LAN Switching and WAN Networks

LAN Switching and WAN Networks
Troubleshooting and Maintaining

Switched LAN(II)
Topic & Structure of the lesson
Troubleshooting and Maintaining Switched LAN(II)
•Configuration of Automated Management Tools
•Troubleshooting Switched Networks
CT032-LAN Switching and WAN Networks

Learning Outcomes
At the end of this module, YOU should be able to:
• Explain the different automated tools used to monitor and manage

switched LANs.
• Explain the different elements and factors considered when

monitoring the switched LANs.
• Explain the objectives and approaches adopted for troubleshooting

switched LANS.

Key Terms you must be able to use
If you have mastered this topic, you should be able to use the
following terms correctly in your assignments and tests:
• Alarm Limits and Thresholds
• RMON History
• Statistics Logging Applications
• Automated Management Tools Implementation
• Troubleshooting Tools

Main Teaching Points
•Configuration of Automated Management Tools
•Troubleshooting Switched Networks

Configuration of Automated Management Tools

 Introduction
 Monitoring a switched network involves the configuration of
automated tools integrated into the switch to detect
immediate changes in the network
 These tools monitor many of the same statistics as the
baselining process
 Instead of gathering long-term statistical data, these tools
are concerned only with the immediate state of the
network in order to quickly detect when critical thresholds
have been exceeded
 By implementing these tools, the network can be
configured to continuously watch for potential error
conditions and notify the system administrator of these
conditions
 Following are some of the tools commonly available to
automate network monitoring

 Alarm limits and Thresholds
 Alarm limits and thresholds are the primary tools for
automated management of a switched network
 This category of network monitoring tool defines any
embedded threshold monitoring capability of a network
device
 If the network device can be told to watch a network
statistic and notify a network management station if a
threshold is crossed, that operation is considered an
alarm limit or threshold function
 There are two types of alarm limit or threshold
implementations available in most LAN switches:
 1.RMON Alarm and Events: any RMON version 1 –
complaint network device implementing groups 3 and 9
has the capability to watch for network events


 2. Vendor-Specific Thresholds: Most vendors have
proprietary monitoring functions that watch a fixed set of
statistics on the devices ports. The statistics monitored
are usually focused on the traffic and error rates of
individual ports
 To use these alarm limits and thresholds tools, the usual
configuration requires several parameters listed below:
http://www.statseeker.com/Thresholds.html
Parameter Description
Statistics This parameter defines what statistic should be watched. When configuring with RMON
alarms, the choice of statistics usually includes all MIB values in the device.
Threshold This is the value the statistics must reach for this alarm to be activated. This value is time
dependent, based on the next parameter. If the network has been properly baselined,
the values to be used here will be known.
Time frame This value defines how often a statistic should be sampled to determine if an alarm
threshold has been reached.
Type of threshold Usually, alarms are configured to be triggered if a value exceeds a certain level. In RMON
alarms it is possible to also configure falling alarms to watch for statistical values
below a defined level.

 Switches in the core of the network will focus on watching
for excessive backbone link traffic levels
 A switch in the periphery area of the network may be more
concerned with monitoring broadcast rates to protect
against excessive broadcast rates generated from an
attached device or segment
 RMON History
 It is used extensively in the network baselining process
 In this role it provides a historical view of the network capacity
and allows the network administrator to understand growth
patterns and potentially disruptive error and broadcast rates
 This tool can also be used in conjunction with the alarm
limits discussed previously to provide more information
about the network if an alarm is triggered
 When configuring RMON histories for use as a tool to examine
the network following an alarm, choosing an appropriate
duration is critical

 The general rule is to use a duration a few hours longer than the
average response time the support staff spends identifying the
problems
 In most network support roles, network problems are detected
either via an alarm in a network management system or a call
from an end user complaining about network connectivity
 Once the alarm is seen or a call is received, the support staff
begins the process of diagnosing the real issue
 The support staff will need to determine if network statistics
indicate an obvious issue, such as a high error rate or
excess broadcast level
 The RMON history is an excellent tool for this examination
 In order to successfully use the history, it should collect data
for at least a few hours longer than the time it takes to
detect a problem and begin the information gathering
process


 Statistics Logging Applications
 In addition to the RMON history groups, any one of various
vendors’ statistics logging tools can be configured to assist in
the automated management of a switched network
 These tools are usually included by default in all major
network management applications, such as SunNET
Manager, Hewlett-Packard OpenView, Cabletron Spectrum for
Open Systems, and IBM NetView 6000.
 Each of these network management platforms allows any MIB
variable to be polled periodically and logged to a database
 That information can then be used to produce reports and
graphs regarding that statistic
 In the process of automating the management of a switched
network, the gathering and observation of critical information is
vital
 If critical statistics are constantly observed, major changes in
those network values can be observed before the change is

damaging to the network operation
 The two major areas of statistics that may require logging
beyond the basic RMON segment histories are device operation
statistics and additional network segment statistics
 Device operation statistics are the MIB values on a
particular network devices such as a server, switch, or
gateway that defines its current condition or capabilities
 Additional network segment statistics are MIB variables on
switches and probes that define additional network-specific
statistics, such as protocol breakdown, frame size
distribution, and address count
 Since each device will have a proprietary MIB, there is no
common value that can be used to observe all critical statistics.
 The following table lists some typical device and network
statistics that should be logged on the network


Sample Statistics to Be Logged
Statistic Devices Description
Average CPU Servers, routers Polling a server or router for average CPU load is an excellent gauge of
load the operation of that device. Since servers and routers are primarily
software-driven devices, extremely high average CPU load could be
an indication that they are unable to perform their specified tasks.
User count Servers On servers with a specified number of licenses, monitoring the current
user count is critical to prevent a situation in which authorized users
are unable to attach to that server. By watching the user count on the
servers over time, proper decisions can be made regarding
increasing the user license on a particular server before the
maximum user limit is reached.
SAT size Switches On traditional LAN switches, the source address table should be
monitored to determine the number of active users on the switched
network. Generally, only a few switches should be logged, since the
size of the SAT will be almost the same on all switches in complex
networks.

HP OpenView Network Node Manager

SunNET Manager


 Automated Management Tools Implementation Process
 In order to get to this stage of automated switched network
management, the steps shown in the following figure should be
followed:
T=0 Step 1: Configure RMON history, HostTopN, statistics, and
contact logging on all switched areas. This will begin
the data gathering process.
T = 1 Week Step 2: Extract first week’s data from all devices. Using this
information, produce graphs indicating utilization and
error rate of each segment, overall broadcast and
multicast rates top 20 traffic, broadcast and multicast
generators, and contact status of all switches.
T = 1 Week Step 3: Determine alarm limit values from graphs produced in
step 2. Set alarm limits from rising and falling
thresholds on each statistic. Set short-term RMON
history and set logging for any other critical
information.
T = 4 Week Step 4: Watch for any alarms. If alarms triggers, determine if
it is a false alarm. If the alarm did not indicate a
failure, adjust the rising or falling threshold values to
prevent repeat alarms. When no false alarm are seen,
alarm limits have been properly configured and calibrated.
Troubleshooting Switched Networks

 Troubleshooting Tools
 Even the most soundly designed and built networks will
eventually experience some type of failure
 Without total control, a variety of disruptive or faulty devices can
be added to the network by the user community
 It is important to recognize that sooner or later the system
administrator will have to troubleshoot a problem affecting
network operations
 This section is focused on the processes and tools that will
allow identified network related problems to be resolved
 There are many specific tools that can be utilized to
troubleshoot switched networks
 Each tool provides some level of information that can identify
causes of network-related failures
 LAN analyzers:
 All LAN analyzers are designed primarily to monitor network
segments, capture the traffic, and decode the packets into

usable form. Most are able to recognize well-known types of
failures and provide a summarized symptom report
describing a possible cause of this failure.
 RMON:
 The RMON statistics and history groups are most useful
in troubleshooting faulty network segments, while
the host, HostTopN, and matrix groups are best used to
identify end-system-related issues
 In most situations, RMON can be used as the primary
troubleshooting tool when network connectivity is failing
 Other MIBs:
 While RMON is a very good standard MIB for segment
and network analysis, most vendors of networking
hardware will support a very comprehensive set of
proprietary and standard-based MIBs
 These MIBs will provide a variety of information
related to other areas of network operation

 Network maps:
 A comprehensive physical and logical map of the
network is an invaluable troubleshooting tool
 This type of map can be in the form of the view of a
network management software interface or can be CAD
drawings of the network connectivity
 If a good map of the network is available, it is usually
possible to determine if the failures on a network
have some common element
 Using these tools, the network support personnel should be
able to execute a variety of troubleshooting processes
 This set of tools could be considered the basic toolkit of the
network support person

Quick Review Question

Example: RMON
RMON: Remote Monitoring

Example: RMON

Examples: Rising and Falling Threshold

Example: Network Map
Network Map: LANState pro

Example: Network Map
Network Map: Network Map

AutoDraw
Summary of Main Teaching Points

Question and Answer Session
Q&A

References for Figures used
• Lammle T, (2007) CCNA Study Guide, Sybex
• Odom S, Nottingham H (2002), Cisco Switching Black Book:

A Practical in Depth Guide to Configuring, Operating and
Managing Cisco LAN Switches, Paraglyph Press.
• John J. Roese, (1998) Switched LANs, McGraw-Hill

Next Session
• Additional vendor enhancements to

LAN switches: Virtual LANs

LAN Switching and WAN Networks

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

LAN Switching and WAN Networks

Uploaded by

Copyright:

Available Formats

LAN Switching and WAN Networks

Troubleshooting and Maintaining

•Configuration of Automated Management Tools

•Troubleshooting Switched Networks

CT032-LAN Switching and WAN Networks

At the end of this module, YOU should be able to:

• Explain the different automated tools used to monitor and manage

• Explain the different elements and factors considered when

• Explain the objectives and approaches adopted for troubleshooting

CT032-LAN Switching and WAN Networks

• Statistics Logging Applications

• Automated Management Tools Implementation

CT032-LAN Switching and WAN Networks

•Configuration of Automated Management Tools

•Troubleshooting Switched Networks

CT032-LAN Switching and WAN Networks

Troubleshooting and Maintaining Switched LAN(II)

Troubleshooting and Maintaining Switched LAN(II)

CT032-LAN Switching and WAN Networks

Troubleshooting and Maintaining Switched LAN(II)

Troubleshooting and Maintaining Switched LAN(II)

Troubleshooting and Maintaining Switched LAN(II)

CT032-LAN Switching and WAN Networks

Troubleshooting and Maintaining Switched LAN(II)

Troubleshooting and Maintaining Switched LAN(II)

CT032-LAN Switching and WAN Networks

Troubleshooting and Maintaining Switched LAN(II)

CT032-LAN Switching and WAN Networks

CT032-LAN Switching and WAN Networks

CT032-LAN Switching and WAN Networks

Troubleshooting and Maintaining Switched LAN(II)

Troubleshooting and Maintaining Switched LAN(II)

Troubleshooting and Maintaining Switched LAN(II)

Troubleshooting and Maintaining Switched LAN(II)

CT032-LAN Switching and WAN Networks

CT032-LAN Switching and WAN Networks

RMON: Remote Monitoring

CT032-LAN Switching and WAN Networks

RMON: Remote Monitoring

CT032-LAN Switching and WAN Networks

RMON: Remote Monitoring

CT032-LAN Switching and WAN Networks

Network Map: LANState pro

CT032-LAN Switching and WAN Networks

Network Map: Network Map

CT032-LAN Switching and WAN Networks

CT032-LAN Switching and WAN Networks

• Lammle T, (2007) CCNA Study Guide, Sybex

• Odom S, Nottingham H (2002), Cisco Switching Black Book:

• John J. Roese, (1998) Switched LANs, McGraw-Hill

CT032-LAN Switching and WAN Networks

• Additional vendor enhancements to

CT032-LAN Switching and WAN Networks

You might also like