Collection, see Data Collection and DCR. Upon successful completion of the Data Collection process, VRF Collection process is automatically triggered by Virtual Network Manager. The VRF Collection process collects the VRF related details from devices managed by Campus Manager. 3. MPLS/VPN MIB The MPLS VPN MIB is used to retrieve the VRF-specific information from the devices. It provides information pertaining to VRFs, interfaces included in the VRF. The information retrieved is used in managing and monitoring VRFs on your network. The main process that runs in Virtual Network Manager is the VNM Server. Whenever the Data Collection process has completed (in Campus Manager), the VRF Collection process is automatically triggered by VNM Server. VNM Server process triggers VRF Collection process in VNM. The VRF Collection process collects all the VRF related information on your network. You can get the information on readiness details of the devices on which VRF can be configured. 2 7 4 8 7 0 Enterprise Network (MPLS/VPN in Cisco device) Launch Campus Manager Database Run Data Collection In CM (Triggers VRF Collection Automatically) Internetwork Performance Monitor VNM Troubleshooting VNM Configurations Resource Manager Essentials VNM Reports
14-3 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Virtual Network Manager Features 4. VNM Configurations VNM configurations provides a user-friendly interface to configure VRF on your network. VRF Configurations encompass the configuration details provided for creating, editing, extending, and deleting VRF; and assigning edge VLAN to VRF. Whenever you configure VRF, a job is created that forwards the VRF configurations to the selected devices using Resource Manager Essentials. 5. VNM Troubleshooting You can troubleshoot the VRFs configured on your network. You can check the reach ability of the devices participating in VRF on your network. You can get the real-time monitor graph of the devices and interfaces participating in a VRF with the help of Internetwork Performance Monitor (IPM). 6. Generate Reports You can schedule and generate reports. The reports generated provide comprehensive information on the VRF details collected by the VRF Collection process. The data in the report is presented in a tabular format. The following reports are generated: Readiness Report: The Readiness Report provides the VRF readiness of the devices in the network. The Readiness Report provides information of the VRF Supported and VRF Capable devices. VRF Report: The VRF report provides details of the number of devices participating in a VRF as well as the details of the VRFs span across Enterprise network. Virtual Network Manager Features Virtual Network Manager is an Enterprise solution that allows administrators to carry out end-to-end VRF configurations on your network. This section contains: Key Acronyms, Terms and Definitions VNM provides a suite of web-based network management features as mentioned below: VRF Configuration VRF Configuration encompasses the workflows used to create, edit, extend and delete VRF. Using Edge VLAN configuration, you can assign Edge VLANs to a VRF to achieve end-to-end virtualization. VRF Topology Enables you manage, view, and monitor the physical and logical services on your network. The feature helps administrators to view: VRF Capable Devices VRF Supported Devices Virtualization status of the links connecting devices participating in a VRF VRF Reports View the details of the VRF Supported devices, VRF Capable devices and other devices in your network. You can also generate VRF Reports that includes Device Based VRF report and VRF Based Report.
14-4 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Virtual Network Manager Features Troubleshooting VRF Troubleshoot end-to-end connectivity of VRF Configured devices in your network using Ping or Traceroute command. VRF Administration Enables you to schedule VRF Collection and perform application level or system level debugging settings. Scalability Limits In an Enterprise network, Virtual Network Manager is tested to support the configuration of 32 VRFs with VRF configuration supported in 550 devices in your network. However, at a given time, you can select up to 20 devices and configure VRF using the Create, Edit and Extend VRF workflow. Pre-Requisites to manage devices using VNM The pre-requisites to manage a device using Virtual Network Manager are: 1. The device must be managed by Campus Manager. 2. The device must either be L2/L3 or L3 device The devices failing to satisfy pre-requisite #1 or 2, are not displayed in Virtual Network Manager. 3. The device must have the necessary hardware support. For more information on hardware support, see http://www.cisco.com/en/US/partner/products/sw/cscowork/ps563/products_device_support_table s_list.html If the hardware of the device hardware is not supported then the device will be classified as Other devices 4. If a device does not support MPLS VPN MIB, it is classified as a Capable device. 5. VTP Server must be support MPLS VPN MIB. If the VTP Server does not support MPLS VPN MIB, VNM will not manage VTP Clients. 6. The device must be managed by RME to exercise all the functionality of VNM. Key Acronyms, Terms and Definitions The key acronyms and definitions used in the document is listed in Table 14-1. Table 14-1 Acronyms and Definitions Acronym/Term Definition VRF VPN routing or forwarding instance. A VRF includes the routing information that defines a VPN site that is attached to a PE router. This can be an IP routing table, a derived forwarding table, a set of interfaces that use the forwarding table, and a set of routing protocols that determine what goes into the forwarding table. VRF-Lite Virtual Routing and Forwarding - Lite is one of the simplest form of implementing virtualization technology in an Enterprise network.
14-5 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Features Using VNM Features To use all features and functionalities in Virtual Network Manager, you must install Resource Manager Essentials (RME) and Internetwork Performance Monitor (IPM) This section explains the following: Using VNM Features on a CiscoWorks Server with CM and RME Using VNM Features on a CiscoWorks Server with IPM Using VNM Features on a CiscoWorks Server with CM and RME If you install Campus Manager, the Data Collection process collects the device details in the network. After completion of the Data Collection process, VRF Collection process is triggered. The VRF Collection process collects the details of the VRF readiness of the network using VRF Readiness Report. For more information, see Readiness Report. When you install RME, the VRF Configuration details configured using VNM configuration workflows, are deployed to the selected devices with the help of RME. Using VNM Features on a CiscoWorks Server with IPM If you install IPM, you can cross-launch IPM and generate the Collector Report using Virtual Network Manager. The Collector Report is used to troubleshoot the VRF configured devices using the real-time graph feature provided by IPM. The following details are passed to IPM: Source device, target device, source interface, destination interface and VRF. IPM creates Collector on the devices with the details provided. After creating the Collector, a real-time graph URL is forwarded to Virtual Network Manager. VRF Collector Fetches the complete information about the VRFs from the network. VRF Supported Devices Represents the devices with necessary hardware and software support available to configure VRF. VRF Capable Devices Represents the devices with necessary hardware support available. To configure VRF on these devices, you need to update the software of these devices. Device Based VRF Report Displays the VRF details specific to the VRF configured devices selected while generating the report. VRF Based Report Displays the VRF details specific to the VRFs selected while generating the report. Acronym/Term Definition
14-6 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Advantages of Virtual Network Manager Advantages of Virtual Network Manager The following are the advantages of using VNM in an Enterprise network: Provides the information of the hardware and software readiness of the devices on which VRF can be configured Ability to discover existing VRFs on your network by running VRF Collector process Provides a user-friendly interface to perform end-to-end VRF configuration and administer VRFs in an Enterprise network seamlessly View the virtualization status of the links connecting devices in your network using Topology Services in Campus Manager Allows you to Troubleshoot VRFs in your network Provides launch points for configuring and troubleshooting VRF from Topology Services in Campus Manager Getting Started with Virtual Network Manager This section provides information to get started with Virtual Network Manager. The topics in this section are: Launching Virtual Network Manager Starting VNM Application Navigating VNM Launching Virtual Network Manager You must log into the CiscoWorks Server to access Virtual Network Manager. To prevent unauthorized access to the CiscoWorks Server, CiscoWorks applications, and data, CiscoWorks provides two user modes. For details on these, see CiscoWorks UserModes. After logging into the CiscoWorks Server, the CiscoWorks LMS Portal home page appears. The CiscoWorks LMS Portal home page has a Virtual Network Manager portlet as shown in Figure 14-2. Figure 14-2 VNM portlet To launch the Virtual Network Manager home page, select Virtual Network Manager > Home.
14-7 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Getting Started with Virtual Network Manager Starting VNM Application Virtual Network Manager provides the following tabs to perform VNM tasks: Tabs Allows you to Home Create, edit, extend and delete VRF Perform Edge VLAN Configuration View the details of the VRF configured devices on your network Summary of recently completed jobs Start VRF Collection For more details, see Using VNM Home Page. (To access the home page, select Virtual Network Manager > Home) Topology Services Manage, view, and monitor the physical and logical services on your network. You can launch Topology Services from Campus Manager. (To access Topology, select Campus Manager > Visualization > Topology Services) For more details, see Topology. Troubleshooting Troubleshoot end-to-end connectivity of VRF configured devices in your network. (To access Troubleshooting, select VNM Home > Troubleshooting) For more details, see Troubleshooting. Reports View the details of the VRF configured devices, as well as the devices on which VRF can be configured in your network. (To access Reports, select VNM Home > Reports) For more details, see Generating Reports. Admin Schedule VRF Collection process, administer VNM Purge Settings and VRF Collector Settings. You can also enable application level debugging. (To access Administration, select VNM Home > Admin) For more details, see Administering Virtual Network Manager.
14-8 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Getting Started with Virtual Network Manager Navigating VNM Virtual Network Manager provides a single User Interface (UI) to configure and manage VRF details in an Enterprise network. The features are grouped in the UI as in Table 14-2. Table 14-2 Grouping of Features in User Interface Tabs Features Action Performed Home VRF Collection Status Start VRF Collection Recently Completed J obs View Recently Completed J obs VRF Readiness Information View VRF Supported Devices View VRF Capable Devices VRF List Edit VRF Extend VRF Delete VRF View details of VRFs listed under VRF List using Show Details. Perform Edge VLAN Configuration Create VRF Topology Topology Services Launch Topology Services Launch Topology Services from Virtual Network Manager Portlet. Reports Report J obs View Virtual Network Manager J obs Report Generator Readiness Report VRF Based Report (Device Based VRF Report and VRF Based Report) Report Archives Archive Virtual Network Manager Reports Troubleshooting Troubleshooting Ping or Traceroute Show Results Administration VRF Admin VRF Collector Settings Schedule VRF Collector Configure VNM SNMP Timeouts and Retries Settings
14-9 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Using VNM Home Page The Virtual Network Manager home page is the first page that appears when you access Virtual Network Manager. The VNM home page servers as a dashboard for Virtual Network Manager application. See Figure 14-3. Using the VNM home page you can monitor and administer: VRF Collection process VRF Readiness Information Virtual Network Manager jobs VRFs on your network Configure VRFs on your network Figure 14-3 Virtual Network Manager Home Page Debugging Options VNM Server Debugging VRF Collector Debugging VRF Client Debugging VNM Utility Debugging Purge Settings Purge Settings Table 14-2 Grouping of Features in User Interface (continued) Tabs Features Action Performed
14-10 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page From this home page you can: View the VRF Collection Status of the VRF Collector process running in VNM For details, see VRF Collection Status. Obtain the VRF Readiness Information of VRF Supported devices, VRF Capable devices. For details, see VRF Readiness Information. View the Recently Completed jobs For details, see Recently Completed J obs View the VRF list of VRFs configured on a network For details, see VRF List View VRF details of the VRF configured devices For details, see Show Details You can perform the following Virtual Network Manager Tasks from the VNM home page: Create VRF enables you to create VRFs. For details, see Configuring VRF Edit VRF configuration details of VRF configured devices For details, see Editing VRF Extend VRF enables you to extend VRFs in your network For details, see Extending VRF Delete VRF For details, see Deleting VRF Assign Edge VLANs to VRF configured devices using Edge VLAN Configuration For details, see Edge VLAN Configuration You can use the Refresh icon to refresh the home page manually and get a live status of the applications. By default, the page refreshes every 45 seconds. Select the Auto Refresh check box to refresh the page automatically. The information displayed on the home page, depends on the role assigned to you. VRF Collection Status Table 14-3 describes the fields in the VRF Collection Status table. Table 14-3 Fields in VRF Collection Status Table Field Description Operation Virtual Network Manager processVRF Collector Last Completion Time Date and time when the operation was last completed. Result Displays the number of VRFs covered during the VRF collection. If you click the hyperlink, it launches VRF Based Report for all the VRFs present on your network.
14-11 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page VRF Readiness Information Table 14-4 describes the fields in the VRF Readiness Information table. Recently Completed Jobs The following jobs are scheduled to run at regular intervals: Device Based VRF Report, VRF Based Report, VRF Collector J ob, VNM, and Readiness Report. The Recently Completed J obs table displays the following details of jobs that were completed recently: J ob ID J ob Type Description Status Completed At If there are more than eight jobs, a link named More is displayed at the bottom right of the table. Click More to launch the Report J obs page. You can use the Refresh icon to refresh the home page manually and get the live status of the jobs. Status Status of the OperationRunning or Idle Action Displays Start VRF Collection hyperlink. Start VRF Collection discovers the VRFs in the network. a. Click on the hyperlink to start VRF Collection. A confirmation message appears. b. Click OK. Table 14-3 Fields in VRF Collection Status Table (continued) Field Description Table 14-4 Fields in VRF Readiness Information Table Field Description VRF Supported Devices Represents the devices with necessary hardware and software support available to configure VRF. When you click this hyperlink, the VRF Readiness Report appears. For more information on the VRF Readiness Report, see Readiness Report VRF Capable Devices Represents the devices with necessary hardware support available. However, you must update the software to configure VRF on these devices. When you click this hyperlink, the VRF Readiness Report appears. For more information on the VRF Readiness Report, see Readiness Report
14-12 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page VRF List VRF List displays the list of VRFs configured on your network: It provides the following information: Table 14-5 Fields in Recently Completed Jobs Field Description J ob ID Number of the J ob used to identify it. Clicking the J ob ID hyperlink provides a report page with the job details of all the jobs except for VRF Collector job. You cannot view the details of the VRF Collector job. J ob Type Displays information on the VNM J obs performed. J ob Type is used to differentiate the VNM jobs performed in the network. The following job types are displayed: Device Based VRF Report, VRF Based Report, VRF Collector J ob, VNM, and Readiness Report. Description Description of the recently completed jobs. Status Represents the status of the jobs completed - Succeeded or Failed. Completed At Represents the time when the job has completed. Table 14-6 VRF List Field Description VRF Name Displays the name of VRF created in your network. Each VRF Name is displayed as a hyperlink. When you click this hyperlink, the VRF Based Report page appears. For more information, see VRF Based Report. VRF Description The default description displayed is: Discovered by VNM No.of Devices The number of devices on which VRF is configured. The number is displayed as a hyperlink. If you click this hyperlink, it generates the Device Based VRF Report. For more information, see Device Based VRF Report. Rows per page By default you can select only five Rows per page to be displayed under VRF List.
14-13 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Show Details Show Details enables you to view the VRF details of the VRF listed in the VRF List. To view the VRF details: Step 1 Select a VRF in the Virtual Network Manager home page Step 2 Click Show Details The VRF Based Report page appears. For more information on the VRF Based Report page, see Interpreting VRF Based Report. Virtual Network Manager Tasks The Virtual Network Manager home page enables you to perform the following tasks: Tasks Description Administration Create VRF Displays the Create VRF page. Here, you can configure VRF on a device. For more information, see Configuring VRF Edit VRF Displays the Edit VRF page. Here, you can edit VRF configuration details on a VRF configured device in your network. For more information, see Editing VRF. Extend VRF Displays the Extend VRF page. Here, you can extend the VRF functionality in your network. For more information, see Extending VRF. Delete VRF You can select a VRF from the VRF List by checking the checkbox and clicking Delete VRF. For more information, see Deleting VRF. Edge VLAN Configuration Displays the Edge VLAN Configuration page from where you can assign VLAN access to the already configured VRF. For more information, see Edge VLAN Configuration. Reports Show Details Displays the VRF Based Report page from where you can view the VRF details of the selected VRF. For more information, see Show Details.
14-14 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Configuring VRF VNM configurations comprises of the workflows used to create, edit, extend, delete and assign Edge VLAN to VRF. The VRF Create wizard enables you to create new VRF instances on the selected devices. To navigate through the VNM Configuration workflows, click Back or Next. To exit the Configuration workflow, click Cancel. This section explains the Device Selector Device Selector To configure VRF on the devices, the devices are selected using the Device Selector. The Device Selector in all the configuration workflows displays the devices that satisfy the following condition: VRF supported devices managed by both CM and RME. Devices that are not managed by RME, are not displayed in the Device Selector. For example, if Device A and B are VRF Supported devices and Device B and C are managed by CM and RME, Device Selector will display only Device B. Layer2/Layer3 devices Layer3 devices To create VRF, the VRF Creation wizard directs you through: 1. Create VRF 2. Interface Mapping to VRF 3. Routing Protocol Configuration 4. Summary of VRFs to be Configured Create VRF In the Create VRF workflow, you can select the Layer2/Layer3 or Layer 3 devices from the Distribution Layer or the Core Layer. At a given time, you can select up to 20 devices and configure VRF on the selected devices. After selecting the devices, you can provide following details of VRF: VRF Name, Route Distinguisher and description of VRF that helps you identify the VRF that you have created. In order to understand the workflows while configuring VRF, consider the topology as shown in Figure 14-4 to demonstrate various stages involved in the VRF creation process. The topology includes devices from Distribution Layer and Core Layer.
14-15 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Figure 14-4 Virtual Network Manager Topology Here, the devices selected are 10.77.241.2 and 10.77.241.4. The interface connecting the two devices is a routed interface. If you select only one device, the VRF creation prompts you to exit the Create VRF wizard, without mapping any interface to the VRF created on the selected device. To provide end-to-end virtualization for the selected devices, you must virtualize the interfaces connecting devices selected. An interface can be mapped to a VRF in the Interface Mapping to VRF workflow. To map an interface to the VRF created (virtualize an interface), you must select at least two devices in the VRF creation wizard. Only the following users can create VRFs: Network Administrator System Administrator Super Admin. cmx-saturn 2 7 4 9 2 5 Fa0/1.3 10.77.241.7 10.77.241.2 10.77.241.3 10.77.241.11 Gig 4/2 Fa0/1 Fa4/0 Gig 4/9 Gig 4/7 Gig 1/9 10.77.241.9 cmx-mercury Fa0/0.20 Fa0/1.11 10.77.241.8 cmx-uranus Gi2/39.1 10.77.241.5 Gig 12/43 10.77.241.4 Gig 1/3 Gig 4/9 Gig 4/3 Trunk Gig 1/2 Gig 4/5 Gig 1/4 Gig 2/1 Gig 1/3 Gi1/1 Gi1/1 10.77.241.6 Routed link Trunk link Router on Stick
14-16 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page To create VRF: Step 1 Select Virtual Network Manager > Home. The Virtual Network Manager home page appears. Step 2 Click Create to create VRF. The Create VRF page appears. Step 3 Enter the details as mentioned below: Table 14-7 Settings in Create VRF Window Element Description Usage Notes Device Selector Device Selector The Device Selector displays the devices under the following groups: All Devices - Represents VRF Supported devices managed by both CM and RME Device Type Groups - Represents the devices that are grouped as Routers, Switches and Hubs, and Unknown Device Type The Device Selector enables you to search and select the devices on which VRF is to be configured. For more information on the devices listed, see Device Selector. Select the devices using the Device Selector. Click the checkbox to select the device in the groups listed and click Select. If you select only one device, the VRF creation wizard is completed without mapping any interface to the VRF created on the selected device. To map an interface to the VRF created, you must select at least two devices in the VRF creation wizard. VRF Details VRF Name Name of the VRF to be created. Valid values are alphanumeric characters. Enter the name of the VRF. This field is mandatory. Route Distinguisher (RD) Value used to distinguish routes configured in a VRF. Valid values are numeric characters. This field is mandatory. Valid values are in the format X:Y. The valid values for X is Autonomous number. X can take values from 1 to 65535 or an IP Address. The valid values for Y is a numeric value. Y can take values from 1 to 65535. For example X:Y is in the form 32:66 or 10.10.10.10:22. Note: You must enter a unique value for each VRF that is configured. Enter the Route Distinguisher value.
14-17 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Step 4 Click Next The Interface Mapping to VRF window appears. For information on Interface Mapping to VRF, see Interface Mapping to VRF. Interface Mapping to VRF The Interface Mapping to VRF window displays the Source and the Destination devices selected using Device Selector. The page also displays a list of links in the form of rows. This section contains: Current Mode Preferred Virtual Interfaces Native VLAN The Interface Mapping to VRF window is used to map an interface to a VRF. The links displayed are the interfaces connecting a Source device to the Destination device. The mapping is performed from the devices in the Distribution Layer and Core Layer. Current Mode The current mode is the existing mode of an interface connecting any two selected devices. The current mode of an interface can be either a Switched or Routed mode. Preferred Virtual Interfaces In the Interface Mapping to VRF page, while you are assigning an interface to a VRF, you are prompted to create preferred virtual interfaces on the device. VNM suggests a preferred virtual interface, in scenarios where the current mode cannot be considered for configuring VRF. The preferred virtual interfaces decide the type of virtual interface to be created, to virtualize an interface that connects the selected devices while you create VRF. The preferred virtual interfaces are based on the family of the selected devices. The preferred virtual interface type is a part of the metadata XML file. The metadata XML file is used as a repository to store information on the device types and their associated metadata while creating VRF. Description Description of VRF to be created. Valid values are alphanumeric characters. Enter the description to identify the VRF to be created. With no entry, the default description provided by VNM is VRF Created by LMS-VNM Finish Creates VRF on the selected devices without interface mapping. Click Finish to create VRF on selected devices without interface mapping. Table 14-7 Settings in Create VRF (continued) Window Element Description Usage Notes
14-18 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page VNM has defined the following preferred virtual interfaces for the devices belonging to: Cat3k and Cat4k family, SVI is a preferred virtual interface Cat 6k and Router category, Sub-interface is a preferred virtual interface Consider an example where two devices are selected. The virtual interfaces are created based on the current mode. Note The interfaces that are virutalized using VRF-Lite must be Layer 3 interfaces. In the Interface Mapping to VRF page, an interface is virtualized based on the current mode of the interface. The Interface Configuration modes are mentioned in the Table 14-8 Table 14-8 IInterface Configuration Modes Native VLAN In the Interface mapping to VRF page, when you configure the VRF details on an interface, the VRF configurations might affect the global configurations in some scenarios. Therefore, Native VLANs are used for the global configuration traffic. Consider the source device as 10.77.241.4 with source interface as Gi 1/1 and the destination device as 10.77.241.2 with destination interface as Gi 1/1 as shown in Figure 14-5 Current Mode Trunk is configured Preferred Mode VNM Configures Switched Yes SVI SVI Switched Yes SI SVI Switched No SVI Trunk, SVI Switched No SI Trunk, SVI Routed 1 N/A SVI Trunk, SVI Routed 2 N/A SI SI Routed with Sub-interface configured N/A SI SI. VNM configures with current mode Routed with Sub-interface configured N/A SVI SI.VNM configures with current mode 1. Interface is in Routed mode and the Sub-interface is not configured. 2. Interface is in Routed mode and the Sub-interface is not configured.
14-19 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Figure 14-5 Native VLAN Configuration Scenario 1: If both source and destination interfaces are in routed mode, Trunk cannot be configured on the interfaces. To configure Trunk, VNM converts the routed port of the destination interface to switch port. If a free VLAN exists, VNM converts the free VLAN to Native VLAN. Note The IP Address provided for the source and the destination interface must be within the same network. For example: If the source interface IP Address is 10.10.10.2, then the destination interface IP Address must be configured as 10.10.10.3. cmx-saturn 2 7 4 9 2 5 Fa0/1.3 10.77.241.7 10.77.241.2 10.77.241.3 10.77.241.11 Gig 4/2 Fa0/1 Fa4/0 Gig 4/9 Gig 4/7 Gig 1/9 10.77.241.9 cmx-mercury Fa0/0.20 Fa0/1.11 10.77.241.8 cmx-uranus Gi2/39.1 10.77.241.5 Gig 12/43 10.77.241.4 Gig 1/3 Gig 4/9 Gig 4/3 Trunk Gig 1/2 Gig 4/5 Gig 1/4 Gig 2/1 Gig 1/3 Gi1/1 Gi1/1 10.77.241.6 Routed link Trunk link Router on Stick Table 14-9 Scenario 1 Source Interface IP with port mode Is Trunk Preferred Mode Sub-interf ace configured Destinatio n Interface IP with port mode Is Trunk Preferred Mode Sub-interf ace configured 10.77.241. 4, Routed False SI Yes 10.77.241. 2, Routed False SVI No
14-20 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Step 1 In the Interface Mapping to VRF window, enter the details as in Table 14-10: Table 14-10 Interface Mapping to VRF Settings Window Element Description Usage Notes VRF Details VRF Name Name of the VRF to be created. Display only. Source Source Device Name Displays the Source Device name as entered in Device Credentials and Repository (DCR). Click the arrow icon to view or hide details of the interfaces that are a part of the Source device. Checkbox Allows you to select or deselect a link to be assigned to a VRF. To select, check against the interfaces listed under the device name to which they are connected. Or To deselect, uncheck against the interfaces listed under the device name to which they are connected. Interface Interface connecting the Source device. Display only. IP Address Source interface IP Address. This field is blank if the source physical interface is not configured with an IP Address. If you newly configure an IP Address, the corresponding network IP Address must be advertised. You must advertise the IP Address by manually updating the Commands field in the Routing Protocol Configuration page. Enter the IP Address. Valid IP values are the IPv4 Addresses. Destination Device Name Displays the Destination Device name as entered in Device Credentials and Repository (DCR). Display only. Interface Interface connecting the Destination device. Display only.
14-21 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Step 2 Click Next The Routing Protocol Configuration window appears. For information on Routing Protocol Configuration, see Routing Protocol Configuration. In the Create VRF workflow, when you assign an interface to a VRF, in the following scenarios, the Warning messages displayed are: IP Address Destination interface IP Address. If the destination physical interface is not configured with an IP Address, this field is blank. If you newly configure an IP Address, the corresponding network IP Address must be advertised. You must advertise the IP Address by manually updating the Commands field in the Routing Protocol Configuration page. Enter the IP Address. Valid IP values are the IPv4 Addresses. Subnet Mask Subnet mask of the interface Enter the subnet mask is Trunk Provides the status of the Trunk configuration on the associated physical interface. The following status is displayed: Not Applicable In some scenarios, Trunk configuration is not required to configure VRF True Trunk is configured on the associated physical interface Create Trunk is not configured on the associated physical interface. To configure Trunk, click Create hyperlink. After clicking Create, Trunk is created. VLAN ID VLAN ID on which VRF is configured. VLAN ID is auto-generated. The allowed range is from 1 to 4095. You can edit VLAN ID VLAN Name VLAN Name on which VRF is configured.VLAN Name is auto-generated. You can edit VLAN Name Finish Create VRF on the devices selected and maps the interfaces (connected to the de vices) to VRF without deploying the routing protocol configuration details. Click Finish. Table 14-10 Interface Mapping to VRF Settings (continued) Window Element Description Usage Notes
14-22 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Routing Protocol Configuration The Routing Protocol Configuration window is used to configure the Routing protocol to the selected devices on which VRF is configured. By default, the Routing Protocol information from the global configuration for OSPF and EIGRP protocols is displayed. Static Route Configuration VNM currently supports the following Routing Protocols: OSPF and EIGRP. You can enter the static route configuration using the Configuration Icon in the Routing Protocol Configuration page. Command Syntax ip route vrf vrfname Destination IP Address Subnet Mask Router IP Address For example: ip route vrf Red 172.16.30.0 255.255.255.0 172.16.20.2 To configure static route directly using a device, you must enter the command as mentioned in the Command Syntax in the configuration mode. Step 1 In the Routing Protocol Configuration window, enter the details as given in Table 14-12: Table 14-11 Information on Warning Messages Warning Message Scenario One link is not configured as Trunk Trunk is not configured on the selected physical interfaces displayed in the Interface Mapping to VRF window. You cannot assign VRF to the non-trunk interfaces. Some of the selected devices are isolated Reasons for warning about isolated devices are: Devices selected are not in series: At least one or more devices selected are not connected in series, so the unconnected devices get isolated. You can view these device details in Topology (Layer 2 View). or Devices with no physical connection: At least one or more selected devices is not physically connected. These devices are isolated device. You can view these device details in Topology (Unconnected View) You cannot assign VRF to interfaces for isolated devices. Table 14-12 Routing Protocol Configuration Settings Window Element Description Usage Notes Device Name Device name to which routing protocol is associated. Display only. IP Address IP Address of the device. Display only.
14-23 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Routing Protocol Routing Protocol You can configure the routing protocols on the VRF-configured devices. The drop-down list displays the routing protocols running on the selected device. VNM supports following routing protocols: OSPF EIGRP Routing Protocols listed are the protocols present in global Configuration details. You can choose the desired routing protocol. View Global Displays the VRF configuration and the global configuration details of the device name. You cannot edit these details. Click View Global to view the global configuration details. Commands Commands Displays the commands used to configure routing protocol configuration on the VRF to be created. The newly configured interface IP Address entered in the Interface Mapping to VRF page, must be advertised using this field. To edit the command details, Click Configuration Iconand enter the IP Address to be advertised. Valid IP values are the IPv4 Addresses After entering the details, click the tick mark to save the changes. Configuration Icon Enables you to edit the commands displayed in the Commands field. Click Configuration Icon to edit the Commands field details. Or To enter Static Route Configuration, click Configuration Icon, delete the commands displayed in the commands field and enter the commands mentioned in the Command Syntax. Table 14-12 Routing Protocol Configuration Settings (continued) Window Element Description Usage Notes
14-24 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Step 2 Click Next The Summary page appears. For information on Summary, see Summary of VRFs to be Configured. Summary of VRFs to be Configured The Summary page summarizes the VRF and the Protocol configuration details to be deployed on the devices selected. This section contains: Sample Summary Understanding VRF Configurations for Create VRF Note Upon successful completion of Create VRF workflow, VNM triggers the Data Collection process in Campus Manager. After the Data Collection process is complete, VNM initiates the VRF Collection process in VNM. The Sample Summary summarizes the VRF configuration details on the devices 10.77.241.2 and 10.77.241.4, connected by an interface Gi1/1. For more information, see Figure 14-5. A sample of the summary is displayed below. Sample Summary Device:10.77.241.2 ip vrf Green description Green VRF rd 60:70 vlan 4 name Vlan_4 vlan 3000 name VLANforGreenVRF interface Vlan4 ip address 20.20.20.1 255.255.255.252 Restore Default Restores Protocol configuration and clear edited Commands details to default global configuration values. Click Restore Default to restore VRF Configuration details to default global values. Finish Enables you to finish the Create VRF workflow without viewing the commands used to deploy the VRF Configurations in the Summary page. Upon clicking finish, a job is created to deploy the VRF Configuration details to the selected devices. Click Finish Table 14-12 Routing Protocol Configuration Settings (continued) Window Element Description Usage Notes
14-25 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page no shutdown interface Gi1/1 switchport trunk native vlan 4 switchport trunk allowed vlan add 4 switchport trunk allowed vlan add 3000 no shutdown interface VLAN3000 ip vrf forwarding GreenVRF ip address 20.20.20.1 255.255.255.252 no shutdown router eigrp 10 address-family ipv4 vrf GreenVRF autonomous-system 10 network 10.0.0.0 network 20.0.0.0 auto-summary eigrp router-id 10.77.241.2 eigrp stub connected summary exit-address-family Device:10.77.241.4 ip vrf GreenVRF description Green VRF rd 60:70 interface Gi1/1 no switchport interface Gi1/1.1 encapsulation dot1Q 3000 ip vrf forwarding GreenVRF ip address 20.20.20.2 255.255.255.252 no shutdown router eigrp 10 address-family ipv4 vrf GreenVRF autonomous-system 10 network 10.0.0.0 network 20.0.0.0 auto-summary eigrp router-id 10.77.241.2 eigrp stub connected summary exit-address-family Understanding VRF Configurations for Create VRF The following VRF configuration details are deployed on the selected devices and corresponding interfaces. The description of the VRF configuration details is given in Table 14-13. Table 14-13 Create VRF Configuration Command Purpose Device device name Name of the selected device ip vrf vrf-name Allows you to enter VRF configuration mode and assigns a VRF name description vrf-name Provides description of the VRF created rd route-distinguisher Creates a VPN route distinguisher
14-26 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Step 1 Click Finish A job is created to deploy the VRF configurations details to the selected devices. A confirmation message appears with the J ob ID in the Information dialog box. For example, if you create VRF Red, the message appears, Successfully created job for confirmation deployment 1051 Step 2 Click Job ID to check status of the Create VRF J ob in the Information dialog box. Step 3 Click OK in the Info dialog box. The Virtual Network Manager home page appears. Note To exit the VRF Create wizard without deploying the VRF details on the devices selected, click Cancel. Editing VRF Edit VRF enables you to edit the VRF details on the devices participating in a VRF. The Edit VRF workflow is used to edit the following details: IP Address of the interface connecting the devices that are a part of the selected VRF VLAN ID and VLAN Name Routing Protocol Configuration Exclude an interface that is a part of the selected VRF Only the following users, have the privileges to edit VRF details: Network Administrator, System Administrator and Super Admin. interface interface-id Allows you to enter the interface configuration mode and specify the Layer 3 interface to be associated with the VRF. The interface can be a routed port or SVI. encapsulation dot1Q vlan-identifier Allows you to define the encapsulation format as IEEE 802.1Q and specify the VLAN identifier. The VLAN identifier takes values ranging from 1 to 4095. ip vrf forwarding vrf-name Associates a VRF with an interface or sub-interface ip address ip-address mask Configure IP Address on an interface or sub-interface. no shutdown Enables an interface. no switchport Converts Layer 2 switch port interface to a Layer 3 routed physical interface Table 14-13 Create VRF Configuration Command Purpose
14-27 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page To edit VRF details of the VRF configured devices, the VRF Edit wizard directs you through: 1. Edit VRF 2. Interface Mapping to VRF in Edit VRF 3. Routing Protocol Configuration in Edit VRF 4. Summary of Edit VRF To edit VRF: Step 1 Select Virtual Network Manager > Home. The Virtual Network Manager Home page appears. Step 2 Select the VRF to be edited. Click the radio button against the VRF to be selected. Step 3 Click Edit VRF The Edit VRF page appears. For information on Edit VRF, see Edit VRF. Edit VRF The Edit VRF page displays the following details of the selected VRF : VRF Name, Route Distinguisher and the default description as Discovered by VNM. Devices that are a part of the selected VRF. The devices are preselected. Step 1 Provide the following details in the Edit VRF page as shown in Table 14-14: Table 14-14 Edit VRF Settings Window Element Description Usage Notes VRF Details VRF Name Name of the VRF selected. You can edit the VRF using the VRF Name drop-down list. Route Distinguisher (RD) Displays the RD value of the selected VRF. For more information on RD, see Route Distinguisher (RD). Displays the RD value of the VRF selected in the format X:Y. You cannot edit the RD value. Description Description of the selected VRF. You cannot edit the description.
14-28 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Note The Device Selector does not display the devices that are not managed by RME. Step 2 Click Next The Interface Mapping to VRF window appears. For information on Interface Mapping to VRF, see Interface Mapping to VRF in Edit VRF. Consider the devices selected for Edit VRF workflow are: source device 10.77.241.4 with source interface as Gi 1/1 and the destination device as 10.77.241.2 with destination interface as Gi 1/1 as shown in Figure 14-5. Interface Mapping to VRF in Edit VRF The Interface Mapping to VRF window displays a list of links connecting the devices, selected in the Edit VRF page, participating in the VRFs to be edited. The link details are: The links displayed, can either be virtualized with the selected VRF or unvirtualized. You can use the Interface checkbox to deselect a link. This unvirtualizes a virtualized link. The corresponding negate command is displayed in the Summary of Edit VRF page indicating that the SI or SVI has been removed. You must manually update the negate command for the routing protocols in the Commands in Edit VRF workflow. Device Selector Device Selector Device Selector displays pre-selected devices, participating in the selected VRF. The Device Selector displays the devices under the following groups: All Devices - Represents VRF Configured devices Device Type Groups - Represents the devices that are grouped as Routers, Switches and Hubs, and Unknown Device Type The Device Selector enables you to search and select the devices on which VRF must be configured to edit the VRF functionality. For more information on the devices listed, see Device Selector. The devices participating in the selected VRF are pre-selected in the Device Selector. Click the checkbox to select the device in the groups listed and click Select. You must select at least two devices to edit the virtualization of the link connecting devices participating in the selected VRF. Table 14-14 Edit VRF Settings Window Element Description Usage Notes
14-29 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page If both interfaces on either side of a link, are virtualized with a VRF, the Interface Mapping to VRF page displays the values of VLAN, SI or SVI, IP address and so on. If a link is virtualized only on one side of the interface, the same VLAN is used to virtualize the interface on the other end of the link. The VNM application will not use a new VLAN. You can edit the VLAN details in this page. The Interface Mapping to VRF window is used to map an interface to a VRF. The mapping is performed from the Distribution layer to the Core layer. It also provides information on the Source and the Destination devices associated with a link. In the Interface Mapping to VRF in Edit VRF page, while assigning an interface to a VRF, VNM suggests preferred virtual interfaces to be created on the device. For more information, see Preferred Virtual Interfaces. Step 1 In the Interface Mapping to VRF window, enter the details as given in Table 14-15: Table 14-15 Settings in Interface Mapping to VRF in Edit VRF Window Element Description Usage Notes VRF Details VRF Name Name of the VRF selected. You cannot edit this field. Source Source Device Name Displays the Source Device name as entered in Device Credentials and Repository (DCR). Click the arrow icon to view or hide SIs or SVIs that are a part of the source device, participating in the VRF selected. Checkbox Allows you to select or deselect an SI or SVI assigned to a VRF. Using Checkbox you can deselect a link to unvirtualize a virtualized link. The corresponding Negate command will be displayed in the Summary of Edit VRF page. You must manually update the negate command for the routing protocols in the Commands in Edit VRF workflow. To select, check against the SVIs or SIs listed under the device name to which they are connected. Or To deselect, uncheck against the SVIs or SIs listed under the device name to which they are connected. Interface Switch Virtual Interfaces (SVIs) or Sub-Interface (SIs) name in the Source device. Display only.
14-30 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Step 2 Click Next IP Address If the interface is virtualized, with IP Address configured, it displays an SI or SVI. You can edit the IP Address. This field is empty if the source physical interface is not configured. If you newly configure an IP Address, the corresponding network IP Address must be advertised. You must advertise the IP Address by manually updating the Commands in Edit VRF field. Enter the IP Address. Valid IP values are the IPv4 Addresses. Destination Device Name Displays the Destination Device name as entered in Device Credentials and Repository (DCR). Display only. Interface Switch Virtual Interfaces (SVIs) or Sub-Interface (SIs) name in the Destination device. Display only. IP Address If the interface is virtualized, with IP Address configured, it displays an SI or SVI. You can edit the IP Address. This field is empty if the source physical interface is not configured. If you newly configure an IP Address, the corresponding network IP Address must be advertised. You must advertise the IP Address by manually updating the Commands in Edit VRF field. Enter the IP Address. Valid IP values are the IPv4 Addresses. Subnet Mask Subnet mask of IP Address of SVI or SI Enter the subnet mask is Trunk Provides the status of the Trunk configuration on the associated physical interface. The following status is displayed: True Trunk is configured on the associated physical interface Create Trunk is not configured on the associated physical interface. To configure Trunk, click Create hyperlink. After clicking Create, Trunk is created and the corresponding link is enabled. If the Trunk creation fails, a message appears indicating the failure of Trunk creation. VLAN Name VLAN Name on which VRF is configured.VLAN Name is auto-generated. You can edit VLAN Name. VLAN ID VLAN ID on which VRF is configured. VLAN ID is auto-generated. You can edit VLAN ID. Table 14-15 Settings in Interface Mapping to VRF in Edit VRF Window Element Description Usage Notes
14-31 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page The Routing Protocol Configuration window appears. For information on Routing Protocol Configuration, see Routing Protocol Configuration in Edit VRF.
14-32 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Routing Protocol Configuration in Edit VRF The Routing Protocol Configuration window displays details of the configured Routing protocols. These protocols are associated to the individual devices that you selected. VRF is configured on these devices. The details of the routing protocol running in the global configuration, are also displayed. Step 1 the Routing Protocol Configuration window, enter the details as given in Table 14-16 Table 14-16 Routing Protocol Configuration Settings Window Element Description Usage Notes Device Name Device name to which routing protocol is associated. Display only. IP Address IP Address of the device. Display only. Routing Protocol Routing Protocol You can configure the Routing protocols on VRF-configured devices. The drop-down list displays the routing protocols running on the selected device. VNM supports following routing protocols: OSPF EIGRP Routing Protocols listed are the protocols in global configuration details. You can choose the desired routing protocol. View Global Displays the global routing protocol configuration details of the device name. You cannot edit these details. Click View Global to view the global configuration details.
14-33 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Step 2 Click Next The Summary page appears. For information on Summary, see Summary of Edit VRF Commands in Edit VRF Commands Displays the commands used to configure routing protocol configuration on the VRF to be edited. You cannot enter a value in this field. To edit the command details: Click Configuration Icon The newly configured IP Address for SIs or SVIs entered in the Interface Mapping to VRF in Edit VRF page, must be advertised using this field. To edit the command details: 1. Click Configuration Icon and enter the IP Address to be advertised. Valid IP values are the IPv4 Addresses. 2. Click the tick mark to save the changes. 3. Click the close mark to close without saving the changes. Configuration Icon Enables you to edit the commands displayed in the Commands field. Click Configuration Icon to edit the Commands field details. Or To enter Static Route Configuration, click Configuration Icon, delete the commands displayed in the commands field and enter the commands mentioned in the Command Syntax. Restore Default Restores the edited Routing Protocol configuration details to the configuration values computed in the Edit VRF workflow. Click Restore Default to restore VRF Configuration details to default Global values. Table 14-16 Routing Protocol Configuration Settings (continued) Window Element Description Usage Notes
14-34 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Summary of Edit VRF The Summary page provisions you with the VRF and the Protocol configuration details to be deployed to the selected devices. This section contains: Sample Summary for Edit VRF Understanding VRF Configurations for Edit VRF Note Upon successful completion of Edit VRF workflow, VNM triggers the Data Collection process in Campus Manager. After the Data Collection process is complete, VNM initiates the VRF Collection process in VNM. The Sample Summary summarizes the VRF configuration details on the devices 10.77.241.2 and 10.77.241.4, connected by an interface Gi1/1. For more information, see Figure 14-5. A sample of the summary is displayed below. Sample Summary for Edit VRF Device:10.77.241.2 ip vrf Green description Green VRF rd 60:70 vlan 4 name Vlan_4 vlan 3000 name VLANforGreenVRF interface Vlan4 ip address 20.20.20.1 255.255.255.252 no shutdown interface Gi1/1 switchport trunk native vlan 4 switchport trunk allowed vlan add 4 switchport trunk allowed vlan add 3000 no shutdown interface VLAN3000 ip vrf forwarding GreenVRF ip address 20.20.20.1 255.255.255.252 no shutdown router eigrp 10 address-family ipv4 vrf GreenVRF autonomous-system 10 network 10.0.0.0 network 20.0.0.0 auto-summary eigrp router-id 10.77.241.2 eigrp stub connected summary exit-address-family Device:10.77.241.4 ip vrf GreenVRF description Green VRF rd 60:70 interface Gi1/1 no switchport interface Gi1/1.1
14-35 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page encapsulation dot1Q 3000 ip vrf forwarding GreenVRF ip address 20.20.20.2 255.255.255.252 no shutdown router eigrp 10 address-family ipv4 vrf GreenVRF autonomous-system 10 network 10.0.0.0 network 20.0.0.0 auto-summary eigrp router-id 10.77.241.2 eigrp stub connected summary exit-address-family Understanding VRF Configurations for Edit VRF The VRF configuration details edited are deployed on the selected devices and corresponding interfaces. To understand the VRF configuration details edited, see Understanding VRF Configurations for Create VRF. Step 1 Click Finish A job is created to deploy the edited VRF configurations details to the selected devices. A confirmation message appears with the J ob ID in the Information dialog box. For example, if you edit VRF Red, the message appears, Successfully created job for confirmation deployment. 1053 Step 2 Click Job ID to check status of the J ob in the Info dialog box. Step 3 Click OK in the Info dialog box. The Virtual Network Manager home page appears. Extending VRF Extend VRF enables you to extend the VRF functionality across the network. You can extend VRF configuration details by selecting the devices that are neighbors to the VRF-configured devices in a network. Only the following users have privileges to extend VRF details: Network Administrator, System Administrator and Super Admin. To extend VRF functionality to other devices, the VRF Extend wizard directs you through: 1. Extend VRF 2. Interface Mapping to VRF in Extend VRF 3. Routing Protocol Configuration in Extend VRF 4. Summary of Extend VRF
14-36 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page To extend VRF: Step 1 Select Virtual Network Manager > Home. The Virtual Network Manager Home page appears. Step 2 Select the VRF to be extended to other devices in your network. Click the radio button against the VRF to be selected. Step 3 Click Extend VRF The Extend VRF page appears. For information on Extend VRF, see Extend VRF. Extend VRF The Extend VRF page displays the following details of the selected VRF: VRF Name Route Distinguisher Description To extend VRF: Step 1 Enter the following details in the Extend VRF page as shown in Table 14-17: Table 14-17 Settings in Extend VRF Window Element Description Usage Notes VRF Details VRF Name Name of the VRF selected. You can select the VRF to be extended using the VRF Name drop-down list. Route Distinguisher (RD) Displays the RD value of the VRF entered while creating a VRF. Note: You must enter a unique value for each VRF that is configured. For more information on RD, see Route Distinguisher (RD). Displays the RD value of the VRF selected in the format X:Y. You can edit the RD value. The edited RD value is applied only to the new devices that were added while extending the VRF. Description Displays the description of the VRF entered while creating a VRF. Displays the description of the VRF selected. You can edit the description. The edited description is applied only to the new devices that were added while extending the VRF.
14-37 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Note The Device Selector does not display the devices that are not managed by RME. Step 2 Click Next The Interface Mapping to VRF window appears. For information on Interface Mapping to VRF, see Interface Mapping to VRF in Extend VRF. In Extend VRF, consider the devices selected are 10.77.241.4 and 10.77.241.6. For more information, see Figure 14-6. Device Selector Device Selector Device Selector displays all the devices, except the devices participating in the selected VRF. It does not display any device that is configured with the VRF selected. The Device Selector also displays the devices under the following groups: All Devices Devices which are not participating in the selected VRF Device Type Groups Devices that are grouped as Routers, Switches and Hubs, and Unknown Device Type The Device Selector enables you to search and select the devices on which VRF must be configured to extend the VRF functionality. For more information on the devices listed, see Device Selector. Select the devices using the Device Selector. Click the checkbox to select the device in the groups listed and click Select. Table 14-17 Settings in Extend VRF (continued) Window Element Description Usage Notes
14-38 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Figure 14-6 Extend VRF workflow Interface Mapping to VRF in Extend VRF The Interface Mapping to VRF window displays a list of links that connect the devices. These are the devices that you selected using Device Selector in the Extend VRF window. The links displayed are: Links that connect the devices selected in Device Selector (in Extend VRF page) Links that connect the devices selected in Device Selector (in Extend VRF page) and the L2 neighboring VRF-configured device that is not selected in Device Selector (in Extend VRF page) If the links associated with the L2 neighboring device are configured with the selected VRF, only the link is displayed. If the neighbor device is not configured with the selected VRF and it is not selected in Device Selector, the device is not displayed in the Interface Mapping to VRF page. Note the following about links: If both interfaces on either side of a link are not virtualized with a VRF, the Interface Mapping to VRF page displays the values of VLAN, SI or SVI, IP address configured. If a link is virtualized only on one side of the interface, the same VLAN is used to virtualize the interface on the other end of the link. The VNM application will not use a new VLAN. You can edit the VLAN details in this page. cmx-saturn 2 7 4 9 2 5 Fa0/1.3 10.77.241.7 10.77.241.2 10.77.241.3 10.77.241.11 Gig 4/2 Fa0/1 Fa4/0 Gig 4/9 Gig 4/7 Gig 1/9 10.77.241.9 cmx-mercury Fa0/0.20 Fa0/1.11 10.77.241.8 cmx-uranus Gi2/39.1 10.77.241.5 Gig 12/43 10.77.241.4 Gig 1/3 Gig 4/9 Gig 4/3 Trunk Gig 1/2 Gig 4/5 Gig 1/4 Gig 2/1 Gig 1/3 Gi1/1 Gi1/1 10.77.241.6 Routed link Trunk link Router on Stick
14-39 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page You cannot exit out the extend VRF workflow while it is running by clicking Finish in the Interface Mapping to VRF window. The Interface Mapping to VRF window is used to map an interface to a VRF. The mapping is performed from the Distribution layer to the Core layer. It also provides information on the Source and the Destination devices associated with a link. In the Interface Mapping to VRF in Extend VRF page, while assigning an interface to a VRF, VNM suggests preferred virtual interfaces to be created on the device. For more information, see Preferred Virtual Interfaces. Step 1 In the Interface Mapping to VRF window, enter the details as given in Table 14-18: Table 14-18 Settings in Interface Mapping to VRF in Extend VRF Window Element Description Usage Notes VRF Details VRF Name Name of the VRF selected. You cannot edit this field. Source Source Device Name Displays the Source Device name as entered in Device Credentials and Repository (DCR). Click the arrow icon to view or hide details of the SIs or SVIs that are a part of the source device and participating in the VRF selected. Checkbox Allows you to select or deselect an SVI or SI that must be assigned to a VRF. To select, check against the SVIs or SIs listed under the device name to which they are connected. Or To deselect, uncheck against the SVIs or SIs listed under the device name to which they are connected. Interface Switch Virtual Interfaces (SVIs) or Sub-Interface (SIs) name in the source device. Display only. IP Address If the interface is virtualized, with IP Address configured, it displays an SI or SVI. You can edit the IP Address. This field is empty if the source physical interface is not configured. If you newly configure an IP Address, the corresponding network IP Address must be advertised. You must advertise the IP Address by manually updating the Commands in Extend VRF field. Enter the IP Address. Valid IP values are the IPv4 Addresses. Destination
14-40 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Step 2 Click Next The Routing Protocol Configuration window appears. For information on Routing Protocol Configuration, see Routing Protocol Configuration in Extend VRF. Device Name Displays the Destination Device name as entered in Device Credentials and Repository (DCR). Display only. Interface Switch Virtual Interfaces (SVIs) or Sub-Interface (SIs) name in the Destination device. Display only. IP Address If the interface is virtualized, with IP Address configured, it displays an SI or SVI. You can edit the IP Address. This field is empty if the source physical interface is not configured. If you newly configure an IP Address, the corresponding network IP Address must be advertised. You must advertise the IP Address by manually updating the Commands in Extend VRF field. Enter the IP Address. Enter the IP Address of the Subnet Mask Subnet mask of IP Address of SVI or SI Enter the subnet mask is Trunk Provides the status of the Trunk configuration on the associated physical interface. The following status is displayed: True Trunk is configured on the associated physical interface Create Trunk is not configured on the associated physical interface. To configure Trunk, click Create hyperlink. After clicking Create, Trunk is created. VLAN Name VLAN Name on which VRF is configured.VLAN Name is auto-generated. You can edit VLAN Name. VLAN ID VLAN ID on which VRF is configured.VLAN ID is auto-generated or configured. You can edit VLAN ID. Table 14-18 Settings in Interface Mapping to VRF in Extend VRF Window Element Description Usage Notes
14-41 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Routing Protocol Configuration in Extend VRF The Routing Protocol Configuration window displays details of the configured Routing protocols. These protocols are associated to the individual devices that you selected. VRF is configured on these devices. Details about the Routing protocol running in the global configuration table are also displayed. Step 1 In the Routing Protocol Configuration window, enter the details as given in Table 14-12: Table 14-19 Routing Protocol Configuration Settings Window Element Description Usage Notes Device Name Device name to which routing protocol is associated. Display only. IP Address IP Address of the device. Display only. Routing Protocol Routing Protocol You can configure the routing protocols on VRF-configured devices. The drop-down list displays the routing protocols running on the device selected. VNM supports following routing protocols: OSPF EIGRP Routing Protocols listed are the protocols present in global configuration details. You can choose the Routing protocol that you want. View Global Displays the VRF configuration and the global configuration details of the device name. You cannot edit these details. Click View Global to view the Global Configuration details. Commands in Extend VRF Commands Displays the commands used to configure routing protocol configuration on the VRF to be extended. You cannot enter a value in this field. To edit the command details: The newly configured IP Address for SIs or SVIs entered in the Interface Mapping to VRF in Extend VRF page, must be advertised using this field. Valid IP values are the IPv4 Addresses To edit the command details, Click Configuration Icon and enter the IP Address to be advertised. After entering the details, click the tick mark to save the changes. Click Configuration Icon and click the tick mark to save the changes.
14-42 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Step 2 Click Next The Summary window appears. For information on Summary, see Summary of Extend VRF Summary of Extend VRF The Summary window displays the VRF and the Protocol configuration details to be deployed on the selected devices. This section contains: Sample Summary for Extend VRF Understanding VRF Configurations for Extend VRF Note Upon successful completion of Extend VRF workflow, VNM triggers the Data Collection process in Campus Manager. After the Data Collection process is complete, VNM initiates the VRF Collection process in VNM. The Sample Summary summarizes the VRF configuration details on the devices 10.77.241.4 and 10.77.241.6. For more information, see Figure 14-6. A sample of the summary is displayed below. Sample Summary for Extend VRF Device:10.77.241.4 vlan 5 name Vlan_5 interface Gi1/3 switchport trunk allowed vlan add 5 interface Vlan5 ip vrf forwarding GreenVRF ip address 5.5.5.1 255.255.255.252 Configuration Icon Enables you to edit the commands displayed in the Commands field. Click Configuration Icon to edit the Commands field details. Or To enter Static Route Configuration, click Configuration Icon, delete the commands displayed in the commands field and enter the commands mentioned in the Command Syntax. Restore Default Restores Protocol configuration and clears edited Commands details to default Global Configuration values. Click Restore Default to restore VRF Configuration details to default Global values. Table 14-19 Routing Protocol Configuration Settings (continued) Window Element Description Usage Notes
14-43 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page no shutdown router eigrp 10 address-family ipv4 vrf GreenVRF autonomous-system 10 network 5.0.0.0 auto-summary eigrp router-id 10.77.241.4 eigrp stub connected summary exit-address-family Device:10.77.241.6 ip vrf GreenVRF description Green VRF rd 70:80 vlan 5 name Vlan_5 interface Gi4/9 switchport trunk allowed vlan add 5 interface Vlan5 ip vrf forwarding GreenVRF ip address 5.5.5.2 255.255.255.252 no shutdown router eigrp 10 address-family ipv4 vrf GreenVRF autonomous-system 10 network 5.0.0.0 auto-summary eigrp router-id 10.77.241.4 eigrp stub connected summary exit-address-family Understanding VRF Configurations for Extend VRF To extend VRFs to selected devices and corresponding interfaces, the VRF configuration details are deployed on the selected devices and corresponding interfaces. To understand the VRF configuration details edited, see Understanding VRF Configurations for Create VRF Step 1 Click Finish A job is created to deploy the VRF configurations details to the selected devices. A confirmation message appears with the J ob ID in the Information dialog box. For example, if you extend VRF Red, the message appears, Successfully created job for confirmation deployment.1052 Step 2 Click Job ID to check status of the J ob in the Info dialog box. Step 3 Click OK in the Information dialog box. The Virtual Network Manager home page appears.
14-44 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Deleting VRF Delete VRF workflow is used to delete the VRFs present on your network. The Delete VRF workflow enables you to: Delete VRF from the selected devices Delete virtual interfaces that are virtualized by the VRF of the selected device Delete virtualized virtual interfaces from the devices, at the other end of the physical interface that connects the selected device. For example, Device A with virtual interface (Gig5/1.1) is connected to Device B with virtual interface (Gig4/1.1). (Assume that the virtual interfaces of both devices are virtualized with the selected VRF.) If you select Device A using Device Selector, Device B will be on the other end of the physical interface that is connected to Device A. In this case, the virtual interface(Gig5/1.1) on Device A, and virtual interface(Gig4/1.1) on Device B will be deleted. You cannot delete Layer2 VLANs using the Delete VRF feature. Delete internal VLANs created for Sub-Interfaces (SIs) The following users have the privilege to delete VRF: Network Administrator and Super Admin. The user privileges mentioned is applicable for local mode only. To delete a VRF, the Deleting VRF wizard directs you through: 1. Delete VRF - Select Devices 2. Delete VRF - Summary To delete VRF: Step 1 Select Virtual Network Manager > Home. The Virtual Network Manager Home page appears. Step 2 Select the VRF to be deleted from the VRF List displayed in the home page. Click the radio button against the VRF to be selected. Step 3 Click Delete VRF Upon clicking Delete VRF, the following warning message appears: Delete VRF deletes VRF and virtualized interfaces from the selected devices. It also deletes virtualized interfaces from the devices, at the other end of the physical interface connecting the device. Click Ok. The Delete VRF : Select Devices page appears. For information on Select Devices page, see Delete VRF - Select Devices.
14-45 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Delete VRF - Select Devices The Select Devices window enables you to select the devices to delete VRF. To select the devices: Step 1 In the Select Devices window, enter the details as given in Table 14-20: Note The Device Selector does not display the devices that are not managed by RME. Step 2 Click Next The Summary window appears. For information on Summary, see Delete VRF - Summary. Table 14-20 Select Devices Settings Window Element Description Usage Notes Device Selector Device Selector Device Selector displays VRF-configured devices with selected VRF and neighboring devices. The Device Selector displays the devices under: All Devices Device Type Groups For more information on the devices listed, see Device Selector. Select the devices using the Device Selector. Click the checkbox to select the device listed in the device groups.
14-46 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Delete VRF - Summary The Summary window summarizes the commands that will be deployed on the devices to withdraw participation in a VRF. This section contains: Sample Summary for Delete VRF Understanding VRF Configurations for Delete VRF Note Upon successful completion of Delete VRF workflow, VNM triggers the Data Collection process in Campus Manager. After the Data Collection process is complete, VNM initiates the VRF Collection process in VNM. The VRF Collection process initiated depends on the settings provided in the VNM Administration. See Using VNM Administration. The Sample Summary summarizes the VRF configuration details on the devices 10.77.241.4 and 10.77.241.6. For more information, see Figure 14-6. A sample of the summary is displayed below. Sample Summary for Delete VRF Device:10.77.241.4 no interface Vlan5 no ip vrf GreenVRF Device:10.77.241.6 no interface Vlan5 no ip vrf GreenVRF Understanding VRF Configurations for Delete VRF The VRF configuration details pushed in the devices is explained in Table 14-21 To delete VRF, present on the selected devices, Click Finish in the Summary page. A job is created to delete the VRF configurations details from the selected devices. A confirmation message appears with the J ob ID in the Information dialog box. Click the J ob Id to check the status of the job. For more information, see the User Guide for CiscoWorks RME 4.3. Table 14-21 Delete VRF Configuration details Command Purpose Device device name Name of the device no interface interface-id Removes the interface_id from device name. For example, vlan 5 will be removed from device IP 10.77.241.6. no ip vrf vrf-name Deletes the VRF from the device
14-47 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Edge VLAN Configuration In an Enterprise network, end-to-end virtualization is achieved by associating a VRF instance with an SVI to map VLANs to different logical or physical VPN connections. The Edge VLAN Configuration workflow allows you to map the Access VLANs to a VRF instance there by providing end-to-end virtualization. The Access VLANs are mapped to single VRF instance by assigning it to existing Switch Virtual Interface (SVI) or new SVIs created at the Distribution Layer. A VRF instance is associated with an Switch Virtual Interface (SVI) to map VLANs to different logical or physical VPN connections. Note You can associate at most one SVI with a VLAN. The following users have the privilege to assign Edge VLAN to VRF: Network Administrator and Super Admin. These user privileges apply only to the local mode. The Edge VLAN Configuration wizard directs you through: 1. Select Devices for Edge VLAN Configuration 2. VLAN to VRF Mapping 3. Edge VLAN Configuration Summary To perform Edge VLAN Configuration: Step 1 Select Virtual Network Manager > Home. The Virtual Network Manager home page appears. Step 2 Select the VRF to be assigned to edge VLAN. Click the radio button against the VRF to be selected. Step 3 Click Edge VLAN Configuration The Edge VLAN Configuration: Select Devices page appears. For information on Select Devices, see Select Devices for Edge VLAN Configuration.
14-48 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Select Devices for Edge VLAN Configuration The Edge VLAN Configuration: Select Devices page displays a list of devices participating in the VRF selected. The devices displayed are the devices managed by RME. Note You must select the devices only from the Distribution Layer. Consider the device selected for Edit VLAN Configuration workflow, is the device 10.77.241.4 as shown in Figure 14-5. To select the devices: Step 1 In the Select Devices window, enter the details as given in Table 14-22: Note The Device Selector does not display the devices that are not managed by RME. Step 2 Click Next The Edge VLAN Configuration: VLAN to VRF Mapping page appears. For information on VLAN to VRF Mapping, see VLAN to VRF Mapping. Table 14-22 Settings of Select Devices Window Element Description Usage Notes Device Selector Device Selector Device Selector displays the devices that are a part of the selected VRF. The Device Selector displays the devices under the following groups: All Devices VRF Configured devices Device Type Groups Devices that are grouped as Routers, Switches and Hubs, and Unknown Device Type For more information on the devices listed, see Device Selector. Note: The Device Selector for the Edge VLAN Configuration workflow does not display pure L3 Devices. Select the devices using the Device Selector. Click the checkbox to select the devices listed under device groups. You must select the devices only from the Distribution Layer.
14-49 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page VLAN to VRF Mapping The Edge VLAN Configuration: VLAN to VRF Mapping page is used to map the Access VLANs to a VRF instance thereby providing an end-to-end virtualization. You can assign Edge VLAN to a VRF by associating it to a Switch Virtual Interface (SVI). The Edge VLAN Configuration: VLAN to VRF Mapping page is used to: 1. Configure SVI for new or already existing VLANs in the Distribution Layer 2. Allow VLANs in available trunk in Access Layer 3. Configure Layer 3 features The devices selected in the Select Devices for Edge VLAN Configuration are the devices from the Distribution Layer. The Edge VLAN Configuration: VLAN to VRF Mapping page displays a list of Switch Virtual Interfaces (SVIs) that are Virtualized with the VRF selected Unfertilized This section contains: Trunk Configuration Layer 3 Features The Edge VLAN Configuration: VLAN to VRF Mapping page includes the following icons: Existing VLAN icon: Used to display existing VLANs (VLAN Name) on the device. Configurations icon: Used to perform Trunk and Layer 3 feature configuration. Upon clicking the Configurations icon, the Trunk Configuration tab is selected by default and the Available Trunks page appears. Step 1 The Edge VLAN Configuration: VLAN to VRF Mapping window appears. The window displays the name of the selected VRF in the Select Devices for Edge VLAN Configuration. In this window, enter the details as given in Table 14-23. Table 14-23 Details of VLAN to VRF Mapping Window Element Description Usage Notes VRF Details VRF Name : Selected VRF Name of the VRF selected. Display only. Device Details Device Name (Hyperlink) Represents the device selected in the Device Selector. Device name of the device is displayed as a hyperlink. Click the arrow icon to view or hide details of the SVIs that are a part of the device name. If you right-click the Device name hyperlink, it displays Add SVI option. Click Add SVI option to add an SVI
14-50 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Name Represents a Switch Virtual Interface that is the logical Layer 3 interface on a switch. It displays the multiple VLANs that are carried by the physical interface. The corresponding VLAN ID and VLAN Name is populated in this page. You can view the status of the interface. It displays a tick mark if the status is up and cross mark if the status is down. Enter the SVI value. Valid values of SVI ranges from 2 to 4096. Or Select existing VLANs on your network by clicking the icon. If the existing VLAN Name is displayed in this field, you can edit this field. Edited entries will overwrite the existing VLAN Name. If the VLAN value entered is not in your network, the VNM application creates VLAN. Checkbox Allows you to virtualize or un-virtualize SVIs using the selected VRF. To virtualize an interface, check against the SVIs listed under the Device Name To un-virtualize, un-check an interface that is already virtualized with a VRF Existing VLAN icon When you click this icon, the Existing VLAN Selector page appears. This page displays the existing VLANs on the device. You can also search existing VLANs by entering the VLAN Name in the Search field. The VLANs displayed do not have an SVI/SI in the selected device. Select the desired VLAN. Upon selecting the VLAN, the corresponding VLAN Name and VLAN ID is populated in the VLAN ID and VLAN Name field. IP Address IP Address of the SVI. Enter the IP Address. Valid IP values are the IPv4 Addresses Subnet Mask Subnet mask of the SVI. Enter the Subnet mask VLAN ID VLAN ID to be assigned to a VRF. Valid values of VLAN ID ranges from 1 to 4094. Enter the VLAN ID. You cannot edit this field. VLAN Name VLAN Name to be assigned to a VRF. Enter the VLAN Name. Configurations Enables you to perform the following configurations to be associated to the corresponding SVI: Trunk and Layer 3 feature configuration. Click the Edge Interface Configuration icon to configure Trunk and Layer 3 features. For more information, see Trunk Configuration and Layer 3 Features. Table 14-23 Details of VLAN to VRF Mapping Window Element Description Usage Notes
14-51 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Trunk Configuration The Available Trunks page displays the trunks available in the selected device. It also displays the device that are neighbors to the selected device. If no trunk is available in the selected device, the Available Trunks page is blank. The VLANs in any corresponding, existing or newly created SVIs will be allowed on all the trunk interfaces, that are selected in the Trunk Configuration page. The values displayed in the Trunk Configuration page are not fetched from the selected devices. Step 2 In the Trunk Configuration page, enter the details as given in Table 14-24. Layer 3 Features Upon clicking the Layer 3 Features tab, the Layer 3 Feature page appears which enables you to configure the following Protocols and DHCP Server details for any corresponding, existing or newly created SVIs. The values displayed under Layer 3 Features tab are not fetched from the selected devices. HSRP : Hot Standby Router Protocol VRRP : Virtual Router Redundancy Protocol GLBP: Gateway Load Balancing Protocol Note The layer 3 features details are not fetched from the devices. Table 14-24 Settings of Trunk Configuration Window Element Description Usage Notes Available Trunks Interface Name Interface name on which Trunk exist. Display only. Neighbor Name Neighbor device to the selected device. Select the desired trunk in which VLAN needs to be allowed and click Apply. The Trunk configuration details entered are saved. The VLANs in the corresponding SVI will be allowed on all the trunk interfaces that are selected in the Trunk Configuration page.
14-52 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Step 3 In the Layer 3 Feature Configuration page, enter the details as given in Table 14-24 After entering the Trunk and Layer 3 Features, a new row is added on the Edge VLAN Configuration: VLAN to VRF Mapping page appears. You can enter the details in the new row to create an SVI for newly created VLAN. Step 4 Click Next The Edge VLAN Configuration: Summary page appears. For information on Summary, see Edge VLAN Configuration Summary. Table 14-25 Settings of Layer 3 Feature Configuration Window Element Description Usage Notes Layer 3 Redundancy Protocol Select Type Represents the Redundancy protocol types. HSRP : Hot Standby Router Protocol VRRP : Virtual Router Redundancy Protocol GLBP: Gateway Load Balancing Protocol Select the desired Redundancy protocol Type. Group Number Represents the group number of the protocol. A valid group number is an integer. Valid range values for corresponding Redundancy Protocols is as follows: HSRP : 0 - 4095 VRRP : 1 - 255 GLBP : 0 - 1023 Enter the Standby Group Number. Virtual Router IP Address IP Address of the Virtual Router at the edge. Enter the Virtual Router IP Address. Valid IP values are the IPv4 Addresses. DHCP Server IP Address IP Address of the DHCP Server Enter the DHCP Server IP Address and click Apply. Valid IP values are the IPv4 Addresses. After applying the Layer 3 Features configuration details, the values are saved. Click Close. The Edge VLAN Configuration: VLAN to VRF Mapping page appears.
14-53 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Edge VLAN Configuration Summary The Edge VLAN Configuration: Summary page summarizes the VRF configuration details to be deployed to the selected devices. This section contains: Sample Summary for Edge VLAN Configuration Understanding Edge VLAN Configuration Details Note Upon successful completion of Edge VLAN Configuration workflow, VNM triggers the Data Collection process in Campus Manager. After the Data Collection process is complete, VNM initiates the VRF Collection process in VNM. The Sample Summary summarizes the VRF configuration details on the device 10.77.241.2. For more information, see Figure 14-5. A sample of the summary is displayed below. Sample Summary for Edge VLAN Configuration Device:10.77.241.4 vlan 3 name VLAN0003 interface VLAN3 ip vrf forwarding GreenVRF ip address 10.77.22.3 255.255.255.2 no shutdown glbp 1 ip 10.77.22.23 ip helper-address 255.255.255.0
14-54 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Using VNM Home Page Understanding Edge VLAN Configuration Details The following VRF configuration details are pushed in the selected devices. The description of the Edge VLAN Configuration details is given in Table 14-26. To assign VLANs on the selected interfaces, to a VRF, click Finish in the Edge VLAN Configuration: Summary page. A job is created to assign edge VLAN to the selected VRF. A confirmation message appears with the J ob ID in the Information dialog box. Click the J ob ID to check the status of the job. For more information, see the User Guide for CiscoWorks RME 4.3. Table 14-26 Edge VLAN Configuration details Command Purpose ip vrf forwarding vrf-name Enters VRF configuration mode and assigns a VRF name description vrf-name Provides description of the VRF created ip address vrf-name Associates a VRF with an interface or sub-interface no shutdown Converts Layer 2 switch port interface to a Layer 3 routed physical interface glbp Enables IEEE 802.1Q encapsulation of traffic on a specified sub- interface in virtual LANs. IEEE 802.1 Q is a standard protocol for interconnecting multiple switches and routers, and for defining VLAN topologies. ip helper-address Used to enable an interface
14-55 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Administering Virtual Network Manager Administering Virtual Network Manager Network administrators can perform administrative tasks using the Administration features. Administrative tasks are setting details to schedule VRF Collector, carry out SNMP Timeouts and Retries and debug VRF Collector. This section contains: Understanding VNM Administration Using VNM Administration Using VRF Collector Settings Setting VNM Debugging Options Using Purge Settings Understanding VNM Administration VNM Administration is used to manage and monitor the VNM processes. The two processes running in Virtual Network Manager are the VNM Server and the VRF Collection process. By default, the Data Collection process is followed by the VRF Collection process. Using VNM Administration, you can automatically initiate the VRF Collection process after the Data Collection process has completed. You can do this by checking the Run VRF Collector After Every Data Collection option in the VRF Collector Schedule page. For details, see Scheduling VRF Collector. The VRF Collector process fetches VRF information in the network, specific to a device that is managed by both Campus Manager and Resource Manager Essentials. The device-specific information on the ports, VLAN and neighboring device are fetched from Campus Manager. The VRF details collected by VRF Collector are used by Virtual Network Manager to manage VRFs in a network. You can specify the following settings from Virtual Network Manager Administration: VRF Collector Settings Schedule the time intervals at which VRF Collection runs. Manage the SNMP Timeouts and Retires Settings To schedule VRF Collector, see Scheduling VRF Collector. For viewing the settings of VRF Collector Schedules, see Using the VNM J ob Browser. Set Debugging options Enable debugging for the various features in Virtual Network Manager. For details, see Setting VNM Debugging Options. Purge Settings You can configure the purge interval details using the Virtual Network Manager Report J obs and Archives. For details, see Purging VNM Reports J obs and Archived Reports.
14-56 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Administering Virtual Network Manager Using VNM Administration Using the Administration feature of Virtual Network Manager, you can: Provide VRF Collector Settings. For details, see Using VRF Collector Settings. Schedule VRF Collection. For details, see Scheduling VRF Collector. Modify SNMP Timeouts and Retries. For details, see Modifying VNM SNMP Timeouts and Retries. Specify the debugging options for VNM Server, VRF Collector, VNM Client and VNM Utility. For details, see Setting VNM Debugging Options. View the status of VNM jobs. For details, see Using the VNM J ob Browser. You can configure purging interval for Virtual Network Manager Report J obs and Archives. For details, see Purging VNM Reports J obs and Archived Reports. You can click Go to VNM Administration on any screen to go to the VNM Administration dashboard. Using VRF Collector Settings You can perform the following administrative tasks using the VRF Collector Settings page: Schedule VRF Collector You can schedule the VRF Collector process to run after every Data Collection. The VRF Collector process is scheduled to collect VRF-specific details of the VRF Capable and VRF Supported devices. You can add, edit and delete VRF Collector Schedule jobs. To schedule the VRF Collection process, click Schedule VRF Collector link. For details, see Scheduling VRF Collector. VNM SNMP Timeouts and Retries Settings You can modify the SNMP timeouts and retries when VRF Collection fails for a particular device with SNMP timeout exceptions. To modify the VNM SNMP Timeouts and Retries Settings, click VNM SNMP Timeouts and Retries Settings link. For details, see Modifying VNM SNMP Timeouts and Retries. This section explains: Scheduling VRF Collector Modifying VNM SNMP Timeouts and Retries Scheduling VRF Collector You can schedule the day and the time of VRF Collection using this feature. You can add a new schedule, edit or delete existing schedules. To schedule VRF Collector: Step 1 Select Virtual Network Manager > Administration > Schedule VRF Collector. Or Select Virtual Network Manager > Administration > VRF Collector Settings > Schedule VRF Collector. The VRF Collector Schedule dialog box appears.
14-57 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Administering Virtual Network Manager Step 2 Enter the details as mentioned in Table 14-27. Select a schedule and click Edit to edit the schedule Select a schedule and click Delete to delete the schedule Click Add to add a new schedule Step 3 Click OK to save the details Or Click Cancel to exit the VRF Collection Schedule dialog box. Click here to view the VRF Collector Schedule details in J ob Browser. For more information, see Using the VNM J ob Browser. Table 14-27 VRF Collection Schedule Settings Field Description Usage Notes Schedule Run VRF Collector After Every Data Collection Allows you to enable or disable VRF Collection after every Data Collection. The VRF Collection collects VRF-specific details. Enable: Check the checkbox to enable VRF Collection after every Data Collection and click Apply. Disable: Uncheck the checkbox to disable VRF Collection after every Data Collection and click Apply. J ob ID J ob ID of the VRF Collector Schedule job. Display only. Schedule VRF Collector Days, Hour, Min Days on which and the time at which VRF collection is scheduled. The optimum VRF collection schedule depends on the size of the network and the frequency of network changes. By default, the VRF collection process is scheduled to run after the Data Collection process has completed. Recurrence Pattern Select the days of the week on which VRF collection is to be scheduled. This field is available only when you are adding or editing a schedule. J ob Description Description of the VRF Collector Schedule job. Enter the description of the VRF Collector Schedule job.
14-58 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Administering Virtual Network Manager Modifying VNM SNMP Timeouts and Retries You can modify the SNMP timeouts and retries when VRF Collection fails for a particular device with SNMP timeout exceptions. To modify SNMP timeouts and retries: Step 1 Select Virtual Manager > Administration > VRF Collector Settings > VNM SNMP Timeouts and Retries. The VNM SNMP Timeouts and Retries dialog box appears. Step 2 Modify the SNMP settings as given in Table 14-28. Step 3 Click Add to add VNM SNMP settings. Step 4 Select a row and either: Click Edit to edit the VNM SNMP Timeouts and Retries value. Or Click Delete to delete the VNM SNMP Timeouts and Retries value. Click OK to save the changes or click Cancel to exit. Step 5 Click Apply. Table 14-28 Modify VNM SNMP Timeouts and Retries Field Description Target IP address of the target device. For example, 10.*.*.* Timeouts Time period after which the query times out. This also indicates the time interval between the request and the first initial response from the device. The SNMP response may be slow for remote devices. If your network has remote devices connected over a slow link, configure a higher value for time-out. If Time out is increased, Discovery time could also increase. Enter the value in seconds. The allowed range is 0-60. For every retry, the Timeout value is doubled. For example, If the Timeout is 10 seconds and retries 4: Virtual Network Manager waits for 10 seconds for response for the first try, 20 seconds for the second retry, 40 seconds for the third retry and 80 seconds for the fourth retry. 150 seconds (10+20+40+80) is the total time lapse after which Virtual Network Manager stops querying the device. Retries Number of attempts made to query the device. The allowed range is 0-8.
14-59 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Administering Virtual Network Manager Setting VNM Debugging Options If you face issues while running Virtual Network Manager, you can enable logging to debug the same. You can set debugging options for the following functions: VNM Server (see VNM Server Debugging Settings) VRF Collector (see VRF Collector Debugging Settings) VNM Client (see VNM Client Debugging Settings) VNM Utility (see VNM Utility Debugging Settings) You can click Reset All on the Debugging Settings page to reset the debug levels of functions listed. VNM Server Debugging Settings VNM Server is used to serve all the requests for VRF configurations tasks. The VNM Server effectively controls and handles all VRF configuration tasks that include deployment of VRF configuration details to the selected devices and interfaces using Resource Manager Essentials Application. The VNM Server also fetches the data from the VRF database for report generation. To apply the debugging level to the VNM Server: Step 1 Select Virtual Network Manager > Administration > Debugging Options > VNM Server Debugging. The VNM Server Debugging dialog box appears. The default location of the log file for VNM Server Debugging Settings is NMSROOT\log\Vnmserver.log. The Debug levels in the VNM Server Debugging Settings dialog box is as described in Table 14-29. Step 2 Select a debug level and click Apply to apply the selected debug level to the VNM Server. Table 14-29 Settings in VNM Server Debugging Field Description Debug Level INFO Only informational messages are recorded in the log file. DEBUG All messages related to VNM Server are recorded in the log file. ERROR Error is the default logging level. Messages related to fatal errors are recorded in the log file. This is the default option. Reset Click Reset to reset the debug levels applied to VNM Server, to default value.
14-60 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Administering Virtual Network Manager VRF Collector Debugging Settings VRF Collector collects all the VRF related information from the managed devices on your network. You can get the information on readiness details of the devices on which you VRF can be configured. To apply the debugging level to the VRF Collector: Step 1 Select Virtual Network Manager > Administration > VRF Collector Debugging. Or Select Virtual Network Manager > Administration > Debugging Options > VRF Collector Debugging. The VRF Collector Debugging Settings dialog box appears.The default location of the log file for VRF Collector Debugging Settings is NMSROOT\log\Vnmcollector.log. The Debug levels in the VRF Collector Debugging Settings dialog box are as given in Table 14-30: Step 2 Select a debug level and click Apply to apply the selected debug level to the VRF Collector. VNM Client Debugging Settings VNM Client refers to the Graphical User Interface (GUI) pages used to perform VNM tasks. When you use the GUI pages to perform a task, the logs specific to the tasks are recorded. The recorded logs can be debugged using VNM client debugging settings. To apply the debugging level to the VNM Client: Step 1 Select Virtual Network Manager > Administration > Debugging Options > VNM Client Debugging. The VNM Client Debugging Settings dialog box appears.The default location of the log file for VNM Client Debugging Settings is NMSROOT\log\Vnmclient.log. The Debug levels in the VNM Client Debugging Settings dialog box is as described in Table 14-31: Table 14-30 Settings in VRF Collector Debugging Field Description Debug Level INFO Only informational messages are recorded in the log file. DEBUG All messages related to VRF Collector are recorded in the log file. ERROR Error is the default logging level. Messages related to fatal errors are recorded in the log file. Reset Click Reset to reset the debug levels applied to VRF Collector, to default value.
14-61 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Administering Virtual Network Manager Step 2 Select a debug level and click Apply to apply the selected debug level to the VNM Client. VNM Utility Debugging Settings VNM Client refers to the utility classes used in VNM like DB, J RM and so on. When the utility classes are executed, the logs specific to the utility classes are recorded. The recorded logs can be debugged using VNM utility debugging settings. To apply the debugging level to the VNM Utility: Step 1 Select Virtual Network Manager > Administration > Debugging Options > VNM Utility Debugging. The VNM Utility Debugging Settings dialog box appears.The default location of the log file for VNM Client Debugging Settings is NMSROOT\log\Vnmutility.log. The Debug levels in the VNM Utility Debugging Settings dialog box is as described in Table 14-32: Step 2 Select a debug level and click Apply to apply the selected debug level to the VNM Utility. Table 14-31 Settings in VNM Client Debugging Field Description Debug Level INFO Only informational messages are recorded in the log file. DEBUG All messages related to VNM Client are recorded in the log file. ERROR Error is the default logging level. Messages related to fatal errors are recorded in the log file. This is the default option. Reset Click Reset to reset the debug levels applied to VNM Client, to default value. Table 14-32 Settings in VNM Utility Debugging Field Description Debug Level INFO Only informational messages are recorded in the log file. DEBUG All messages related to VNM Utility are recorded in the log file. ERROR Error is the default logging level. Messages related to fatal errors are recorded in the log file. This is the default option. Reset Click Reset to reset the debug levels applied to VNM Utility, to default value.
14-62 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Topology Using Purge Settings You can configure the purge interval details for Virtual Network Manager Report J obs and Archives using the Purge Settings page. For details, see Purging VNM Reports J obs and Archived Reports. Purging VNM Reports Jobs and Archived Reports You can purge VNM jobs or report archives in Virtual Network Manager. By default, purging is disabled. To enable the Purge option for VNM report jobs and archives: Step 1 Select Virtual Network Manager > Administration > Purge Settings. Alternatively, if you are in Virtual Network Manager Administration page, click Purge Settings. The Report Settings dialog box appears. Step 2 Specify the Purge Policy for archives or jobs. Step 3 Check the Purge Archives Older Than to specify the number of days, or weeks, or months to purge archives. For instance, if you select 44 days, Virtual Network Manager purges archives that are older than 44 days. Step 4 Check the Purge Jobs Older Than to specify the number of days, or weeks, or months to purge jobs. For instance, if you select 2 weeks, Virtual Network Manager purges jobs that are older than two weeks. Step 5 Click Save. Topology The Topology feature enables you to view and monitor your network. You can monitor the links and the ports of each link that is a part of a VRF that is configured in your network. To open Topology from Virtual Network Manager, in the CiscoWorks LMS Portal page, click Topology Services listed under Virtual Network Manager Portlet. The Topology feature in Virtual Network Manager in turn launches Topology Services of Campus Manager. For more information on Topology Services offered by Campus Manager, see Using Topology Services. This section contains Using Topology in VNM Using Topology in VNM You can use Topology Services in VNM to: View detailed network information about all devices, links, and ports in your network. View VRF related information in your network View VRF Supported and VRF Capable devices information in your network Display the physical and logical services in your network
14-63 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports Access Network Management tools from the Network views Segment your network logically and manage workgroups that use VLANs View port, device, and trunk attributes View and find port information in a VTP domain Configure VLANs on a trunk Display reports about inconsistencies or misconfigurations in your physical or logical network setup View bandwidth utilization across links in your network Cross-launching CiscoWorks Application from Topology The following CiscoWorks applications can be launched from Topology: Campus Manager Resource Manager Essentials Device Fault Manager Internetwork Performance Monitor CiscoWorks Assistant Health and Utilization Monitor Virtual Network Manager For complete details, see Starting CiscoWorks Applications From Topology Views. Generating Reports You can perform VNM reporting related tasks from a single location - The Reports tab (Virtual Network Manager > Reports). You can perform the following tasks: Managing Report jobs. You can view the output of the successfully completed jobs that are scheduled. See Using the VNM J ob Browser. Generating immediate reports or scheduling them to be generated later. See Using the VNM Report Generator. Managing VNM Report archives. You can view an archived report. A report is archived when a scheduled Report job is completed successfully. See Viewing VNM Archived Reports Using the VNM Job Browser The VNM J ob Browser enables you to view the status of all VNM J obs. VNM jobs are the jobs that are created for the VRF configuration workflows like Create, edit, extend and delete VRF as well as Edge VLAN Configuration jobs. The VNM J ob Browser also generates reports for VNM Report J obs that comprises of VRF Report and Readiness Report. The job details that you can view here, include the job ID, the job type, the job description, the job owner, the time the job is scheduled to run at, the time of job completion, the schedule type, the job status, run status.
14-64 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports To open the Virtual Network Manager J ob Browser, select Virtual Network Manager > Reports > Report Jobs. The Virtual Network Manager J ob Browser page appears with a detailed list of the following jobs: Device Based VRF Report VRF Based Report VRF Collector J ob VNM J obs Readiness Report. You can filter the jobs by any specified criteria using the Show Only drop-down list. Select your criteria. The jobs pertaining to that category are displayed. You can manage the VNM jobs and VNM Report jobs using the Virtual Network Manager J ob browser. You can view the output of successfully completed jobs only. Note View the Permission Report (Common Services > Server > Reports) to check whether you have the required privileges to perform this task. The VNM J ob Browser page is used to perform the following: Filter the results on the J ob Browser page using Show Only Filter Used to launch reports using View Stop a scheduled or running job using Stop J ob Delete a job using Delete J ob Retry a job using Retry J ob This page displays details as in Table 14-33: Table 14-33 VNM Job Browser Fields Description Show Only Filters results based on J ob Type. J ob ID Unique ID assigned to the VNM job when it is created. Clicking the J ob ID hyperlink provides a report page with the job details of all the jobs except for VRF Collector job. You cannot view the details of the VRF Collector job For periodic jobs such as Daily, Weekly, and so on, the job IDs are in the number.x format. The x represents the number of instances of the job. For example, 1007.4 indicates that this is the fourth instance of the job ID 1007. J ob Type Type of Report All, VRF Collector, Readiness Report, Device Based VRF Report, VRF Based Report, VNM (Create, edit, extend, delete VRF and Edge VLAN Configuration). Description Description of the job provided by the job creator. (Alphanumeric characters). Owner Username of the job creator.
14-65 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports Show Only Filter Use the Show Only drop-down list to filter results based on J ob Type. View Use to launch the respective report of the job selected in the VNM J ob Browser page. Scheduled At Date and time the job was scheduled at. Completed At Date and time the job was completed at. Schedule Type Specifies the type of schedule for the job: OnceRuns the report once at the specified date and time. DailyRuns daily at the specified time. WeeklyRuns weekly on the day of the week and at the specified time. MonthlyRuns monthly on the day of the month and at the specified time. ImmediateRuns immediately. PeriodicRuns at periodic interval as per the day, month and time specified in the schedule. For periodic jobs, the subsequent instances of jobs will run only after the earlier instance of the job is complete. Note that the schedule to run the periodic jobs might vary but the job instance for the periodic jobs remains unchanged, that is the J ob ID. Status Provides the status of the current jobs. The status of the current jobs is displayed as succeded or failed. It also displays the failure reason. Run Status J ob states include: Running Waiting for approval Scheduled (pending) Succeeded Succeeded with Info Failed Crashed Cancelled Suspended Rejected Missed Start Failed at Start Table 14-33 VNM Job Browser (continued) Fields Description
14-66 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports Stop Job You can stop a scheduled or running job from the VNM J ob Browser. Select the job and click Stop. You are prompted for a confirmation before the job is stopped. You can select only one job to stop at a given time. Periodic jobs are the jobs with the Schedule Type as Daily, Weekly, Monthly, or Quarterly. If you select a periodic job, a confirmation message appears asking if you wish to stop: This Instance Only All Future Instances If you select This Instance Only, the existing instance is stopped but the future instances of the selected job will be scheduled. If you select All Future Instances, all future instances of the selected job will be stopped. Delete Job You can delete a job from the VNM J ob Browser. Select the job and click Delete. You are prompted for a confirmation before the job is deleted. You can select more than one job to delete. Retry Job You can retry a job from the VNM J ob Browser. You can retry only jobs related to VRF configuration, you can retry only VNM J obs. Select the job and click Retry. You are prompted for a confirmation before retrying the job. You can select only one job to be retried at a given time. Using the VNM Report Generator Using the VNM Report Generator, you can generate immediate reports or schedule reports to be run at a later time. This section explains: Readiness Report Interpreting VRF Readiness Report VRF Report Device Based VRF Report Interpreting Device Based VRF Report VRF Based Report Interpreting VRF Based Report
14-67 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports You can generate reports for the following: Readiness Report VRF Report Device Based VRF Report VRF Based Report To use the VNM Report Generator: Step 1 Select Virtual Network Manager > Reports > Report Generator. The Virtual Network Manager Report Generator page appears. Step 2 From the first drop-down list, select the application for which you want to generate a report. VNM Reports is selected by default. Step 3 Select a report from the list of available reports for the selected application. To generate: Readiness Report VRF Report Step 4 Click Submit. The report is generated if the Run Type is set to Immediate. For any other Run Type, the report is created as a job. You can view the job from the VNM J ob Browser (Virtual Network Manager > Reports > Report Jobs). To reset the devices selected or the details provided in the VRF Reports page to default report settings, click Reset. Readiness Report The Readiness report provides the devices details that comply with the basic hardware and software support available, in contrast to the required support on the devices to configure VRF. These details help you to identify the devices on which VRF can be configured. The VRF Readiness Report also allows you to upgrade the software support of the device by using RME device image upgradation. The Readiness report provides information about the following devices: VRF Capable devices Represents the devices with necessary hardware support available. However, you must update the software to configure VRF on these devices. VRF Supported devices Represents the devices with hardware and software support available to configure VRF. Other devices Represents the devices without necessary hardware support, required to configure VRF. These devices are managed by Campus Manager.
14-68 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports For more information on the pre-requisites to manage devices using Virtual Network Manager, see Pre-Requisites to manage devices using VNM. You can export the Readiness Report to CSV format by clicking the Export icon on the report page. You can also print the report by clicking the printer icon on the report page. Step 1 Select Virtual Network Manager > Reports > Report Generator. The VNM Report Generator page appears. Step 2 Select VNM Reports from the Select An Application drop-down list. Step 3 Select Readiness Report from Select a Report drop-down list. The Readiness Report page appears. Step 4 Select a device from the Device Selector list. The devices that are managed by Campus Manager is listed in the Device Selector. Step 5 Select the Scheduling Type. The default scheduling type is Immediate. You can set the time and date if you select any of the following scheduling types: Once, Daily, Weekly, Monthly. Step 6 Enter a description for your job in the J ob Description field and enter the e-mail address to which the details have to be sent. Step 7 Click Submit. For more information on the Readiness report, see Interpreting VRF Readiness Report. Interpreting VRF Readiness Report The Readiness report provides information on the devices that are categorized as: VRF Capable devices VRF Supported devices Other devices To view the Readiness report for the above devices categories, click the number displayed against the each device category. The report for the devices is displayed in a table with the following table headings for the device categories: Devices VRF Capable [H/W Supported, S/W update required] Devices VRF Supported [H/W and S/W Supported] Other devices [H/W Unsupported] You can also scroll the page to view the report for respective devices. The VRF Readiness report contains the following information for a device:
14-69 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports Table 14-34 displays details of the columns in the VRF Readiness report. Table 14-34 Readiness Reports Column Description Fields Description Summary Devices VRF Capable[H/W Supported, S/W update required] Displays the number of VRF Capable devices in the network. Click this to view the Readiness information of VRF capable devices. Devices VRF Supported [H/W and S/W Supported] Displays the number of VRF Supported devices in the network. Click this to view the Readiness information of VRF supported devices. Other Devices [H/W Unsupported] Displays the number of other devices managed by CM in the network. Click this to view the Readiness information of other devices. Devices VRF Capable [H/W Supported, S/W update required] IPAddress IP address of VRF Capable device. Valid IP values are the IPv4 Addresses DeviceName Name corresponding to IP address of device. SysLocation Represents the location of the device. SysLocation details is collected from the device Device Type Type of the device. Image Image of the VRF Capable devices. Minimum Supported Image Provides the minimum required image details. Remarks Displays the information of the device as mentioned in the database managed by VNM. Upgrade The Upgrade button is enabled only if RME is installed. If RME is not installed, this button is disabled. Enables you to upgrade the software support of the device by using RME device image up gradation. Select the device for which software needs to be upgraded and click Upgrade. The device that is upgraded from VRF Capable to VRF Supported device, must support the MPLS VPN MIB. For more information on the Management Information Base (MIB), refer http://tools.cisco.com/ITDIT/MIBS/MainServlet Devices VRF Supported [H/W and S/W Supported] IPAddress IP address of VRF supported device. Valid IP values are the IPv4 Addresses DeviceName Name corresponding to IP address of device. SysLocation Represents the location of the device. SysLocation details is collected from the device. Device Type Type of the device. Image Image of the VRF Supported devices.
14-70 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports VRF Report VRF Report provides the VRF - specific details deployed on the devices that are participating in a VRF. You can generate the following two reports using the VRF report: Device Based VRF Report VRF Based Report To generate a report: Step 1 Select Virtual Network Manager > Reports > Report Generator. The VNM Report Generator page appears. Step 2 Select VNM Reports from the Select An Application drop-down list. Step 3 Select VRF Report from Select a Report drop-down list. The VRF Report page appears. To generate the following reports: Device based VRF report, see Device Based VRF Report VRF Based Report, see VRF Based Report Device Based VRF Report The Device Based VRF Report displays the VRF details, specific to the VRF Configured devices selected using the Device Selector option present in the VRF Report page. You can export the Device Based VRF Report to CSV format by clicking the Export icon on the report page. You can also print the report by clicking the printer icon on the report page. To generate a Device Based VRF report: Step 1 Select Virtual Network Manager > Reports > Report Generator. The VNM Report Generator page appears. Step 2 Select VNM Reports from the Select An Application drop-down list. Step 3 Select VRF Report from Select a Report drop-down list. Other Devices [H/W Unsupported] IPAddress IP address of other device. Valid IP values are the IPv4 Addresses. DeviceName Name corresponding to IP address of device. SysLocation Represents the location of the device. SysLocation details is collected from the device. Device Type Type of the device Image Image of Other (Hardware unsupported) devices. Table 14-34 Readiness Reports Column Description (continued) Fields Description
14-71 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports The VRF Report page appears. Step 4 Select Device Selector Step 5 Select a device from the Device Selector list. The Device Selector displays the devices satisfying the following conditions: Devices managed by CM Hardware and Software supported devices The devices displayed are categorized only in two groups: All Devices Device Type Groups Step 6 Select Scheduling Type. The default scheduling type is Immediate. You can set the time and date if you select any of the following scheduling types: Once, Daily, Weekly, or Monthly. Step 7 Enter a description for your job in the J ob Description field and enter the e-mail address to which the details have to be sent. Step 8 Click Submit. The Device Based VRF Report page appears. For more information on the Device Based VRF Based report, see Interpreting Device Based VRF Report. Interpreting Device Based VRF Report The Device Based VRF Report provides VRF details specific to the VRF configured devices selected in the Device Selector. To view VRF Based Report, specific to a device listed under Selected Devices, click the device name link in the left pane in the Virtual Network Manager Report page. You can also search the device name listed under Selected Devices by using the Search field. To search the devices, enter the device name in the Search field. This section contains: Export Device Based VRF Report Print Device Based VRF Report
14-72 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports The Device Based VRF Report (Table 14-35) contains the following information for a device: Export Device Based VRF Report When you click the export icon, the Exporting Report page appears. The report is exported in CSV format that is selected by default. The Exporting Report page has the following two options: Selected Device Name Represents the selected device name All Represents all the selected devices Select the option you want and click Ok. Table 14-35 Device Based VRF Reports Column Description Fields Description Device Name Displays the device name of the VRF Configured device. IP Address Displays the device IP Address of the VRF Configured device. VRF Details VRF Name Displays the VRF name configured on the device. Click the VRF Name hyperlink to launch the VRF Based Report. Click the arrow icon to view or hide details of the Sub-Interface (SIs) or Switch Virtual Interfaces (SVIs) that are a part of the device and are mapped to the VRF Name. You can view the following details: SIs or SVIs, Physical Interface, IP Address of the physical interface, VLAN, IGP Enabled, and L2 Neighbor associated to the VRF Name. VRF RD Displays the RD value of the VRF in your network. Routing Protocols Displays the Routing Protocols associated to the VRF Name. Number of Mapped Interfaces Displays the count of number of SIs or SVIs participating in a VRF, specific to the VRF Name. SI/SVI Details SI/SVI Sub-Interface (SIs) or Switch Virtual Interfaces (SVIs) name in the device specific to the VRF Name. Physical Interface Represents the parent interface of the SI or SVI. It displays the parent interface status within parenthesis. If multiple interfaces are present, the interfaces are listed. It displays the following status: UP- If the physical interface is up and running DOWN- If the physical interface is down IP Address Represents the IP Address of the SI or SVI. VLAN Represents the VLAN Name associated with the SI or SVI. IGP Enabled Displays the protocol associated with the SI or SVI. L2 Neighbor Displays the L2 Neighbor IP Address of the physical interface.
14-73 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports Print Device Based VRF Report When you click the print icon, the Printing Report page appears. The Printing Report page has the following two options: Selected Device Name Represents the selected device name All Represents all the selected devices Select the option you want and click Ok. VRF Based Report The VRF Based Report displays the VRF details that are specific to the VRFs selected. To access this page, select the VRF Selector option present in the VRF Report page. It provides the following information: Devices participating in the selected VRF Sub-interface or switch virtual interfaces present in the device specific to the VRF Name Parent interface of the SI or SVI, along with the status of the parent interface if it up or down VLANs associated with the SI or SVI Protocol running on the SI or SVI Devices that act as L2 Neighbor to the physical interface You can export the VRF Based Report to CSV format by clicking the Export icon on the report page. You can print the report by clicking the Printer icon on the report page. To generate a VRF Based Report: Step 1 Select Virtual Network Manager > Reports > Report Generator. The VNM Report Generator page appears. Step 2 Select VNM Reports from the Select An Application drop-down list. Step 3 Select VRF Report from Select a Report drop-down list. The VRF Report page appears. Step 4 Select VRF Selector. VRF Selector displays the VRFs in your network. Step 5 Select a VRF from the VRF Selector list. Step 6 Select the Scheduling Type. The default scheduling type is Immediate. You can set the time and date if you select any of the following scheduling types: Once, Daily, Weekly, Monthly. Step 7 Enter a description for your job in the J ob Description field and enter the e-mail address to which the details have to be sent. Step 8 Click Submit. The VRF Based Report page appears. For more information on the VRF Based Report, see Interpreting VRF Based Report.
14-74 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports Interpreting VRF Based Report The VRF Based Report provides Device details specific to the VRFs selected in the VRF Selector. To view the VRF Based Report for a VRF, click the VRF name in the left pane displayed in the Virtual Network Manager Report page. You can also scroll the page to view the report for respective VRFs. You can also search the VRF name listed under Selected VRFs by using the Search field. To search the VRFs, enter the VRF name in the Search field. This section contains: Export VRF Based Report Print VRF Based Report Table 14-36 displays details of the columns in the VRF Based Report. Table 14-36 VRF Based Reports Column Description Fields Description VRF Name Displays the VRF name selected in the VRF selector. Click the VRF Name hyperlink to launch the VRF Based Report. Route Distinguisher Displays the Route Distinguisher value of the VRF Name. Device Details IP Address Displays the IP Address (link) of the device participating in a VRF. If you click on the IP Address link, Device Center page is launched. Click the arrow icon to view or hide details of the Sub-Interface (SIs) or Switch Virtual Interfaces (SVIs) that are a part of the VRF configured device. You can view the following details: SIs or SVIs, Physical Interface, IP Address of the physical interface, VLAN, IGP Enabled, and L2 Neighbor associated to the VRF Name. Device Name Represents the name of the device, in the form of a link, participating in a VRF. If you click on the Device Name link, Device Center page is launched. Device Type Represents the Type of the Device. Number of Mapped Interfaces Displays the count of number of SIs or SVIs participating in a VRF, specific to the VRF Name. SI/SVI Details SI/SVI Sub-Interface (SIs) or Switch Virtual Interfaces (SVIs) name present in the device specific to the VRF Name. Physical Interface Represents the parent interface of the SI or SVI. It displays the parent interface status within parenthesis. If multiple interfaces are present, the interfaces are listed. It displays the following status: UP- If the physical interface is up and running DOWN- If the physical interface is down IP Address Represents the IP Address of the SI or SVI.
14-75 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports Export VRF Based Report When you click the export icon, the Exporting Report page appears. The Report is exported in the CSV format with CSV format selected by default. The Selected VRFs has following two options: Selected VRFs Represents the selected VRF name All Represents all the Selected VRFs Select the desired option and click Ok. Print VRF Based Report When you click the print icon, the Printing Report page appears. The page displays the following two options: Selected VRFs Represents the selected VRF name All Represents all the Selected VRFs Select the desired option and click Ok. VLAN Represents the VLAN Name associated with the SI or SVI. IGP Enabled Displays the protocol associated with the SI or SVI. L2 Neighbor Displays the L2 Neighbor IP Address of the physical interface. Table 14-36 VRF Based Reports Column Description (continued) Fields Description
14-76 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Generating Reports Viewing VNM Archived Reports The report output that is created from a scheduled report is stored in the VNM Reports archive. The archive displays the list for completed VNM report jobs and you can view or delete them. Note Only successfully completed jobs are archived. To view or delete archived reports: Step 1 Select Virtual Network Manager > Reports > Report Archives. The Virtual Network Manager Report Archives page displays all archived reports. The columns in the Archives dialog box are: Step 2 Select the required report. Step 3 Click View. The archived report that you selected, appears. If you want to delete an archived report, select the report and click Delete. You are prompted to confirm the deletion. Note Immediate Run Type reports are not archived by Virtual Network Manager. Table 14-37 Virtual Network Manager Report Archives Column Description Report Description Description of the report, that was entered at creation time. Report Type Type of Archived Report Readiness Report, Device Based VRF Report, VRF Based Report, and so on. Creation Time The date (yyyy-mm-dd) and the time (hh:mm:ss) the report was created.
14-77 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Troubleshooting Troubleshooting Network administrators can verify the end-to-end connectivity of the VRF configured devices using the Troubleshooting feature. You can check the device reachability of VRF configured devices participating in a VRF. This section contains: Ping or Traceroute Show Results Ping or Traceroute The following section explains the usage of Ping or Traceroute command in Virtual Network Manager. Ping The ping command allows you to check the VRF connectivity between the source device and the destination device that are a part of the selected VRF, at various locations on the network. OR Ping is used to check the accessibility of devices in a VRF configured network. The ping command sends an echo request out to a remote device (part of the selected VRF) at an IP address that you specify. If the destination interfaces is not reachable, the packets are lost and displays if the packets have succeeded or failed. Ping is used to check the accessibility of devices in a VRF configured network. You can test the device reachability from the Source to the Destination device. Traceroute Displays a list of the routes traversed by the data packet to reach the Destination device in a particular VRF. To use Ping or Traceroute: Step 1 Click the Troubleshooting Tab in the Virtual Network Manager home page. The Ping or Traceroute page appears with Ping or Traceroute option selected by default. Step 2 Enter the required information as given in Table 14-38. Table 14-38 Ping or Traceroute Settings Window Element Description Usage Notes Operation Represents the process used to troubleshoot VRF. Operation are: Ping Traceroute Click the process you want to run for troubleshooting the devices Enable Bi-directional Enables Bi-directional troubleshooting for Traceroute only. This option does not support Ping command. Check the Enable Bi-directional Ping checkbox to enable bi-directional Traceroute Source Device
14-78 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Troubleshooting Source Device Source Device details. Click Select to select the VRF configured device you want to troubleshoot. The Device Selector dialog box appears in the Device selector window. Or Enter the Source Device details. Select a device using Select. A Device Selector appears on the screen. Click the radio button to select the devices listed in the device selector. Or Enter the Source device name. If you enter first four characters, it populates ten device names. VRF Details VRF Displays the VRFs configured in all devices on the network. The details provided are from the global table. If you select Global Table, the global table is used for troubleshooting with all the interfaces, that are not assigned to any VRF, will be populated in the Source and Destination Interface fields. From the VRF drop-down list, choose the VRF you want to troubleshoot. Destination Device Destination Device Comprises the combination of: VRF configured devices, specific to the VRF selected in the VRF drop-down list and Excludes the Source Devices For example: Consider device A and B as VRF configured devices where device B is configured with VRF Name as Red. If you select Device A from the source and VRF Red from the VRF drop-down list, the Device Selector of the Destination Device, displays only Device B. Select the devices using the Device Selector. Click the radio button to select the device in the groups listed and click Select. Or Enter the Destination device name. If you enter the first four characters, it suggests the device names. Interface Details Source Interface Displays all the interfaces in the Source device. If you select a source interface, data packets will be routed through the selected source interface to execute Ping command. From the Source Interface drop-down list, choose the Source interface Table 14-38 Ping or Traceroute Settings (continued) Window Element Description Usage Notes
14-79 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Troubleshooting Step 3 Click Ping or Traceroute to run the Troubleshooting process. Sample Ping cmx-uranus#ping vrf GreenVRF 10.77.22.2 source 10.77.22.3 Primary Login Succeeded / Primary Enable Succeeded Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.77.22.2, timeout is 2 seconds: Packet sent with a source address of 10.77.22.3.!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms PE3745-L3-2# **************************************************************************************** Understanding Ping Commands The following VRF configuration details are pushed in the selected devices. The description of the VRF configuration details is given in Destination Interface Displays all interfaces connected to the Destination device From the Destination Interface drop-down list, choose the Destination interface View Command Displays the command used to: Ping or Traceroute Click View Command to view the commands used to Ping or Traceroute Monitor Real Time Enables you to view the real-time status of the interfaces of the VRF-configured devices. The details about the real-time status is retrieved using IPM and the status is displayed in a graphical format. Click Monitor Real Time Ping or Traceroute Ping or Traceroute command is executed. Click Ping or Traceroute Result Shows the result of VNM Troubleshooting processes- Ping or Traceroute. Display only. Reset Resets the details provided to Ping or Traceroute. Click Reset Clear Result Clears the result displayed in Result field of Ping or Traceroute page Click Clear Result to clear the result Table 14-38 Ping or Traceroute Settings (continued) Window Element Description Usage Notes Table 14-39 Ping Command details Command Purpose ping vrf vrf-name ip-address Pings an IP Address that has a specific VRF ping destination interface source source interface Allows you to enter the interface configuration mode and specify the Layer 3 interface to be associated with the VRF. The interface can be a routed port or SVI.
14-80 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Troubleshooting Show Results To use Show Results: Step 1 Click the Troubleshooting Tab in the Virtual Network Manager home page. The Ping or Traceroute page appears. Step 2 Select Troubleshooting > Show Results The Show Results page appears. Step 3 Enter the required information as given in Table 14-40.
14-81 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Troubleshooting Table 14-40 Settings in Show Results Window Element Description Usage Notes Source Device Source Device details. Click Select to select the VRF configured device you want to troubleshoot. The Device Selector window appears. Or Enter the Source device name. Select a device using Select. A Device Selector appears on the screen. Click the radio button to select the devices listed in the device selector. Or Enter the Source device name. If you enter first four characters, it populates ten device names. Routing Protocol Represents the Routing Protocols used to troubleshoot VNM. The Routing protocols used are: OSPF EIGRP Click the Routing Protocol you want to use to troubleshoot the devices. View Command Displays the show command specific to a VRF. For OSPF, the commands used are: show ip protocol vrf vrf name show ip OSPF For EIGRP, the commands used are: show ip eigrp vrf vrf name neighbors Here, neighbor refers to the neighboring devices that participate in a VRF. Click View Command to view the show commands specific to a VRF
14-82 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 14 Virtual Network Manager Troubleshooting Sample of Show Results cmx-uranus# show ip eigrp vrf Green neighbors Primary Login Succeeded / Primary Enable Succeeded IP-EIGRP neighbors for process 65 PE3745-L3-2# ******************************************************************************** Understanding Commands in Show Results The following VRF configuration details are fetched from selected devices. The description of the VRF show results details is given in Show Results Displays the result of VRF-specific show commands. Click Show Results The result is displayed in the Result pane. Result Shows the result of the show commands for a particular VRF. Display only. Reset Resets the details in the Show Command page. Click Reset Clear Result Clears the result displayed in Result pane in the Show Results page Click Clear Result Window Element Description Usage Notes Table 14-41 Show Results details Command Purpose show ip vrf vrf-name Displays the set of VRFs and interfaces show ip route vrf vrf-name Displays the IP routing table for a VRF show ip protocols vrf vrf-name Displays the routing protocol information associated with the VRF show ip OSPF Verifies the configuration of the OSPF network show ip eigrp vrf vrf-name neighbor Displays the Enhanced Interior Gateway Routing Protocol (EIGRP) neighbors that are on the interfaces and part of the specified VRF instance. It is also used to debug certain type of transport problems. C H A P T E R
15-1 User Guide for Campus Manager 5.2 OL-18011-01 15 Troubleshooting and FAQs This chapter is frequently updated with latest technical FAQs and troubleshooting tips. This section contains: Troubleshooting FAQs Troubleshooting This section includes the troubleshooting tips for the following features in Campus Manager Application: User Tracking Topology Services User Tracking Use the information in Table 15-1 to troubleshoot the User Tracking application. Table 15-1 Troubleshooting User Tracking Symptom Probable Cause Possible Solution User Tracking cannot discover any users or hosts or User Tracking cannot display any IP phones. There may not be information in the Campus Manager database. The device might not be part of DCR and you must run Device Discovery and Data Collection. For more details, see Understanding Campus Manager Administration. User Tracking cannot discover certain users or hosts. The Campus Manager server might not have discovered one or more devices to which users and hosts are connected. 1. Check the CiscoWorks topology for the missing devices 2. Ensure that CDP and SNMP are enabled on the devices, rediscover these devices, 3. Verify that they appear on the topology view.
15-2 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs Troubleshooting User Tracking cannot discover certain IP phones. The Campus Manager server might not have discovered the specific Media Convergence Server (MCS) that runs the instance of Cisco CallManager to which the IP phones are registered. 1. Check the CiscoWorks topology for the missing MCS that runs the instance of Cisco CallManager to which the phones are registered. 2. Ensure that Cisco CallManager is shown as a service running on the MCS and is discovered by the Campus Manager Server. 3. Rediscover all IP phones. User Tracking table does not contain device name, IP address, and subnet information for some hosts. User Tracking cannot find the most recent network information. Network changes are not currently reflected in ARP information (routers) or bridge tables (switches). User Tracking does not perform Ping Sweep on large subnets; for example, subnets containing Class A and B addresses. Hence, ARP cache might not have some IP addresses and the User Tracking may not display the IP addresses. In larger subnets, the ping process leads to numerous ping responses that might increase the traffic on your network and result in extensive use of network resources. Enable Ping Sweeps when User Tracking performs Discovery. Ping Sweeps are enabled by default. To perform Ping Sweep on larger subnets, you can either: Configure a higher value for the ARP cache time-out on the routers. To configure the value, you must use the arp time-out interface configuration command on devices running Cisco IOS. Or Use any external software, which will enable you to ping the host IP addresses. This will ensure that when you run User Tracking Acquisition, the ARP cache of the router contains the IP addresses. You have: Made changes to the network. Run User Tracking Major Acquisition. The changes do not appear in the User Tracking display. A complete Device Discovery process has not run since you added your changes. User Tracking Major Acquisition is not a full network discovery. The process discovers only the user and host data in your network. Changes that you make to your network might not appear after a User Tracking Major Acquisition. 1. Run Device Discovery from Common Services. 2. Run a complete Data collection. 3. Generate a new report after data collection is complete to see the changes. Table 15-1 Troubleshooting User Tracking (continued) Symptom Probable Cause Possible Solution
15-3 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs Troubleshooting Topology Services To troubleshoot Topology Services, see Troubleshooting Time Domain Reflectometry Reports Troubleshooting Time Domain Reflectometry Reports Time Domain Reflectometry (TDR) report does not display any entries when you run TDR Cable Diagnostic Test on devices that support TDR. This occurs even if Campus Manager supports the CISCO-CABLE-DIAG-MIB, and if the read and write community strings are correct. For more details on running TDR test on devices, see Running TDR Test for a Link. When the TDR test fails, the following error message appears: Unable to get TDR related information from one or more devices. Probable Cause One or more devices: -May not support TDR -May be Unreachable -have incorrect read/write credentials in DCR Recommended Action Do the following: 1. Enter correct credentials in DCR. 2. Initiate Data Collection for the devices. 3. Run TDR report. In the log file for Data Collection, you can find the error message: ERROR: Unable to get Running Status of TDR Test. Probable Cause: Time Taken to complete the TDR test in the device takes long time/Mib support is not available/ Device is not SNMP reachable Action : Add the property TDRTestTimeout and set value for the property in ANIServer.properties to value greater than 7000 and restart ANIServer process.Check SNMP reachability/Check TDR Support on the device To view the log file for Data Collection, go to: Solaris: /var/adm/CSCOpx/log/ani.log Windows: NMSROOT/log/ani.log, where ani.log is the default filename for the log file for Data Collection. Probable Cause When you run TDR Cable Diagnostic Test from Campus Manager, the report generation might take a long time. The default time value set for generating the report is seven seconds. Hence, when TDR test takes more than seven seconds, the process times out and Campus Manager does not generate the report. Possible Solution When the TDR report does not generate data, you must modify the ANIServer.properties file. To modify the file, you must: Step 1 Stop the ANI server. Step 2 Enter pdterm ANIServer at the command line to stop the ANI server. Step 3 Go to NMSROOT/campus/etc/cwsi/ANIServer.properties.
15-4 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs Troubleshooting Step 4 Enter TDRTest.Timeout=greater that 7000 property in the ANIServer.properties file. For example, the value can be TDRTest.Timeout=10000. Step 5 Start the ANI server. Step 6 Enter pdexec ANIServer at the command line to start the ANI server. VLAN Port Assignment Use the information in the Table 15-2 to troubleshoot the VLAN Port Assignment application. Table 15-2 Troubleshooting VLAN Port Assignment Symptom Probable Cause Possible Solution VLAN Port Assignment starts, but shows an error message. Server process is not running. Confirm that the Campus Database engine and the Campus Server are running. VTP Domain drop-down list box is empty and the following error message appears: Discovery seed not defined for ANI Server A seed device is not specified for the ANI Server. Add a seed device. See ANI Server online help for more information about adding a seed device. See the User Guide for CiscoWorks Common Services or the Online help for Campus Manager 5.0 for more information about adding a seed device. VTP Domain drop-down list box is blank and the following message appears: ANI is still in the discovery process. Please wait. The initial Device Discovery is not complete. Wait for the ANI status bar to display Idle. The message Operation Failure appears when you try to move a port. The operation failed for various reasons. Click Details to display the cause of the failure.
15-5 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs FAQs FAQs This section includes the frequently asked questions and answers for the following features: The queries are available for the following features: Device Management User Tracking Data Extraction Engine Virtual Network Manager Device Management The following are the frequently asked questions about Device Management: Q. Some of the devices in DCR are not managed in Campus Manager, but the group to which it belongs to, is included in the Auto mode settings. What could be the reason? A. Check whether these devices are manually excluded from Campus Manager in the Manually Excluded Devices report. If the device you are looking for is available here, then it will not be managed in Campus Manager unless it is manually included. Q. When I exclude a device, will it get deleted immediately or during next Data Collection? A. If you are manually excluding a device, it will be immediately deleted from Campus Manager and it will not be managed in further Data Collections. Q. What is the difference between manually excluding a device and deleting a device from Topology Services screen? A. Manually Excluding a Device: If you manually exclude a device, it gets deleted from Campus. Even if you do Data Collection from the neighboring device, it does not get managed in Campus Manager. Deleting a device from Topology Services screen: If you delete a device from Topology services, and run Data Collection on its neighbor device, the device becomes managed in Campus Manager. Q. I have manually included a device. How do I exclude it? A. Select and exclude that device from the device selector in the Exclude Devices page. Alternatively, you can exclude that device from the Manually Included Devices report. Q. I have manually excluded a device. How do I include it? A. Select and include that device from the device selector in the Include Devices page. Alternatively, you can include that device from Manually Excluded Devices report. Q. .When I manually include a device, will it be managed immediately in Campus Manager? A. No. Unless you run Data collection, this will not get managed in Campus Manager. Q. I have both Auto mode and Manual mode enabled. Which one will take higher priority? A. Manual mode always gets higher priority.
15-6 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs FAQs Q. I have manually added some devices and started Data collection for all devices. For which devices will Data collection run? A. Data collection will run for manually added devices and the devices that are already managed in Campus Manager. Q. I have added n devices in DCR and in that I want to manage only subset of devices in Campus Manager. Is there any way to do this? A. Either: Manually include those devices and run Data collection. Or Create a group in Common Services that includes these IP addresses, include the group in Auto mode settings in Campus Manager and run Data Collection. Q. How to make Campus Manager identify the HSRP devices and perform data collection? A. To make Campus Manager identify the HSRP devices and perform data collection, do the following: Step 1 Add the virtual IP address of the HSRP router as the value for the property HsrpVitrualIPAddress" in the ANIServer.properties file Since there is no UI to specify the virtual IP address, you need to enter it in the ANIServer.properties file. When you need to specify multiple virtual IP addresses, separate them with a colon. For example: HsrpVitrualIPAddress=10.77.210.20:10.77.211.21 Step 2 Restart the ANIServer for the changes to take effect. Q. I have an office with 300 remote branches each with a Cisco router. The routers are connected to the head office over an SP infrastructure and IPSec is used to encrypt the traffic between the remote branches and the head office. How do I manage the devices in the remote network using Campus Manager? A. If you want to discover and manage the devices in the remote network, add these devices to DCR. For managing them in Campus Manager, see Device Management. User Tracking Q. Why are outdated entries appearing in my User Tracking table? A. Outdated entries result when: A user or host is assigned to new VLAN/port/VTP domain. A power failure occurred. A workstation has been switched off or removed from the network. User Tracking does not automatically delete outdated end-user host entries. To delete these entries: Manually delete selected entries. Or Configure delete interval for purging old records more than the given number of days.
15-7 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs FAQs Q. How does User Tracking acquisition process differ from that of the Campus Manager Server? A. User Tracking is a Campus Manager client application. The Campus Manager Server provides several types of global discoveries, including: Device and physical topology acquisition, resulting in baseline network information such as device identity, module and port information, and physical topology. This type of acquisition is required for logical, user, and path acquisition. User acquisition, resulting in information about users and hosts on the network. The Campus Manager Server stores this information in the database. User Tracking discovers the host and user information in the Campus Manager server database, correlates this information, and displays it in the User Tracking Reports. For more information about the various acquisition processes, see Various Acquisitions in User Tracking. Q. How does User Tracking user and host acquisition process work? A. Before collecting user and host information, Campus Manager must complete Data Collection. After the completion of Data Collection User Tracking performs steps described in Table 15-3. Table 15-3 User Tracking User and Host Acquisition Process Process Description Performs Ping Sweeps Pings all IP addresses on all known subnets, if you have Ping Sweeps enabled (the default). This process updates the switch and router tables before User Tracking reads those tables. This ensures that User Tracking displays the most recent information about users and hosts. Obtains MAC addresses from switches Reads the switch's bridge forwarding table. The bridge forwarding table provides the MAC addresses of end stations, and maps these MAC addresses to the switch port on which each workstation resides. Obtains IP and MAC addresses from routers Reads the Address Resolution Protocol (ARP) table in routers to obtain the IP and corresponding MAC addresses. Obtains hostnames Performs a Domain Name Service (DNS) lookup to obtain the hostname for every IP address. Obtains usernames Attempts to locate the users currently logged in to the hosts and tries to obtain their username or login ID. Records discovered information Records the discovered information in the Campus Manager database.
15-8 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs FAQs Q. Why is User Tracking not performing Ping Sweeps on some subnets? A. The criterion for whether or not User Tracking performs Ping Sweeps on a subnet is the number of hosts in the subnet: You must check if you have excluded the subnets from Ping Sweep. If a subnet has 256 or fewer hosts, User Tracking performs Ping Sweeps on that subnet. User Tracking does not perform Ping Sweeps on the subnets, which have more than 256 hosts. If Ping Sweeps are not performed, User Tracking still obtains information from the router and switch mapping tables during a discovery. For more details on Ping Sweep, see Notes on Ping Sweep Option. Q. How long does User Tracking maintain data? A. It depends on the delete interval you have set. For more details, see Modifying Delete Interval. Q. Does User Tracking discover users and hosts connected to non-Cisco Discovery Protocol (CDP) devices? A. Campus Manager does not manage non-CDP devices. Hence User Tracking will not discover users and hosts in the network connected to non-CDP devices. Q. Where does User Tracking log errors? A. User Tracking major acquisition errors are logged in the User Tracking error log. Data Collection errors are logged in the respective log file. The log files are located at Solaris : /var/adm/CSCOpx/log Windows: NMSROOT/log Where NMSROOT is the directory where you have installed CiscoWorks.
15-9 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs FAQs Data Extraction Engine Following is a list of frequently asked questions about Campus Manager DEE: Q. Where does DEE collect the Discrepancy information from? A. DEE collects the running Discrepancy data from the latest configuration in Campus Manager server. Q. What is an XSD file? A. XSD file is an XML based alternative to Document Type Definition (DTD). It is based on XML schema which describes the structure of an XML document. An XML schema defines the valid building blocks of an XML document, similar to a DTD. An XML Schema: Defines elements that can appear in a document. Defines attributes that can appear in a document. Defines which elements are child elements. Defines the order of child elements. Defines the number of child elements. Defines whether an element is empty or can include text. Defines data types for elements and attributes. Defines default and fixed values for elements and attributes. For more information, see W3Schools Online Web Tutorials site. Q. How can I make use of the servlet interface? A. You must write customized scripts that can connect to the servlet. The arguments and options have to be specified in XML format. Details can be found in Using Servlet to Export Data from Campus Manager. Q. How can I get user tracking and Layer 2 topology data for a particular set of switches or subnets managed by separate Campus Manager servers? A. No. This feature is not supported. Q. I do not want to provide the password in the command line as it is insecure. Is there a way to provide it in a secure way? A. Yes. You can create an environment variable CMEXPORTFILE, which points to a text file that contains the userid and password list separated by a blank space. Q. Where will the XML output file be stored? A. The default locations for storing the XML output files are: PX_DATADIR/cmexport/ut/timestamput.xml PX_DATADIR/cmexport/l2topology/timestampL2Topology.xml PX_DATADIR/cmexport/Discrepancy/timestampDiscrepancy.xml You can use the -f option to specify an alternative location.
15-10 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs FAQs Q. Why am I getting a parse error when trying to parse some of the output files? A. A few classes in Optical switches contain special characters with ASCII code higher than 160. Most of the XML parsers do not support these characters and hence fail to parse them. To overcome this, you have to manually search for those elements with special characters and append CDATA as given in the example below: If there is an element <checksum> o </checksum> Change it to: <checksum> <![CDATA[o ]]> </checksum> Virtual Network Manager Q. What is Virtual Network Manager ? A. Virtual Network Manager is an application that allows you to pre-provision, provision and monitor Virtual Routing and Forwarding-Lite (VRF-Lite) technology on an enterprise network. Q. What is Network Virtualization? A. Virtualization deals with extending a traditional IP routing to a technology that helps companies utilize network resources more effectively and efficiently. Using virtualization, a single physical network can be logically segmented into many logical networks. The virtualization technology supports multiple virtual routing instances of a routing table to exist within a single routing device and work simultaneously. Q. What is VRF-Lite ? A. Virtual Routing and Forwarding - Lite (VRF - Lite) is the one of the simplest form of implementing virtualization technology in an Enterprise network. A Virtual Routing and Forwarding is defined as VPN routing/forwarding instance. A VRF consists of an IP Routing table, a derived forwarding table, a set of interfaces that use the forwarding table and set of routing protocols that determine what goes into the forwarding table. Q. What are the pre-requisites to manage a device using Virtual Network Manager? A. The pre-requisites to manage a device in Virtual Network Manager are: 1. The device must be managed by Campus Manager. 2. The device must either be L2/L3 or L3 device 3. The devices failing to satisfy pre-requisite #1 or #2, are not displayed in Virtual Network Manager. The device must have the necessary hardware support. For more information on hardware support, see http://www.cisco.com/en/US/partner/products/sw/cscowork/ps563/products_device_support_table s_list.html. If the device hardware is not supported then the device will be classified as Other devices 4. If a device does not support MPLS VPN MIB, it is classified as a capable device. 5. VTP Server must be support MPLS VPN MIB. If the VTP Server does not support MPLS VPN MIB, VNM will not manage VTP Clients.
15-11 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs FAQs Q. The device must be managed by RME to exercise all the functionality of VNM. The desired device is not listed in the device selector for the VNM configuration workflows. What is the reason for a device not listed in the device selector? A. A device is not listed in the device selector due to the following reasons: All VNM Configuration workflows like Create, Edit, Extend, Delete VRF and Edge VLAN Configuration. A device will not be listed in the Device Selector, if a device does not satisfy the pre-requisites as mentioned in the Pre-Requisites to manage devices using VNM. If VNM Configuration workflow is either Edit VRF, or Delete VRF or Edge VLAN Configuration then a device will not be listed in the Device Selector, if a device is not participating in the selected VRF. In the Readiness Report, a device listed as a supported device may be because it is not managed by RME. You can check if a device is managed by RME using the Device Management State Summary. You can access the Summary by selecting Device Management option from RME > Devices. In Extend VRF workflow, the devices listed in the Device Selector are the devices that are not participating in the selected VRF. In Edge VLAN Configuration workflow, the devices listed in the Device Selector are only L2/L3 devices that are not participating in the selected VRF. Q. What are the different categories in which the devices are managed by Virtual Network Manager? Or what criteria are used by Virtual Network Manager to categorize the devices in the network? A. Virtual Network Manager identifies the devices based on the minimum hardware and software support required to configure VRF on the devices. Based on the available hardware and software support in the devices, Virtual Network Manager classifies the devices into following categories: VRF Supported Devices Represents the devices with required hardware and software support available to configure VRF on the devices. VRF Capable Devices Represents the devices with required hardware support available. But the device software must be upgraded to support MPLS VPN MIB. For information on the IOS version that supports MPLS VPN MIB, refer http://tools.cisco.com/ITDIT/MIBS/MainServlet. VNM classifies all the devices from Cat 3k and Cat 4k family of devices as VRF Capable devices as these devices do not have the required MPLS VPN MIB support. Other Represents the devices without required hardware support to configure VRF. SysOID of the device needs to be checked. Q. If a device is managed by both RME and CM in the ACS mode, that particular device is not listed in the device selector in VNM Configuration or in VRF Troubleshooting workflow. Q. In the ACS mode, the Virtual Network Manager application checks for user permissions in VNM and RME application. The user permissions are as defined below: a. VNM >Configuration >Configuration permission in VNM application b. VNM >Troubleshooting > Troubleshooting permission in VNM application c. VNM >Reports >Reports permission in VNM application d. RME >Config Management >NetConfig >NetConfig Create J ob in RME application e. RME >Config Management >Archive Management >Config Version Viewer
15-12 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs FAQs To use the following VNM functionality, the user must have the following permissions: 1. Create/Edit/Extend: The user must have permissions listed in A, D, and E 2. AEV/Delete: The user must have permissions listed in A and D 3. Troubleshooting: The user must have permissions listed in B and D 4. Reports: The user must only have permission mentioned in C Q. While performing the VNM Configuration, VNM application prompts the following messages: The device(s) with display name(s) are already locked as they are used by configuration workflows. You cannot configure these devices. Wait for some time Or Ensure the devices are not used by configuration workflows and free the devices from CS > Admin > Resource Browser. Or Selected Device(s) are locked as they are used by configuration workflows. You cannot configure these devices. Wait for some time Or Ensure the devices are not used by configuration workflows and free the devices from CS > Admin > Resource Browser. The above messages appear even if no VNM configuration is performed parallelly. Why do I get these messages? A. The VNM application prompts with these messages when some other configurations are performed simultaneously. You can check the status of the configuration workflow using CS > Admin > Resource Browser. The J OB Id/Owner column will give the details of the workflows currently running in the application. These messages also appear if any VNM configuration workflow is abruptly ended or an error has occurred while unlocking the device. You can release the locked devices only after ensuring that no other configuration workflows are running simultaneously. You can release the locked device using the CS > Admin > Resource Browser option. Note If you unlock a device which is participating in a configuration workflow, the configurations details will be overwritten or corrupted. By default, a lock will be released after two hours. Q. Sometimes, while performing VNM configuration, I get the following message: The device(s) with display name(s) are already locked as they are used by configuration workflows. You cannot configure these devices. Wait for some time Or Ensure the devices are not used by configuration workflows and free the devices from CS > Admin > Resource Browser. Or Selected Device(s) are locked as they are used by configuration workflows. You cannot configure these devices. Wait for some time OR Ensure the devices are not used by configuration workflows and free the devices from CS > Admin > Resource Browser. Can I get the details of the user who has locked the devices to perform VNM configuration? A. You cannot get the details of user who has locked the devices to perform VNM configurations.
15-13 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs FAQs Q. In the Create, Edit, or Extend workflow, the application do not list the Routing Protocols used while configuring VRF. The Routing Protocol information displayed is NA. What do I need to do to get the routing protocol configurations details? A. When the Routing Protocol information displayed is NA, it means that the configuration details are not fetched successfully in Resource Manager Essential. You can schedule the Sync Archive job from Resource Manager Essentials > Config Mgmt > Archive Mgmt > Sync Archive. Q. What are the details of the VNM log files? In which location are the VNM log files located? A. The following are the details of the VNM log files: 1. Vnmserver.log This log file logs the messages pertaining to the VNMServer process. 2. Vnmcollector.log This log file logs the messages pertaining to the VNM collection. 3. Vnmclient.log This log file logs the messages related to the User Interface. 4. Vnmutils.log This log file logs the messages pertaining to the utility classes used by VNM client and server. The above-mentioned VNM log files are located in the following location: In Solaris : /var/adm/CSCOpx/log/ In Windows: NMSROOT/logs Q. When is the VRF Collection process triggered? A. Manually: You can manually schedule to run the VRF Collection process by : Providing the setting details using Virtual Network Manager > Administration > VRF Collector Settings > VRF Collector Schedule option.Or Clicking the Start VRF Collection link present in the Virtual Network Manager home page. Automatically: If you enable the Run VRF Collector After Every Data Collection in the VRF Collector Schedule page. The VRF Collection process will be automatically triggered after the completion of Data Collection. You can reach the VRF Collector Schedule page using Virtual Network Manager > Administration > VRF Collector Settings page. Q. After the completion of the Data collection process, the VNM Collector failed to run, What is the reason for failure? A. Check if the Run VRF Collector After Every Data Collection option is enabled in the VRF Collector Schedule page. You can reach the VRF Collector Schedule page from Virtual Network Manager > Administration > VRF Collector Settings page. Q. Where the SNMP timeout and retries details are taken for Virtual Network Manager? A. The SNMP timeout and retires details are taken from Virtual Network Manager > Administration > VRF Collector Settings > VNM SNMP Timeouts and Retries. By default, all the devices have a timeout of six seconds and retry attempt of 1 second.
15-14 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs FAQs Q. What is the reason for VLANs not getting populated in the VLAN to VRF Mapping page in the Create VRFand Extend VRFworkflows ? A. The VLAN to VRF Mapping page lists the links connecting the source and the destination device. The VLANs are not listed in fields displaying the links in the VLAN to VRF Mapping page because VNM tries to find a free VLAN in the devices connected using a link based on the following procedure 1. An SVI, VNM searches for free VLANs in the range 1- 1005 2. An SI, VNM searches for free VLANs in the range 1006-4005 Q. Why do I see the VRF description for all VRF(s) in home page as Discovered by VNM ? A. While creating or extending VRF, the description that you have provided is deployed to the selected devices on which VRF is configured. But, the description provided while configuring or extending, is not read by the VNM application. Instead, the VNM application provides the default description for all VRFs as Discovered by VNM. Therefore, the description that you had provided is not displayed in the VNM home page. Q. How do I enable the debug messages for Virtual Network Manager? A. You can enable the debugging levels for a particular module using VNM > Administration > Debugging Options. You can manually change the name and the size of the log file. The configuration log files are available under NMSROOT/MDC/tomcat/webapps/vnm/WEB-INF/classes. The changes made will be reflected after approximately 60 seconds. Q. Why some port-channels are are not discovered in Virtual Network Manager? A. Virtual Network Manager does not support port-channel and GRE Tunnel. Also, Currently VNM supports only 802.1Q Q. What are the processes newly introduced for Virtual Network Manager ? A. To run VNM, VNMServer process is newly introduced in the Campus Manager application. The VNM Collector process is executed as a J ob. Q. What is tested number of devices support in VNM? A. In an Enterprise network, Virtual Network Manager is tested to support the configuration of 32 VRFs with VRF configuration supported in 550 devices in your network. However, at a given time, you can select up to 20 devices and configure VRF using the Create, Edit and Extend VRF workflow. Q. What are the property files associated with Virtual Network Manager? A. The following property files are associated with Virtual Network Manager: 1. NMSROOT/vnm/conf/VNMClient.properties - This property file is used to provide the settings for Purge and Home page auto Refresh 2. NMSROOT/vnm/conf/VNMServer.properties This property file is used to provide the SNMP and VNMServer settings. 3. NMSROOT/vnm/conf/VRFCollectorSnmp.conf This property file stores the SNMP Timeout and Retries that you have configured
15-15 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs FAQs Q. In the Interface to VRF Mapping page for the Create, Edit and Extend VRF workflow, why are values for the IP Address and SubnetMask fields empty? A. If the physical interface that links two devices is not configured with an IP Address, then the IP Address and the SubnetMask fields are empty. Q. What is protocol ordering for configuration workflows? A. Configuration workflow uses the protocol ordering similar to ordering used by NetConfig in Resource Manager Essentials. Choose the NetConfig as Application Name from using RME > Admin > Config Mgmt > Transport Settings page. You can view the protocol ordering in the Transport Settings page. Q. What is protocol ordering for troubleshooting? A. Troubleshooting VRF workflow uses the protocol ordering similar to ordering used by NetShow in Resource Manager Essentials. Choose the NetShow as Application Name from using RME > Admin > Config Mgmt >Transport Settings page. You can view the protocol ordering in the Transport Settings page. Q. If you configure commands to be deployed to two different devices, will the commands be deployed parallelly or serially? A. The commands will be deployed to multiple devices parallelly, where as a series of commands with-in a single device, will be deployed in serial manner. Q. Which VNM configuration jobs that are failed can be retried? A. You can retry all the VNM Configuration jobs which are failed. VNM Configuration jobs are the jobs pertaining to Create, Edit, Extend, Delete VRF and Edge VLAN Configuration workflow. Q. Why is the Monitor Real Time button disabled in the Ping or Traceroute VRF page? A. The functionality for Monitor Real Time button is provided by Internetwork Performance Monitor (IPM). This button is enabled only when IPM is installed in the local server. Q. In a multi-server setup environment, both RME and CM are installed in the remote machine. I have RME/CM in remote machines, but still devices are not shown in configuration workflows and are displayed as un-managed devices. Why? A. It is mandatory to install Resource Manager Essentials in the local server to use the functionality of Virtual Network Manager. Q. In the Troubleshooting VRF page, after selecting the source device, no VRFs are listed in the VRF List to troubleshoot. Why? A. Initially, check if a VRF is configured on the selected source device. The VRF list in the Troubleshooting page enlists the VRF(s) configured in the selected source device as well as in the Global Table, which refers to the global routing table. Q. Which interfaces are displayed in the Troubleshooting VRF page A. When a VRF is selected then all the interfaces that are configured with the selected VRF in the corresponding device is listed. If you select VRF as Global Table, then the application displays all the interfaces that are not configured to any VRF
15-16 User Guide for Campus Manager 5.2 OL-18011-01 Chapter 15 Troubleshooting and FAQs FAQs Q. In some scenarios, the VRF configuration commands are pushed to unselected devices. What is the reason? A. In the following scenarios, the VRF configuration commands are pushed to unselected devices: The VLANs are created in the VTPServer by default. In any VNM Configuration workflow, if you create a VLAN in VTP Client devices, then VNM application finds the corresponding VTP Server and create VLANs in that device. In Delete VRF workflow, the virtualized interface in the connecting device will also be deleted, even if the device is not selected. Q. Why the FHRP and DHCP configurations are not shown in Virtual Network Manager? A. VNM does not fetch the details for the FHRP or DHCP configuration from the device. Also, VNM wont put the list of vlan(s) allowed on a trunk The Protocols and DHCP Server details for existing or newly created SVIs are not fetched from the selected devices.
A-1 User Guide for Campus Manager 5.2 OL-18011-01 A P P E N D I X A Commands to Enable MAC Notification Traps on Devices This appendix provides information on the list of commands that needs to run on each device to enable MAC Notification traps. This appendix contains the following: Overview of Dynamic Updates Configuring Switches With MAC Notification Commands Device Operating System Version-Specific Commands List of Commands to Enable MAC Notification Traps on Devices Overview of Dynamic Updates Dynamic Updates are asynchronous updates that are based on SNMP MAC notifications traps sent by devices to Campus Manager. These traps are sent as and when there are changes to the network. You must configure the Cisco switches for sending SNMPv1/SNMPv2 MAC Notification traps when a host is connected to or disconnected from that port. If you do not have RME installed on your CiscoWorks server, you must configure the switches manually to send MAC Notifications to the Campus Manager server. See the Understanding Dynamic Updates section in Chapter 7 Tracking Users for more information. Configuring Switches With MAC Notification Commands The list of commands that needs to be run on the devices are stored on the built-in XML file namely, MACCommands.XML in a hierarchical manner. The list of commands available are: Global commands Device Family-specific commands Device Type-specific commands Device Operating System version-specific commands
A-2 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices Device Operating System Version-Specific Commands While configuring, Campus Manager selects the commands for each device based on the fallback rule in the following order: 1. Device Operating System version-specific commands 2. Device Type-specific commands 3. Device Family-specific commands 4. Global commands If a device OID matches an OS version, the Device OS version-specific commands should be selected to configure the device. Otherwise, the Device Type-specific commands should be selected. If a device OID could not find a specific match on both Device OS version-specific commands and Device Type-specific commands, the Device-Family specific commands should be selected. The Global commands are selected for configuring the device when there is no match of Device OS version-specific, Device Type-specific, or Device Family-specific commands available for the device. The device is considered as an unknown device type when there is no match of any of the command sets available. In other words, for an unknown device type, command set will not be generated. Device Operating System Version-Specific Commands A device OID finds a match from the OS versions first, in the XML file. A range of OS versions for which the command set remains the same, are indicated in the osversion tag in the XML file. The range of OS versions are represented using brackets [ ] and parantheses ( ). Brackets [ ] indicate an inclusive list of OS versions. Parantheses ( ) indicate an exclusive list of OS versions. The following are the examples for OS version ranges: [12.2(40),12.2(43)) denotes all OS versions between 12.2(40) and 12.2(43) including 12.2(40) and excluding 12.2(43). [,12.2(40)] denotes all OS versions prior to 12.2(40) and including version 12.2(40). [12.1(19)EA1,12.2(46)SE) denotes all OS versions 12.1(19)EA1 and later, and prior to 12.2(46)SE.
A-3 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices Table A-1 explains the list of commands that needs to be run on the devices. Table A-1 List of Commands to Enable SNMP Traps in Devices Device Family Device Type SysOID Global Command Set Interface Command Set OS Version default - - mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - C3750-STACK - - mac address-table notification change:mac address-table notification change interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - C3750-STACK 1.3.6.1.4.1.9.1.516 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE)
A-4 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3750-STACK (continued) NME16ES1GP 1.3.6.1.4.1.9.1.663 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) NME16ES1GP 1.3.6.1.4.1.9.1.702 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-5 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3750-STACK (continued) NMEX23ES1 GP 1.3.6.1.4.1.9.1.664 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) NMEXD24ES 1SP 1.3.6.1.4.1.9.1.665 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-6 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3750-STACK (continued) NMEXD48ES 2SP 1.3.6.1.4.1.9.1.666 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1)
mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) C3550-24ME 1.3.6.1.4.1.9.1.574 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-7 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3750-STACK (continued) C3550-24ME 1.3.6.1.4.1.9.1.589 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1)
mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) C3550-24ME 1.3.6.1.4.1.9.1.590 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-8 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3750-STACK (continued) C3550-24ME 1.3.6.1.4.1.9.1.591 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) C3550-24ME 1.3.6.1.4.1.9.1.592 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-9 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3750-STACK (continued) C3550-24ME 1.3.6.1.4.1.9.1.688 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) C3750-24P 1.3.6.1.4.1.9.1.536 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-10 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3750-STACK (continued) C3750 1.3.6.1.4.1.9.1.530 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) C3750 1.3.6.1.4.1.9.1.511 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-11 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3750-STACK (continued) C3750 1.3.6.1.4.1.9.1.512 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1)
mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) C3750 1.3.6.1.4.1.9.1.513 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1)
mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-12 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3750-STACK (continued) C3750 1.3.6.1.4.1.9.1.514 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1)
mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) C3750 1.3.6.1.4.1.9.1.535 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1)
mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-13 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3750-STACK (continued) C3750 1.3.6.1.4.1.9.1.602 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1)
mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) C3750 1.3.6.1.4.1.9.1.603 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1)
mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-14 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3750-STACK (continued) C3750P 1.3.6.1.4.1.9.1.604 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1)
mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) C3750 1.3.6.1.4.1.9.1.624 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1)
mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-15 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3750-STACK (continued) C3750 1.3.6.1.4.1.9.1.656 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1)
mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [12.1(19)EA1,12 .2(46)SE) C3550 - - mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - C3550-24 1.3.6.1.4.1.9.1.366 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C3550-48 1.3.6.1.4.1.9.1.367 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-16 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3550 (continued) C3550-12T 1.3.6.1.4.1.9.1.368 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C3550-12G 1.3.6.1.4.1.9.1.431 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C3550-24FX 1.3.6.1.4.1.9.1.453 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C3550-24DC 1.3.6.1.4.1.9.1.452 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C3550-24PWR 1.3.6.1.4.1.9.1.485 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-17 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3550 (continued) C3560-24PS 1.3.6.1.4.1.9.1.563 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C3560-48PS 1.3.6.1.4.1.9.1.564 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C3560G-24PS 1.3.6.1.4.1.9.1.614 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C3560G-24TS 1.3.6.1.4.1.9.1.615 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C3560G-48PS 1.3.6.1.4.1.9.1.616 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-18 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3550 (continued) C3560G-48TS 1.3.6.1.4.1.9.1.617 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C3560E 1.3.6.1.4.1.9.1.930 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - C3560E 1.3.6.1.4.1.9.1.956 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - C3560E 1.3.6.1.4.1.9.1.1015 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-19 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3550 (continued) 3000 1.3.6.1.4.1.9.1.909 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - 3000 1.3.6.1.4.1.9.1.910 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - 3000 1.3.6.1.4.1.9.1.911 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - 3000 1.3.6.1.4.1.9.1.912 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-20 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3550 (continued) 3000 1.3.6.1.4.1.9.1.918 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - 3000 1.3.6.1.4.1.9.1.919 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - 3000 1.3.6.1.4.1.9.1.920 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - 3000 1.3.6.1.4.1.9.1.921 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-21 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3550 (continued) 3000 1.3.6.1.4.1.9.1.922 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - 3000 1.3.6.1.4.1.9.1.947 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - 3000 1.3.6.1.4.1.9.1.948 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - 3000 1.3.6.1.4.1.9.1.949 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-22 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3550 (continued) 3000 1.3.6.1.4.1.9.1.999 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - 3000 1.3.6.1.4.1.9.1.1000 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - 3000 1.3.6.1.4.1.9.1.1001 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - 3000 1.3.6.1.4.1.9.1.1002 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-23 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C3550 (continued) - C3000IE 1.3.6.1.4.1.9.1.958 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - C3000IE 1.3.6.1.4.1.9.1.959 mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - C3500XL - - mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - C3508GXL 1.3.6.1.4.1.9.1.246 - - - C3512XL 1.3.6.1.4.1.9.1.247 - - - C3524XL 1.3.6.1.4.1.9.1.248 - - - C3548XL 1.3.6.1.4.1.9.1.278 - - - C3524PWRXL 1.3.6.1.4.1.9.1.287 - - - C2970 - - mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-24 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C2970 (continued) C2970G-24T 1.3.6.1.4.1.9.1.527 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) C2970G-24TS 1.3.6.1.4.1.9.1.561 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) 371098-001 1.3.6.1.4.1.11.2.3.7. 11.33.3.1.1 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) ME-3400G-12 CS-D 1.3.6.1.4.1.9.1.781 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) ME-3400G-12 CS-A 1.3.6.1.4.1.9.1.780 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-25 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C2970 (continued) C2960-24TC-S 1.3.6.1.4.1.9.1.928 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) ME-3400G-2C S-A 1.3.6.1.4.1.9.1.825 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(19)EA1) ME-3400 1.3.6.1.4.1.9.1.873 - - - ME-3400 1.3.6.1.4.1.9.1.1007 - - - ME-3400 1.3.6.1.4.1.9.1.1008 - - - ME-3400 1.3.6.1.4.1.9.1.1009 - - - C2960 1.3.6.1.4.1.9.1.929 - - - C2960 1.3.6.1.4.1.9.1.928 - - - C2960 1.3.6.1.4.1.9.1.927 - - - C2960 1.3.6.1.4.1.9.1.1005 - - - C2960 1.3.6.1.4.1.9.1.1006 - - - C2960 1.3.6.1.4.1.9.1.950 - - - C2960 1.3.6.1.4.1.9.1.951 - - - C2960 1.3.6.1.4.1.9.1.952 - - - C2975 1.3.6.1.4.1.9.1.1067 - - - C2975 1.3.6.1.4.1.9.1.1068 - - - C2900XL - - mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - C2908XL 1.3.6.1.4.1.9.1.170 - - - Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-26 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C2900XL (continued) C2924XL 1.3.6.1.4.1.9.1.183 - - - C2924CXL 1.3.6.1.4.1.9.1.184 - - - C2924XLV 1.3.6.1.4.1.9.1.217 - - - C2924CXLV 1.3.6.1.4.1.9.1.218 - - - C2912XL 1.3.6.1.4.1.9.1.219 - - - C2924MXL 1.3.6.1.4.1.9.1.220 - - - C2912MFXL 1.3.6.1.4.1.9.1.221 - - - C2924XL-LRE 1.3.6.1.4.1.9.1.369 - - - C2912XL-LRE 1.3.6.1.4.1.9.1.370 - - - C2950 - - mac address-table notification:mac address-table notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - C2950-12 1.3.6.1.4.1.9.1.323 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C2950-24 1.3.6.1.4.1.9.1.324 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-27 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C2950 (continued) C2950C-24 1.3.6.1.4.1.9.1.325 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C2950T-24 1.3.6.1.4.1.9.1.359 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C2950G-24 1.3.6.1.4.1.9.1.428 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C2950G-12 1.3.6.1.4.1.9.1.427 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C2950G-48 1.3.6.1.4.1.9.1.429 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-28 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C2950 (continued) C2950G-24DC 1.3.6.1.4.1.9.1.472 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C2950-24SX 1.3.6.1.4.1.9.1.480 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C2955C-12 1.3.6.1.4.1.9.1.489 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C2955S-12 1.3.6.1.4.1.9.1.508 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C2955T-12 1.3.6.1.4.1.9.1.488 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-29 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C2950 (continued) C2950ST-8LR E 1.3.6.1.4.1.9.1.483 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C2950ST-24L RE 1.3.6.1.4.1.9.1.482 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C2940-8TT 1.3.6.1.4.1.9.1.540 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C2940-8TF 1.3.6.1.4.1.9.1.542 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C2950-48SX 1.3.6.1.4.1.9.1.560 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-30 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C2950 (continued) CIGESM-18T T 1.3.6.1.4.1.9.1.592 mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed [,12.1(11)EA1) C6000 - - set cam notification enable:set snmp trap enable macnotification:set snmp trap HOST COMMUNITY version TRAPVERSION port PORT set cam notification added enable INTERFACE:set cam notification removed enable INTERFACE - C6006 1.3.6.1.4.1.9.5.38 - - - C6009 1.3.6.1.4.1.9.5.39 - - - C6509 1.3.6.1.4.1.9.5.44 - - - C6506 1.3.6.1.4.1.9.5.45 - - - C6509SP 1.3.6.1.4.1.9.5.47 - - - C6513 1.3.6.1.4.1.9.5.50 - - - C6503 1.3.6.1.4.1.9.5.56 - - - C6000-IOS - - mac-address-table notification change:mac-address-table notification change interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification change added:snmp trap mac-notification change removed - Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-31 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C6000-IOS (continued) catalyst6000IO S 1.3.6.1.4.1.9.1.657 - - - catalyst6006IO S 1.3.6.1.4.1.9.1.280 - - - catalyst6009IO S 1.3.6.1.4.1.9.1.281 - - - Cisco C6506-IOS 1.3.6.1.4.1.9.1.282 - - - catalyst6509IO S 1.3.6.1.4.1.9.1.283 - - - catalyst6509sp IOS 1.3.6.1.4.1.9.1.310 - - - catalyst6513IO S 1.3.6.1.4.1.9.1.400 - - - ciscoWSC6503 1.3.6.1.4.1.9.1.449 - - - ciscoWSC6509 neba 1.3.6.1.4.1.9.1.534 - - - catalyst6509V E 1.3.6.1.4.1.9.1.832 - - - Cisco C6503-IOS 1.3.6.1.4.1.9.1.449 - - - C4000 - - set cam notification enable:set snmp trap enable macnotification:set snmp trap HOST COMMUNITY port PORT set cam notification added enable INTERFACE:set cam notification removed enable INTERFACE - C4003 1.3.6.1.4.1.9.5.40 - - - C4912G 1.3.6.1.4.1.9.5.41 - - - C2948G 1.3.6.1.4.1.9.5.42 - - - C4006 1.3.6.1.4.1.9.5.46 - - - C2980G 1.3.6.1.4.1.9.5.49 - - - C2980G-A 1.3.6.1.4.1.9.5.51 - - - C4503 1.3.6.1.4.1.9.5.58 - - - C4506 1.3.6.1.4.1.9.5.59 - - - C2948G-GE-T X 1.3.6.1.4.1.9.5.62 - - - Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-32 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C4000-IOS - - mac-address-table notification change:mac-address-table notification change interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification change added:snmp trap mac-notification change removed - cisco4000 1.3.6.1.4.1.9.1.448 - - - cisco4900M 1.3.6.1.4.1.9.1.917 - - - cisco4948 1.3.6.1.4.1.9.1.626 - - - cisco4948-10G E 1.3.6.1.4.1.9.1.659 - - - cisco4948-10G E 1.3.6.1.4.1.9.1.875 - - - cisco4948-10G E 1.3.6.1.4.1.9.1.877 - - - cisco4948-10G E 1.3.6.1.4.1.9.1.874 - - - cisco4948-10G E 1.3.6.1.4.1.9.1.876 - - - C4900ME - mac-address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification change added:snmp trap mac-notification change removed C4900ME 1.3.6.1.4.1.9.1.788 - - - Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-33 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices C2400ME - - mac address-table notification:mac-address-tabl e notification interval 15:snmp-server enable traps MAC-Notification:snmp-ser ver host HOST version TRAPVERSION COMMUNITY udp-port PORT mac-notification snmp trap mac-notification added:snmp trap mac-notification removed - C2400ME 1.3.6.1.4.1.9.1.735 - - - C2350 1.3.6.1.4.1.9.1.1104 - - - Table A-1 List of Commands to Enable SNMP Traps in Devices (continued) Device Family Device Type SysOID Global Command Set Interface Command Set OS Version
A-34 User Guide for Campus Manager 5.2 OL-18011-01 Appendix A Commands to Enable MAC Notification Traps on Devices List of Commands to Enable MAC Notification Traps on Devices
IN-1 User Guide for Campus Manager 5.2 OL-18011-01 I N D E X A about Campus Manager 1-1 ACS integration, understanding 4-3 administering Campus Manager 5-1 admin dashboard advanced reports 5-11 application setup tasks 5-8 basic reports 5-9, 14-13 operational tasks 5-9 system status table 5-7 administration reports, using 5-41 ANI data collection metrics, displaying 5-41 ANI Server, analyzing 5-41 discovered device details, displaying 5-41 supported devices list, displaying 5-43 administration tasks, about 5-7 ANI data collection, using 5-12 best practices in discovery scheduling 5-24 data collection, scheduling 5-23 data collection filters, setting up 5-15 debugging options 5-48 settings, displaying 5-12 applications, starting 5-59 auto refresh 5-7 details, displaying 5-7 device discovery administration 5-12 debugging options, setting 5-12 security issues 5-59 understanding 5-1 user and host acquisition, using delete interval, modifying 7-23 domain name display, specifying 7-25 end host user information, importing 7-26 purge policy, specifying 7-25 schedule, modifying 7-20 subnet discovery, configuring 7-22 User Tracking administration, using 5-27 administering Virtual Network Management admin dashboard edit vrf task 14-13 auto refresh 14-10 Administering Virtual Network Manager 14-54 Setting VNM Debugging Options 14-58 VNM Client Debugging Settings 14-59 VNM Server Debugging Settings 14-58 VNM Utility Debugging Settings 14-60 VRF Collector Debugging Settings 14-59 Understanding VNM Administration 14-54 Using VNM Administration 14-55 Modifying VNM SNMP Timeouts and Retries 14-57 Scheduling VRF Collector 14-55 ANI data collection administration, using 5-12 best practices in discovery scheduling 5-24 data collection, scheduling 5-23 data collection filters, setting up 5-15 debugging options 5-48 settings, vieiwing 5-12 SNMP settings, modifying 5-13 ANI discover metrics, displaying 9-81 ANI Server analyzing 5-41 network dependencies, and 7-5 applications about 1-1
Index IN-2 User Guide for Campus Manager 5.2 OL-18011-01 starting 3-2, 5-59 application servers, working with 9-76 audience for this document i-xxiii B Bandwidth Utilization 9-44 Bandwidth Utlization enabling RMON 9-47 before using Campus Manager 3-2 Best Practices Deviations acknowledging 8-39 points to be noted 8-41 C Campus Manager reports 9-79 caution regarding Cisco Visio stencil file names, changing 9-60 cautions significance of i-xxiv cautions regarding restarting Daemon Manager on Windows 5-4 changes with this release 2-1 CiscoView, starting from VLAN Port Assignment 9-72 Cisco Visio stencil file, downloading 9-60 CiscoWorks, logging into 3-1 Cisco Works Assistant launching from end hosts reports 7-56 launching from N-hop view portlet 9-56 CiscoWorks Assistant launching from Topology services 9-2 CiscoWorks Common Services license integration, understanding 4-7 CLI administration CLI commands 5-54 cmexport command (see under Data Extraction Engine) 13-3 configuring inter-VLAN routing 10-25 on an external router 10-27 on RSM, MSFC3, and L2/L3 devices 10-26 subnet discovery for User Tracking 7-22 User Tracking Utility 7-103 Configuring VRF 14-14 Routing Protocol Configuration 14-22 Summary 14-24 Create VRF Interface Mapping to VRF Preferred Virtual Interfaces 14-17 D Daemon Manager, using restarting on Solaris 5-3 restarting on Windows 5-4 Data Collection filter policies 5-15 manually excluding devices 5-20 manually including devices 5-19 understanding 5-1 Data Extraction Engine (see DEE) 13-1 DCR integration, understanding 4-4 debugging options, setting 5-47 DEE (Data Extraction Engine) 13-1 cmexport command about 13-2 function-specific options 13-5 mandatory arguments 13-4 optional arguments 13-4 running 13-3 cmexport Discrepancy comand 13-12 cmexport L2topology command 13-9 cmexport manpage 13-14 cmexport ut command 13-6 developers reference 13-16 Discrepancy data schema 13-21
Index IN-3 User Guide for Campus Manager 5.2 OL-18011-01 exporting data from Campus Manager, servlet 13-22 Topology data schema 13-20 User Tracking data schema 13-17 User Tracking phone data schema 13-19 User Tracking subnet data schema 13-19 User Tracking switch data schema 13-18 overview 13-1 Device Center integration, understanding 4-6 device discovery administration, in Campus Manager 5-12 Device Management 5-15 Auto Mode 5-15 Manual Mode 5-15 Device Poller 5-24 adding critical devices 5-24 devices, working with 9-67 (see also MLS devices) 9-74 device attributes, working with 9-69 device labels clearing 9-68 displaying 9-68 device tooltips, interpreting 9-68, 9-69 Device selector advanced search 7-69 device service modules, displaying 9-77 DFM as primary listener 7-35 Discrepancies acknowledging 8-33 points to be noted 8-35 unacknowledging 8-33 discrepancy reporting 8-1 physical discrepancies 8-2 Discrepancy Reports about 1-1 starting 5-59 documentation i-xxiv additional online i-xxv audience for this i-xxiii related to this product i-xxiv typographical conventions in i-xxiii E Edge VLAN Configuration 14-46 At Access Layer with Trunk 9-34 Layer 3 Features 14-50 Select Devices 14-47 Summary 14-52 Trunk Configuration 14-50 VLAN to VRF Mapping 14-48 Editing VRF 14-26 EtherChannel 10-41 configuring 10-41 understanding 10-41 using 10-41 Ethernet VLANs about 10-15 creating 10-15 G Generating Reports 14-62 Using the VNM J ob Browser 14-62 Using the VNM Report Generator 14-65 Readiness Report 14-66 getting started 3-1 applications, starting 3-2 before using Campus Manager 3-2 CiscoWorks, logging into 3-1 interface, understanding 3-4 Getting Started with VNM 14-6 Launching Virtual Network Manager 14-6 Navigating VNM 14-8 Starting VNM Application 14-7 Group Selector, using 7-68
Index IN-4 User Guide for Campus Manager 5.2 OL-18011-01 H help online documentation i-xxv home page Viewing Campus Manager Homepage 5-7 HPOV as primary listener 7-34 I IEEE 802.1Q, VLAN trunking protocol 9-92 integration of CiscoWorks Common Services 4-1 ACS integration, understanding 4-3 DCS integration, understanding 4-4 Device Center integration 4-6 license integration 4-7 OGS integration, understanding 4-5 Package Support Updater integration 4-6 IPv6 (Internet Protocol version 6) 12-1 IPv6 Addresses report displaying 12-2 interpreting 12-3 understanding 12-1 ISL (Inter-Switch Link), VLAN trunking protocol 9-91 IVR (inter-VLAN routing) configuring 10-25 on on external router 10-27 on RSM, MSFC3, and L2/L3 devices 10-26 understanding 10-25 using 10-25 J J ob Browser, using 5-53 L Launch Topology Services prerequisites 9-3 Launch VNM from Topology Map 9-32 license integration for CiscoWorks Common Services 4-7 logging into CiscoWorks 3-1 Lookup Analyzer, using 7-91 M management addresses, setting preferred 9-71 MLS devices, working with 9-74 MLS reports, displaying 9-75 MLS reports, interpreting 9-75 Route Processors report 9-75 Switching Engines report 9-76 N network topology views connecting to a device from a client 9-20 customizing 9-25 background images, setting 9-38 devices, deleting 9-26 saving layouts 9-25 topology filters, using 9-41 view features, modifying 9-35 view properties, changing 9-37 displaying 9-22 exporting to Visio 9-60 Find, using in 9-52 navigating in 9-18 summary view, understanding 9-53 interpreting 9-54 summary views, understanding unconnected device information, interpreting 9-54 understanding 9-17 using 9-23 view layouts
Index IN-5 User Guide for Campus Manager 5.2 OL-18011-01 changing 9-26 upgrading 9-55 N-Hop view portlet 9-56 O Other Admin settings, using 5-44 overviews of Campus Manager 1-1 applications 1-1 DEE (Data Extraction Engine) 13-1 P Package Support Updater integration, understanding 4-6 Path Analysis about 1-1 starting 5-59 PGS integration, understanding 4-5 physical discrepancy reports 8-2 ping sweep options, modifying 7-21 PoE devices 9-43 port attributes, displaying 9-70 aggregate link attributes, displaying 9-62 aggregate link attributes, interpreting 9-63 interpreting 9-70 prerequisites to using Campus Manager 3-2 protocol filtering, monitoring by port 9-80 filter information, displaying 9-81 understanding filtering 9-80 PVLAN (private VLAN) creating about 10-20 primary 10-21 promiscuous ports, configuring 10-23 secondary 10-22 secondary, associating ports with 10-22 deleting 10-24 types 10-18 promiscuous ports 10-19 PVLAN host ports 10-19 PVLAN trunk ports 10-19 understanding 10-18 using 10-19 R Recommended 8-34 reports Administration, using 5-41 ANI data collection metrics, displaying 5-41 ANI Server, analyzing 5-41 discovered device details, displaying 5-41 supported deviceslist, displaying 5-43 Campus Manager 9-79 discrepancy reporting 8-1 physical discrepancies 8-2 understanding 8-1 Time Domain Reflectometer (TDR) reports 9-63 running from Campus Manager 9-64 understanding 9-63 using 9-64 user tracking custom layouts 7-78 custom reports 7-76 disconnected end hosts 7-56 duplicate MAC in end hosts report 7-56 duplicate reports 7-52 end hosts reports 7-55 exporting 7-48 history reports, understanding 7-72 printing 7-48 printing end hosts reports 7-57 quick reports 7-46 switch port usage reports, exporting 7-89 switch port usage reports, understanding 7-66 understanding 7-44
Index IN-6 User Guide for Campus Manager 5.2 OL-18011-01 RME server credentials, setting 5-46 Route Distinguisher 14-16 S security advantages of VLANs in 10-3 issues in Campus Manager 5-59 Select Devices for Edge VLAN Configuration 14-47 SNMP MAC notification listener 7-33 SNMP trap listener, configuring 7-33 SNMP traps on ports, enabling 7-30 Trap listener, configuring 7-33 starting Campus Manager applications 5-59 CiscoView from VLAN Port Assignment 9-72 Telnet 9-73 Topology Services 9-3 STP (Spanning Tree Protocol) 11-1 configuring on a network 11-13 MISTP devices 11-32 MISTP instances 11-37 MISTP ports 11-21 MISTP trunks 11-42 MST devices 11-28 MST instances 11-36 MST ports 11-17 MST trunks 11-40 PVST devices 11-25 PVST ports 11-13 PVST trunks 11-38 filters in Switch Cloud View, displaying 11-45 Cisco MISTP instances 11-46 IEEE 802.1s instances 11-46 STP loop inconsistencies 11-44 STP PVID inconsistencies 11-45 STP root inconsistencies 11-45 STP type inconsistencies 11-45 VLANs in switch clouds 11-47 Instance Reduction Recommendation report interpreting 11-8 preparing 11-7 MISTP (multiple instance STP), about 11-3 MST (multiple STP), about 11-2 Number of Instances Recommendation report interpreting 11-6 preparing 11-6 Optimal Root Recommendation report interpreting 11-5 preparing 11-4 PVST (per VLAN STP), about 11-2 reports 11-3 Instance Reduction Recommendation 11-7 Number of Instances Recommendation 11-6 Optimal Root Recommendation 11-4 STP Visualizer interpreting 11-12 notes 11-12 preparing 11-10 topology filters 11-44 understanding 11-1 MST (multiple STP) 11-2 PVST (per VLAN STP) 11-2 VLAN to Instance Mapping Recommendation report interpreting 11-9 preparing 11-8 Switch Cloud View, and spanning tree filters 11-45 Cisco MISTP instances 11-46 IEEE 802.1s instances, displaying 11-46 STP loop inconsistencies, displaying 11-44 STP PVID inconsistencies, displaying 11-45 STP root inconsistencies, displaying 11-45 STP type inconsistencies, displaying 11-45 VLANs in switch clouds, displaying 11-47
Index IN-7 User Guide for Campus Manager 5.2 OL-18011-01 T TDR (Time Domain Reflectometer) reports 9-63 running from Campus Manager 9-64 understanding 9-63 using 9-64 Telnet, starting 9-73 Topology 14-61 Using Topology in VNM 14-61 Cross-launching CiscoWorks Application from Topology 14-62 topology groups hierarchical maps 9-83 displaying 9-84 understanding 9-83 system-defined groups creating, based on subnet 5-30 user-defined groups 5-29 Topology Services 9-1 about 1-1 ANI discovery metrics, displaying 9-81 application servers, working with 9-76 Campus Manager reports 9-79 command reference 9-85 main window commands 9-85 network topology view commands 9-87 connecting to a device from a client 9-20 devices, working with 9-67 device attributes, interpreting 9-69 device labels, clearing 9-68 device labels, displaying 9-68 device tooltips, working with 9-68, 9-69 device service modules, displaying 9-77 link attributes displaying 9-61 interpreting 9-62 links, working with 9-61 link tooltips, interpreting 9-61 main window colors in 9-5 Find, using in 9-17 icons in 9-5 legend 9-5 navigating in 9-14 understanding 9-12 management addresses, setting preferred 9-71 MLS devices, working with 9-74 MLS reports, displaying 9-75 MLS reports, interpreting 9-75 network topology views customizing 9-25 displaying 9-22 exporting to Visio 9-60 Find, using in 9-52 layouts, changing 9-26 navigating in 9-18 summary views, understanding 9-53 understanding 9-17 using 9-23 port attributes, displaying 9-70 aggregate link attributes interpreting 9-63 aggregate link attributes, displaying 9-62 interpreting 9-70 protocol filtering, monitoring by port 9-80 filter information, displaying 9-81 understanding filtering 9-80 protocols supported in spanning tree 11-1 starting 5-59, 9-3 Time Domain Reflectometer (TDR) reports 9-63 running from Campus Manager 9-64 understanding 9-63 using 9-64 toplogy groups 9-82 access controls 5-34 group properties, creating 5-35 group rule, creating 5-36 hierarchical maps 9-83
Index IN-8 User Guide for Campus Manager 5.2 OL-18011-01 memberships, creating 5-38 rule example 5-32 rules editor 5-30 topology groups membership updates 5-39 understanding 9-82 understanding 9-2 Troubleshooting 14-76 Ping or Traceroute 14-76 Show Commands 14-79 troubleshooting User Tracking 15-1 outdated entries in User Tracking table 15-6 trunking 10-35 characteristics of trunks 10-36 considerations in 10-35 DTP (Dynamic Trunking Protocol) 10-35 encapsulation types 10-37 trunk encapsulation 10-36 trunk ports end host discovery on trunk ports 7-23 typographical conventions in this document i-xxiii U user and host acquisition administration delete interval, modifying 7-23 domain name display, specifying 7-25 end host user information, importing 7-26 ping sweep options, modifying 7-21 purge policy, specifying 7-25 schedule, modifying 7-20 subnet discovery, configuring 7-22 User Tracking 7-1 (see also User Tracking Utility) 7-99 acquisition schedule, modifying 7-20 acquisition settings, modifying 7-9 archived reports 7-81 deleting 7-84 list of, displaying 7-81 using 7-81 command-line interface 7-86 custom layouts 7-79 copying 7-80 creating 7-79 deleting 7-81 editing 7-80 list of, displaying 7-79 using 7-79 custom reports 7-76 copying 7-78 creating 7-76 deleting 7-78 editing 7-78 list of, displaying 7-76 using 7-76 data migration 7-44 debugging options 7-38 DHCP snooping 7-28 Dynamic updates 7-26 Dynamic User Tracking 7-26 FAQs error logging 15-8 length of time data is maintained 15-8 non-CDP devices 15-8 IP Phones report, displaying 7-61 jobs, deleting 7-51 jobs, stopping 7-51 MACUHIC 7-28 Major Acquisition 7-4 Minor Acquisition 7-4 network and ANI Server dependencies 7-5 properties from the backend, configuring 7-15 properties that support duplicate MAC address 7-13 Report Generator, using 7-51 reports about 7-45 archived reports, using 7-81
Index IN-9 User Guide for Campus Manager 5.2 OL-18011-01 custom layouts, using 7-79 custom reports, using 7-76 Duplicates report, displaying 7-52 End Hosts report, displaying 7-55 IP Phones report, displaying 7-61 job details, displaying 7-50 job lists, displaying 7-49 jobs, deleting 7-51 jobs, stopping 7-51 quick reports, displaying 7-46 Report Generator, using 7-51 understanding 7-44 starting 5-59 User Tracking Debugger Utility 7-108 understanding 7-108 using 7-108 using 7-2 UT data, accessing 7-3 UT data, importing 7-91 UT in DHCP environment 7-12 various acquisitions 7-4 User Tracking Utility 7-99 accessing 7-102 configuring 7-103 downloading 7-100 installing 7-101 hardware requirements 7-100 reinstalling 7-107 software requirements 7-100 uninstalling 7-106 UTLite script, installing 7-97 UTLite script, uninstalling 7-98 key terms in 7-100 understanding 7-99 using pattern use in searching 7-106 user or host, searching for 7-103 Using VNM Home Page 14-9 Create VRF 14-13 Delete VRF 14-13 Edge VLAN Configuration 14-13 Edit VRF 14-13 Extend VRF 14-13 Recently Completed J obs 14-11 Show Details 14-13 VNM Tasks 14-13 VRF Collection Status 14-10 VRF List 14-12 VRF Readiness Information 14-11 UTLite, understanding 7-93 V Virtual Network Manager 14-1 Virtual Network Manager Features 14-3 Administration 14-4 Reports 14-3 Topology 14-3 Troubleshooting 14-4 VRF Configuration 14-3 Visio Cisco Visio stencil file, downloading 9-60 exporting network topology views to 9-60 VLAN and VTP management 10-1 (see also VLANs) 10-2 EtherChannel 10-41 configuring 10-41 understanding 10-41 using 10-41 inter-VLAN routing configuring 10-25 understanding 10-25 using 10-25 protocols supported 9-91 IEEE 802.1Q 9-92 ISL (Inter-Switch Link) 9-91 PVLAN (private VLAN) creating 10-20
Index IN-10 User Guide for Campus Manager 5.2 OL-18011-01 deleting 10-24 types 10-18 understanding 10-18 using 10-19 reports 10-16 trunking 10-35 characteristics of trunks 10-36 considerations in 10-35 DTP (Dynamic Trunking Protocol) 10-35 encapsulation types 10-37 trunk encapsulation 10-36 VLAN Port Assignment (see VLAN Port Assignment) 10-42 VTP (see VTP) 10-28 VLAN Port Assignment 10-42 about 1-1 CiscoView, starting 9-72 starting 5-59, 10-43 Telnet, starting 9-73 topology views, displaying device attributes, displaying 10-48 port attributes, displaying 10-46 topology views and attribute summaries, displaying 10-46 trunk attributes configuring 10-45 displaying 10-49 interpreting 10-49 understanding 10-43 using 10-44 VLANs about 10-2 advantages of 10-2 in adds, moves, and changes 10-2 in broadcast activity 10-2 in security 10-3 components of 10-3 types supported by Campus Manager 10-4 Ethernet VLANs 10-15 VNM Administration, using SNMP settings, modifying 14-57 VTP (VLAN trunking protocol) 10-28 domain components 10-30 domains, about 10-29 using 10-32 reports, displaying 10-33 views, using 10-34 version 3 10-30 W whats new in this release 2-1