Chapter 38 - Device Management Protocols Flashcards
What command(s) are used to enable logging for users logged in via a terminal emulator (Telnet, SSH)?
‘logging monitor’
‘terminal monitor’ (by the user when logged in each session)
What methods are there of viewing log messages?
- They can appear on the Console Lines:
- Log messages will be displayed in the CLI when connected via the console port.
- This is enabled using the ‘logging console’ command. - They can appear on the VTY Lines:
- Log messages will be displayed in the CLI when connected via Telnet/SSH.
- Disabled by default.
- This is enabled using the ‘logging monitor’ command.
- The users will then need to use ‘terminal monitor’ once they have logged in. - They can be stored in RAM:
- This is enabled using the ‘logging buffered’ command.
- A user can then use the ‘show logging’ command to view the stored messages. - They can be stored on a syslog server:
- This is configured using the ‘logging host <ip>' command.
- Syslog uses UDP 514.
- This can then be inspected in the remote syslog server.</ip>
What command(s) can you use to enable timestamps for IOS logging messages?
‘service timestamps’ from global config
What command(s) can you use to enable sequence numbers for IOS logging messages?
‘service sequence-numbers’ from global config
What are the different keywords and numbers that Cisco IOS uses to identify log message severity levels?
- 0 - Emergency - System Unusable (Severe)
- 1 - Alert - Immediate Action Required (Severe)
- 2 - Critical - Critical Event (Highest of 3) (Impactful)
- 3 - Error - Error Event (Middle of 3) (Impactful)
- 4 - Warning - Warning Event (Lowest of 3) (Impactful)
- 5 - Notification/Notice - Normal, More Important (Normal)
- 6 - Informational - Normal, Less Important (Normal)
- 7 - Debug - Requested by User (Debug)
What command(s) are used to enable different levels of logging on different services?
- Console - ‘logging console <level-name>'</level-name>
- Monitor (SSH/Telnet) - ‘logging monitor <level-name>'</level-name>
- Buffered (Store locally) - ‘logging buffered <level-name>'</level-name>
- Syslog (Store remotely) - ‘logging trap <level-name>' to config level
‘logging host <ip>’ to config syslog server</ip></level-name>
What command can you use to clear Buffered log messages?
‘clear logging’
What does the ‘debug’ command do?
Enables Debug (severity level 7) messages to be sent for specific events (e.g. ‘debug ip ospf hello’ will display all hello messages sent and received on OSPF enabled interfaces)
What command can you use to display current CPU load on an IOS device?
‘show process cpu’
- Useful when enabling debug level logging as it can have an impact on CPU depending on what it is being enabled for
What is NTP?
- Network Time Protocol
- Gives network devices a sense of time and date and allows networks to sync their clocks so they all have the correct times and dates when compared to each other
- Important for things such as logging to ensure the time on log entries is correct.
Best practice before enabling a device to contact an NTP server
- Set the time, date, timezone, and daylight savings status to as close to the current time as possible. This will make it easier for the device to synchronise to the NTP server.
- Set the timezone and daylight savings status before setting the time and date.
What command(s) do you use to set the timezone and daylight savings status for an IOS device?
- Timezone - ‘clock timezone <timezone (e.g. BST)> <how many hours compared to UTC (e.g. -5)>’
- The timezone parameter can be any value. It is best to set this to the name of the timezone the device is
in.
- The parameter after this defines how many hours behind Universal Coordinated Time the device is. - Daylight savings - ‘clock summer-time <timezone> <recurring>'
- The timezone parameter can be any value. It is best to set this to the name of the daylight savings
timezone the device is in.
- The 'recurring' parameter tells the device to go forward/backward by an hour over the coming years
when the timezones change from/to daylight savings.
- At the end of the command, you can also add when daylight savings time begins and ends in your
timezone. '<week> <day> <month> <time>'. The end parameters are entered in the same order after the start parameters.</time></month></day></week></recurring></timezone>
What command(s) do you use to manually set the time/date of an IOS device?
‘clock set <time (hh:mm:ss)> <date (Day Month Year)>’ - Software clock
‘calendar set <time (hh:mm:ss)> <date (Day Month Year)>’ - hardware clock
What command(s) do you use to make a device an ntp server only (NTP Server mode)?
- ‘ntp master <stratum>'</stratum>
- Causes the device to only act as a server
- Hands out the time based on the device’s own internal clock
What command(s) do you use to make a device an ntp client?
- ‘ntp server <address or hostname>’
- Causes the device to act as a client and a server
- Will first act as a client to synchronise with a reference clock.
- Once synchronised, will then act as a server to hand out the time to other clients.
When using the ‘ntp associations’ command, what part of the output determines what NTP server the device is currently synchronised with?
An ‘*’ before the association
What is the Stratum level of a NTP server?
- How accurate the NTP source is believed to be.
- The lower the number, the more accurate the NTP source.
- It starts at 0 and increases by 1 on the local device for each NTP server hop away from the reference clock the local device is.
- For example, R1 (server with stratum 0), connects to R2 (client), which connects to R3 (client). The
stratum on R3 for reference clock R1 will be 2 if R3 uses R2 as its server. If R3 just decides to use R1 then
it will be stratum 1.
What stratum level do Cisco routers and switches use for their internal clock by default?
- 8
- This is the reference clock for a router when the ‘ntp master’ command is used.
- In ‘ntp associations’ it will show as 7
What is the range of stratum levels for Cisco routers and switches?
1-15
What would happen if a client device calculated an NTP source’s stratum to be 16?
The client would consider this time data to be unusable and would not trust it.
What information does the ‘show ntp associations’ command display?
- Address - Address of an NTP server
- Ref Clock - Reference clock of an NTP server
- St - Stratum of an NTP server to its reference clock
What is an NTP Primary Server and Secondary Server?
- NTP Primary Server is a device that gets its time directly from a reference clock.
- NTP Secondary Server is a device that acts as an NTP Client and Server and gets its time from other NTP servers. This is configured using the ‘ntp server’ command.
What is a useful way of configuring NTP redundancy?
- Use the ‘ntp server’ command to associate with an external reference clock (e.g. an atomic clock)
- Use the ‘ntp master’ command to allow the devices’ internal clock to be used as a reference clock with a higher stratum level than that of the external reference clock.
What command can you use to force a device to send NTP client messages from a specific IP?
‘ntp source <interface>'</interface>
