Booches.nl

Fully Automated Nagios

A colleague noticed the new developments regarding Nagios. Nagios is an Open Source host, service and network monitoring program. I always had my doubts about Nagios, especially about the manageability of the application.

The installation and configuration of Nagios can be very time consuming. And a lot of customers are “afraid” of using Nagios, because of the manageability. The new developments regarding Nagios could help lessen the burden of installation and manageability. FAN (Fully Automated Nagios) developted an ISO image to easily install Nagios from CD.

FAN stands for “Fully Automated Nagios”. FAN goals are to provide a Nagios installation including most tools provided by the Nagios Community. FAN provides a CDRom image in the standard ISO format, making it easy to easilly install a Nagios server. Added to this, a wide bunch of tools are including to the distribution, in order to improve the user experience around Nagios. Source

I guess I will try the distribution and compare the ISO file with the CactiEZ ISO, which I often use to implement monitoring for switching and routing components.

In my opinion FAN could be the good step to close “my personal” gap between CactiEZ and Nagios.

Cisco.com Searches and Tools

Cisco published some tool and search plugins to your Internet Explorer 7 and Firefox 2/Firefox 3 browser. This makes it possible to quickly search the Cisco.com website for a particular question or item.

Check the following website for more information:

http://www.cisco.com/web/tsweb/searchplugins/plugin_homepage.html#

Cisco IOS Flexible NetFlow

Browsing through the Cisco White Papers I stumbled on a new white paper about Flexible NetFlow. According to the white paper, Flexible NetFlow provides enhanced optimization of the network infrastructure, reduces costs, and improves capacity planning and security detection beyond other flow based technologies available today.

Key Advantages to using Flexible NetFlow:

• Flexibility, scalability, aggregation of flow data beyond traditional NetFlow
• The ability to monitor a wider range of packet information producing new information about network behavior
• Enhanced network anomaly and security detection
• User configurable flow information to perform customized traffic identification and the ability to focus and monitor specific network behavior
• Convergence of multiple accounting technologies into one accounting mechanism

The complete white paper can be found here: Cisco IOS Flexible NetFlow Technology White Paper.

Configuration Mode Locking

While browsing some networking related blogs, so stumbled on a nice new feature in Cisco IOS on 6200networks.com. The feature prevents multiple users from changing the configuration of a network component simultaneous. This feature, configuration mode locking, is available in two different modes:

1. Automatic – the session is locked, when you log in to the component;
2. Manual - you can decide when to lock the configuration session;

Looking at the IOS commands, configuring configuration locked is very simple. Let’s check out the available options:

SW01#conf t

SW01(config)#configuration mode exclusive [auto | manual]

When using the keyword auto the session is automatically locked as soon as you log in to the specific network component. When using the keyword manual, you can decide when to lock the session. The lock the session manually, you use the following command:

SW01#configure terminal lock

SW01#

Configuration mode locked exclusively. The lock will be cleared once you exit out of configuration mode using end/exit

The status of configuration locking can be viewed with the command:

SW01#show configuration lock

Parser Configure Lock
———————
Owner PID        : 261
User             : booches
TTY              : 1
Type             : EXCLUSIVE
State            : LOCKED
Class            : EXPOSED
Count            : 1
Pending Requests : 0
User debug info  : configure terminal lock

This feature is very useful in environments where multiple system engineers could log in and configure the same network component.

Another Ictivity Connectivity blog

Another Ictivity Connectivity Consultant started a blog on the internet. Peter Bazelmans, a very experienced Connectivity Consultant started the blog PBSPlaza – Building things with IP… Check out some outtakes from this blog:

The nice thing working with Cisco is that you always hear about features from which you never heard before. This is also true for the following feature. When you do a show run on – for instance – a Cisco router, you can press / to quickly find parts of the config. This is nice when you have very large configs. [...] Source

Recently, I want to sniff a packet stream which was inline with an ASA firewall. Normally I would think on a external sniffer such as ethereal, put it on a mirror port of the firewall port, an sniff the packets. But I found that I can do the same with the capture command in the ASA. Let’s take a quick look how the capture command works and what it is. [...] Source