Converged Network Analyzer Fundamentals Guide

Converged Network Analyzer
Fundamentals Guide
Software Version 3.1
14-601298
Issue 1
June 2006
Copyright 2006, Avaya Inc.
All Rights Reserved
This document contains information related to CNA software (as defined
below) and Documentation (“Product”). “Documentation” means this
document and Avaya’s information manuals in printed or electronic form
containing operating instructions and performance specifications that
Avaya or its suppliers generally make available to users of its products,
and which Avaya delivers to End User with the Products. “End User”
means any customer of Avaya or its authorized resellers, or any end user
of the Product. See the Software and Documentation DVD/CD inserts for
additional legal and licensing information.
Notice
Changes and corrections to the information in this document may be
incorporated in future releases.
Disclaimer
Avaya, its affiliates or subsidiaries (“Avaya”) are not responsible for any
modifications, additions or deletions to the original published version of
the Documentation unless such modifications, additions or deletions
were performed by Avaya. End User agrees to indemnify and hold
harmless Avaya, Avaya's agents, servants, directors, officers, and
employees against all claims, lawsuits, demands and judgments arising
out of, or in connection with, subsequent modifications, additions or
deletions to the Documentation to the extent made by the End User.
Warranty
Avaya provides a limited warranty on the Product. Refer to your customer
sales agreement to establish the terms of the limited warranty. In
addition, Avaya’s standard warranty language as well as information
regarding support for the Product, while under warranty, is available
through the following web site: http://www.avaya.com/support.
License
USE OR INSTALLATION OF THE PRODUCT INDICATES THE END
USER’S ACCEPTANCE OF THE GENERAL LICENSE TERMS
AVAILABLE ON THE AVAYA WEBSITE AT: http://www.avaya.com/
support (“GENERAL LICENSE TERMS”). DO NOT USE THE PRODUCT
IF YOU DO NOT WISH TO BE BOUND BY THE GENERAL LICENSE
TERMS. IN ADDITION TO THE GENERAL LICENSE TERMS, THE
FOLLOWING LICENSE TERMS AND RESTRICTIONS WILL APPLY TO
THE PRODUCT.
Avaya grants End User a license within the scope of the license types
described below. The applicable number of licenses and units of capacity
for which the license is granted will be one (1), unless a different number
of licenses or units of capacity is specified in the Documentation or other
materials available to End User. “Designated Processor” means a single
stand-alone computing device. “Server” means a Designated Processor
that hosts a software application to be accessed by multiple users.
“Software” means the computer programs in object code, originally
licensed by Avaya and ultimately utilized by End User, whether as
stand-alone products or pre-installed on Hardware. “Hardware” means
the standard hardware products, originally sold by Avaya and ultimately
utilized by End User.
If your system is running in a TDM environment, the following license
restriction applies:
Designated System(s) License (DS). End User may install and use
each copy of the Software on only one Designated Processor, unless a
different number of Designated Processors is indicated in the
Documentation or other materials available to End User. Avaya may
require the Designated Processor(s) to be identified by type, serial
number, feature key, location or other specific designation, or to be
provided by End User to Avaya through electronic means established by
Avaya specifically for this purpose.
If your system is running in an IP environment, the following license
restriction applies:
Concurrent User License (CU). End User may install and use the
Software on multiple Designated Processors or one or more Servers, so
long as only the licensed number of Units are accessing and using the
Software at any given time. A “Unit” means the unit on which Avaya, at its
sole discretion, bases the pricing of its licenses and can be, without
limitation, an agent, port or user, an e-mail or voice mail account in the
name of a person or corporate function (e.g., webmaster or helpdesk), or
a directory entry in the administrative database utilized by the Product
that permits one user to interface with the Software. Units may be linked
to a specific, identified Server.
For all systems, the following license restriction applies:
Shrinkwrap License (SR). With respect to Software that contains
elements provided by third party suppliers, End User may install and use
the Software in accordance with the terms and conditions of the
“shrinkwrap” or “clickwrap” license accompanying the Software
(“Shrinkwrap License”). The text of the Shrinkwrap License will be
available from Avaya upon End User’s request (see “Copyright” below for
more information).
Copyright
Except where expressly stated otherwise, the Product is protected by
copyright and other laws respecting proprietary rights. Unauthorized
reproduction, transfer, and or use can be a criminal, as well as a civil,
offense under the applicable law.
Certain Software programs or portions thereof included in the Product
may contain software distributed under third party agreements (“Third
Party Components”), which may contain terms that expand or limit rights
to use certain portions of the Product (“Third Party Terms”). Information
identifying Third Party Components and the Third Party Terms that apply
to them is available on Avaya’s web site at http://support.avaya.com/
ThirdPartyLicense/.
The disclaimers of warranties and limitations of liability set forth in the
Third Party Terms do not affect any express warranty or limitation of
liability that may be provided to you by Avaya pursuant to the license
terms covering the Product contained in a separate written agreement
between you and Avaya. To the extent there is a conflict between the
General License Terms or your customer sales agreement and any Third
Party Terms, the Third Party Terms shall prevail solely for such Third
Party Components.
Security and virus disclaimer
End User's decision to acquire products from third parties is End User's
sole responsibility, even if Avaya helps End User identify, evaluate or
select them. Avaya is not responsible for, and will not be liable for, the
quality or performance of such third party products or their suppliers.
ALL INFORMATION IS BELIEVED TO BE CORRECT AT THE TIME OF
PUBLICATION AND IS PROVIDED "AS IS". AVAYA DISCLAIMS ALL
WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE AND FURTHERMORE, AVAYA MAKES NO
REPRESENTATIONS OR WARRANTIES THAT THE STEPS
RECOMMENDED WILL ELIMINATE SECURITY OR VIRUS THREATS
TO END USER’ SYSTEMS. IN NO EVENT SHALL AVAYA BE LIABLE
FOR ANY DAMAGES WHATSOEVER ARISING OUT OF OR IN
CONNECTION WITH THE INFORMATION OR RECOMMENDED
ACTIONS PROVIDED HEREIN, INCLUDING DIRECT, INDIRECT,
CONSEQUENTIAL DAMAGES, LOSS OF BUSINESS PROFITS OR
SPECIAL DAMAGES, EVEN IF AVAYA HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
Avaya does not warrant that this Product is immune from or will prevent
unauthorized use of telecommunication services or facilities accessed
through or connected to it. Avaya is not responsible for any damages or
charges that result from either unauthorized uses or from incorrect
installations of the security patches that are made available from time to
time.
Suspected security vulnerabilities with Avaya products should be
reported to Avaya by sending mail to securityalerts@avaya.com.
Trademarks
All trademarks identified by ® and TM are registered trademarks or
trademarks of Avaya Inc. All other trademarks are the property of their
respective owners.
Contents
Chapter 1: Overview of Avaya CNA . . . . . . . . . . . . . . . . . . . .
5
Chapter contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
5
Intended audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
5
CNA documentation library . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6
Typographic Conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
About CNA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
9
System requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Web traffic optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
VPN optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
9
10
10
Supported browsers and operating systems . . . . . . . . . . . . . . . . . . . .
11
Licensing the CNA server . . . . . .
About licensing the CNA server
Contents of license file . . . . .
Requesting a license file . . . .
Installing the license file . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
11
11
12
13
14
Network Integration . . . . . .
Outside the Firewall . . . .
Inside the Firewall . . . . .
Across the Firewall . . . .
Configuration Sequence .
Traffic Measurement Data .
Asserting Routes . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
15
17
17
18
19
21
22
Chapter 2: Configuration Fundamentals . . . . . . . . . . . . . . . . . .
23
Chapter Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
23
Configuration Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
CNA API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
23
24
Current Path Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
24
User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
25
Password Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
25
Data Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Backing Up Reports, Trend Data and Saved Configs . . . . . . . . . . . . . .
27
27
Email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
30
Privacy Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
31
Character Set. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
31
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Issue 1 June 2006
3
Contents
Chapter 3: Configuring a New CNA Server Device . . . . . . . . . . . .
33
Configuring Virtual Module Interfaces . . . . . . . . . . . . . . . . . . . . . . . .
Configuration Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
33
33
Service Provider Access Links . . .
Naming Service Provider Links .
Link AS Numbers, IP Addresses
BGP on the Engine Module . . .
Assigning USTATs to Providers
.
.
.
.
.
36
36
36
37
40
Chapter 4: The CNA Web interface . . . . . . . . . . . . . . . . . . . . .
45
Chapter contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
45
About the Web interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
45
Opening the interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
45
Java version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Installing the JRE and the Java plug-in . . . . . . . . . . . . . . . . . . . . .
Java Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
46
46
47
Logging in . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Maximum user sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
48
49
The CNA control panel . . . . . . . . . . . .
The CNA information panel . . . . . . . .
The real-time graphs panel . . . . . . . .
Quick Links. . . . . . . . . . . . . . . . .
Time stamps . . . . . . . . . . . . . . . .
Show commands and Visual Traceroute .
Menu bar . . . . . . . . . . . . . . . . . .
Changing the display colors . . . . . . .
.
.
.
.
.
.
.
.
49
50
51
55
70
70
72
77
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
79
Index
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
4 CNA Fundamentals Guide, Software Version 3.1
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Chapter 1: Overview of Avaya CNA
Chapter contents
●
Intended audience
●
CNA documentation library
●
Typographic Conventions
●
About CNA
●
System requirements
●
Supported browsers and operating systems
●
Licensing the CNA server
●
Network Integration
Intended audience
This document is intended for use by IP network administrators. You should have a detailed
knowledge of how IP networks work, including an in-depth familiarity with the Border Gateway
Protocol (BGP).
Issue 1 June 2006
5
Overview of Avaya CNA
CNA documentation library
You can download the following documents at http://support.avaya.com:
Table 1: CNA documentation library
Document Title
Document No.
CNA Fundamentals Guide
14-601298
Content
●
●
●
Product overview
Configuration fundamentals
Configuring a new CNA server
CNA Basic Monitoring Guide
14-601299
Current path monitoring
● Collecting endpoint addresses
● Security
● Server-based measurement
● Agent-based measurement
● Decision policies and application
models
CNA Advanced Monitoring
Guide
14-601300
Multi-path monitoring
● Configuring your routers
● Polling routers
● VPN integration
CNA Adaptive Path
Controller Guide
14-601303
●
●
●
CNA Reporting Guide
14-601304
●
●
●
CNA Appendices Guide
14-601329
●
●
●
●
●
CNA Command Reference
Guide
14-300540
Adaptive path control
High availability
WAN cost and load optimization
Web interface
Server-based measurement
reports
Agent-based measurement
reports
CNA’s diagnostic tools
Supported MIBs
Upgrade procedure
Migrating configuration files
between hardware models
CNA’s API
Describes all CLI commands for the
CNA server.
1 of 2
6 CNA Fundamentals Guide, Software Version 3.1
Typographic Conventions
Table 1: CNA documentation library (continued)
Document Title
Document No.
CNA Installation Guide
14-300539
Content
●
●
●
CNA Release Notes
●
●
●
●
Hardware specifications
Installing a CNA server
Installing a CNA Agent Device
New features
Supported hardware platforms,
browsers, and operating
systems
Resolved issues
Known issues
2 of 2
To set up user accounts for the web site’s Support area, call:
●
1 (877) 733-5511 in the United States
●
001 (978) 552-0444 outside of the United States
Or you can send an e-mail message to support@avaya.com.
Typographic Conventions
Table 2 shows the typographical conventions that are used in this book:
Table 2: Typographic conventions
Convention
Meaning
Courier
type
The Courier type face is used to denote one of the following:
bold
●
Text as displayed on a monitor
●
Command syntax examples.
Bold text denotes command keywords (words that must be entered
exactly as shown).
1 of 2
Issue 1 June 2006
7
Overview of Avaya CNA
Table 2: Typographic conventions (continued)
Convention
Meaning
italics
Italics can mean any of the following:
<>
●
filenames
●
book titles
●
command argument names and values
●
new terms not commonly understood
Words enclosed in angle brackets should be replaced by user-specific
data. In the following example, the words userid and password should
be replaced by actual user ID and password values:
Login: <userid>
Password: <password>
[]
Square brackets are used to denote command line arguments that are
optional.
{}
Curly braces enclose a range of choices for a required argument.
When used within square brackets, curly braces indicate that if you
choose to set the optional argument indicated by the square brackets,
then you must choose one of the choices enclosed in the curly
brackets.
In the example below, the curly brackets indicate that either in or out is
always required for the ip access-group command:
ip access-group <name> {in | out}
In the following example, the version argument is optional for the
snmp-serverhost command, but if it is set it must be either 1 or 2c:
snmp-serverhost <host-id> [traps | inform] [version
{1 | 2c}]
|
A vertical bar separates multiple choices among arguments.
In the following example, the vertical bar indicates that the first
argument of the clear prefix command can be either a prefix in
standard, dotted-decimal format (1.2.3.4/n) or the keyword all:
clear prefix {<prefix> | all} [routes-only]
The second argument—the keyword routes-only—is enclosed in
square brackets because it is optional.
2 of 2
8 CNA Fundamentals Guide, Software Version 3.1
About CNA
About CNA
The Avaya Converged Network Analyzer (CNA) system is a network optimization solution that
can be configured to do any or all of the following:
●
improve the Internet experience of your customers, by speeding the return of packets
being downloaded from your web servers
●
improve the Internet experience of your local network users, by optimizing the routes used
to deliver their requests to external web sites
●
improve the speed and reliability of your Internet VPN connections
●
optimize your cost of service, by distributing traffic load among your service providers
according to individual ISPs’ billing rates (see polling usage interval in the CNA
Command Reference Guide) and traffic thresholds
The CNA system bases its selection of service provider (SP) for a given prefix on its analysis of
measured traffic, not on statistical assumptions (load balancing) or the predefined rules of the
Border Gateway Protocol (BGP).
When a currently selected service provider link is observed to be experiencing significant delays
that degrade its ability to deliver packets to a specific prefix, the CNA system can—if you allow
it—update your network routing tables so that your routers will use a different service provider
for traffic to that prefix.
You can configure the CNA system to favor the lowest-cost or the least utilized service provider.
You can use the system in report only mode, in which traffic is measured and analyzed but
routes are not actually asserted to your edge routers.
System requirements
The CNA Web client requires Sun’s Java Plug-in 1.5. For information about installing the
plug-in, see Java version in Chapter 4: The CNA Web interface of the CNA Fundamentals
Guide.
Other requirements will vary depending on whether you will be using the CNA system to
optimize web or VPN traffic.
Issue 1 June 2006
9
Overview of Avaya CNA
Web traffic optimization
If you are using the CNA system to optimize your Web site traffic, your network should meet the
following requirements:
●
Multi-homed connectivity to the Internet (at least two service providers)
●
Full BGP feed from at least one of your service providers
●
DNS implementation that provides the following:
- address rotation (ability to round-robin destination addresses in reply to successive
requests)
- high availability, in which the DNS server conducts health checks and won’t return a
destination if the target server is not in operation (GSLB—global server load balancer—is
strongly recommended, though some form of direct-server return is a viable alternative.
For information on getting packets through firewalls, see Active Measurement VIPs in
Chapter 4: Server-Based Measurement of the CNA Basic Monitoring Guide. For
information on preventing health checks from skewing traffic measurements, see
Chapter 6: Decision Policies and Application Models in the CNA Basic Monitoring Guide.
●
If Network Address Translation (NAT, as defined in RFC 2663) is in place between the
CNA system and your service providers, you must ensure that remote-side responses to
CNA measurement-traffic packets arrive at the USTAT’s VIP with original, or natural,
addressing intact
●
Edge routers must support BGP4 (as defined in RFC 1771 and RFC 1657) and Policy
Based Routing (PBR)
VPN optimization
If you are using the CNA system to optimize VPN traffic, your network should meet the following
minimum requirements:
●
Multi-homed connectivity in at least one direction between your headquarters and remote
sites (either two Internet service providers, or one ISP and a private line, such as frame
relay)
●
Edge routers must support BGP4 (as defined in RFC 1771 and RFC 1657) and Policy
Based Routing (PBR) or equivalent.
10 CNA Fundamentals Guide, Software Version 3.1
Supported browsers and operating systems
Supported browsers and operating systems
Table 3 shows the browsers and operating systems on which the CNA Web interface has been
tested.
Table 3: Supported Browsers, Operating Systems
Operating System
Browsers
Microsoft Windows 2000
Internet Explorer 5.5, 6.0
Netscape 4.7, 6.2
Microsoft Windows XP
Internet Explorer 6.0
RedHat Linux
Netscape 4.7, 6.2
Licensing the CNA server
About licensing the CNA server
Capabilities of the CNA system are enabled by a license file that enables the appropriate
system capabilities according to the host ID of the server. The host ID is the MAC address of
port eth0 on the CNA server.
To obtain the license file for your server, contact your Avaya account team or your authorized
Avaya business partner so they can generate the license file for you. Once generated, the
license will be available for download or you can have the license sent to a specified email
address.
If your CNA deployment includes multiple CNA servers, install the license on one CNA server.
This license will serve as the master license for all CNA servers in your deployment. After
installing the license, you must then configure all other CNA servers to retrieve licensing
information from the server hosting the master license.
The license files are in xml format. Each base CNA license file includes the reporting mode,
Web application model feature, and a signature. The signature ends the license file and is
based on the MAC address of port eth0 on the CNA server.
The CNA Command Line Interface (CLI) will not accept any configuration statements that
exceed the capabilities defined in the license file.
Issue 1 June 2006
11
Overview of Avaya CNA
Contents of license file
The license file includes the following information:
●
Major software version release number
The major software version release number must be less than or equal to the software
version release number specified in the license file.
●
License check timeout period
The license check timeout period specifies the time between license renewal checks. The
default timeout period is 10 minutes.
●
Reporting mode and Web application model
Every CNA license includes full monitoring capability, called reporting mode, and the Web
application model. Application models designate how the CNA server handles application
measurement data and decision making. All trends and measurement reports and the Web
application model are included in the base CNA license.
The license file can also include the following information:
●
Route assert mode
Route assert mode, marketed as the Adaptive Path Controller license option, enables the
path optimization feature in CNA. Route asset mode complements the basic reporting
mode.
●
Application models
The application models each have internal parameters that you can adjust to customize a
model to suit the needs of your applications. In many cases, the application models
provided will not require any changes and may be used with the default values.
If you are using only TCP for your measurements, you must use the web application model.
The model you use will likely depend largely upon what is convenient for your network
infrastructure. For more information regarding application models, see Chapter 6: Decision
Policies and Application Models in the CNA Basic Monitoring Guide.
- Application model: voice
The voice application model is used to optimize voice traffic on your network. When
using the voice application model, you must use either the traceprobe and/or ICMP
measurement modes. If you are able to employ only TCP, then you should use the web
application model. The reason for this is because the voice model requires
measurements of the loss and jitter characteristics in your network to a higher degree of
precision than is possible with TCP.
- Application model: enterprise
The enterprise application model is used to optimize time-critical TCP transactions on
your network, such as transactional web, file transfer, and gaming. When using the
12 CNA Fundamentals Guide, Software Version 3.1
Licensing the CNA server
enterprise application model, you must use either the traceprobe or ICMP measurement
modes. If you are able to employ only TCP, then you should use the web application
model. The reason for this is because the enterprise model requires measurements of
the loss characteristics in your network to a higher degree of precision than is possible
with TCP.
- Application model: multimedia
The multimedia application model is used to optimize real-time applications on your
network. Examples include voice over IP, streaming audio, and video conferencing
applications. When using the multimedia application model, you must use either the
traceprobe or ICMP measurement modes. If you are able to employ only TCP, then you
should use the web application model. The reason for this is because the multimedia
model requires measurements of the loss and jitter characteristics in your network to a
higher degree of precision than is possible with TCP.
- Application model: streaming audio and video
The streaming audio and video application model is used to optimize streaming audio
and video applications on your network. When using the streaming application model,
you must use either the traceprobe or ICMP measurement modes. If you are able to
employ only TCP, then you should use the web application model. The reason for this is
because the streaming model requires measurements of the loss and jitter
characteristics in your network to a higher degree of precision than is possible with TCP.
●
Cost optimization
Cost optimization includes billing command configuration. This configuration is used to
generate daily trends and monthly reports.
Each of these CNA feature licenses defines the number of monitored endpoints that are
allowed. The server hosting the master license file tracks the cumulative number of monitored
endpoints.
The master license must have the correct features and enough total endpoints associated with
each feature to satisfy incoming requests from each CNA server. If the master license does not
have sufficient licenses available for a CNA server, its license requests are denied in entirety
(all features for all endpoints).
Requesting a license file
!
Important:
Important:
When upgrading your CNA servers to version 3.0.3, you must obtain a new
license file for your servers. Version 3.0.3 software will not work with a license file
from an earlier software version.
Issue 1 June 2006
13
Overview of Avaya CNA
To obtain the license file for your server or servers:
1. Retrieve the MAC address of the first Ethernet port (eth0) on the CNA server. Use the show
int detail command to retrieve this information.
Sample output is as follows. The MAC address of port eth0 is in bold text.
fe0
Note:
Link encap:Ethernet HWaddr 00:0D:60:0F:92:DC
Link: up
inet addr:148.147.3.49 Bcast:148.147.3.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:26821926 errors:0 dropped:0 overruns:0 frame:0
TX packets:29227292 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:4129356125 (3938.0 Mb) TX bytes:901200324 (859.4 Mb)
Interrupt:7 Memory:ed4f0000-ed500000
Speed: a-100MB/s Duplex: a-full
Note:
If your CNA system has multiple CNA servers, be sure to retrieve the eth0 MAC
address of the CNA server that you want to install the license on.
Once the license is installed, you cannot change the server hosting the master license
from one server to another. The license is associated with the MAC address of port
eth0 on one server and will not worked if installed on a different server.
2. Contact your Avaya account team or your authorized Avaya business partner so they can
generate the license file for you. When you request the license, you will be asked to provide
the The MAC address of port eth0.
3. Once generated, the license will be available for download or you can request that the
license be sent to a specified email address.
Installing the license file
!
Important:
Important:
When upgrading your CNA servers to version 3.0.3, you must obtain a new
license file for your servers. Version 3.0.3 software will not work with a license file
from an earlier software version.
Once you obtain the license file, you can install it on your CNA server. If your CNA deployment
includes multiple CNA servers, install the license on one CNA server. This license will serve as
the master license for all CNA servers in your deployment. After installing the license, you must
then configure all other CNA servers to retrieve licensing information from the server hosting the
master license.
Note:
Note:
You cannot change the server hosting the master license from one server to
another. The license is associated with the MAC address of port eth0 on one
server and will not worked if installed on a different server.
14 CNA Fundamentals Guide, Software Version 3.1
Network Integration
To install the license on the CNA server:
1. Copy the generated license file to your CNA system by using the restore license
<file-url> command.
Example:
restore license c7-a11-large.xml
Installing license file...
Installation complete.
#
When license installation is complete, the license is placed in the WebLM directory on the
CNA server. At startup, the CNA system communicates with the WebLM server application
to obtain the following information:
●
available features
●
number of monitored endpoints that are configured on the system for each feature
The number of monitored endpoints includes both the total number of active
measurement targets and CNA agents that are registered.
2. Configure each CNA server to retrieve the license file from the license server. Use the
license server ip-address <ip address>, where <ip address> is the IP
address of the CNA license server.
3. Verify that the license was properly installed by using the show license command.
The output displays the license file details including: the license mode, major software
version, feature tier, enabled feature models, and total number of monitored endpoints.
Each of these CNA feature licenses defines the number of monitored endpoints that are
allowed.
Network Integration
The CNA system needs three separate channels of communication through your network, one
for each of the following purposes:
●
management—network protocols (such as http, telnet, ssh, syslog, and snmp)
●
measurement—test/data stream traffic between remote prefixes and VIPs (virtual IP
addresses)
●
control—IBGP peering between engine services and the edge routers
See Figure 1.
Issue 1 June 2006
15
Overview of Avaya CNA
Figure 1: Conceptual layout
Eng
USTAT
USTAT
Mgmt
CNA
workstation/terminal
management
measurement
Internet
Remote
End Point
control
Edge Router
The management connectivity layer needs only as much access to your network as you want
to give it, based on an assessment of who you want to be able to use the CNA web and
command line interfaces. Management access to the device is through the management
ethernet port.
The measurement layer must be able to communicate through your edge routers with traffic
endpoints, either surfers on the other side of the Internet cloud or your remote VPN sites.
USTAT modules and the EFC module must be connected to interfaces on the edge routers.
These connections require some form of policy-based routing (PBR). Traffic can be channeled
through a GRE tunnel, a VLAN, or a dedicated physical interface, for example. If you use a
dedicated physical interface, there can be no routed hops between the CNA port and the edge
router. The addresses configured on the CNA system for this purpose (called VIPs, or virtual IP
addresses) must not be subject to Network Address Translation (NAT).
The control layer must be able to establish an iBGP peering relationship with your edge
routers. TCP connections will be opened between the CNA system to the edge routers. Basic IP
is sufficient for this layer. You may also elect to configure active probes using ICMP responses.
BGP peering occurs on the engine module.
As long as these conditions are met, it doesn’t matter how you physically connect the CNA
system into your network.
There are three basic configurations possible, each with its own trade-offs to be considered.
16 CNA Fundamentals Guide, Software Version 3.1
Network Integration
Outside the Firewall
If the CNA system is entirely outside of your firewall, the management port, which can provide
access to the CNA system via such protocols as http, telnet, snmp and ssh, will be exposed.
(Individual protocols can be enabled or disabled by user configuration.)
See Figure 2.
Figure 2: CNA system entirely outside the firewall
WWW
Intranet
Firewall
Internet
Eng
USTAT
Mgmt
control
Edge Routers
measurement
management
CNA
DMZ
Remote
End Point
Security measures available to you include:
●
access lists on the CNA system as well as edge router interfaces
●
secure shell (ssh) instead of telnet
●
Secure Sockets Layer (SSL)
●
authentication (local, RADIUS and TACACS+)
See Chapter 3: Security in the CNA Basic Monitoring Guide.
Inside the Firewall
If the CNA system is placed inside your firewall, you will need to provide a GRE tunnel, or some
other means of passage through the firewall, for measurement traffic. You must also allow the
CNA engine module to establish a BGP peering relationship with your edge routers. See
Figure 3.
Issue 1 June 2006
17
Overview of Avaya CNA
Figure 3: CNA system entirely inside the firewall
Intranet
Eng
USTAT
Mgmt
Internet
Firewall
control
measurement
management
Edge Routers
CNA
WWW
DMZ
Remote
End Point
Across the Firewall
If your organization’s security policies permit it, the device can be configured to work with
measurement traffic outside the firewall and the management port inside (engine port can be
either). See Figure 4.
Figure 4: CNA system spans the firewall
WWW
Intranet
Firewall
Internet
management
Eng
USTAT
Mgmt
control
measurement
Edge Routers
CNA
DMZ
Remote
End Point
The management interface can be protected with access lists implemented on both your firewall
and on the CNA system to define the type of access you want to allow through the management
ethernet interface.
18 CNA Fundamentals Guide, Software Version 3.1
Network Integration
You can implement access lists on measurement interfaces to deny any traffic other than
HTTP.
And, you can implement an access list on the engine ethernet interface to allow the edge
routers to send packets during BGP sessions.
Figure 5: CNA system partially inside the firewall
Intranet
Firewall
Internet
control
measurement
management
WWW
Eng
USTAT
Mgmt
Edge Routers
CNA
DMZ
Remote
End Point
If you have given your web servers some firewall protection, you can place the CNA device on
the same network and still be outside of your internal network.
Configuration Sequence
The following sequence of steps presents an abbreviated list of things you need to do to get a
newly installed CNA system configured and ready to optimize traffic between your web servers
and Internet end users. (In order to optimize VPN traffic, you will also need to configure the CNA
system and your edge routers as shown in Chapter 3: VPN Integration of the CNA Advanced
Monitoring Guide.)
The following list is derived from the steps that are explained in detail in Chapter 3: Configuring
a New CNA Server Device of this book and Chapter 2: Configuring Your Routers of the CNA
Advanced Monitoring Guide.
See the sections listed in parentheses for more detailed information about individual steps.
Issue 1 June 2006
19
Overview of Avaya CNA
Note:
Note:
This manual addresses the integration of a CNA system into a generic network
environment. This network has been intentionally made simple so that the
documentation can focus on the steps required to make the CNA system
operational. In an actual, real-world deployment, there will be numerous
departures from the simplified network presented here, requiring different specific
configurations. For example, the steps itemized below call for GRE tunnels
between the measurement ports and Cisco edge routers. The actual system
requirement is for some form of dedicated link, either virtual or physical, not
necessarily a GRE tunnel, and the system will work with brands other than Cisco.
To set up a new CNA system and make it operational, do the following:
1. Install the chassis into a rack. (See the companion document Avaya CNA Server
Installation Guide for details.)
2. Connect a terminal to the console connector on the management module. (See the
companion document Avaya CNA Server Installation Guide for details.)
3. Physically connect the ethernet ports to the network.
4. Boot your CNA system.
5. Using the console port to connect a terminal to the 5000-series Management module or the
3300-model base unit, configure the FastEthernet interfaces.
6. Configure a default static route for the CNA system’s engine.
7. Configure the engine to recognize your service provider access links.
8. Configure BGP peering with the CNA engine.
9. Associate USTAT modules or 3000-series measurement ports with service provider access
links and virtual IP addresses (VIPs), and configure GRE (Generic Routing Encapsulation)
tunnels.
10. On your edge routers, configure GRE tunnel interfaces.
11. On your edge routers, configure policy-routing route maps for the GRE tunnels.
12. On your edge routers, configure the routing between your edge routers and the CNA
system.
13. On your edge routers, configure IBGP peerings with the CNA system.
14. On your edge routers, configure the CNA system as a route reflector client.
15. To obtain network traffic measurements through passive user tests, place HTML image tags
in your web pages and configure your DNS server to direct requests for the image to your
USTAT modules.
16. To obtain network traffic measurements from targeted endpoints are scheduled intervals,
configure active probes on the CNA system.
17. On the CNA system, enable the decision-maker process.
20 CNA Fundamentals Guide, Software Version 3.1
Network Integration
Traffic Measurement Data
At this stage, if you have completed all of the steps listed in the Configuration Sequence
section, the CNA system should now be operational. The CNA engine will fill its internal
database with prefixes obtained from your BGP feed.
Before the CNA system can do anything meaningful with these prefixes, however, it needs to
gather data about how fast each of your service providers can pass traffic between your
network and destinations in each of these prefixes.
The CNA system has two mechanisms for measuring the speed of packet delivery from your
web server to individual end users: passive traffic tests and active probes.
You can use either of these methods exclusively, or you can use both simultaneously.
User Traffic Tests
User traffic tests (UTTs) are passive measurements of the time it takes to complete a TCP
handshake during the delivery of a single-pixel transparent GIF that has been requested by an
Internet user who has contacted your web site. This test requires that you place an HTML
image tag somewhere on your web page, and that you configure your DNS server to direct
requests for the URL contained in the image tag to one of your USTAT modules.
See Chapter 4: Server-Based Measurement in the CNA Basic Monitoring Guide for more
information.
Active Measurement Probes
Active probes are traffic tests that are initiated by the CNA system. You identify a specific host
in a prefix of interest and the CNA system will contact it, either by initiating and immediately
closing a TCP session, or by sending an ICMP echo request, at regular intervals. The time it
takes to complete the opening handshake of the TCP session or complete the ICMP ping is
recorded in the CNA database. (You can configure the method used: TCP or ICMP.)
See Chapter 4: Server-Based Measurement in the CNA Basic Monitoring Guide for more
information.
NetFlow, SPAN Data Streams
Active measurement targets can be automatically generated from data sent to the optional
Endpoint Flow Collection module (EFC) by a NetFlow or SPAN (Switched Port Analyzer) data
source.
See Chapter 2: Collecting Endpoint Addresses in the CNA Basic Monitoring Guide for more
information.
Issue 1 June 2006
21
Overview of Avaya CNA
Asserting Routes
Once the CNA system has accumulated sufficient data, it can begin choosing the best link to a
specific prefix. How much data is sufficient is an option that can be set using the CLI.
However, the CNA system will not assert its choices to your edge routers until you enable
route-assert mode. Prior to that time, you can monitor the performance of the CNA system and
view the reports it generates to gain insight into the performance of your service provider links.
See Route Assertion in Chapter 3: Adaptive Path Control of the CNA Adaptive Path Controller
Guide for more information.
22 CNA Fundamentals Guide, Software Version 3.1
Chapter 2: Configuration Fundamentals
Chapter Contents
●
Configuration Overview
●
Current Path Configuration
●
User Accounts
●
Password Recovery
●
Data Management
●
Email
●
Privacy Policies
●
Character Set
Configuration Overview
Configuration management is done through a Command Line Interface (CLI), implemented as
part of the Converged Network Analyzer (CNA).
Beginning with CNA 3.0, you can configure the device using a template. The template is used to
create a complete configuration for monitoring the current path. You can initiate the
configuration template by using the generate-config current path command.
Once you have initiated the template, enter the appropriate values when prompted. The system
will recognize specified values that are used multiple times in the template. You will be
prompted once for this specific value to ensure that unexpected errors are not entered.
The system will overwrite the startup configuration with the values entered through the
template. Before overwriting the startup configuration, the system will save the configuration
with a time stamp and a unique name to identify the file. The unique naming convention is as
follows: startup-config-yyymmdd-hhmm.cfg The saved configuration files will be shown when
the ls cfg command is executed.
When the template is complete, the prompt asks if you want to save this configuration as your
start-up configuration. If you answer yes, the newly generated startup-config is saved. If you
answer no, you will be asked whether you want to discard the generated configuration or get
one more chance to save it.
Issue 1 June 2006
23
Configuration Fundamentals
The generated configuration will take effect after the next reload as new the
running-configuration. You have another chance to undo the changes by executing recover
startup-config.
You should save the running configuration as a file in the device repository, as a startup
configuration. To do so, use the copy command:
copy running-config startup-config
Entering the command help (or its equivalent, the question mark character—?) will display a list
of all commands available to you at your current location in the CLI.
The end and exit commands both move you up one level in the configuration mode hierarchy.
That is, if you are in engine configuration mode (config-engine), the end and exit commands
will move you to configuration mode (config). From configuration mode, the two commands will
move you to system operations mode. From there, the exit command will close the CLI session
while the end command will have no effect.
Within one of the command configuration modes (config-engine or config-engine-link, for
example), both the end and the exit commands will place an end statement in the configuration
to mark the end of a command block.
The logout command will immediately close the current CLI session regardless of where you
are in the configuration hierarchy.
The CLI responds to several control-key and escape-key combinations which help move the
cursor on the command line, and perform simple character-manipulation tasks such as
converting between upper and lower case.
To see the complete list of these key combinations, enter help edit on the command line.
CNA API
CLI commands can also be entered into the CNA configuration through a client program, using
the CNA Application Programming Interface (API). See the CNA Appendices Guide.
Current Path Configuration
Beginning with CNA 3.0, you can configure the Current Path mode using a template. The
template is used to create a complete configuration for monitoring the current path. You can
initiate the configuration template by using the generate-config current path command.
Once you have initiated the template, enter the appropriate values when prompted. The system
will recognize specified values that are used multiple times in the template. You will be
prompted once for this specific value to ensure that unexpected errors are not entered.
24 CNA Fundamentals Guide, Software Version 3.1
User Accounts
The system will overwrite the existing, or running, configuration with the values entered through
the template. Before overwriting the running configuration, the system will save the
configuration with a time stamp and a unique name to identify the file. The unique naming
convention is as follows: running-config-yyymmdd-hhmm.cfg The saved configuration files will
be shown when the ls cfg command is executed.
When the template is complete, the prompt asks if you want to save this configuration as your
start-up configuration. If you answer yes, the newly generated running-config is copied as the
start-up config. If you answer no, you will be able to save the configuration by executing the
save memory command or the copy running-config startup-config command.
User Accounts
There is no default user account.
When you boot a CNA system for the first time, you will be given a command prompt without
having to log in, but your terminal must be physically connected to the console port on the
management module.
There is no telnet access until you have created at least one user account with the username
command and set an enable password with the enable password command.
Password Recovery
The CNA system has a password recovery mechanism that allows you to obtain a command
prompt without logging in through a user account.
To use this feature, you must be connected to the management module’s console port.
Boot the device.
The system will show several startup messages:
LILO Loading ...........
Uncompressing ramdisk...
Mounting ramdisk...
INIT: version 2.78 booting
Copyright 2001 Avaya, Inc. All rights reserved.
Unauthorized access not permitted.
When you see the Unauthorized access not permitted message, you have a two-minute window
to enter the following on the command line (followed by the ENTER key):
-p
Issue 1 June 2006
25
Configuration Fundamentals
During a normal boot (without -p), the CNA system will next undergo an initialization process
and a series of system startup messages will be displayed:
--- CNA System Startup --Initialize logging mechanism
Find installed CNA modules
[ OK ]
slot 0 - management
slot 2 - engine
slot 3 - reporting
slot 4 - ustat
slot 5 - ustat
Start internal communication servers
Load initial boot configuration
Initialize internal DNS
Apply default access restrictions
Out-of-the-box state
Start NTP and synchronize modules
[ OK ]
[
[
[
[
[
OK
OK
OK
OK
OK
]
]
]
]
]
-----------------------------------
When the password recovery process is initiated, however, the CNA System Startup messages
should then be overwritten by the following:
Press Enter to Continue
If you get a login: prompt instead of Press Enter to Continue, you will have to reboot the device
and try again.
When you press the Enter key, you will be given a command-line prompt:
CNA>
The running configuration will be empty, but you will have access to your previously saved
startup configuration, which you can copy to the running configuration. First, enter the enable
command (since your running configuration is empty, there is no password), and then the copy
command:
CNA> enable
CNA# copy startup-config running-config
Now use the show running-config command.
You can now locate the username commands which you entered previously to create user
accounts. If passwords are displayed in clear text, note your log-in password for future
reference.
26 CNA Fundamentals Guide, Software Version 3.1
Data Management
Or, if you had previously configured the CNA system to not display passwords in clear text, you
can re-enter the username command (enter configuration mode first, with the configure
terminal command) to change your log-in password:
CNA# config t
CNA(config)# username test password test
Note:
Note:
Using the show startup-config command to locate a username and password is
not enough. You will not be allowed to terminate the CNA session using the exit
command unless there is a user defined in the running configuration. You must
either copy the startup configuration into the running configuration or enter
configuration mode (config) and create a user with the username command
before you can exit the CNA session.
Data Management
The CNA system stores persistent data on a hard drive on the management module. This data
includes reports generated hourly from the snapshot image of the live database that is
maintained on the engine module; the entire trending database; and trend report template and
user-defined query files. You can also create backup copies of the CNA image and startup
configuration.
You can manage files on the hard disk from either the CLI or the web interface.
From the CLI, use the ls command to see the user-accessible contents of this hard disk, the
backup command to create backup files and the restore command to retrieve data from
these backup files and restore them to CNA memory.
In the web interface, use the Config menu (or Config node in the navigation tree) to open the
Manage Files and Backup/Restore dialogs.
See Chapter 4: The CNA Web interface in this guide for more information.
Backing Up Reports, Trend Data and Saved Configs
To make back-up copies of saved configurations, snapshot reports and trend data, and to
restore them to the CNA system, use the rsync process.
You can configure the CNA system to automatically maintain a mirror image of the database on
a remote host using the rsync enable command, or you can force a transfer of data manually
using the copy command with the rsync keyword.
See Chapter 2: Reports in the CNA Reporting Guide for information about snapshot reports and
the trending database.
Issue 1 June 2006
27
Configuration Fundamentals
Using rsync
You will need to obtain an rsync executable for the operating system on your host machine.
See http://samba.anu.edu.rsync for information on how to obtain and install this utility.
The following examples will show you how to configure and operate the rsync utility on a Unix/
Linux machine to automatically maintain a remote replica of your trending database.
On the Host Machine
First, create the following directories:
/opt/rsync/PathControl/data
/opt/rsync/PathControl/etc
The data directory is where the replicated database will be stored.
Add the following to the rsync.conf configuration file, and place it in the etc directory:
log file = /opt/rsync/PathControl/etc/rsyncd.log
pid file = /opt/rsync/PathControl/etc/rsyncd.pid
lock file = /opt/rsync/PathControl/etc/rsyncd.pid
syslog facility = local1
[trends]
path = /opt/rsync/pc1/data/trends
comment = trends
read only = no
use chroot = no
uid = rsync
gid = rsync
list = yes
transfer logging = yes
log format = [%o] [%m] size=%l transfered=%b %f [to/from %h]
dont compress = *.*
Create a simple start/stop script in the directory /opt/rsync/PathControl. This file must be
executable, and the port number (5005 in the example script) must refer to a usable port on
your host machine.
The following rsync.sh file is an example Unix/Linux bash shell script:
#!/bin/bash
start() {
rsync --daemon --config=$config --port $port \
|| echo "ERROR while starting rsync daemon"
}
stop() {
kill `cat $pidfile` \
|| echo "ERROR while stopping rsync daemon"
}
28 CNA Fundamentals Guide, Software Version 3.1
Data Management
status() {
local j
j=`ps axwww | grep -v grep | grep rsync | grep -- "--port $port"`
if [ -n "$j" ]; then
echo "$sn running, on port $port"
else
echo "$sn not running"
fi
}
sn=rsync
port=5005
config=/opt/rsync/PathControl/etc/rsyncd.conf
pidfile=/opt/rsync/pc1/PathControl/rsyncd.pid
case "$1" in
start)
stop)
status)
*)
esac
start;;
stop;;
status;;
echo "$sn [ start | stop | status ]"; exit
To start the rsync daemon:
/opt/rsync/PathControl/rsync.sh start
To view the log file:
tail -f /opt/rsync/PathControl/etc/rsyncd.log
To stop the rsync daemon:
/opt/rsync/pc1/rsync.sh stop
To query the rsync daemon for its status:
/opt/rsync/pc1/rsync.sh status
On the CNA system
To communicate with the rsync daemon on a host machine configured as shown and named
remote_host located in the domain myDomain, enter the following command in the CNA CLI:
rsync target remote_host.myDomain:5005::/opt/rsync/PathControl/data
rsync enable trends
The rsync username command on the CNA system was not used because the rsync daemon
on remote_host was configured to use anonymous log ins.
This example will automatically maintain a replica of your trending database.
Issue 1 June 2006
29
Configuration Fundamentals
Alternatively, you could manually force updates, using the copy command to copy data from
your CNA system to your rsync host (this example assumes you have used the rsync target
command as shown previously):
copy /trends rsync:
When you first add the rsync enable command to the configuration or execute the copy rsync
command the first time, the entire trending database will be written to the remote host. From
then on, however, only incremental changes will be written, requiring much less time.
Email
The CNA system allows you to email a variety of data, including snapshot and trend reports,
configurations, and show command output, from either the command line or the management
web interface.
You can use the email command in the CLI to configure the CNA system to automatically send
snapshot reports on a regular schedule.
You can select the Email command from the File menu in the web interface to send data that is
being displayed in the content pane of the web applet.
Before mail can be sent, you need to identify your mail server, either in the CLI or the web
interface. The server and port named by the CLI’s smtp-server command will be used for all
mail, unless you change the server designation in the web interface.
Click the SMTP Server button at the bottom of the E-mail dialog to change the server name
and port. This change is valid for email sent from the applet only; it is not stored on the server
and will not affect the automatic mailing of reports. The change will remain in effect as long as
the applet continues to run. When you launch a new applet, it will again default to the settings
named by the smtp-server command.
Data mailed from the applet will be sent to the mail server through the client workstation’s
network interface.
Reports mailed automatically by the CNA system will be sent through the management
module’s eth0 interface. Image formats (jpeg and png) can be specified with email format
image.
If you encounter difficulties, verify that both the CNA system’s management module and the
workstation in which you run the applet have network access to the mail server.
30 CNA Fundamentals Guide, Software Version 3.1
Privacy Policies
Privacy Policies
If your organization conforms to the P3P protocol defined by the World Wide Web Consortium
(http://www.w3.org), you can use the ip http server header append (deprecated)
command to add a P3P header to the HTTP headers generated by the USTAT web servers.
Character Set
User-generated text (such things as descriptive text, host names, prefix aliases, group names,
and link names, for example) can consist of letters of the alphabet, numerals, hyphens and
underscore characters. The first character must be a letter of the alphabet.
You cannot enter more than 256 characters into the CLI for any one command, including
keywords.
With a few exceptions, you cannot use any of the following characters in user-defined text:
` ; # $ { } ' " < > \
The exceptions:
●
the single quote character is allowed in a TACACS+ key
●
any of these characters can be used in a match expression in the show logging
command
●
forward slashes (/), are allowed in filenames, URLs, domain names, and e-mail addresses
●
single (‘) or double (“) quotes can be used as individual characters in descriptive text and
passwords (but not user names, host names, or aliases)
●
all printable characters can be used in a password, subject to the following:
- If a password contains a space, backslash (\), or exclamation mark (!), then you must
quote the entire password (either single (‘) or double (“) quotes can be used). Note that a
quoted password can not use the same quote symbol as part of the password. E.g., “test
99” could not use double (“) quote as part of the actual password.
- Examples of legal passwords:
test123
@#$%^&*()test123_+|~`=-[]{};:/.,?><
“t est1 23 ”
‘ t est1 23’
“ test ’1’ 2/3”
Issue 1 June 2006
31
Configuration Fundamentals
If space characters are used in descriptive text blocks, the entire block of text must be enclosed
in quote marks. If the text uses a double-quote character, enclose the entire block in single
quotes. If the text includes a single-quote character, enclose the entire block in double quotes.
The exclamation mark (!) identifies comment text in configurations. When the CNA system
encounters an exclamation mark in text not enclosed in quotes, it will ignore all characters from
that point on through the end of the line when parsing the configuration.
To use the exclamation mark as a character in user-defined text, such as a descriptive block, or
a password or user ID, enclose the block of text in quotes.
User-defined text is case sensitive; CLI keywords are not.
You can enter show prefix, show Prefix or SHOW PREFIX; all will be accepted as valid
commands.
However, the CNA system will preserve upper and lower cases for user-generated text. The
performance group name PathControl is not the same as pathcontrol.
32 CNA Fundamentals Guide, Software Version 3.1
Chapter 3: Configuring a New CNA Server Device
Configuring Virtual Module Interfaces
Each software module in Avaya CNA (with the exception of the reporting module) needs to be
associated with an Ethernet interface and a physical connection to your network. The reporting
module does not require a network connection; reports are obtained through the management
interface.
Management, engine, USTAT, and EFC modules must use the Ethernet ports assigned to them
according to the instructions in the companion document Avaya CNA Server Installation Guide
and the corresponding labels on the back of the IBM xSeries x306, the IBM xSeries x306M, the
IBM xSeries x336, the Dell PowerEdge 850, or the Hewlett Packard DL 320 device.
Once the system has booted and you have connected all of the necessary ports to your
network, connect a terminal or workstation to the serial console port on the CNA device.
See the Avaya CNA Server Installation Guide for information about creating a local user
account and enable password on an device that has never been configured.
Log in and enter the enable password.
Configuration Mode
When you have privileged-level access, enter the configure terminal command.
Note:
Note:
The device will also accept config t—whenever you enter enough of a
keyword to eliminate ambiguity, Avaya CNA will accept it as though you had
spelled out the entire word. Alternately, you can enter a partial word—again, just
enough to eliminate ambiguity—and use the TAB key to automatically finish
entering the complete word on the command line. If you enter conf and then
press the TAB key, the system will complete the word configuration followed
by a space character. You can then enter a question mark (?) to obtain a help
prompt advising you about acceptable next entries.
The system should now be in configuration (config) mode.
Issue 1 June 2006
33
Configuring a New CNA Server Device
Ethernet Interfaces on Modules
Begin by configuring interfaces for the management, engine, and USTAT modules.
To create an interface on the xSeries system, enter the interface command while in config
mode.
Enter fastethernet as the type argument.
The num and port arguments correspond with the labeled Ethernet ports on the rear panel of
the xSeries device. The num argument is always 0 and the port argument is the number on the
Ethernet (ETH) port labels next to the actual Ethernet ports. The management module, for
example, is implemented on port ETH0, identified as 0/0 to Avaya CNA; the engine module
uses port ETH1, or 0/1; and the USTAT module is implemented on port ETH2, or 0/2. The port
assignments are the same for all supported IBM xSeries platforms. Configuration of the
endpoint flow collection (EFC) module is covered in Chapter 2: Collecting Endpoint Addresses
of the CNA Basic Monitoring Guide.
For the management interface, enter the command to configure Ethernet 0 as follows:
interface fastethernet 0/0
This will place the xSeries device into interface configuration mode (the command-line prompt
will display config-if).
The type argument is not case sensitive. The interface type is displayed by Avaya CNA as
FastEthernet, but you can enter it all in lower case, or with upper case F and E.
To assign an address to the interface, enter the ip address command with a valid IP address
and mask from your network address space:
ip address 176.16.6.4 255.255.255.224
Each interface needs a separate IP address. These addresses can come from private address
space.
You can add descriptive text as a reminder of what the interface is for, with the description
command:
description “Management Module”
End the configuration of this interface with the end command:
end
Repeat the interface command for the engine module:
interface fastethernet 0/1
description “Engine Module”
ip address 172.16.6.4 255.255.255.224
end
34 CNA Fundamentals Guide, Software Version 3.1
Configuring Virtual Module Interfaces
Repeat the command again to create an interface to be used by your USTAT modules, using
the 0/2 port:
interface fastethernet 0/2
description “USTAT Modules”
ip address 172.16.6.6 255.255.255.224
end
When you have finished, your running configuration should contain a block similar to the
following (use the show running-config command to see the contents of the running
configuration):
hostname Avaya_ANS
interface FastEthernet 0/0
description “Management Module”
ip address 172.16.6.4 255.255.255.224
end
interface FastEthernet 0/1
description “Engine Module”
ip address 172.16.6.14 255.255.255.224
end
interface FastEthernet 0/2
description “USTAT Modules”
ip address 172.16.6.6 255.255.255.224
end
By default, duplex and speed mode for all interfaces is auto. You can change modes with the
duplex and speed commands.
Host name is “Avaya_CNA” by default; you can change this with the hostname command.
At this point, since the management module now has an interface and an IP address, you can
disconnect the terminal or laptop from the serial port and log in to the management address via
telnet.
Later, you can enable ssh and disable telnet, if you prefer to use a more secure remote access
protocol, and you can use a web browser once you have enabled the management module’s
HTTP server.
For now, however, either remain connected to the serial port or use telnet.
Default Gateway
You need to set a default route for the xSeries system so that it knows how to communicate with
your network. Choose an address on a router that is accessible to your management hosts and,
while in config mode, enter the ip route command:
ip route 0.0.0.0 0.0.0.0 172.16.6.3
Issue 1 June 2006
35
Configuring a New CNA Server Device
This configures a static route for the management module. To avoid routing conflicts (see Static
Routes in Appendix D: Migrating Configurations Between Models of the CNA Appendices
Guide), you should also enter engine configuration mode and define a static route for the engine
module, as well.
From config mode, enter engine configuration mode:
module engine
Now create another static route, to match up with the up address your network administrator
has chosen for the engine module (use the ip next-hop for a gateway router that is local to the
engine’s subnet):
ip route 0.0.0.0 0.0.0.0 172.16.6.4
Service Provider Access Links
Each service provider that is to be managed or monitored by Avaya CNA needs a link object
defined in the xSeries configuration.
Naming Service Provider Links
To associate a service provider with a link name, first create the link using the link command.
While still in engine configuration mode, enter the following:
link provider_1
The command’s name argument can be anything you want. In the example here, it is
provider_1. This name will be used in the output of various CLI commands and web page
reports.
Executing the link command places the CLI in config-engine-link mode. Subsequent
commands will be applied to this link.
Link AS Numbers, IP Addresses
Execute the provider-as command to associate the provider_1 link with the Autonomous
System (AS) number of your service provider and the IP address your provider gave you for
BGP peering (the address your edge router is peering with):
provider-as 10 172.30.100.33
36 CNA Fundamentals Guide, Software Version 3.1
Service Provider Access Links
Execute the end (or exit) command to back out of config-engine-link mode, and repeat the
sequence for each link that will be managed—name the link, give it the AS number and IP
address of your service provider, and back out of config-engine-link mode:
link provider_2
provider-as 20 172.29.100.33
end
link provider_3
provider-as 30 172.28.100.1
end
...
When you have finished, your configuration should contain a block of text similar to this:
module engine
link provider_1
provider-as 10 172.30.100.33
end
link provider_2
provider-as 20 172.29.100.33
end
link provider_3
provider-as 30 172.28.100.1
end
BGP on the Engine Module
While still in config-engine mode, enter the bgp command, with your network’s AS number as
the as-num argument:
bgp 65002
In addition to adding bgp 65002 to your running configuration, entering the bgp command also
places the CLI in config-engine-bgp mode.
Enter the neighbor link command once for each of your links. The command takes address
and name arguments, in the following form:
neighbor <address> link <name>
The address argument should be an IP address of an interface on the edge router that connects
your network to the service provider identified by the name argument.
For this example, assume you have two edge routers. One of them connects your network to
the service providers you have called provider_1 and provider_2 in the xSeries configuration,
and the other edge router connects your network to the service provider you have configured as
provider_3.
The interface you use to connect to the first router has the address 172.16.6.1 and your access
interface on the second router is 172.16.6.2.
Issue 1 June 2006
37
Configuring a New CNA Server Device
Your BGP neighbor commands should look like the following:
neighbor 172.16.6.1 link provider_1
neighbor 172.16.6.1 link provider_2
neighbor 172.16.6.2 link provider_3
Next, in order to achieve IBGP peering, you need to associate the router IP addresses with AS
numbers, using the neighbor remote-as command:
neighbor 172.16.6.1 remote-as 65002
neighbor 172.16.6.2 remote-as 65002
Note:
Note:
All configured links must be associated to a neighbor. The CNA system does not
support routerless links.
The AS number in each of the neighbor statements should be your own BGP AS number—the
same number you used with the bgp command—so that the xSeries device will establish an
IBGP peering relationship with the routers.
Your configuration so far is illustrated in Figure 6.
38 CNA Fundamentals Guide, Software Version 3.1
Service Provider Access Links
Figure 6: Example network with FastEthernet addresses assigned
IBM x335
172.16.6.14
USTAT (ETH2)
ENGINE (ETH1)
MGMT (ETH0)
172.16.6.4
Internal
Management
LAN
172.16.6.6
172.16.6.3
172.16.6.4
AS 65002
NOC
172.16.6.2
172.16.6.1
Your edge routers:
AS 20
AS 10
AS 30
172.28.100.1
172.29.100.33
172.30.100.33
provider_1
ER2
ER1
provider_3
provider_2
Internet
In the diagram, the engine, management and USTAT ports are all connected to the same
network. This is not a requirement, as long as the engine module is connected to the edge
routers for BGP peering, the USTATs are connected to the edge routers for traffic
measurements, and the management module is reachable by anybody who needs access to it.
Your xSeries configuration should contain a block of text similar to this:
module engine
bgp 65002
neighbor 172.16.6.1
neighbor 172.16.6.1
neighbor 172.16.6.1
neighbor 172.16.6.2
neighbor 172.16.6.2
end
end
link provider_1
remote-as 65002
link provider_2
link provider_3
remote-as 65002
Issue 1 June 2006
39
Configuring a New CNA Server Device
Assigning USTATs to Providers
If you haven’t already done so, back out of engine configuration mode by executing the end (or
exit) command until you are in config mode.
Now execute the module command, specifying ustat for the type argument and whatever name
you want to use for the first USTAT as the name argument. You will need to configure one
USTAT module for each service provider link. Link name and USTAT name can be the same.
Enter the following:
module ustat provider_1
This will place the CLI in config-ustat mode for the USTAT module to be associated with the
provider_1 link. You need to do two things while in this mode:
●
associate the USTAT module to a specific service provider access link
●
assign a virtual IP (VIP) address to the USTAT module
●
and, if needed, a default gateway for the module
When you are finished, you will need to back out of and then re-enter config-ustat mode with a
different USTAT name. Note: if you wish to create a GRE (Generic Route Encapsulation) tunnel
you will need to use the interface tunnel command.
Binding Links
Beginning with your first USTAT module, execute the link command to bind a specified link
(created earlier, in config-engine mode) with the USTAT module currently being configured:
link provider_1
VIP address
Enter the vip command to assign a virtual IP address to the USTAT module:
vip 172.25.5.1
The VIP is the address that will receive traffic-measurement packets, either during a user traffic
test (UTT) handshake or for an active probe. This address must be reachable from the Internet,
so it should come from public address space (though examples throughout this document will
use only private-space addresses for all interfaces, on both routers and xSeries devices).
If you need dedicated active measurement VIPs for your USTATs (see Chapter 4: Server-Based
Measurement and Chapter 5: Configuring Agent-Based Measurement in the CNA Basic
Monitoring Guide), you can configure that address here, as well.
40 CNA Fundamentals Guide, Software Version 3.1
Service Provider Access Links
The standard VIP can be used for both active probes and passive tests, however, so the active
measurement VIP will not be configured as part of this example.
The xSeries system will implicitly append /32 to the address (the CIDR-notation equivalent of a
subnet mask of 255.255.255.255). The mask won't show up in all output, but the show
interface command for the USTAT module will include the following:
Link encap:Local Loopback
inet addr:172.25.5.2 Mask:255.255.255.255
USTAT GRE Tunnels
Enter the interface tunnel command to configure the USTAT end of the GRE tunnel:
Define the tunnel:
interface tunnel 1
ip address 172.25.5.130 255.255.255.252
tunnel destination 10.6.0.1
end
Now assign it to a USTAT:
module ustat provider_1
link provider_1
ip route 10.6.0.1 255.255.255.255 172.16.6.1
ip route 0.0.0.0 0.0.0.0 tunnel1
end
Designate the tunnel id argument as 1 for the first tunnel, 2 for the second, and 3 for the third.
Each tunnel on a system must have a unique ID.
The tunnel destination address is an IP address on the edge router to which the USTAT is
connected.
This address can be any valid interface configured on the router. However, for this example, we
have followed the common practice of using the router’s loopback address.
Since the loopback address is not in the same logical network as the USTAT module’s interface
address, we need to explicitly identify a static route to the loopback address.
Use the ip route command on the USTAT module to create this static route. In this example,
we will create host-specific static routes (by using a mask of 255.255.255.255) to the loopback
addresses on the edge routers.
Use the ip route command a second time on each USTAT to create a default route through
the tunnel to the Internet, using the catch-all address 0.0.0.0 0.0.0.0 and the tunnel interface
name tunnel1.
Back out of config-ustat mode using the end (or exit) command, and repeat the three-part
process—association of the link, assignment of the VIP and creation of the GRE tunnel—for
each USTAT module in your system.
Issue 1 June 2006
41
Configuring a New CNA Server Device
Associating USTATs With Interfaces
Next, we need to associate the three USTAT modules with the USTAT interface we configured
earlier.
Enter the interface command to change to configuration mode for the USTAT interface. Then
enter the module command once for each of the three modules that will operate from this
interface:
interface fastethernet 0/2
module ustat provider_1
module ustat provider_2
module ustat provider_3
end
The interface configuration block which you configured earlier should now look like this:
interface FastEthernet 0/2
description “USTAT Modules”
ip address 172.16.6.6 255.255.255.224
module ustat provider_1
module ustat provider_2
module ustat provider_3
end
The xSeries device now has a basic configuration which will allow it to peer with your edge
routers and begin evaluating traffic (though it does not yet have a source of measurement data).
Figure 7 depicts your xSeries’s configuration at this stage:
42 CNA Fundamentals Guide, Software Version 3.1
Service Provider Access Links
Figure 7: Ethernet, VIPs and USTAT GRE Tunnels configured
IBM x335
172.16.6.14
USTAT (ETH2)
ENGINE (ETH1)
MGMT (ETH0)
172.16.6.4
USTAT VIPs
172.25.5.1
172.25.5.2
172.25.5.3
172.16.6.6
GRE Tunnel Addresses on xSeries
172.25.5.130 255.255.255.252
172.25.5.134 255.255.255.252
172.25.5.138 255.255.255.252
172.16.6.2
172.16.6.1
Edge router ER1
router loopback
10.6.0.1
AS 20
AS 10
provider_1
AS 30
172.28.100.1
172.29.100.33
172.30.100.33
AS 65002
ER2 router loopback
10.6.0.2
provider_3
provider_2
Internet
The next step is to configure your edge routers to peer with the xSeries device. See Chapter
2: Configuring Your Routers in the CNA Advanced Monitoring Guide.
Issue 1 June 2006
43
Configuring a New CNA Server Device
44 CNA Fundamentals Guide, Software Version 3.1
Chapter 4: The CNA Web interface
Chapter contents
●
About the Web interface
●
Opening the interface
●
Java version
●
Logging in
●
The CNA control panel
About the Web interface
Use your web browser to perform the following network administrative tasks:
●
View configuration
●
Edit configuration
●
Monitor network behavior
●
View reports generated by the reporting module
●
View the control panel and resource monitoring windows
Opening the interface
The CNA Web interface is implemented as a Java applet. To open the Web interface, us a
HTTP or an HTTPS session. Use the IP address of the FastEthernet interface (eth0) on the
management module. You can also use the host name of your CNA system if your DNS server
can resolve the host name. For the device that you configured in either of the configuration
chapters, enter one of the following addresses in the location bar of your browser:
http://172.16.6.4
http://Avaya_CNA
Issue 1 June 2006
45
The CNA Web interface
Note:
Note:
You must first use either the ip http server on or the ip http server
ssl on CLI command to enable the HTTP or HTTPS server on the management
module of the CNA system.
For more information Ethernet interfaces on modules, see Chapter 3: Configuring a New CNA
Server Device.
Java version
The CNA Web interface requires the Java 2 Runtime Environment (JRE) and the Java Plug-in
Version 1.5 or higher, which are available from Sun Microsystems.
If your system does not meet this requirement, you can use the copy of Sun JRE installation
program that the CNA system contains to install this software.
Or, you can go directly to the Java installation page the on Sun Web site:
http://java.sun.com/j2se/1.5.0/download.jsp
Installing the JRE and the Java plug-in
Installing on a Windows-based computer
If you attempt to open the CNA Web interface without the correct version of the Java Plug-in,
the CNA system presents you with one of two methods to obtain the plug-in, depending on
which browser you are using.
Using Internet Explorer
The system displays a Security Warning dialog box that asks you if you want to install and run
the Sun Java installation program.
1. Click Yes to start the installation program and install the JRE and the plug-in.
2. When the installation is complete, the CNA applet runs automatically.
!
Important:
Important:
Internet Explorer requires that you enter a forward slash (/) at the end of the CNA
system address or host name in the browser location bar. If you do not enter the
slash (/) the browser does not complete the display of the Web page after you
install the plug-in. Your entry in the location bar should look like this: http://
Avaya_CNA/.
46 CNA Fundamentals Guide, Software Version 3.1
Java version
Using Netscape
The system displays an Avaya page in your browser with a Click here prompt inside a
rectangle.
1. Click anywhere in the rectangle to open a Netscape dialog box that tells you that you need
the plug-in.
Note:
Note:
If you use Windows XP, then you need Administrator access. Without
Administrator access, you do not see the dialogs boxes that requests the plug-in.
2. When you click the Get the Plug-in button, the system opens a second browser window
that displays the plug-in installation page.
3. To copy the installation executable from the CNA system to your local hard disk drive or
network directory, click Download.
4. When you click Download, the system displays a standard Windows Save As dialog box.
The dialog box displays the JRE 1.5 installation program, jre-1_5_0-win.exe, in the
filename field.
5. Select a location on your local system where you want to copy the executable file. This file
is a temporary file that you can delete once the installation is complete.
6. When the file is copied to your destination, close the Save As dialog, open Windows
Explorer, locate the file that you just downloaded (j2re-1_5_0-win.exe) and double click the
file. Or, enter the file name and the path in the Run dialog box, which you can invoked from
the Start menu.
7. Follow the instructions and prompts in the installation dialog boxes to install the JRE and
Java Plug-in.
8. When the installation is complete, you delete the j2re-1_5_0-win.exe file from your local
hard disk drive or network directory.
9. To start the CNA applet, close the Netscape window that displays the plug-in installation
links. The Netscape window where you started now displays a prompt that tells you to click
inside the central rectangle. This action starts the CNA applet.
Java Certificate
When you load the CNA applet, a Java security-warning window opens, and asks you if you
want to install and run the applet. If you deny permission, the applet continues to run, but you
cannot perform certain tasks.
If you click Grant Always, an Avaya Java certificate is written to the hard disk drive of your
workstation, and you do not see the security warning window on subsequent sessions.
Issue 1 June 2006
47
The CNA Web interface
To remove the certificate, use the Java Control Panel from the Windows Control Panel. Note
that this certificate is available only through the Java control panel. The certificate does not
appear in the Certificate Manager that is accessible from the Netscape Preferences menu
command, or in the Internet Options dialog in Internet Explorer.
Note:
Certification is valid for as long as the browser session remains open. If you use
Netscape, you cannot close the session until you close all instances of Netscape,
including Netscape Messenger and any open e-mail messages. If you use
Microsoft Windows, a secure session is indicated by a Java security icon in the
portion of the Windows task bar that shows the currently running processes. As
long as the icon remains in the task bar, the session remains open. If you entered
the enable password during your session, that password also remains in
memory. Any user can relaunch the CNA Web interface and have full access to
the device as long as the Java certificate remains valid.
Note:
Logging in
Before using the application, you must first enter a valid CNA user ID and password in the Java
authentication window.
1. Enter the CNA user name.
2. Enter the CNA user password.
3. Click OK to enter the application.
When a valid CNA user ID and password are authenticated, the authentication type is identified.
The types are Local, RADIUS, or TACACS+ depending on your CNA configuration.
The application window displays to following links:
Note:
●
Launch—The launch link opens the CNA user interface window. This link is displayed
when the application is not running.
●
Running— The running link brings the control panel to the foreground. This link displayed
when the application is running.
●
Support—The support link opens the Support page of the Avaya Web site. Prior to using
the page, you must enter an Avaya customer support user ID and password. For how to
obtain a customer support user IDs, see CNA documentation library in the Overview.
Note:
The CNA application window must remain open for the duration of your CNA
session. You cannot use this window for any other purpose, but you can
minimized this window.
48 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
Maximum user sessions
For each successful authentication, the system writes a cookie to the RAM disk of the CNA
system. The cookie remains for 1 week.
During that time, the browser session remains authenticated, and you can start and end CNA
sessions without logging in each time as long as the browser remains open. If you close the
browser and the associated Java session, you must enter the user ID and the password again
and the system writes a new cookie to the RAM disk.
The CNA RAM disk can contain 350 persistent user-session cookies at any one time.
You can use the show users command to view the number of user sessions that are currently
active. One cookie exists for each Web Login that is listed. The time stamp in the output of the
show users command shows the last time that the user who is represented by that cookie
interacted with the CNA system. Time stamps for CLI users in the output of the show user
command shows the time the user logged on to the CNA system.
In the event that session limit is exceeded, the log-in window contains an error message that
tells you that the maximum number of cookies, or concurrent sessions, was reached. The
following message is also written to the system log:
Cannot add to cookie index - reached maximum entries
If you ignore the maximum-user warning and log on, you can navigate through the application.
However, when you click an element that requires interaction with the CNA system, another
log-on message will appear.
When you reach the cookie limit, do not attempt further application logins until the oldest cookie
times out. Use the CLI instead. No limit exists to the number of CLI sessions allowed.
The CNA control panel
When the log-in window closes, the system displays the CNA application, which is called the
control panel.
The control panel includes three major areas.
●
A panel of real-time graphs at the top
●
A quick links area at the lower left that contains a list of frequently used actions and access
to information that is available in the CNA system
●
An information window panel at the bottom
Issue 1 June 2006
49
The CNA Web interface
Figure 8: The CNA control panel
You can use the CNA Web interface to execute many CLI commands, some commands require
privileged-level access to the device. The first time that you attempt to execute one of these
protected commands, the system displays a dialog box that requests the enable password.
Once you enter the enable password correctly, you can issue all privileged-level commands
without additional authentication. The Enable checkbox at the lower-left of the control panel is
selected. To exit enable mode, click Enable.
The CNA information panel
The large panel at the bottom of the control panel is the main display area for most of the data
from the CNA system. This data includes Reports, Trends, and Show Commands. In most
cases, whenever you perform an action with the control panel, the information panel provides
feedback and results. The buttons inside this window change depending on the main types of
actions that you are taking. You can use the four tabs at the bottom of the window to jump
quickly between these main areas. These are Networks or Links, Reports, Trends, and Show,
and are explained later in this chapter.
50 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
The real-time graphs panel
The graphs panel at the top of the control panel provides a real-time view into the
decision-making process of the CNA system. The panel also shows the traffic load on each of
the ISP links that are defined in the CNA configuration.
The data displayed here is derived from information that is sent from the CNA decision-maker
process to the CNA event-manager process. The Control Panel graphs are refreshed every 5
seconds; however, not all graphs are updated every 5 seconds. There are some graphs that are
updated by the CNA system every 5 seconds, 30 seconds, or every 2 minutes.
Traffic load information is provided by the CNA link-monitor process, which obtains the data
from SNMP agents on your edge routers. If link-usage polling is not enabled, these graphs will
remain empty. See Chapter 4: Polling Routers in the CNA Advanced Monitoring Guide.
The graphs panel contains the following graphs:
●
Zone to zone outages
The zone to zone outages graph reflect a recent change from the long-term
network-performance behavior of the path between the zones. For example, an outage can
occur if the absolute threshold for network parameters such as delay, jitter, and loss are
exceeded. A zone to zone outage can also occur if the relative threshold for the same
network parameters are exceeded. In addition, the lack of performance data on a zone to
zone path would create stale performance information about that path. Stale path
performance information is graphed in Zone to Zone outages.
●
Application Performance
In Multi-Path mode and Current-Path mode, the application performance rating graph
shows how your top applications perform on all networks across all your configured
networks. The system uses stars to indicate the performance range, which is indicative of
the user experience. One star indicates the worst performance. Five stars indicates the best
performance.
●
Application Availability
In the Multi-Path mode, the application availability graph shows the “nines availability” of
your applications across each network. For example, a score of 99.907 means that
applications on a particular network are working satisfactorily for that percentage of the
time. This value would be rounded off to “three nines availability”.
In Current-Path mode, the application availability graph shows application availability for the
24 hour moving window and the application availability for the 2 minute window on the one
network. The 24 hour moving window remains flat in most instances. The 2 minute window
provides visibility into the short term availability variations.
Issue 1 June 2006
51
The CNA Web interface
●
Network Not Rescued
The networks not rescued graph shows the number of networks that are now experiencing
an outage that CNA was unable to rescue. In other words, CNA could find no other path
around the network outage.
●
Top Networks Not Rescued
The top networks not rescued list shows you the most recent networks that experienced an
outage that CNA was unable to rescue. You can left-click each item to receive more detail in
the information window. Ongoing outages receive priority in the list and are marked with an
exclamation point. For more information, see the show outage command in the CNA
Command Reference Guide.
●
Link Load Outbound and Link Load Inbound
In the Multi-Path mode, the graphs display load information for each of your configured
networks. These graphs plot the most recent 5 minutes of traffic in bits per second. Graph
lines are color coded per link, according to the key in the Network Legend.
This graph is not available in Current-Path mode.
●
Measurements
The measurements graph plots the number of measurements that are made per minute on
each link.
●
Delay per Network
The delay per network graph plots the network delays per minute on each link.
●
Jitter per Network
The jitter per network graph plots the network jitter per minute on each link.
●
Loss per Network
The loss per network graph plots the network loss per minute on each link.
●
Top Rescued Networks
In the Multi-Path mode, the top rescued networks displays the actual networks where the
greatest improvement was made. You can left-click on each item to bring up more detail in
the information window at the bottom of the display, which includes the start time, end time,
duration, and the reason for the outage. Ongoing outages are given priority in the list and
are marked with an exclamation point. For more information on this, see the command
show outage in the CNA Command Reference Guide.
This graph is not available in Current-Path mode.
Use the Group dropdown menu to filter the graphs in the graph panel by groups. This menu
is under the Top Rescued Networks graph in the graphs panel. When you use this feature,
the measurements graph changes to show average HRTT.
52 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
Control Panel
Clicking any of the first four graphs in each row to display a more detailed version in the
information window. Click the entries in the remaining two graphs, Top Networks Not Rescued
and Top Rescued Networks (Multi-path only), to display a one-line report for each network of
interest. If you click a specific network in either of these reports, you get the Per-Network
Information report (Figure 9). The top section contains information on the network. This
information includes the winning network, decision policy, and application model involved. The
two charts on the right display delay and jitter measurements as the measurements are
collected. The data is available only on networks with prefixes receiving measurements from
ICMP or traceprobe active-probing.
The third table shows the status of your links and the results of the measurements to the prefix
as follows:
●
Link—Your ISP links, which are listed by the configured link name.
●
Codes—The following link codes as follows:
- b for BGP
- i for invalid choice
- o for outage detected
- a for asserted
- w for winner
- r for regular winner set
- e for extended winner set
- h for hot
●
RTT—The average round-trip time (RTT) in milliseconds for the prefix on each link. This
measurement is available only on links with prefixes that receive measurements from
ICMP or traceprobe active-probing.
●
Jitter—The average jitter in milliseconds for the prefix on each link. Jitter is calculated as
the difference between consecutive RTT values. This measurement is available only on
links with prefixes that receive measurements from ICMP or traceprobe active-probing.
●
Loss—The average loss for the prefix on each link. This measurements are available only
on links with prefixes that receive measurements from ICMP or traceprobe active-probing.
●
TCP HRTT—The average TCP handshake RTT for the prefix on each link.
●
Metric—The CNA-calculated metric for the prefix on each link. This metric is an index that
ranges from 0 (best) to 1000 (worst). This metric shows the quality of the link and is
indicative of the user experience.
●
Total Count—The number of measurements to this prefix on each link.
●
TSLM—The time since the last measurement in milliseconds.
●
Reliability—A graph of the average time in minutes that the link spent in the winner set.
Issue 1 June 2006
53
The CNA Web interface
You can also select any of the following columns to generate a trending chart in the lower half of
the display:
●
RTT
●
Jitter
●
Loss
●
TCP HRTT
●
Metric
●
Reliability
●
Application Performance
●
Application Delay
The fifth table shows pertinent BGP information on the prefix.
Figure 9: The Per-Network Information report
The bottom section has the following four tabs:
●
Measurements—Shows information on the measurements that are made for each
network as the CNA system processes the measurements.
●
Trends—Shows information on one of the selected fields in the link table (first table in the
report).
●
Show—Shows the show commands that are accessible from the control panel. For more
information on this, see the command show event in the CNA Command Reference
Guide.
54 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
Quick Links
The Quick Links pane on the side of the information window contains the following main entries:
●
Topology—Links to the network topology that graphically displays the CNA system.
●
Reports—Links to various reports, charts, and graphs available on the CNA system.
●
Trends—Links to the statistics that the CNA system gathers.
●
Show Commands—Links to the individual show commands as described in the CNA
Command Reference guide. This the menu also provides access to the Visual Traceroute
feature.
●
Per-Network Information—Opens a blank Per-Network Information report. You can enter
a network address in the box at the top of the screen.
The host name of the CNA system is displayed just above the Quick Links. If the host name is
changed while the control panel is open, the change is not immediately reflected in the display.
You must close and reopen the control panel to see the new host name. For how to change the
host name, see CLI command hostname in the CNA Command Reference Guide.
Reports
The Reports link provides access to the reports that the reporting module generates about the
networks monitored by the CNA system. Clicking either Reports or More Reports to reveal the
entire list in the information window. This link contains the following items:
Executive Summary—Provides a high-level view of the overall affect of CNA on your
network. This report is available in Multi-Path mode.
●
Billing—Shows usage and estimated costs for each of your configured links for the month.
This report is available in Multi-Path mode.
●
Application Performance—Shows how your network performs, based on the
measurement statistics that the CNA system gathers.
●
Application Delay—Shows information about the delay that your applications experience
(in milliseconds).
●
Application Traffic—Shows statistics about the applications in your network in bytes per
second. This information is for your top applications across all the configured networks.
●
Network Availability—Shows the overall availability of all your networks.
●
Application Availability—Shows the “nines” availability of the applications in your
network.
●
Link Availability— Shows the “nines” availability of your configured links.
●
Distribution—Provides charts that show how prefixes are distributed among your edge
routers. This report is available in Multi-Path mode.
Issue 1 June 2006
55
The CNA Web interface
●
Web Speedup—Shows the performance improvement for Web applications.
●
Measurements—Shows information on the measurements that the system makes for
each prefix on each configured CNA link on all routers.
●
Traffic Per Network—Shows information on bit rates and flows on each prefix.
●
Traffic Per Specified Network—Shows information on bit rates and flows on each prefix
based on defined customers. For more information, see customer-prefix-file command in
the CNA Command Reference Guide.
●
Traffic Per ASN—Shows information on bit rates and flows on each prefix based on the
AS numbers that are seen in your network. This report is available in Multi-Path mode.
●
Observed—Shows data that the CNA system observes, as opposed to data that is
optimized by the CNA decision-maker process. This report is available in Multi-Path mode.
●
Optimized—Provides a qualitative summary of how the CNA decision-maker process
evaluates link performance per prefix, as opposed to the quantitative summary in the
Observed report. This report is available in Multi-Path mode.
●
Diagnostics—Shows detailed information on the inner workings of the CNA system.
●
Diagnostics (Brief)—Shows a less detailed version of the Diagnostics report.
●
Cell—Shows information for each cell in the CNA system.
●
Edge—Shows information for each edge device in the CNA system.
●
Networks Not Rescued—Shows information on the number of networks that are
experiencing an outage that the CNA system was unable to rescue.
The Reports link provides access to predefined reports that are automatically generated. When
you click a report, the system displays the contents in the information window.
Figure 10: Information window: Reports
56 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
The following controls are shown in the Report window when you view an available report
Table 4.
Table 4: Report control bar descriptions
Control icon
Description
Provides the complete list of available reports. This list
the same list that you see when you click the Reports
quick link or the Reports tab.
Reloads the current report.
Stops the current action in progress.
Provides quick access to all Reports.
Opens the Report Selection dialog box (Figure 11).
Provides a quick way to navigate between a
sequence of reports. Most reports are generated on a
regular basis, such as hourly or daily. Use this control
to step through the reports in sequence without the
need to select each report independently.
Provides a list from which you can select the day and
the month of a report.
1 of 2
Issue 1 June 2006
57
The CNA Web interface
Table 4: Report control bar descriptions (continued)
Control icon
Description
Provides a list from which you can select the time of a
report.
Opens the current report in a separate window.
2 of 2
Click Options to open the Report Selection dialog box. Use the Report Selection controls to
select the specific date and time frame that you want the report to display. You can also use the
arrow buttons on the Reports Control Bar to move forward or backward in time. Click the left
arrow to replace the currently displayed report with the earlier report of the same kind. Click the
right arrow to replace the currently displayed report with the next later report.
Report time stamps include the time zone that was in effect on the CNA system when the report
was created. Changing time zones with the timezone command in the CLI does not affect
saved reports.
Figure 11: Report Selection dialog box
Some reports also require you to select a router. Others reports, such as the Executive
Summary or Distribution reports, include other selection criteria. Such criteria might be, for
example, weighted versus unweighted data or a qualifier that defines the system set of prefixes.
When you select one of the reports, the system displays the report in the information window.
You can configure your CNA system to routinely send reports to a list of recipients by way of
e-mail. For more information, see the email command in the Command Line Reference guide.
58 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
Settings in the Report Selection dialog box persists between uses during the same session.
That is, if you set a date, a time, and a router for one type of report, and then select a different
report type from the list (the menu continues to be displayed in the top margin), the Report
Selection dialog box retains the previous settings. Thus you can quickly view several reports
with the same date, time, and router criteria.
For an explanation of each of the reports that are available, see Chapter 2: Reports in the CNA
Reporting Guide.
Trends
The Trends item in the Quick Links pane provides access to all trend reports. These reports
include user-defined graphs that chart performance, link-usage, and internal CNA events and
conditions over a specified span of time.
Click the Trends Quick Link to display the available trend templates in the information window.
The CNA system comes with several trend-report templates that you can use unchanged or
modify.
Note:
Note:
You can also click the Trends tab at the bottom of the window of the window to
get access to the trend reports.
In the list of available trend reports, the information window identifies the prepackaged trend
templates with a T. User-created trend reports do not have this symbol. To change the sort
order of the displayed contents, click on the column headings in the information window. The
following controls are shown in the Trends window when you view the available trend reports.
Table 5: Trend controls
Control icon
Description
Provides a complete list of available reports. This list
is the same list that you see when you click the
Trends link or Trends tab.
Reloads the current trend graph.
Stops the current action in progress.
1 of 2
Issue 1 June 2006
59
The CNA Web interface
Table 5: Trend controls (continued)
Control icon
Description (continued)
Generates and displays the selected trend report.
Creates a trend report.
Renames a trend report.
Deletes a trend report
Opens the current trend graph in a separate window.
2 of 2
When you select a sorting order, the column head includes an arrow. The arrow points up if the
sort is in ascending order. In ascending order, numerals come first, followed by A to Z, and then
a to z. The arrow points down if the sort is in descending order. In descending order, z to a
come first, followed by Z to A, and then numerals.
For descriptions of the contents of the templates that are provided, see Trend Reports in
Chapter 2: Reports in the CNA Reporting Guide. Once you make your changes and save the
changes with names of your choosing, you can delete the templates. You can then download
the templates at the Avaya support Web site.
60 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
Trend reports consist of one or more graphs that show usage and performance information over
time (Figure 12). You must fully configure your CNA system and allow the system to gather
some data before the template reports can show any data.
Figure 12: Trend chart graphs
When the actual trend report is the information window, double-click on the report to display the
Trend Definition dialog box.
Figure 13: Trend Definition dialog box
The following controls are shown in the Trends window when you view the trend report
(Table 6).
Issue 1 June 2006
61
The CNA Web interface
Table 6: Trend report controls
Control icon
Description
Provides a complete list of available reports. This list
is the same list that you see when you click the
Trends link or Trends tab.
Reloads the current trend graph.
Stops the current action in progress.
Changes the position of the selected graph.
Selects single-column or dual-column mode for the
graphs.
Opens the current trend graph in a separate window.
Adds another graph to the displayed trend report.
Modifies the selected graph in the displayed trend
report.
Removes the selected trend report displayed in the
information window.
Resets all of the report parameter back to the initial
state.
1 of 2
62 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
Table 6: Trend report controls (continued)
Control icon
Description (continued)
Moves the selected graph one time period forward or
backward.
Zooms in or out for the selected graph.
Displays the graph legend.
Selects all graphs. You can select multiple graphs
and then use the arrow buttons to change the time
period. The time period will change for all selected
graphs. Select All is used to change state for all
graphs at once.
Opens the Trend Options dialog box.
2 of 2
Trend options
Click the Options button to use the Trend Options dialog box. Use the Trend Options to change
the date range, the graph format, or Y-axis.
Use the Date Range items to specify the time period that you want the graph to cover. If you
specify an absolute range of dates and times, the report always displays these dates, no matter
when you view it. If you specify a relative range, the dates that the report covers change each
time that you view the report.
Before you set a date range, you must understand the relationship between the graphing utility
and the trending database. If the database contains insufficient datapoints for the period of time
that you select, the graph-generating utility uses average values instead of actual values.
You can create a line or an area graph, and you can choose to stack or not stack the data.
Stacked graphs use a previous graph line as the baseline for the next row of data. Unstacked
graphs chart all graph lines from the same baseline. You can also specify minimum and
maximum values for the Y axis, although the graphing process can override your values to
generate a legible graph. Note that if you are modifying an existing report, you might be unable
to change the minimum value, depending on the nature of the data.
Issue 1 June 2006
63
The CNA Web interface
The Trend Options format can be one of the following:
●
Area—The area between the graphed line and the next lowest line is filled with the color
that the color key shows.
●
Line—The graphed line is drawn in the color that the color key shows.
●
Stack—The graphed line is a previously graphed line as the baseline.
Figure 14: Trend Options dialog box
Saving trend reports
Whenever you view a report, CNA must generate the report from the current available data. You
can save the trend report and save the graphs for later use as the data will change with time. To
save a trend report, use the Save command in the File menu.
Opening saved trend reports
To view a saved report, you can either select a report from the list and click Show Report in the
right margin of the dialog box, or double-click the report name in the list.
Modifying existing reports
To change the definition of an existing graph, double-click the graph in the trend report that is
displayed in the information window. You can also click the graph and then click Modify at the
bottom of the report window. A yellow rectangle is drawn around the selected graph. Press
Escape on the keyboard to clear this rectangle. Either action opens the Trend Definition
window. You can Change the date range, the type or the style for the graph. You can also select
a graph element from the list and change the criteria or delete the criteria, or add a new element
to the graph.
When you finish making changes, click Modify at the bottom of the definition window to return
to the display of your report. The system redisplays the graph with the modified criteria.
If you double click the text of the title that is over the graph, you can edit that text in place,
without opening the Trend Definition window.
To save your changes, click Save Report at the bottom of the window.
64 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
Creating new trend reports
Trend reports consist of one or more graphs that track one or more items over time. In addition
to the trend report templates, you can also create your own new trend report.
To define your own new trend report:
1. Open the list of Trend reports by clicking the Trends Quick Link or on the Trends tab at the
bottom of the information window.
2. Click Create at the top of the Trends list. This action opens the Trend Definition window.
3. Click the down arrow next to the Type field. Select the trend type you would like to graph
from the Type list.
As you select items from the Type and Data lists, the message box to the right of these
fields display information about type and data selections.
4. Click the down arrow next to the Data field. Select the data type from the Data list.
The choices in the Data list depend on the Type selection. Different types have different
data. For more information on the various Type and Data selections and the graph that the
selections generate, see Trend Report Data Types in Chapter 2: Reports in the CNA
Reporting Guide.
5. Click the down arrow next to the Function field. Select the function type from the Function
list.
You can specify which type of values to use in the graph when the trending database does
not have sufficient hourly datapoints to graph the requested time period. You can select
average, minimum, or maximum values. For more information about function values, see
Trending Database in Chapter 2: Reports in the CNA Reporting Guide.
The database contains sufficient hourly average datapoints for the time period that you want
to graph, the average, the minimum, and the maximum function values are identical.
If your trend graph spans a large period of time, such as several months, sufficient
datapoints to chart the graph from the hourly datapoints, might not exist, and the graphing
utility substitutes aggregated values. This flattens out spikes in the data. If you want to use
these spikes as indicators that an event is worth further investigation has occurred, select e
maximum from the Function list. The plot line is then charted from aggregates based on
maximum values instead of averages, and spikes in the data are still be evident.
6. Select additional report definitions from the selection boxes under the Function field.
Once you select the data type, the selection boxes fill with additional reporting definitions.
When either of these boxes contain data and is selected, a search feature locates items as
you enter characters from the keyboard. You can use this feature to quickly locate a specific
prefix in a long list of prefixes.
Issue 1 June 2006
65
The CNA Web interface
Note:
Note:
The search feature times out after a one-second delay between keystrokes. For
example, if you type the first prefix that begins with the number 6 is selected. If
you type a second number 4, for example before the 1-second limit, the first
prefix that begins with 64 is selected. If you wait for more than 1 second between
keystrokes, however, the 6 is lost and the search feature looks for a prefix
beginning with 4.
7. Click Add to List to add your selection to the list in the lower pane.
This action remains unavailable until you make all the selections that are required for the
trend definition.
Use Remove, Replace, and Clear List buttons as follows:
●
Clear List— You can clear selected items you have added to the list.
●
Replace— You can replace a selected item with another item from the selection
windows.
●
Remove— You can remove selected items from the list.
The list can contain up to 10 items. Each item on the list is represented by a different line on
the chart that you create. Lines or areas are the color that the table indicates. To
customized colors, double-click the color swatch in the table.
8. Enter a graph name in the Title field.
To change the name of the graphed item, double-clicking the name in the selected-item list.
Unlike other file types, trend report file names can contain spaces and the slash (/)
character. These characters are encoded when the file is written to the hard disk drive of the
CNA system and decoded whenever the file name is redisplayed in the Web interface. For
more information, see the description of the ls command in the CNA Command Reference
Guide.
9. Click Options to set the date range, chart type, and Y-axis.
10. When the graphed-items table contains at least one item, click Trend.
The information window automatically changes to the Trend tab and a chart will be drawn
using the items in the graphed-items list. See Figure 15.
66 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
Figure 15: User-created trend graph
The units that are displayed for the Y axis (vertical) vary according to the items that are
being graphed. Numbers on the Y-axis might be accompanied by one of the following
suffixes:
●
M—mega; multiply the value by one million (x10e6)
●
k—kilo; multiply the value by 1,000 (x10e3)
●
m—milli; divide the value by 1,000 (x10e–3)
●
u—micro; divide the value by one million (x10e–6)
You can add multiple graph lines to a single chart, although the Y axis may lose meaning if
the graph lines do not display comparable data.
The legend at the bottom of the graph identifies the graph lines by color key. Items are listed
by the name that is shown in the Select <item> pane in the Trend Definition window, or by
a combination of items if both selection panes were active.
To edit this field, double-clicking the field in the List pane in the Trend Definition window.
The number or the letter in the square brackets that follows the label shows the interval that
each data point represents. The intervals are h for hourly, d for daily, m for monthly, and y
for yearly. If the brackets contain a number only, that interval is in seconds. For more
information about data intervals, see Chapter 2: Reports in the CNA Reporting Guide.
If your graph spans a change in data-collection frequency, the key shows two bracketed
intervals, and the X-axis shows both intervals in the appropriate times. For more information
about trend data frequency, see Chapter 2: Reports in the CNA Reporting Guide.
While a trend report is displayed, you can use the buttons that are at the bottom of the
graph. Note that some of these buttons are not active until you select a graph in the trend
report:
●
Add—Returns you to a blank specifications page to define another chart. When you
select the Graph button on that page, the new chart is added to the existing chart in the
current report.
●
Modify—Returns you to a specifications page that contains the data that was used to
create the specified chart. You can modify the Trend definition settings.
Issue 1 June 2006
67
The CNA Web interface
●
Remove—Deletes the selected chart from the report.
●
Select All—Selects all graphs in the current report.
●
Reset—Becomes active when you shift the time span of the X-axis with either the arrow
or zoom buttons. The Reset button restores the X-axis to the state that was specified in
the Trend Definition dialog box when the graph was defined.
Selecting a graph
You can select a graph by single-clicking the graph. When you select a graph, it is surrounded
by a blue rectangle, and additional controls will become active.
When the graph is selected, you can:
●
Double-click the existing title to edit the title
●
Use the arrow buttons to shift the time that the X-axis represents forward or backwards
●
Zoom in or out to change the unit of time that each data point represented, provided that
the changed units of time are available in the database.
●
Display a complete list of data key entries
For information on trend report controls, see Table 6.
Note:
Note:
Trend reports are not saved as complete units or graphic images. When you save
a trend report, what you actually save is the report query, which are the criteria
that the CNA system uses to select data from the database. Each time that you
recall the saved trend report, the datapoints required to construct the graphs are
retrieved from the trending database. If you cleared the trending database for the
time that is covered by the report query, the graph will be empty. If you want to
preserve the actual constructed graph of a trend report, use e-mail to send the
graph yourself and save the image.
Right-click the mouse inside the graph (within the grid) to open a floating menu that is linked to
the Executive Summary report. The time stamp that this menu displays is determined by the
X-axis position of the mouse when you clicked inside the graph. This time stamp is accurate to
within 15 minutes for large-scale graphs.
Granularity of the data is indicated by square brackets following graph line’s name: H means the
data is an hourly sample, D means daily, W means weekly, M means monthly, Y means yearly
(for more information about sample sizes, see the section Trending Database in Chapter
2: Reports in the CNA Reporting Guide.
A number in the square brackets means that the data is gathered from a CNA polling process
instead of the hourly database snapshot. The number is the collection interval in seconds.
The Avg., Min., and Max. numbers in the key at the bottom of each graph show the average,
the minimum, and the maximum values in the visible graph, respectively.
68 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
Graphs that indicate the states of boolean values—on/off, yes/no, or true/false also contain a
second key below the color key. This second key consists of a numbered list that identifies the
Y-axis position of the items that are graphed.
For more information about graph keys, see Y Axis Key Lists in Chapter 2: Reports in the CNA
Reporting Guide.
Identifying the contents of the graph
The color-coded key at the bottom of the graph identifies the plot lines by name. Note that you
can edit this name from the Trend Definition dialog box.
If entries in the key are truncated because of the length of data and width of the graph, select
the graph and click the show legend button. This button is next to the zoom button.
This action opens the Legend window (Figure 16), which displays a detailed key. The legend
window also display the original values for any plot lines that you modified.
Figure 16: Trend graph legend
The legend includes the following information:
●
Current Color and Name of each plot line
●
Type and Data menu item
●
Selection entries (shown in the Legend window as Parameter 1 and Parameter 2)
●
Function type (Average, Minimum, or Maximum) selected in the Trend Definition
Dialog when the graph was created
●
Units that the Y-axis of the graph represents (if a single report includes mixed graph
types, all the different unit types might not be visible on the graph.
Issue 1 June 2006
69
The CNA Web interface
You cannot edit the name of a graph line in this window. If you want to change the name of the
graph line, close the Legend window and click Modify to return to the Trend Definitions dialog
box.
Time stamps
A time stamp is displayed in the lower right corner of the control panel. This time stamp is
updated whenever data is exchanged between the control panel and the CNA system. Thus the
time stamp changes at different rates depending on what the content pane displays.
When the Control Panel is open, for example, the time stamp changes at the same rate as the
rate with which the data in the graphs is updated.
At other times, the time stamp does not change unless you make a selection that requires the
Web interface to interact with the CNA system.
Reports are also identified by the date and the time that the data was saved. Both time stamps
are included on reports that you print or send by way of e-mail.
Show commands and Visual Traceroute
The Show Commands Quick Link represents system-level show commands and provides
access to the Visual Traceroute feature.
When you click one of the commands in the information window, the default parameters are
assumed and the output is displayed immediately. If the command takes additional arguments,
an appropriate set of controls appears in the margin above the content pane. The show
traceroute command supports two modes of operation. text mode and Visual Traceroute.
For more information about the parameters and the output of individual show commands, such
as traceroute and active-measurement avoid, see the CNA Command Reference
Guide.
Visual Traceroute
The Visual Traceroute feature renders the output of the traceroute command in a graphical
form. When you select show traceroute from the show commands window, the contents of the
information window appears.
By default, the VIPS check box is selected and the Continuous box is cleared. A Visual
Traceroute is performed when you enter an IP address or a host name in the Host field and
click Go. If you clear the VIPS check box or select the Continuous check box, or both, the
output is be in text mode.
Select the VIPS checkbox to initiate a traceroute from each USTAT. If you do not select the
VIPS check box, only a single traceroute is initiated.
70 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
Select the Continuous check box to force the system to do the traceroute until you click the
stop button to terminate the traceroute.The stop button is located to the left of the VIPS check
box.
In the example shown in Figure 17, three USTATS were configured. The Visual Traceroute was
sourced from three VIPS and directed toward the host address in the Host field. The first three
elements in the figure show the starting point for the traceroute and the provider link or path that
the traceroute will take. Notice that these paths are color coded throughout the traceroute. In
the example, the first hop down the Qwest path is labeled “Private” because the hop has a
private address, which happens to be an internal host. The next four elements are grouped
together by the surrounding yellow box because these elements lie within the same AS. The
number in the small rectangle in each node represents the hop count to reach that node. Next to
the hop count is the RTT in milliseconds from the USTAT to that node. Items that are marked
with an asterisk(*) indicate that no response was received from that node. This typically occurs
with firewalls which are usually configured not to respond to such requests.
Figure 17: Visual Traceroute example
Issue 1 June 2006
71
The CNA Web interface
Menu bar
The menu bar of the control panel provides access to the File menu, the Edit menu, the Reports
menu, the Trends menu the Show menu, and the Help menu. The menu bar also provides read/
write access to configurations.
In most cases, the results are the same whether you select a menu command or use the Quick
Link in the left pane of the control panel.
File menu
The file menu contains the following commands:
Manage Config Files
The Manage Config Files table contains an entry for every configuration that is saved in a CNA
repository.
The list always contains running-config and startup-config, even if these configuration files
contain no commands.
When you select a configuration file from the list, the contents is displayed in the information
window at the bottom of the Manage Config Files dialog box. You can edit the start-up config file
in this window. You cannot edit the running-config file. You must use the CLI to make
incremental changes to the running configuration.
The Manage Config Files dialog box menu bar, contains the following items:
●
Copy to CNA —You can copy any configuration file to the CNA system, even one that is
already stored there. If you copy a configuration file to the CNA system that is already
stored, the system overwrites the previously stored version. Use this command to locate a
configuration to be copied to the CNA Agent Device.
●
Copy from CNA—You can copy configuration files between CNA devices on your
network.
●
Save—You can save data as files on either the CNA hard disk or a network location.
●
Save As—You can save data as files on either the CNA hard disk or a network location
with a user-defined name.
●
Email—You can E-mail selected item, such as a report, a configuration, or an output from
a show command, to one or more e-mail addresses.
●
Close—You can Close the Manage Config Files dialog box.
72 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
From the Manage Config Files dialog box, you can also do the following:
●
Rename—This selection remains disabled for running-config and startup-config.
●
Delete—This selection remains disabled for running-config and startup-config. Use the
erase startup-config command in the CLI to delete the startup configuration from
flash memory. Rebooting the device clears the running-config file.
●
Copy—You can create a copy of a configuration file without making changes to the file.
The system opens an Upload window. You can use this window to write the selected
configuration to a user-named file on the hard-disk of the CNA system, or to the startup
configuration in flash memory or the running configuration in RAM.
You can also use the Copy to copy from running-config to startup-config or vice versa or to
make backup copies on the CNA system.
●
Save—The Save button in the at the lower-right of the content pane will become active if
you make a change to the text.
Backup/Restore
If you select Backup/Restore from the File, the system opens a Backup/Restore dialog box.
This dialog box is similar to the Manage Config Files dialog box. However, the Backup/
Restore dialog box provides access to backup files that are stored on the internal CNA hard
disk or on a remote device.
You can create new backup files or restore CNA images from this dialog box.
When you select an image from the list, the lower frame in the content pane of the Backup/
Restore dialog displays information about the image. This information includes the image
version, whether any configurations were included, and any notes that were added when the
image was backed up.
The Backup/Restore dialog box follows the format of the Manage Config Files dialog box,
which displays the number of lines in configuration files (.cfg) in a column labeled Lines. In the
Backup/Restore dialog box, the values in this column are always N/A, because this item is
inappropriate for any of the file types that are displayed.
The Backup/Restore dialog box menu bar, contains the following items:
●
Backup —You can create a new backup file. The system displays a dialog box, in which
you can select the type of backup file you want to create. You have the following backup
options:
●
The Image type creates a file that contains a copy of the CNA executable image.
●
The Image-Config type creates a file that contains a copy of the CNA executable image
and the startup configuration, and any SSL certification files that you installed and the
SSH key if a key exists.
Issue 1 June 2006
73
The CNA Web interface
You can specify a file name, or leave the name blank and the system will create one based
on content and date. The filename can be in the form of a remote URL. For more
information on the backup options, see the backup command in the CNA Command
Reference Guide. For URL syntax, see the copy command description.
Text that you enter in the Notes panel is displayed in the lower panel of the Backup/
Restore window when the file is selected from the list. Use this text as a reminder of the
contents and the purpose of the backup.
●
Restore—You can restore an executable image from a previously backed up file. The
system displays a dialog box, the restore options contains the name of the file that is
currently selected in the list of backed-up files. If none is selected, the file name field is
empty, and you can enter a URL to a remotely saved file. You have the following
restoration options:
●
Image—Restores the CNA executable image from the named file .img. If the file also
contains configurations and SSL or SSH files, these files are ignored.
●
Image-Config—Restores all files from the named .img file.
If the file name in the Restore from field does not have the correct extension for the type of
restoration that you selected, the system changes the filename as appropriate.
Copy to CNA
When you select the Copy to CNA command, the File Open dialog box opens. Select the
configuration to copy to the CNA device. Only files with a .cfg extension, and the running config
and startup config are displayed. You can change this default filter to show all file extensions, so
that you can locate configurations that might be stored with a different extension.
You can save the file to a file name on the device hard drive, or you can write the file to the
device running configuration or startup configuration.
If you save to a file name with an extension other than .cfg, the extension .cfg is appended
automatically.
Note:
Note:
The CNA device does not perform any validation of your file. Whatever is in the
file, regardless of the file name or extension, is written to the target, including
running-config or startup-config. You are responsible for the integrity of the file.
Copy from CNA
Use the Copy From CNA command to copy Trends reports from the CNA system.
Save
Use the Save command to save Trends reports.
Save As
The Save As command is not active from this menu.
74 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
E-mail
Use the E-mail command to send a selected item, such as a report, a configuration, or an
output from a show command, to one or more e-mail addresses.
If you used the smtp from, smtp-server and smtp to CLI commands to configure the use
a default mail server and to include default to and from text in the e-mail form, these fields are
completed for you. If you did not use these commands, you must identify your mail server and
enter your return e-mail address.
Note:
Note:
You can also configure the CNA system to automatically e-mail reports to a list of
users, with the email command. For more information about configuring e-mail
parameters, see the CNA Command Reference Guide. The presence of http
server capabilities on the remote host results in a system that enables selected
CNA reports to be automatically available within the scope of an existing web
site. Please see the companion document CNA Command Reference for details
on the publish command.
To send a selected item by way of e-mail:
1. Display the item in the information window.
2. Click the zoom arrow in the upper-right corner of the information window to open a new
window. This action displays the selected information only.
3. Select the E-mail command from the menu.
For example, if you click the Show Rescued Networks command after the output is
displayed in the information window, you can select the E-mail command from the File
menu. This action will transfer the output into the content area of the E-Mail dialog box that
opens.
4. Enter the addresses of the recipients as separate addresses with commas in the To field.
5. Enter your return email address in the From field.
6. Edit the Subject field.
7. Add comments in the Message field.
8. If your e-mail server is not the same as the server that is shown at the bottom of the E-Mail
dialog box, you can click SMTP Server and enter your mail-server address.
Note:
Note:
The SMTP Server must be accessible from the computer running the Web UI.
9. SMTP must be accessible from the computer that the Web UI is running on. In some cases,
the SMTP server may only be accessible by the CNA server. The user would have to
override this setting in order to send email from the client
Issue 1 June 2006
75
The CNA Web interface
10. Click Send when you are ready to send the message.
An animated prompt in the status bar of the CNA window indicates the delivery activity. If
errors prevent the message from being sent, a red exclamation mark flashes over an
envelope icon. Double click this icon to open the error message window. Click OK in this
error dialog box to clear the animated exclamation mark. Note that if you click Cancel, the
dialog box closes but the animation continues.
Close
Use the Close command to close the control panel. This command does not close the applet
itself. To shutdown the applet entirely, click Close in the upper right corner of the applet title bar.
Note that, if you use Netscape, the security certificate remains valid and the enable password
remains stored in memory as long as you have a browser window of any kind open.
For more information about the security certificate, see the note in the section Java Certificate in
this chapter.
Edit menu
Use the Edit menu to copy text from reports and the output of the show command, which you
can then paste into another application.
The Edit menu remains unavailable until you click the mouse in an editable block of text. When
the Edit menu is available, you can cut, copy, paste, and select all information available.
Note:
Note:
Not all edit menu selection are available in every components of the control
panel.
Reports menu
The Reports menu is an alternative way to access the complete list of reports. Other ways to
access Reports is from the Quick Links pane or the Reports tab.
Trends menu
The Trends menu is an alternative way to access the complete list of trend reports. Other ways
to access Trend reports is from the Quick Links pane or the Trends tab.
76 CNA Fundamentals Guide, Software Version 3.1
The CNA control panel
Show menu
The Show menu is an alternative way to access the complete list of show commands. Other
ways to access the show commands are from the Quick Links pane or the Show tab.
Help
About
The About command displays a dialog box with information about the CNA system.
Changing the display colors
There is now a color map file called ColorMap.txt that controls all system colors used within the
CNA GUI. The file is an XML file that lists all the colors that can be configured. Here is the
default file:
<colorMap type="global">
<colorDefinition id="1" hex="FF9900"/>
<colorDefinition id="2" hex="9900CC"/>
<colorDefinition id="3" hex="66FF33"/>
<colorDefinition id="4" hex="999999"/>
<colorDefinition id="5" hex="00CCFF"/>
<colorDefinition id="6" hex="FF3333"/>
<colorDefinition id="7" hex="009999"/>
<colorDefinition id="8" hex="336600"/>
<colorDefinition id="9" hex="CC9999"/>
<colorDefinition id="10" hex="666666"/>
<colorDefinition id="11" hex="FFCC33"/>
<colorDefinition id="12" hex="CC9966"/>
<colorDefinition id="13" hex="993366"/>
<colorDefinition id="14" hex="CC99CC"/>
<colorDefinition id="15" hex="996666"/>
<colorDefinition id="16" hex="6699CC"/>
<colorDefinition
<colorDefinition
<colorDefinition
<colorDefinition
<colorDefinition
<colorDefinition
<colorDefinition
<colorDefinition
<colorDefinition
</colorMap>
id="background" hex="FFFFFF"/>
id="optimal" hex="9CC3FF"/>
id="pathControl" hex="0000FF"/>
id="notRescued" hex="CC0000"/>
id="star1"
id="star2"
id="star3"
id="star4"
id="star5"
hex="FF0000"/>
hex="FFB200"/>
hex="FFFF00"/>
hex="00FF00"/>
hex="00B200"/>
Issue 1 June 2006
77
The CNA Web interface
The colors correspond to all the items that are currently in the Control Panel. The hex value is
the standard html format for specifying color. This page can be helpful when choosing colors:
http://www.w3schools.com/html/html_colornames.asp
If the ColorMap.txt file is missing or corrupted, the default set of colors will be used and an error
message will be printed. Also, keep in mind that loading a new image will overwrite the current
file, so if it is changed, it should be backed up before loading a new image. In order to see
changes that are made in the file, any running instances of the GUI have to be restarted. Please
note that the ColorMap.txt will get re-initialized as part of an CNA upgrade. It is recommended
that a copy of the customized ColorMap.txt file be maintained within the CNA file system, so
that it can be re-copied after the upgrade is complete.
78 CNA Fundamentals Guide, Software Version 3.1
Index
Index
Symbols
D
! . . . . . . . . . . . . . . . . . . . . . . . . . 32
default gateway .
Delay per Network
direct-server return
DNS . . . . . . .
A
active probe . .
address rotation
AS number . .
average . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . 21
. . 10
. 36, 37
. . 65
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . 73
. 27, 73
.10, 37
. . 36
. . 10
B
Backup . .
backup . .
bgp . . . .
bgp peering
BGP4 . . .
.
.
.
.
.
.
.
.
.
.
C
character set . . . . . . . . .
CLI . . . . . . . . . . . . . .
commands
bgp . . . . . . . . . . . .
configure terminal . . . . . .
hostname . . . . . . . . .
interface . . . . . . . . . .
ip address . . . . . . . . .
ip http server header append
ip http server on . . . . . .
ip route. . . . . . . . . . .
link . . . . . . . . . . . .
module . . . . . . . . . . .
neighbor link . . . . . . . .
neighbor remote-as . . . . .
provider-as . . . . . . . . .
show interface . . . . . . .
show running-config . . . .
tunnel . . . . . . . . . . .
vip . . . . . . . . . . . . .
comments . . . . . . . . . . .
config t . . . . . . . . . . . .
configure terminal . . . . . . .
cookie . . . . . . . . . . . . .
copy text . . . . . . . . . . .
. . . . . . . . . . 31
. . . . . . . . . . 23
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . 37
. . 33
. . 35
. . 34
. . 34
. . 31
. . 46
. 35, 41
. 36, 40
. . 40
. . 37
. . 38
. . 36
. . 41
. . 35
. . 41
. . 40
. . 32
. . 33
. . 33
. . 49
. . 76
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
35
52
10
10
E
e-mail . . . . . . . . . . . . . . . . . . . . . 72, 75
exclamation mark . . . . . . . . . . . . . . . . . . 32
F
FastEthernet . . . . . . .
File Menu . . . . . . . .
Copy From PathControl
Email... . . . . . . . .
Exit . . . . . . . . . .
filenames . . . . . . . .
From PathControl. . . . .
full BGP feed . . . . . . .
function values . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. 33
. 72
. 74
. 75
47, 76
. . 66
. . 72
. . 10
. . 65
G
GRE . . . . . . . . . . . . . . . . . . . . 20, 40, 41
GSLB . . . . . . . . . . . . . . . . . . . . . . . 10
H
hard disk . . . .
Help Menu . . .
About . . . .
high availability .
hostname . . .
HTTP . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
IBGP . . . . . . . . . . .
ICMP . . . . . . . . . . .
interface . . . . . . . . . .
ip address . . . . . . . . .
ip http server header append
ip http server on . . . . . .
ip route . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . 38
. . 21
34, 41
. . 34
. . 31
. . 46
35, 41
27
77
77
10
35
46
I
Issue 1 June 2006
79
Index
J
Java . . . . . . . . . . . . . . . . . . . . . . 9, 46
Jitter per Network . . . . . . . . . . . . . . . . . 52
L
license . . . . . . . . . . . . . . . . . . . . . . .11
link . . . . . . . . . . . . . . . . . . . . . . . 36, 40
Loss per Network . . . . . . . . . . . . . . . . . 52
M
maximum . . . . . . .
maximum user sessions
Measurements . . . . .
minimum . . . . . . .
module command . . .
multi-homed . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
65
49
52
65
40
10
NAT. . . . . . . . . . .
neighbor link . . . . . . .
neighbor remote-as . . .
network address translator
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
10
37
38
10
P3P . . . . . . . . . . . . . .
password recovery . . . . . . .
PBR . . . . . . . . . . . . .
Per-Network Information . . . .
Platform for Privacy Preferences
plug-in . . . . . . . . . . . .
policy based routing . . . . . .
privacy . . . . . . . . . . . .
provider-as . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
31
25
10
53
31
46
10
31
36
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . 73
. 27, 74
. . 10
. . 22
. . 23
save . . . . . . . . . . . . . . . . . .
Save As . . . . . . . . . . . . . . . . .
security warning . . . . . . . . . . . . .
Show Commands (and Visual Traceroute) .
.
.
.
.
.
.
.
.
.
.
.
.
. 72, 74
. . 73
. . 47
. . 70
N
P
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
41
77
35
24
34
48
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
21
67
70
58
72
41
T
tcp . . . . . . .
tic marks . . . .
time stamp . . .
timezone . . . .
To PathControl .
tunnel . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
U
Upload . . . . . . . . . . . . . . . . . . . . . . . 73
user account . . . . . . . . . . . . . . . . . . . . 25
UTT . . . . . . . . . . . . . . . . . . . . . . . . 21
V
VIP . . . . . . . . . . . . . . . . . . . . . . 15, 40
vip command . . . . . . . . . . . . . . . . . . . . 40
Visual Traceroute . . . . . . . . . . . . . . . . . . 70
Y
9,
.
.
.
R
Rename . . . . .
restore . . . . .
round-robin . . .
route-assert-mode
RSOS . . . . . .
show interface . . . . . . .
Show Menu . . . . . . . .
show running-config . . . .
startup configuration . . . .
subsystem . . . . . . . . .
Support Documentation link .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
S
80 CNA Fundamentals Guide, Software Version 3.1
Y-axis tic marks . . . . . . . . . . . . . . . . . . 67
Download PDF
Similar pages