Network Assurance Flashcards
Netflow, SPAN, SNMP, IP SLA, DNA Center, etc.
What is SNMP?
Simple Network Management Protocol
What are the key differences of SNMPv3 over v1 and v2?
- User authentication
- Username hashing (MD5 and SHA)
- Encryption
What are the key elements that need to be configured on a Cisco device to send SNMP data to a client?
- SNMP host/client
- Access Lists to restrict SNMP
- Read Only Community String
- Read Write Community String
- SNMP location
- SNMP contact
What is the command to send SNMP to a client or host?
R1(config)# snmp-server community {string} {ro | rw} {access-list-id}
What is an SNMP trap?
An alert that can be sent via SNMP in response to a network event
What is the command to enable SNMP traps on a Cisco device?
R1(config)# snmp-server enable traps [type]
There are a lot of SNMP trap types that can be enables. Not specifying a trap type will enable all SNMP traps which may not be desirable.
What are the 8 levels of Syslog Severity Messages?
7 - Debug
6 - Informational
5 -Notifications
4 - Warning
3 - Errors
2 - Critical
1 - Alerts
0 -Emergency
What command is used to send log messages to the local device’s buffer?
R1(config)# logging buffer {buffer-size-in-bytes} {severity-level}
NOTE: The severity level can be numbered or the word. Log events up to the configured level will be logged.
What command is used to verify logging on a Cisco device?
R1# show logging
What port is used by Syslog to send logging information to a remote Syslog collector?
UDP 514
What command is used on a Cisco device to send Syslog to a remote host?
R1(config)# logging host {ip-address}
What is the port used by the Netflow protocol?
Netflow is UDP but it does NOT have an assigned port number. Each flow sensor will use a unique port number as designated by an admin.
What are the three pieces you need to configure to create flexible netflow on a router?
Flow Record
Flow Export
Flow Monitor
What two things do you need to do to configure a flow record?
1.) Use the “match” command to define the flow criteria
2.) Use the “collect” command to define what data you want to gather from the flow
What two things do you need to do to configure a flow exporter?
1.) The destination collector server, using the destination command
2.) The port number for the flow sensor using the transport udp {port} command
What two things do you need to configure a flow monitor?
1.) the flow record to be used with the record NAME command
2.) the flow exporter to be used with the exporter NAME command
What are the commands to enable basic netflow for interface Gi0/0 on a router for the destination of 10.1.0.111 using the port 9998? (8 Commands)
R1(config)# int gi0/0
R1(config-if)# ip flow ingress
R1(config-if)# ip flow egress
R1(config)# ip flow-top-talkers
R1(config-flow-top-talkers)# top 5
R1(config-flow-top-talkers)# sort-by bytes
R1(config)# ip flow-export version 9
R1(config)# ip flow-export destination 10.1.0.111 9998
Using IOS commands, configure a flexible netflow that uses source ipv4 address to collect ipv4 source, destination, and protocol information and apply it to interface gi0/0
R1(config)# flow record FLOW_REC_1
R1(config-flow-record)# description basic netflow information
R1(config-flow-record)# match ipv4 source address
R1(config-flow-record)# collect ipv4 source address
R1(config-flow-record)# collect ipv4 protocol
R1(config-flow-record)# collect ipv4 destination address
R1(config)# flow exporter FLOW_EXP_1
R1(config-flow-exporter)# description flows exported to my PRTG server A
R1(config-flow-exporter)# destination {collector_ip}
R1(config-flow-exporter)# transport udp {collector_port}
R1(config)# flow monitor FLOW_MON_1
R1(config-flow-monitor)# exporter FLOW_EXP_1
R1(config-flow-monitor)# record FLOW_REC_1
R1(config)# int gi0/0
R1(config-if) ip flow monitor FLOW_MON_1 input
What show commands would you use to verify flexible netflow on a Cisco device?
show flow recorder
show flow exporter
show flow monitor
When using the show commands to verify netflow, how are the source and destination port numbers displayed?
In hexadecimal format (instead of decimal)
What command(s) could you use to verify the netflow is working?
show ip cache flow
show ip flow top-talkers
NOTE: Netflow data on a router expires quickly so these commands are really only good to troubleshoot if netflow is working.
What are the basic commands to configure IP SLA with an icmp probe that runs every 10 seconds (4 commands)?
Router(config)# ip sla {probe-id}
Router(config-ip-sla)# icmp-echo {dest-ip-address} source-interface {interface-id}
Router(config-ip-sla-echo)# frequency 10
Router(config)# ip sla {probe-id} life forever start-time now
What are the basic commands to configure IP SLA with an http probe that runs every 1 minute (4 commands)?
Router(config)# ip sla {probe-id}
Router(config-ip-sla)# http get {URL}
Router(config-ip-sla-echo)# frequency 60
Router(config)# ip sla {probe-id} life forever start-time now
What commands would you use to create an IP SLA track object and use it to influence a static route?
Router(config)# track {id} ip sla {probe-id}
Router(config)# ip route {ip-address} {subnet-mask} {next-hop} track {track-id}