VPN Console: Monitoring Menu

Transcription

1 CHAPTER 8 This chapter provides an explanation of collection tasks and reports categorized under the Monitoring menu option, as follows: Collect Router Configuration Files, page 8-2 Collect VPN Accounting Data, page 8-10 Collect VPN Routing Information, page 8-17 Configure Traps, page 8-21 Interface Statistics, page 8-34 Poll a Router s CAR MIB, page 8-39 Provision SLA Definitions and Collect SLA Data, page 8-47 View Accounting Reports, page 8-79 View CAR MIB Reports, page 8-95 View Data Report, page View SLA Reports, page View Verification Report, page XML Data Query Tool, page Figure 8-1, Monitoring Menu, provides a view of the Monitoring menu in the menu task bar. Figure 8-1 Monitoring Menu 8-1

2 Collect Router Configuration Files Chapter 8 Collect Router Configuration Files This section contains the following categories: Description Setting Up Routers for Collection How to Collect Router Configuration Files Description Collect router configuration files to audit services provisioned by MPLS VPN Solution. You must do this after you populate targets and the directory repository and prior to any other steps. Setting Up Routers for Collection To set up routers for collection, be sure to implement the following requirements: Setting csm.properties File for Customized Router Prompts Setting Up the Domain Name Server Properly Setting csm.properties File for Customized Router Prompts When setting up collection from routers, be sure that all the routers have the same prompts as in the csm.properties file for netsys.router.loginprompt and netsys.router.passwordprompt. The default values match the default values on Cisco routers. They are as follows: netsys.router.loginprompt = Username: netsys.router.passwordprompt = Password: If you use nonstandard router prompts in the csm.properties file, be sure you set the same values for all the routers from which you collect. Setting Up the Domain Name Server Properly When DNS is being used in the customer s network, it is also recommended that IP addresses are configured in the target database. If DNS is not properly configured on the routers and no IP addresses are configured in the target database, collections will fail due to a time-out. If collections fail, verify that DNS is enabled by entering the following commands on the router: ip domain-lookup ip name-server <a.b.c.d> where: <a.b.c.d> is a valid DNS. Note If DNS is not being used in the customer network, DNS should be disabled on all routers. To disable DNS, it is important to enter the following command on all routers: no ip domain-lookup 8-2

3 Chapter 8 Collect Router Configuration Files How to Collect Router Configuration Files To collect configuration files, targets must first be created in the database. One way to create targets in a database is Setup > Create Targets From Router Configurations. This will create targets based on the router configuration files in a specified directory. A network is created for the new targets. Note Another way to create a new target is explained in the New Target section on page In this method, however, configuration files are not created as in the method Setup > Create Targets From Router Configurations. To collect router configuration files, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > Collect Router Configuration Files, as shown in Figure 8-2, Collect Router Configuration Files. Figure 8-2 Collect Router Configuration Files Note Step 2 Step 3 An alternative to selecting Monitoring > Collect Router Configuration Files is to select Tools > Tasks and then in the Actions menu item, select New Task > Collect Router Configuration Files and click Ok. Both paths navigate to the same wizard. The next window provides information about the choices: collecting the Cisco router configuration from the selected routers or importing Cisco router configuration files. This is just an information window; click Next to continue. The next window is shown in Figure 8-3, Action to Perform for Collect Router Configuration. 8-3

4 Collect Router Configuration Files Chapter 8 Figure 8-3 Action to Perform for Collect Router Configuration Step 4 This window allows you to collect router configuration information from either of the following: Live Collection of Router Configuration, page 8-4 Import Router Configuration from Files, page 8-7 Click Next to continue. Live Collection of Router Configuration Live collection of router configuration performs a telnet operation to the routers to collect the running configuration of each router. A prerequisite is to configure the password database with passwords. For collection of router configuration, you have navigated from VPN Console > Monitoring > Collect Router Configuration > Live Collection of Router Configuration. Implement the following steps: Step 1 The window, as shown in Figure 8-4, Selecting Devices for Router Configuration Collection, allows you to specify the devices from which to collect router configuration. In the window in Figure 8-4, Selecting Devices for Router Configuration Collection, first click the Network drop-down menu to choose a specific network. This window has two areas with the column headings Network, Name, Domain, and Role. The upper area includes all the routers within the network selected from the Network drop-down menu. The lower area is populated to include all the routers that you choose in Step 2 and Step 3. In the upper area, you can sort the routers on each of the column headings, Network, Name, Domain, and Role. Just click that column header to sort on it. Because the names are unique, you will probably want to sort on Name. 8-4

5 Chapter 8 Collect Router Configuration Files Figure 8-4 Selecting Devices for Router Configuration Collection Step 2 Step 3 Step 4 Step 5 This step explains how to move routers from the upper area to the lower area, thus selecting the routers from which router configuration data is collected. If you do not select any devices in the upper area, you can select Add All and all the devices appear in the lower area. If you select one or more devices, you can click Add and only those devices appear in the lower area. If you decide not to choose the routers now listed in the lower area, you can either select Remove All to eliminate all the selections in the lower area, or you can select those devices that you want to eliminate and click Remove. You can continue editing the set of routers in the lower area by repeating Step 2 and Step 3. Click Next, when you want to choose the devices that appear in the lower block as the devices from which router configuration data will be collected. The next window is shown in Figure 8-5, Selecting Additional Configuration Collection Options. 8-5

6 Collect Router Configuration Files Chapter 8 Figure 8-5 Selecting Additional Configuration Collection Options Step 6 Step 7 Step 8 The window in Figure 8-5, Selecting Additional Configuration Collection Options, allows you to Mask passwords in collected files or not. Masked passwords appear as XXX X in the collected configuration. Leave the default of Mask passwords in collected files or unselect it. Click Next to continue. In the next window, as shown in Figure 8-6, Providing a Task Name for Live Collection of Router Configuration, provide a unique Task Name. Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can select a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. 8-6

7 Chapter 8 Collect Router Configuration Files Figure 8-6 Providing a Task Name for Live Collection of Router Configuration Step 9 Step 10 Step 11 Step 12 Step 13 Click Next to continue. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 12. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 11. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 12. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 10 or Step 11. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. Import Router Configuration from Files Collected router configurations that exist in files in a directory can be imported. A network must first be created by navigating Device > Targets > New Target. 8-7

8 Collect Router Configuration Files Chapter 8 Note It is critical that each filename being imported is the same as the name of the corresponding router. If a domain name is defined, this must be used as an extension to the filename. For example, if the router name is Router1 and the domain name is mydomain.com, the name of the file must be Router1.mydomain.com. All files in this directory must be configuration files. To import router configurations from files, you have navigated from VPN Console > Monitoring > Collect Router Configuration > Import Router Configuration from Files. Implement the following steps: Step 1 The window, as shown in Figure 8-7, Selecting Directory with Configuration Files to Import, allows you to specify the directory that contains configuration files to import. Either enter the complete path name of the directory, if you know it, or choose the Browse button to navigate to the directory. Then click Next to continue. Figure 8-7 Selecting Directory with Configuration Files to Import The next window, as shown in Figure 8-8, Selecting Name of Network that Contains the Routers Corresponding to the Configuration Files to Import, allows you to select the name of the network containing the routers for the configuration files that you want to import. 8-8

9 Chapter 8 Collect Router Configuration Files Figure 8-8 Selecting Name of Network that Contains the Routers Corresponding to the Configuration Files to Import Step 2 Step 3 Step 4 Click the drop-down menu and click a network that was created in the hierarchy pane navigating Device Inventory > Targets > New Target. Click Next to continue. In the next window, as shown in Figure 8-9, Providing a Task Name for Importing Router Configurations, provide a unique Task Name. Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can highlight a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. 8-9

10 Collect VPN Accounting Data Chapter 8 Figure 8-9 Providing a Task Name for Importing Router Configurations Step 5 Step 6 Step 7 Step 8 Step 9 Click Next to continue. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 8. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 7. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 8. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 6 or Step 7. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. Collect VPN Accounting Data This section contains the following categories: Description Prior to Collecting VPN Accounting Data How to Collect VPN Accounting Data 8-10

11 Chapter 8 Collect VPN Accounting Data Description Accounting data is collected to provide end-to-end usage information on VPN-based network traffic and to provide a complete billing solution. Collected accounting data is used by the Accounting Server for various levels of aggregation for accounting reports and API accounting information. Prior to Collecting VPN Accounting Data SNMP Settings Prior to collecting VPN Accounting data, implement the following sections: SNMP Settings section on page 8-11 NetFlow Settings on the Router section on page 8-12 NetFlow Settings on NetFlow Collector section on page 8-12 Prior to collecting VPN Accounting data, implement the following steps for each and every PE router, to determine whether SNMP is enabled. If SNMP is enabled, these steps will lead you to the first GUI path. If SNMP is not enabled, these steps will direct you on how to enable SNMP. Step 1 Step 2 Step 3 Step 4 Step 5 In a UNIX terminal window, enter the command telnet <routername>, where <routername> is the name of the router that you are checking. Go into the enable state. Enter the command show snmp. Determine whether the following line is present: % SNMP agent not enabled If the line in Step 4 is not present, you have determined that SNMP is enabled. Then enter the show run command to view the SNMP community strings at the end of the configuration file. The strings shown in Step 7 appear near the end of the listing. If you have more routers to verify, return to Step 1 and follow these steps for the next router that you want to verify. Otherwise, proceed to the NetFlow Settings on the Router section on page If the line in Step 4 is present, proceed to Step 6. Step 6 To turn on SNMP, at the prompt, enter the command config t. Step 7 Enter the following commands: snmp-server community <userstring> RO Step 8 snmp-server community <userstring> RW where: <userstring> is typically public with the RO setting and private with the RW setting. If you have more routers to verify, return to Step 1 and follow these steps for the next router that you want to verify. 8-11

12 Collect VPN Accounting Data Chapter 8 Note These SNMP strings must agree with those listed in the target password database for each router. (Refer to the New Target section on page 12-4.) NetFlow Settings on the Router NetFlow Collector must be running. Step 1 Issue the following commands once per PE: ip flow-export version 5 ip flow-export destination <ipaddress> <port> Note Step 2 Step 3 The VERSION and PORT parameters must coincide with the settings configured in the NetFlow Collector. Activate the CE-facing MAJOR Interface, as follows: ip route-cache flow To see current flows in the router flow-cache, issue the following command: show ip cache flow NetFlow Collector uses a pre-allocated cache, which by default has 64K entries where each flow (uni-directional) gets one entry. Each entry uses 68 bytes. The number of NetFlow Collector entries can be expanded if traffic requirements and machine resources warrant, as follows: ip flow-cache entries <#> NetFlow Settings on NetFlow Collector Implement the following steps: Step 1 Step 2 On the NetFlow Collector device, edit the nf.resources file as follows: #Set format to Comma Separated for VPNSC: CSV_FORMAT YES #Use long file names with dates: LONG_OUTPUTFILE_SUFFIX yes On the NetFlow Collector device, edit the nfconfig.file file as follows: #Use the Detail Call Record aggregation scheme for VPNSC: Thread DETCALLREC Aggregation DetailCallRecord Period 30 Port

13 Chapter 8 Collect VPN Accounting Data State Active DataSetPath /opt/csconfc/data Binary Yes Compression No Max Usage Note Failure to do this results in blank VPN accounting reports. How to Collect VPN Accounting Data To collect VPN accounting data, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > Collect VPN Accounting Data, as shown in Figure 8-10, Collect VPN Accounting Data. Figure 8-10 Collect VPN Accounting Data Note An alternative to selecting Monitoring > Collect VPN Accounting Data is to select Tools > Tasks and then in the Actions menu item select New Task > Collect VPN Accounting Data and click Ok. Both paths navigate to the same wizard. The resulting window is shown in Figure 8-11, Collect VPN Accounting Data Intro. Be sure to read the recommended scheduling frequency. 8-13

14 Collect VPN Accounting Data Chapter 8 Figure 8-11 Collect VPN Accounting Data Intro Step 2 Click Next to continue. The next window, as shown in Figure 8-12, Selecting Devices for Accounting Collection, allows you to specify the NetFlow Collector from which to collect accounting information. Figure 8-12 Selecting Devices for Accounting Collection 8-14

15 Chapter 8 Collect VPN Accounting Data Step 3 Step 4 In the window in Figure 8-12, Selecting Devices for Accounting Collection, first click the Network drop-down menu to choose a specific network. This window has two areas with the column headings Network, Name, Domain, and Role. The upper area includes all the targets selected in this step. The lower area is populated to include all the targets that you choose in Step 4 and Step 5, that is, all the collectors. In the upper area, you can sort the collectors on each of the column headings, Network, Name, Domain, and Role. Just click that column header to sort on it. This step explains how to move devices to the lower area, thus selecting the NetFlow Collector hosts (indicated as Net Flow in the Role column) from which accounting data will be collected. If you do not select any devices in the upper area, you can select Add All and all the devices appear in the lower area. If you select one or more devices, you can click Add and only those devices appear in the lower area. Note Step 5 Step 6 Step 7 For traffic to be properly mapped across the VPN network, all NetFlow collectors must be collected from in a single task. If you decide not to choose the devices now listed in the lower area, you can either select Remove All to eliminate all the selections in the lower area, or you can select those devices that you want to eliminate and click Remove. You can continue editing the set of devices in the lower area by repeating Step 4 and Step 5. Click Next, when you want to choose the devices that appear in the lower block as the collectors for which accounting data will be collected. In the next window, as shown in Figure 8-13, Providing a Task Name for Collection of Accounting Data, provide a unique Task Name. Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can highlight a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. 8-15

16 Collect VPN Accounting Data Chapter 8 Figure 8-13 Providing a Task Name for Collection of Accounting Data Step 8 Step 9 Step 10 Step 11 Step 12 Click Next to continue. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 11. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 10. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 11. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 9 or Step 10. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. Note Now that you have collected data for accounting, you can view this data as directed in the View Accounting Reports section on page

17 Chapter 8 Collect VPN Routing Information Collect VPN Routing Information This section contains the following categories: Description Setting Up Routers for Collection How to Collect VPN Routing Information Description When you collect VPN routing information, you collect all VPN routing related tables from a Cisco router. You collect the VRF table, VPN CEF table, and BGP tag table. All these tables are correlated into one table called the VFIT (VPN Forwarding Info Table). This VFIT table is stored in the collection repository. The MPLS VPN Solution accounting and auditing modules use the VFIT table for their internal calculation. When the accounting collection is scheduled, a new VFIT table is automatically collected as part of that process, but the auditing does not collect a new VFIT table. The auditor uses the last VFIT table in the Repository. Therefore, for a meaningful audit, before you run the audit you should Collect VPN Routing Information, which collects the VFIT table. Setting Up Routers for Collection To set up routers for collection, be sure to implement the following requirements: Setting csm.properties File for Customized Router Prompts Setting Up the Domain Name Server Properly Setting csm.properties File for Customized Router Prompts When setting up collection from routers, be sure that all the routers have the same prompts as in the csm.properties file for netsys.router.loginprompt and netsys.router.passwordprompt. The default values match the default values on Cisco routers. They are as follows: netsys.router.loginprompt = Username: netsys.router.passwordprompt = Password: If you use nonstandard router prompts in the csm.properties file, be sure you set the same values for all the routers from which you collect. Setting Up the Domain Name Server Properly When DNS is being used in the customer s network, it is also recommended that IP addresses are configured in the target database. If DNS is not properly configured on the routers and no IP addresses are configured in the target database, collections will fail due to a time-out. If collections fail, verify that DNS is enabled by entering the following commands on the router: ip domain-lookup ip name-server <a.b.c.d> where: <a.b.c.d> is a valid DNS. 8-17

18 Collect VPN Routing Information Chapter 8 Note If DNS is not being used in the customer network, DNS should be disabled on all routers. To disable DNS, it is important to enter the following command on all routers: no ip domain-lookup How to Collect VPN Routing Information To collect VPN routing information for Audit Routing, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > Collect VPN Routing Information, as shown in Figure 8-14, Collect VPN Routing Information. Figure 8-14 Collect VPN Routing Information Note Step 2 Step 3 An alternative to selecting Monitoring > Collect VPN Routing Information is to select Tools > Tasks and then in the Actions menu item select New Task > Collect VPN Routing Information and click Ok. Both paths navigate to the same wizard. An introduction explains that this will set up a scheduled task that collects VPN routing information from Cisco routers. This information is necessary for the Use VPN routing information during audits behavior modifier option of the audit reports. The information is also used to generate VPN accounting reports (accessible from the Monitoring menu). Click Next to continue. The next window, as shown in Figure 8-15, Selecting Devices for VPN Routing Information Collection, allows you to specify devices for which to collect VPN routing information. In the window in Figure 8-15, Selecting Devices for VPN Routing Information Collection, first click the Network drop-down menu to choose the device from a specific network. This window has two areas with the column headings Network, Name, Domain, and Role. The upper area includes all the routers selected by choosing a network from the Network drop-down menu. The lower area is populated to include all the routers that you choose in Step 4 and Step 5. In the upper area, you can sort the routers on each of the column headings, Network, Name, Domain, and Role. Just click that column header to sort on it. 8-18

19 Chapter 8 Collect VPN Routing Information Figure 8-15 Selecting Devices for VPN Routing Information Collection Step 4 This step explains how to move routers from the upper area to the lower area, thus selecting the routers from which VPN routing information is collected. Note Step 5 Step 6 Step 7 Select only PEs, because there is no VPN routing information in CEs. Do NOT use the Add All button. If you do not select any devices in the upper area, you can select Add All and all the devices appear in the lower area. If you select one or more devices, you can click Add and only those devices appear in the lower area. If you decide not to choose the devices now listed in the lower area, you can either select Remove All to eliminate all the selections in the lower area, or you can select those devices that you want to eliminate and click Remove. You can continue editing the set of routers in the lower area by repeating Step 4 and Step 5. Click Next, when you want to choose the devices that appear in the lower block as the devices for which VPN routing information will be collected. In the next window, as shown in Figure 8-16, Providing a Task Name for Collection of VPN Routing Information, provide a unique Task Name 8-19

20 Collect VPN Routing Information Chapter 8 Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can highlight a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. Figure 8-16 Providing a Task Name for Collection of VPN Routing Information Step 8 Step 9 Step 10 Step 11 Click Next to continue. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 11. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 10. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 11. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 9 or Step 10. When you are ready to save and schedule the task, click Next. 8-20

21 Chapter 8 Configure Traps Step 12 You are informed that all steps are done. Click Close to close the wizard. Configure Traps This section contains the following categories: Description, page 8-21 Example of the Flow of Configure Traps, page 8-21 Set Up Prior to Configuring Traps, page 8-22 Register for Config Change Traps, page 8-27 Deregister for Config Change Traps, page 8-31 Property Settings, page 8-34 Description Router configurations, known as configuration files, are usually collected at regular intervals and then examined for changes that affect the way the routers do their jobs. The normal collection process does not separate the routers whose configuration files have changed from the routers whose configuration files have not changed. However, the routers whose configuration files have changed are the only ones that need to be collected. SmartCollector finds the routers whose configuration files have changed and puts them in a group to have their configuration files collected. With SmartCollector, we create a task and schedule it to be run once. When it executes, all the targeted routers are instructed to advise the MPLS VPN Solution software using the Simple Network Management Protocol (SNMP) of any change to their configuration files. MPLS VPN Solution, through the trapcatcher daemon, notes these traps and keeps track of the routers whose configuration files have changed, and thus need to be collected. The purpose of configuring traps (SmartCollector) is to efficiently collect router configuration files from a set of routers grouped by network. An example of the potential substantial savings is a scenario in which a network has 200 routers but the configuration files for only 20 of the routers have changed. In this example, SmartCollector only collects the configuration files for the 20 that have changed rather than for all 200 routers. If on average only 10% of the routers have their configuration files changed between scheduled collections, each SmartCollection takes only 10% of the resources of a full collection. Note that periodically (as determined by the cycle_t variable in csm.properties), collection occurs from all routers in the original target list, and the reduced target list is ignored. Thus even those routers whose traps failed to reach the MPLS VPN Solution are collected periodically. Example of the Flow of Configure Traps The following is an example of the flow of execution: 1. Create collect router configuration files, as explained in the Poll a Router s CAR MIB section on page 8-39, for network N1 (which contains routers: R0, R1, R2, R3, R4). 2. Every hour, the scheduler executes a Collect Config task, which collects from the routers: R0, R1, R2, R3, nd R

22 Configure Traps Chapter 8 3. The weakness with this process is that most router configuration files will not have changed and effort is wasted. 4. Solution: Execute Register for config change traps for the specified routers in network N1. This task instructs all IOS version 12.x based routers to inform MPLS VPN Solution using SNMP traps if configuration files change (from the terminal or by trivial file transfer protocol (tftp)). 5. Starting with the next execution of a Collect Config task, the Collect Config task collects the configuration files of only those routers that have sent SNMP traps to MPLS VPN Solution, signifying that their configuration files may have changed. 6. Every time period defined in the csm.properties file by the cycle_t parameter, the Collect Config task makes a complete collection. 7. In this example, let us assume that the cycle_t parameter is set to 250 minutes, and let us assume that the Collect Config task is scheduled to execute every hour starting at 1:00 p.m. Let us also assume that the Register for config change traps task was initiated at 1:25 p.m. 8. At 1:00 p.m. a complete collection is executed. 9. No Collect Config task executes when Register for config change traps executes at 1:25 p.m. 10. At 2:00 p.m., a full collection occurs because it is the first collection after Register for config change traps was executed. 11. At 3:00 p.m., 4:00 p.m., 5:00 p.m., and 6:00 p.m., the Collect Config task executes but collects configuration files only for those routers that have sent traps and are in the Collect Config task s original list of targets. 12. At 7:00 p.m. a full collection occurs, based on the following logic: Note The clock starts for the cycle_t parameter after the first full collection when SmartCollector is turned on. The next full collection is the first Collect Configs task scheduled after meeting the minimum of the cycle_t parameter, based on SmartCollector. In this example, the clock starts for the cycle_t parameter at 2:00 p.m., when the full collection occurs after Register for config change traps is executed. Then 250 minutes, the value of the cycle_t parameter, is added to the start time of 2:00 p.m. resulting in 6:10p.m. The next scheduled collection is 7:00 p.m., which is when the next full collection occurs. Set Up Prior to Configuring Traps To set up prior to configuring traps, be sure to implement the following requirements: Setting csm.properties File for Customized Router Prompts section on page 8-17 Setting Up the Domain Name Server Properly section on page 8-17 SNMP Settings section on page 8-23 Populate Interface Information for Cisco Router Targets section on page

23 Chapter 8 Configure Traps Setting csm.properties File for Customized Router Prompts When setting up collection from routers, be sure that all the routers have the same prompts as in the csm.properties file for netsys.router.loginprompt and netsys.router.passwordprompt. The default values match the default values on Cisco routers. They are as follows: netsys.router.loginprompt = Username: netsys.router.passwordprompt = Password: If you use nonstandard router prompts in the csm.properties file, be sure you set the same values for all the routers from which you collect. Setting Up the Domain Name Server Properly When DNS is being used in the customer s network, it is also recommended that IP addresses are configured in the target database. If DNS is not properly configured on the routers and no IP addresses are configured in the target database, collections will fail due to a time-out. If collections fail, verify that DNS is enabled by entering the following commands on the router: ip domain-lookup ip name-server <a.b.c.d> where: <a.b.c.d> is a valid DNS. Note If DNS is not being used in the customer network, DNS should be disabled on all routers. To disable DNS, it is important to enter the following command on all routers: no ip domain-lookup SNMP Settings Prior to entering the GUI path for configuring traps, implement the following steps for each and every router, to determine whether SNMP is enabled. If SNMP is enabled, these steps will lead you to the first GUI path. If SNMP is not enabled, these steps will direct you on how to enable SNMP. Step 1 Step 2 Step 3 Step 4 Step 5 In a UNIX terminal window, enter the command telnet <routername>, where <routername> is the name of the router that you are checking. Go into the enable state. Enter the command show snmp. Determine whether the following line is present: % SNMP agent not enabled If the line in Step 4 is not present, you have determined that SNMP is enabled. Then enter the show run command to view the SNMP community strings at the end of the configuration file. The strings shown in appear near the end of the listing. If you have more routers to verify, return to Step 1 and follow these steps for the next router that you want to verify. Otherwise, proceed to the Populate Interface Information for Cisco Router Targets section on page If the line in Step 4 is present, proceed to Step 6. Step 6 To turn on SNMP, at the prompt, enter the command config t. 8-23

24 Configure Traps Chapter 8 Step 7 Enter the following commands: snmp-server community <userstring> RO Step 8 snmp-server community <userstring> RW where: <userstring> is typically public with the RO setting and private with the RW setting. If you have more routers to verify, return to Step 1 and follow these steps for the next router that you want to verify. Note These SNMP strings must agree with those listed in the target password database for each router. (Refer to Chapter 3 in the Cisco VPN Solutions Center: MPLS Solution Provisioning and Operations Guide.) Populate Interface Information for Cisco Router Targets Prior to registering the config change traps, you must populate the router interfaces in the directory repository, as follows. Step 1 From the VPN Console window, choose Monitoring > Configure Traps > Populate Interface Information for Cisco Router Targets, as shown in Figure 8-17, Populate Interface Information for Cisco Router Targets. Figure 8-17 Populate Interface Information for Cisco Router Targets Note Step 2 An alternative to selecting Monitoring > Configure Traps > Populate Interface Information for Cisco Router Targets is to select Tools > Tasks and then in the Actions menu item select New Task > Populate Interface Information for Cisco Router Targets and click Ok. Both paths navigate to the same wizard. In this Populate Interface Information for Cisco Router Targets Intro window, click Next. The next window, as shown in Figure 8-18, Populate Interface Information for Cisco Router Targets Get Devices, allows you to specify devices for which to populate interface information. 8-24

25 Chapter 8 Configure Traps Figure 8-18 Populate Interface Information for Cisco Router Targets Get Devices Step 3 Step 4 Step 5 Step 6 Step 7 In the window in Figure 8-18, Populate Interface Information for Cisco Router Targets Get Devices, first click the Network drop-down menu to choose a specific network. This window has two areas with the column headings Network, Name, Domain, and Role. The upper area includes all the routers selected in this step. The lower area is populated to include all the routers that you choose in Step 4 and Step 5. In the upper area, you can sort the routers on each of the column headings, Network, Name, Domain, and Role. Just click that column header to sort on it. This step explains how to move devices to the lower area, thus selecting the routers to populate. If you do not select any devices in the upper area, you can select Add All and all the devices appear in the lower area. If you select one or more devices, you can click Add and only those devices appear in the lower area. If you decide not to choose the devices now listed in the lower area, you can either select Remove All to eliminate all the selections in the lower area, or you can select those devices that you want to eliminate and click Remove. You can continue editing the set of devices in the lower area by repeating Step 4 and Step 5. Click Next, when you want to choose the devices that appear in the lower block as the routers to populate. In the next window, as shown in Figure 8-19, Providing a Task Name for Populating a Router, provide a unique Task Name. 8-25

26 Configure Traps Chapter 8 Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can highlight a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. Figure 8-19 Providing a Task Name for Populating a Router Step 8 Step 9 Step 10 Step 11 Step 12 Click Next to continue. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 11. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 10. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 11. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 9 or Step 10. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. 8-26

27 Chapter 8 Configure Traps Register for Config Change Traps This section explains how to register configuration file change traps, which indicates the routers (SmartCollector) for which data will be collected only if the routers have changed. Step 1 From the VPN Console window, choose Monitoring > Configure Traps > Register for Config Change Traps, as shown in Figure 8-20, Register for Config Change Traps. Figure 8-20 Register for Config Change Traps Step 2 If Collect Config tasks are running and you initiate SmartCollection by registering for traps, the PEs MUST be IOS version 12.x to return traps. Follow the wizard. Note An alternative to selecting Monitoring > Configure Traps > Register for Config Change Traps is to select Tools > Tasks and then in the Actions menu item select New Task > Register for config change traps and click Ok. Both paths navigate to the same wizard. Note Step 3 Configuration files for the routers that are not selected for SmartCollection are not collected. The first window, as shown in Figure 8-21, Register for config change traps Intro, explains the process. Click Next to continue. 8-27

28 Configure Traps Chapter 8 Figure 8-21 Register for config change traps Intro Step 4 Step 5 The next window allows you to continue to Register to receive Cisco router config change traps. Click Next to continue. The next window, as shown in Figure 8-22, Selecting Devices, allows you to specify the routers that should send traps to MPLS VPN Solution. In the window in Figure 8-22, Selecting Devices, first click the Network drop-down menu to choose a specific network. This window has two areas with the column headings Network, Name, Domain, and Role. The upper area includes all the routers selected in this step. The lower area is populated to include all the routers that you choose in Step 6 and Step 7. The SmartCollector only collects data from the routers that have changed. In the upper area, you can sort the routers on each of the column headings, Network, Name, Domain, and Role. Just click that column header to sort on it. 8-28

29 Chapter 8 Configure Traps Figure 8-22 Selecting Devices Step 6 Step 7 Step 8 This step explains how to move devices to the lower area, thus selecting the router configuration files that will be collected only when the router configuration files change. If you do not select any routers in the upper area, you can select Add All and these will appear in the lower area. If you select one or more routers, you can click Add and only those routers will appear in the lower area. If you decide not to choose the routers now listed in the lower area, you can either select Remove All to eliminate all the selections in the lower area, or you can select those routers that you want to eliminate and click Remove. You can continue editing the set of routers in the lower area by repeating Step 6 and Step 7. Click Next, when you want to choose the routers that appear in the lower block as the routers for which data will be collected only when the router configuration files change. Note Step 9 All the unchosen routers from the chosen network are not collected by the Collect Config tasks. In the next window, as shown in Figure 8-23, Providing a Task Name to Register for Config Change Traps, provide a Task Name. 8-29

30 Configure Traps Chapter 8 Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can highlight a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. Figure 8-23 Providing a Task Name to Register for Config Change Traps Step 10 Step 11 Step 12 Step 13 Step 14 Click Next to continue. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 13. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 12. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 13. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 11 or Step 12. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. 8-30

31 Chapter 8 Configure Traps Deregister for Config Change Traps This section explains how to deselect routers that you initially chose by SmartCollector, as explained in the Register for Config Change Traps section on page After this procedure is completed, configuration files for all routers are collected whenever a collect configuration task is selected by the scheduler. Step 1 From the VPN Console window, choose Monitoring > Configure Traps > Deregister for Config Change Traps, as shown in Figure 8-24, Deregister for Config Change Traps. Figure 8-24 Deregister for Config Change Traps Step 2 Follow the wizard. Note Step 3 An alternative to selecting Monitoring > Configure Traps > Deregister for Config Change Traps is to select Tools > Tasks and then in the Actions menu item select New Task > Deregister for config change traps and click Ok. Both paths navigate to the same wizard. The first window explains the process. Click Next to continue. Note Step 4 An alternative to selecting Monitoring > Configure Traps > Deregister for Config Change Traps is to select Tools > Tasks and then in the Actions menu item select New Task > Deregister for config change traps and click Ok. Both paths navigate to the same wizard. The next window allows you to continue to Deregister to receive Cisco router config change traps. Click Next to continue. The next window, as shown in Figure 8-25, Selecting Devices Not to Trap, allows you to specify routers not to be trapped. 8-31

32 Configure Traps Chapter 8 Step 5 In the window in Figure 8-25, Selecting Devices Not to Trap, first click the Network drop-down menu to choose a specific network. This window has two areas with the column headings Network, Name, Domain, and Role. The upper area includes all the routers chosen in this step. The lower area is populated to include all the routers that you choose in Step 6 and Step 7, that is all the routers that will return to the status of collecting data at all times. In the upper area, you can sort the routers on each of the column headings, Network, Name, Domain, and Role. Just select that column header to sort on it. Figure 8-25 Selecting Devices Not to Trap Step 6 Step 7 Step 8 Step 9 This step explains how to move routers to the lower area, thus selecting the routers that will return to the status of collecting data at all times. If you do not select any routers in the upper area, you can select Add All and these will appear in the lower area. If you select one or more routers, you can click Add and only those routers will appear in the lower area. If you decide not to choose the routers in the lower area, you can either select Remove All to eliminate all the selections in the lower area, or you can select those routers that you want to eliminate and click Remove. You can continue editing the set of routers in the lower area by repeating Step 6 and Step 7. Click Next, when you want to choose the routers that appear in the lower block as the routers that will return to the status of collecting data at all times. In the next window, as shown in Figure 8-26, Providing a Task Name to Deregister for Config Change Traps, provide a Task Name. 8-32

33 Chapter 8 Configure Traps Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can highlight a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. Figure 8-26 Providing a Task Name to Deregister for Config Change Traps Step 10 Step 11 Step 12 Step 13 Step 14 Click Next to continue. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 13. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 12. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 13. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 11 or Step 12. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. 8-33

34 Interface Statistics Chapter 8 Property Settings The file csm.properties holds information for target collector files in the variables prefixed with netsys.datacollector.cct. You can use a text editor to reset the properties for the csm.properties file. These files, their defaults, and what they represent are explained in Table 8-1, Property Settings for SmartCollector. Table 8-1 Property Settings for SmartCollector Property Default Value Explanation sc_port 1607 The value is the port location at which the SmartCollector listens for traps. sc_delay 120 The value is the number of seconds between writing traps to the Repository. cycle_t 250 The value is the number of minutes between full collections. The following is the default of what you will find in the csm.properties file: netsys.datacollector.cct.sc_port = 1607 netsys.datacollector.cct.sc_delay = 120 netsys.datacollector.cct.cycle_t = 250 Interface Statistics This section contains the following categories: Description, page 8-35 SNMP Settings, page 8-35 Interface Statistics, page

35 Chapter 8 Interface Statistics Description The interface statistics collection feature collects traffic data per interface for one or more Cisco routers. The following data is collected from the MIB2 interface table: ifinoctets (the total number of octets received on the interface, including framing characters) ifinucastpkts (the number of subnetwork-unicast packets delivered to a higher-layer protocol) ifinnucastpkts (the number of non-unicast, that is, subnetwork-broadcast or subnetwork-multicast packets, delivered to a higher-layer protocol) ifindiscards (the number of inbound packets that were chosen to be discarded even though no errors had been detected to prevent them from being deliverable to a higher-layer protocol. One possible reason for discarding such a packet could be to free buffer space.) ifinerrors (the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol) ifinunknownprotos (the number of packets received through the interface that were discarded because of an unknown or unsupported protocol) ifoutoctets (the total number of octets transmitted out of the interface, including framing characters) ifoutucastpkts (the total number of packets that higher-level protocols requested be transmitted to a subnetwork-unicast address, including those that were discarded or not sent) ifoutnucastpkts (the total number of packets that higher-level protocols requested be transmitted to a non-unicast, that is, a subnetwork-broadcast or subnetwork-multicast address, including those that were discarded or not sent) ifoutdiscards (the number of outbound packets that were chosen to be discarded even though no errors had been detected to prevent them from being transmitted. One possible reason for discarding such a packet could be to free buffer space.) ifouterrors (the number of outbound packets that could not be transmitted because of errors) ifoutqlen (the length of the output packet queue, in packets) SNMP Settings Prior to collecting interface statistics, implement the following steps for each and every router, to determine whether SNMP is enabled. If SNMP is enabled, these steps will lead you to the first GUI path. If SNMP is not enabled, these steps will direct you on how to enable SNMP. Step 1 Step 2 Step 3 Step 4 In a UNIX terminal window, enter the command telnet <routername>, where <routername> is the name of the router that you are checking. Go into the enable state. Enter the command show snmp. Determine whether the following line is present: % SNMP agent not enabled 8-35

36 Interface Statistics Chapter 8 Step 5 If the line in Step 4 is not present, you have determined that SNMP is enabled. Then enter the show run command to view the SNMP community strings at the end of the configuration file. The strings shown in Step 7 appear near the end of the listing. If you have more routers to verify, return to Step 1 and follow these steps for the next router that you want to verify. Otherwise, proceed to the Interface Statistics section on page If the line in Step 4 is present, proceed to Step 6. Step 6 To turn on SNMP, at the prompt, enter the command config t. Step 7 Enter the following commands: snmp-server community <userstring> RO Step 8 snmp-server community <userstring> RW where: <userstring> is typically public with the RO setting and private with the RW setting. If you have more routers to verify, return to Step 1 and follow these steps for the next router that you want to verify. If this is the last router to verify, proceed to the Interface Statistics section on page Interface Statistics To collect interface statistics for Cisco routers, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > Interface Statistics, as shown in Figure 8-27, Interface Statistics. Figure 8-27 Interface Statistics Note An alternative to selecting Monitoring > Interface Statistics is to select Tools > Tasks and then in the Actions menu item select New Task > Interface Statistics Collection for Cisco Routers and click Ok. Both paths navigate to the same wizard. 8-36

37 Chapter 8 Interface Statistics Step 2 Step 3 The first window informs you this wizard sets up a scheduled task that polls for information about router interface statistics, stores the data in the collection repository, and can be accessed using APIs. Click Next to continue. The next window, as shown in Figure 8-28, Interface Statistics Collection for Cisco Routers Get Devices, allows you to specify from which devices to collect interface statistics. Figure 8-28 Interface Statistics Collection for Cisco Routers Get Devices Step 4 Step 5 Step 6 Step 7 Step 8 In the window, first click the Network drop-down menu to choose a specific network. This window has two areas with the column headings Network, Name, Domain, and Role. The upper area includes all the routers selected in this step. The lower area is populated to include all the routers that you choose in Step 5 and Step 6. In the upper area, you can sort the routers on each of the column headings, Network, Name, Domain, and Role. Just click that column header to sort on it. This step explains how to move devices to the lower area, thus selecting the routers from which interface statistics will be collected. If you do not select any devices in the upper area, you can select Add All and all the devices appear in the lower area. If you select one or more devices, you can click Add and only those devices appear in the lower area. If you decide not to choose the devices now listed in the lower area, you can either select Remove All to eliminate all the selections in the lower area, or you can select those devices that you want to eliminate and click Remove. You can continue editing the set of devices in the lower area by repeating Step 5 and Step 6. Click Next, when you want to choose the devices that appear in the lower block as the routers from which interface statistics will be collected. In the next window, as shown in Figure 8-29, Providing a Task Name for Interface Statistics Collection, provide a unique Task Name. 8-37

38 Interface Statistics Chapter 8 Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can highlight a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. Figure 8-29 Providing a Task Name for Interface Statistics Collection Step 9 Step 10 Step 11 Step 12 Step 13 Click Next to continue. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 12. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 11. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 12. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 10 or Step 11. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. 8-38

39 Chapter 8 Poll a Router s CAR MIB Note Reports of interface statistics can only be viewed in Extensible Markup Language (XML) format. For more information about how to generate an XML formatted report, refer to the XML Data Query Tool section on page Poll a Router s CAR MIB This section contains the following categories: Description, page 8-39 Setting csm.properties File for Customized Router Prompts, page 8-39 Setting Up the Domain Name Server Properly, page 8-40 SNMP Settings, page 8-40 Populate Interface Information for Cisco Router Targets, page 8-41 Poll a Router s CAR MIB, page 8-44 Description The committed access rate (CAR) management information bases (MIB) collection feature covers the packets dropped based on the CAR command configured on the router. CAR provides the status for each interface on each router configured with CAR. CAR is a bandwidth management tool that controls internet protocol (IP) traffic transmission rates into the network during periods of network congestion. CAR achieves this control through rate limiting (with burst capabilities) and also classifies and marks packets using IP Precedence and quality-of-service (QoS) group settings. CAR MIBs provide the status for the token bucket parameters, associated access lists, and configurable action policies for each rate limit. Note CAR MIB data can be viewed in reports By Customer or By Network. See the View CAR MIB Reports section on page To view a CAR MIB report By Customer, the CAR must be configured and collected from CE routers. Setting csm.properties File for Customized Router Prompts When setting up collection from routers, be sure that all the routers have the same prompts as in the csm.properties file for netsys.router.loginprompt and netsys.router.passwordprompt. The default values match the default values on Cisco routers. They are as follows: netsys.router.loginprompt = Username: netsys.router.passwordprompt = Password: If you use nonstandard router prompts in the csm.properties file, be sure you set the same values for all the routers from which you collect. 8-39

40 Poll a Router s CAR MIB Chapter 8 Setting Up the Domain Name Server Properly When DNS is being used in the customer s network, it is also recommended that IP addresses are configured in the target database. If DNS is not properly configured on the routers and no IP addresses are configured in the target database, collections will fail due to a time-out. If collections fail, verify that DNS is enabled by entering the following commands on the router: ip domain-lookup ip name-server <a.b.c.d> where: <a.b.c.d> is a valid DNS. Note If DNS is not being used in the customer network, DNS should be disabled on all routers. To disable DNS, it is important to enter the following command on all routers: no ip domain-lookup SNMP Settings Prior to polling a router s CAR MIB, implement the following steps for each and every router, to determine whether SNMP is enabled. If SNMP is enabled, these steps will lead you to the first GUI path. If SNMP is not enabled, these steps will direct you on how to enable SNMP. Step 1 Step 2 Step 3 Step 4 Step 5 In a UNIX terminal window, enter the command telnet <routername>, where <routername> is the name of the router that you are checking. Go into the enable state. Enter the command show snmp. Determine whether the following line is present: % SNMP agent not enabled If the line in Step 4 is not present, you have determined that SNMP is enabled. Then enter the show run command to view the SNMP community strings at the end of the configuration file. The strings shown in Step 7 appear near the end of the listing. If you have more routers to verify, return to Step 1 and follow these steps for the next router that you want to verify. Otherwise, proceed to the Populate Interface Information for Cisco Router Targets section on page If the line in Step 4 is present, proceed to Step 6. Step 6 To turn on SNMP, at the prompt, enter the command config t. Step 7 Enter the following commands: snmp-server community <userstring> RO snmp-server community <userstring> RW where: <userstring> is typically public with the RO setting and private with the RW setting. 8-40

41 Chapter 8 Poll a Router s CAR MIB Step 8 If you have more routers to verify, return to Step 1 and follow these steps for the next router that you want to verify. If this is the last router to verify, proceed to the Populate Interface Information for Cisco Router Targets section on page Populate Interface Information for Cisco Router Targets Prior to entering the GUI path to poll a router s CAR MIB, you must populate the router interfaces in the directory repository. This is necessary for the reports to accurately list the Interface Names (see the View CAR MIB Reports section on page 8-95). If you do not populate the router interfaces in the directory repository, the Interface Name defaults to DUMMY. If this happens, it is possible to run this wizard after this oversight is identified and rerun the reports. Populate as follows: Step 1 From the VPN Console window, choose Monitoring > Configure Traps > Populate Interface Information for Cisco Router Targets, as shown in Figure 8-30, Populate Interface Information for Cisco Router Targets. Figure 8-30 Populate Interface Information for Cisco Router Targets Note Step 2 An alternative to selecting Monitoring > Configure Traps > Populate Interface Information for Cisco Router Targets is to select Tools > Tasks and then in the Actions menu item select New Task > Populate Interface Information for Cisco Router Targets and click Ok. Both paths navigate to the same wizard. In this Populate Interface Information for Cisco Router Targets Intro window, click Next. The next window, as shown in Figure 8-31, Populate Interface Information for Cisco Router Targets Get Devices, allows you to specify devices for which to populate interface information. 8-41

42 Poll a Router s CAR MIB Chapter 8 Figure 8-31 Populate Interface Information for Cisco Router Targets Get Devices Step 3 Step 4 Step 5 Step 6 Step 7 In the window in Figure 8-31, Populate Interface Information for Cisco Router Targets Get Devices, first click the Network drop-down menu to choose a specific network. This window has two areas with the column headings Network, Name, Domain, and Role. The upper area includes all the routers selected in this step. The lower area is populated to include all the routers that you choose in Step 4 and Step 5. In the upper area, you can sort the routers on each of the column headings, Network, Name, Domain, and Role. Just click that column header to sort on it. This step explains how to move devices to the lower area, thus selecting the routers to populate. If you do not select any devices in the upper area, you can select Add All and all the devices appear in the lower area. If you select one or more devices, you can click Add and only those devices appear in the lower area. If you decide not to choose the devices now listed in the lower area, you can either select Remove All to eliminate all the selections in the lower area, or you can select those devices that you want to eliminate and click Remove. You can continue editing the set of devices in the lower area by repeating Step 4 and Step 5. Click Next, when you want to choose the devices that appear in the lower block as the routers to populate. In the next window, as shown in Figure 8-32, Providing a Task Name for Populating a Router, provide a unique Task Name. 8-42

43 Chapter 8 Poll a Router s CAR MIB Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can highlight a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. Figure 8-32 Providing a Task Name for Populating a Router Step 8 Step 9 Step 10 Step 11 Step 12 Click Next to continue. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 11. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 10. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 11. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 9 or Step 10. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. 8-43

44 Poll a Router s CAR MIB Chapter 8 Poll a Router s CAR MIB To poll a router s CAR MIB, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > Poll a Router s CAR MIB, as shown in Figure 8-33, Poll a Router s CAR MIB. Figure 8-33 Poll a Router s CAR MIB Note An alternative to selecting Monitoring > Poll a Router s CAR MIB is to select Tools > Tasks and then in the Actions menu item select New Task > Poll a Router s CAR MIB and click Ok. Both paths navigate to the same wizard. Step 2 Step 3 Step 4 The first window informs you this wizard creates a task to poll Cisco routers for data from the CAR MIB. Click Next to continue. The next window informs you that next you can start polling a Cisco router(s) CAR MIB. Click Next to continue. The next window, as shown in Figure 8-34, Poll a Router s CAR MIB Get Devices, allows you to specify which devices to poll for the router s CAR MIB information. 8-44

45 Chapter 8 Poll a Router s CAR MIB Figure 8-34 Poll a Router s CAR MIB Get Devices Step 5 Step 6 Step 7 Step 8 Step 9 In the window, first click the Network drop-down menu to choose a specific network. This window has two areas with the column headings Network, Name, Domain, and Role. The upper area includes all the routers selected in this step. The lower area is populated to include all the routers that you choose in Step 6 and Step 7. In the upper area, you can sort the routers on each of the column headings, Network, Name, Domain, and Role. Just click that column header to sort on it. This step explains how to move devices to the lower area, thus selecting the routers from which CAR MIB data will be polled. If you do not select any devices in the upper area, you can select Add All and all the devices appear in the lower area. If you select one or more devices, you can click Add and only those devices appear in the lower area. If you decide not to choose the devices now listed in the lower area, you can either select Remove All to eliminate all the selections in the lower area, or you can select those devices that you want to eliminate and click Remove. You can continue editing the set of devices in the lower area by repeating Step 6 and Step 7. Click Next, when you want to choose the devices that appear in the lower block as the routers for which CAR MIB data will be polled. In the next window, as shown in Figure 8-35, Providing a Task Name for Polling a Router s CAR MIB, provide a unique Task Name. Then click Next. 8-45

46 Poll a Router s CAR MIB Chapter 8 Figure 8-35 Providing a Task Name for Polling a Router s CAR MIB Note Step 10 Step 11 Step 12 Step 13 If the task name that you enter is not unique, you will receive an error message indicating this. Click OK and enter a new unique task name. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 12. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 11. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 12. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 10 or Step 11. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. Note Now that you have polled a router s CAR MIB, you can view this data as directed in the View CAR MIB Reports section on page

47 Chapter 8 Provision SLA Definitions and Collect SLA Data Provision SLA Definitions and Collect SLA Data This section contains the following categories: Description, page 8-47 Prior to Provisioning SLA Definitions and Collecting SLA Data, page 8-47 How to Provision SLA Definitions and Collect SLA Data, page 8-49 Description A service-level agreement (SLA) defines a service provided by a service provider to any customer. Performance is monitored through the Accounting and SLA servers. MPLS VPN Solution monitors the service-related performance criteria by provisioning and monitoring SLAs on routers that support the Service Assurance Agent (SA Agent) management-information base (MIB). To provision the SLAs and to collect statistics for each SLA, the data collection task requires minimal user input. The SLA server collects the relevant performance data, stores it persistently, aggregates it, and presents useful reports (see the View SLA Reports section on page 8-109). The SLA server is based on the SA Agent MIB. The MPLS VPN Solution software leverages the SA Agent MIB to monitor SLA performance on a 24 x 7 basis. Using the MIB, you can monitor network traffic for the popular protocols: Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), Hyper text Transfer Protocol (HTTP), Internet Control Message Protocol Echo (ICMP Echo), Jitter (voice jitter), Transmission Control Protocol Connect (TCP Connect), and User Datagram Protocol Echo (UDP Echo). Prior to Provisioning SLA Definitions and Collecting SLA Data Prior to provisioning SLA definitions and collecting SLA data, implement the following sections: SNMP Settings, page 8-48 Setup of Device Inventory Repository, page 8-49 Setup of VPN Repository, page

48 Provision SLA Definitions and Collect SLA Data Chapter 8 SNMP Settings Prior to collecting SA Agent data for SLA, implement the following steps for each and every router, to determine whether SNMP is enabled. If SNMP is enabled, these steps will lead you to the first GUI path. If SNMP is not enabled, these steps will direct you on how to enable SNMP. Step 1 Step 2 Step 3 Step 4 Step 5 In a UNIX terminal window, enter the command telnet <routername>, where <routername> is the name of the router that you are checking. Go into the enable state. Enter the command show snmp. Determine whether the following line is present: % SNMP agent not enabled If the line in Step 4 is not present, you have determined that SNMP is enabled. Then enter the show run command to view the SNMP community strings at the end of the configuration file. The strings shown in Step 7 appear near the end of the listing. If you have more routers to verify, return to Step 1 and follow these steps for the next router that you want to verify. If the line in Step 4 is present, proceed to Step 6. Step 6 To turn on SNMP, at the prompt, enter the command config t. Step 7 For SNMPv2, enter the following commands and this completes the setup: snmp-server community <userstring> RO Step 8 Step 9 snmp-server community <userstring> RW where: <userstring> is typically public with the RO setting and private with the RW setting. For SNMPv3, configure a new group, as follows: snmp-server group [groupname{v1 v2c v3{auth noauth priv}}][read readview][write writeview] [notify notifyview][access access-list] where: auth is SNMPv3 authentication noauth is no authentication priv is SNMPv3 authentication privacy For example: snmp-server group v3auth v3 auth read v1default write v1default For SNMPv3, configure a new user, as follows: snmp-server user username [groupname remote ip-address [udp-port port] {v1 v2c v3[encrypted][auth{md5 sha} auth-password [priv des56priv password]] [access access-list] For example: snmp-server user user1 v3auth v3 auth md5 user1pass 8-48

49 Chapter 8 Provision SLA Definitions and Collect SLA Data Note These SNMP strings must agree with those listed in the target password database for each router. (Refer to the Cisco VPN Solutions Center: MPLS Solution Provisioning and Operations Guide.) Setup of Device Inventory Repository To set up the Device Inventory repository, implement the following steps: Step 1 Step 2 Step 3 Step 4 Verify that the targets on which SNMP strings have been configured in the network are properly configured in the Device Inventory Repository. From the VPN Console hierarchy pane, Device Inventory > Targets > Networks. Choose the target network by double-clicking on the network of your choice. From the resulting window, select SNMP-configured routers and click on Actions. Then choose either Edit Target or Edit Multiple. If you choose the Passwords option, you can confirm that the router passwords and SNMPv2 strings concur with what is configured on the routers. If you choose the SNMPv3 Parameters option, you can confirm that the SNMPv3 users, passwords, and protocol concur with what is configured on the routers. Step 5 To populate the IP addresses into the Device Inventory repository, choose Tools > Tasks > Actions > New Task > Populate Interface Information for Cisco Router Targets and follow this wizard. Setup of VPN Repository To set up the VPN Repository, implement the following steps: Step 1 Step 2 Prior to choosing Monitoring > Provision SLA Definitions and Collect SLA Data from the VPN Console window, the VPN Inventory repository must be set up. The SA Agent router must belong to one of the Customers and must exist in one of the VPNs. For details, see Chapter 7, VPN Console: Provisioning Menu. Refer to Chapter 3 of the Cisco VPN Solutions Center: MPLS Solution Provisioning and Operations Guide for steps to confirm the CE s SA Agent status. How to Provision SLA Definitions and Collect SLA Data Step 1 From the VPN Console window, choose Monitoring > Provision SLA Definitions and Collect SLA Data, as shown in Figure 8-36, Provision SLA Definitions and Collect SLA Data. 8-49

50 Provision SLA Definitions and Collect SLA Data Chapter 8 Figure 8-36 Provision SLA Definitions and Collect SLA Data Note Step 2 An alternative to selecting Monitoring > Provision SLA Definitions and Collect SLA Data is to select Tools > Tasks and then in the Actions menu item select New Task > Provision SLA Definitions and Collect SLA Data and click Ok. Both paths navigate to the same wizard. The first window informs you this wizard creates/deletes SLA definitions on SA Agent enabled routers and collects data for SLA monitoring. Click Next to continue. The next window, as shown in Figure 8-37, Selecting an SLA Operation, allows you to select one of the following options: Create SLA, page 8-51 Delete SLA, page 8-64 Collect Data for SLA Monitoring, page 8-68 Enable Traps, page 8-71 Disable Traps, page

51 Chapter 8 Provision SLA Definitions and Collect SLA Data Figure 8-37 Selecting an SLA Operation Step 3 After you make your selection, click Next to continue. Create SLA When you select Create SLA, you can create one or more SA Agent probes on multiple routers. When you navigate from Monitoring > Provision SLA Definitions and Collect SLA Data and then choose Create SLA, you can then implement the following steps: The next window, as shown in Figure 8-38, Selecting CEs to Create SLAs, allows you to select one or more CEs. 8-51

52 Provision SLA Definitions and Collect SLA Data Chapter 8 Figure 8-38 Selecting CEs to Create SLAs Step 1 Step 2 Step 3 Click the Customer drop-down menu to choose a specific customer. The CEs for the chosen customer and VPN appear in the field with the column headings CE Name, Network Name, and Domain Name. Select one or more CEs for which you want to create SLAs. Press the Ctrl key to highlight multiple CEs. Click Next to continue. The next window is shown in Figure 8-39, Selecting an IP Address for Each CE. 8-52

53 Chapter 8 Provision SLA Definitions and Collect SLA Data Figure 8-39 Selecting an IP Address for Each CE Step 4 Step 5 For each CE click the drop-down menu to choose a specific source IP address for that CE. Click Next to continue. The next window is shown in Figure 8-40, Selecting Values for SLA Common Parameters. 8-53

54 Provision SLA Definitions and Collect SLA Data Chapter 8 Figure 8-40 Selecting Values for SLA Common Parameters Step 6 Enter the values for the common SLA parameters that are needed for each of the protocols. The fields in Figure 8-40, Selecting Values for SLA Common Parameters, are as follows: SLA Life is the number of seconds that the probe will be active (with the maximum value of a 32-bit integer in seconds). If the value is set to -1, the typical value, the probe is active forever. The default value is -1. Threshold is an integer that defines the threshold limit in milliseconds. The maximum value is the maximum value of a 32-bit integer. If the SA Agent operation time exceeds this limit, the threshold violation is recorded by the SA Agent. The default value is Timeout is the duration in milliseconds to wait for an SA Agent operation completion. The value for Timeout must be less than the value for Frequency. The default value is Frequency is the duration in seconds between initiating each SA Agent operation. The default value is 60. TOS is an integer (ranging from 0 to 7) that represents the type of service (ToS) bits in an IP header. The default value is 0. The meanings of the TOS values are specified in Table 8-2, Meanings of TOS Values. Table 8-2 Meanings of TOS Values ToS Value Binary Value Meaning In contract, best class In contract, second best class In contract, third best class In contract, worst class Out of contract, best class 8-54

55 Chapter 8 Provision SLA Definitions and Collect SLA Data Table 8-2 Meanings of TOS Values (continued) ToS Value Binary Value Meaning Out of contract, second best class Out of contract, third best class Out of contract, worst class Step 7 Keep History. If you select the True radio button for Keep History, you indicate to keep the History Table on the router. Specifically, it is kept in the SA Agent MIB that keeps the raw round-trip time (RTT) SLA measurement. This selection also enables you to indicate the Number of Buckets of raw history data to keep. If you select the default False radio button for Keep History, no table is kept. Number of Buckets. The default is 15 when True is chosen for Keep History. The range is 1 to 60 and indicates the number of raw data entries to be kept in the table. When the specified Number of Buckets is surpassed, removal of buckets starts with the oldest bucket to maintain the specified number. Enable Traps. If you select the True radio button for Enable Traps, the created SLA is configured to send three types of traps, explained in detail in the Enable Traps section on page This selection also enables you to indicate the Falling Threshold. If you select the default False radio button for Enable Traps, the traps are disabled on the SLAs created in this task. Falling Threshold. The default is 3000 in milliseconds when True is chosen for Enable Traps. The range is 0 to the Threshold value in milliseconds. When traps are enabled and the delay meets the specified number of milliseconds, a trap is sent. Click Next to continue. The next window is shown in Figure 8-41, Selecting a Protocol and Protocol Specific Data. 8-55

56 Provision SLA Definitions and Collect SLA Data Chapter 8 Figure 8-41 Selecting a Protocol and Protocol Specific Data Step 8 Select a protocol and enter the fields associated with it. The protocols and the protocol-specific parameters are as follows: ICMP Echo When you select the ICMP Echo protocol, as shown in Figure 8-41, Selecting a Protocol and Protocol Specific Data, you have the following items to complete: Destination CE is the name of the destination CE. Destination IP Address is the address where the packets will be sent as part of the monitoring process. The address is in dotted IP address format. Request Size is a number that represents the number of octets (in bytes) to be placed into the data portion of the packet. The default and minimum are both 28. TCP Connect When you select the TCP Connect protocol, as shown in Figure 8-42, Selecting the TCP Connect Protocol and its Specific Data, you have the following items to complete: Destination CE is the name of the destination CE. Destination IP Address is the address where the packets will be sent as part of the monitoring process. The address is in dotted IP address format. Destination Port is the port number on the target to where the monitoring packets will be sent. If you do not specify a specific port, port 23 will be used. Request Size is a number that represents the number of octets (in bytes) to be placed into the data portion of the packet. The default is

57 Chapter 8 Provision SLA Definitions and Collect SLA Data Figure 8-42 Selecting the TCP Connect Protocol and its Specific Data 8-57

58 Provision SLA Definitions and Collect SLA Data Chapter 8 UDP Echo When you select the UDP Echo protocol, as shown in Figure 8-43, Selecting the UDP Echo Protocol and its Specific Data, you have the following items to complete: Destination CE is the name of the destination CE. Destination IP Address is the address where the packets will be sent as part of the monitoring process. The address is in dotted IP address format. Destination Port is the port number on the target to where the monitoring packets will be sent. If you do not specify a specific port, port 7 will be used. Request Size is a number that represents the number of octets (in bytes) to be placed into the data portion of the packet. The default is 16. The minimum value is 4 and the maximum value is Figure 8-43 Selecting the UDP Echo Protocol and its Specific Data 8-58

59 Chapter 8 Provision SLA Definitions and Collect SLA Data Jitter When you select the Jitter protocol, as shown in Figure 8-44, Selecting the Jitter Protocol and its Specific Data, you have the following items to complete: Destination CE is the name of the destination CE. Destination IP Address is the address where the packets will be sent as part of the monitoring process. The address is in dotted IP address format. Destination Port is the port number on the target to where the monitoring packets will be sent. If you do not specify a specific port, port 8000 will be used. Request Size is a number that represents the number of octets (in bytes) to be placed into the data portion of the packet. The default is 32. The minimum value is 16 and the maximum value is Number of Packets is a 32-bit integer that represents the number of packets that need to be transmitted. The default value is 10. Interval is an integer, 0 to 60,000, that represents the inter-packet delay between packets in milliseconds.the default value is 20. Figure 8-44 Selecting the Jitter Protocol and its Specific Data 8-59

60 Provision SLA Definitions and Collect SLA Data Chapter 8 DNS When you select the DNS protocol, as shown in Figure 8-45, Selecting the DNS Protocol and its Specific Data, you have the following items to complete: Name Server is the string that specifies the IP address of the name server. The address is in dotted IP address format. Name to be Resolved is a string that is either the name or the IP address that is to be resolved by the DNS server. If the string is a name, the length is 255 characters. If the string is an IP address, it is in dotted IP address format. Request Size is a number that represents the number of octets (in bytes) to be placed into the data portion of the packet. The default is 1. Figure 8-45 Selecting the DNS Protocol and its Specific Data 8-60

61 Chapter 8 Provision SLA Definitions and Collect SLA Data HTTP When you select the HTTP protocol, as shown in Figure 8-46, Selecting the HTTP Protocol and its Specific Data, you have the following items to complete and selections to make: Version is a string that specifies the version of the HTTP server. The default is version 1.0. URL is a string that represents the URL to which an HTTP probe should communicate, HTTPServerName[/directory]/filename or HTTPServerAddress[/directory]/filename (for example: or /index.html). If you specify the HTTPServerName, the Name Server is required. If you specify the HTTPServerAddress, the Name Server is not required. Cache is either True or False (the default is: True). If the value is False, the HTTP request should not download cached pages. If the value is True, the HTTP request will download cached pages if available, otherwise the request is forwarded to the HTTP server. Proxy Server is a string that represents the proxy server information (with a maximum of 255 characters). The default is the null string. Name Server is the string that specifies the IP address of the name server. The address is in dotted IP address format Operation is a code that represents the type of HTTP operation. The valid values are: HTTPGet, which represents the HTTP get request, and HTTPRaw, which represents the HTTP request with user defined payload. Raw Request is a string that is only needed if the Operation is HTTPRaw. It allows you to invoke other types of HTTP operations other than the simple GET operation. Figure 8-46 Selecting the HTTP Protocol and its Specific Data 8-61

62 Provision SLA Definitions and Collect SLA Data Chapter 8 DHCP When you select the DHCP protocol, as shown in Figure 8-47, Selecting the DHCP Protocol and its Specific Data, you have nothing to complete or select. Figure 8-47 Selecting the DHCP Protocol and its Specific Data Step 9 Step 10 Step 11 Step 12 Step 13 Press the Add button to the right of the top data field in Figure 8-47, Selecting the DHCP Protocol and its Specific Data. Data will appear in the top data field based on all the parameters you specify. Create SLAs for other protocols by selecting other protocols, one at a time, completing the fields associated with the protocol, and pressing the Add button. If after you review the data in the top data field, you decide to eliminate an SLA or multiple sequential SLAs, highlight the SLA or press the Ctrl button and highlight multiple SLAs, and then click the Delete button to the right of the top data field. After you have the SLAs that you want to create correctly specified in the top data field, click Next to continue. In the next window to appear, as shown in Figure 8-48, Select Security Level, choose one of the following security levels (being sure that all setup steps have been implemented for your choice, as shown in the SNMP Settings section on page 8-48): No Authentication No Encryption (SNMP v2) Authentication No Encryption (SNMP v3) Authentication Encryption (SNMP v3) 8-62

63 Chapter 8 Provision SLA Definitions and Collect SLA Data Figure 8-48 Select Security Level Step 14 Step 15 Click Next to continue. In the next window, as shown in Figure 8-49, Providing a Task Name for Creation of SLAs, provide a unique Task Name. Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can highlight a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. 8-63

64 Provision SLA Definitions and Collect SLA Data Chapter 8 Figure 8-49 Providing a Task Name for Creation of SLAs Step 16 Step 17 Step 18 Step 19 Step 20 Click Next. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 19. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 18. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 19. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 17 or Step 18. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. Delete SLA Delete SLA deletes an SA Agent probe from the router. When you navigate from Monitoring > Provision SLA Definitions and Collect SLA Data and then choose Delete SLA, you can then implement the following steps: The next window, as shown in Figure 8-50, Selecting CEs to Delete SLAs, allows you to select one or more CEs. 8-64

65 Chapter 8 Provision SLA Definitions and Collect SLA Data Figure 8-50 Selecting CEs to Delete SLAs Step 1 Step 2 Step 3 Step 4 Click the Customer drop-down menu to choose a specific customer. Click the VPN drop-down menu to choose a specific VPN. The CEs for the chosen customer and VPN appear in the field with the column headings CE Name, Network Name, and Domain Name. Select one or more CEs for which you want to delete SLAs. Press the Ctrl key to highlight multiple CEs. Click Next to continue. The next window is shown in Figure 8-51, Selecting SLAs to Delete. 8-65

66 Provision SLA Definitions and Collect SLA Data Chapter 8 Figure 8-51 Selecting SLAs to Delete Step 5 Step 6 Step 7 Step 8 Highlight one or more SLAs to delete. Press the Ctrl key to highlight multiple SLAs. Click Next to continue. In the next window to appear, as shown in Figure 8-52, Select Security Level, choose one of the following security levels (being sure that all setup steps have been implemented for your choice, as shown in the SNMP Settings section on page 8-48): No Authentication No Encryption (SNMP v2) Authentication No Encryption (SNMP v3) Authentication Encryption (SNMP v3) 8-66

67 Chapter 8 Provision SLA Definitions and Collect SLA Data Figure 8-52 Select Security Level Step 9 Step 10 Click Next to continue. In the next window, as shown in Figure 8-53, Providing a Task Name for Deletion of SLAs, provide a unique Task Name. Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can highlight a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. 8-67

68 Provision SLA Definitions and Collect SLA Data Chapter 8 Figure 8-53 Providing a Task Name for Deletion of SLAs Step 11 Step 12 Step 13 Step 14 Step 15 Click Next to continue. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 14. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 13. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 14. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 12 or Step 13. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. Collect Data for SLA Monitoring Collect Data for SLA Monitoring downloads SLA statistics collected over the last hour from one or more specified routers. The specified routers have the relevant SA Agent probes programmed on them, which are collecting SLA statistics. Note Data for a new SLA does not appear until one hour after the creation of the SLA. 8-68

69 Chapter 8 Provision SLA Definitions and Collect SLA Data When you navigate from Monitoring > Provision SLA Definitions and Collect SLA Data and then choose Collect Data for SLA Monitoring, you can then implement the following steps: The next window, as shown in Figure 8-54, Selecting CEs to Collect Data for SLA Monitoring, allows you to select one or more CEs. Figure 8-54 Selecting CEs to Collect Data for SLA Monitoring Step 1 Step 2 Step 3 Step 4 Step 5 Click the Customer drop-down menu to choose a specific customer. Click the VPN drop-down menu to choose a specific VPN. The CEs for the chosen customer and VPN appear in the field with the column headings CE Name, Network Name, and Domain Name. Select one or more CEs from which you want to collect SA Agent data. Press the Ctrl key to highlight multiple CEs. Click Next to continue. In the next window to appear, as shown in Figure 8-55, Select Security Level, choose one of the following security levels (being sure that all setup steps have been implemented for your choice, as shown in the SNMP Settings section on page 8-48): No Authentication No Encryption (SNMP v2) Authentication No Encryption (SNMP v3) Authentication Encryption (SNMP v3) 8-69

70 Provision SLA Definitions and Collect SLA Data Chapter 8 Figure 8-55 Select Security Level Step 6 Step 7 Click Next to continue. In the next window to appear, as shown in Figure 8-56, Providing a Task Name to Collect Data for SLA Monitoring, provide a unique Task Name. Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can highlight a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. 8-70

71 Chapter 8 Provision SLA Definitions and Collect SLA Data Figure 8-56 Providing a Task Name to Collect Data for SLA Monitoring Step 8 Step 9 Step 10 Step 11 Step 12 Click Next to continue. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 11. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 10. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 11. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 9 or Step 10. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. Enable Traps When you choose Enable Traps, you can enable SNMP traps for existing probes. The types of traps are as follows: Connection loss traps. A trap is sent when a connection loss is detected in an SLA operation of a connection-oriented protocol. A resolution trap is sent the next time the operation is completed successfully. 8-71

72 Provision SLA Definitions and Collect SLA Data Chapter 8 Timeout traps. When an operation delay exceeds the timeout value specified in the probe, a trap is sent. For consecutive timeouts, only the first operation to time out triggers a trap, and when an operation completes successfully, a resolution trap is sent. Threshold traps. When operation delay exceeds the threshold value specified, a trap is sent. A resolution trap is sent when the delay meets a Falling Threshold value, specified in the Create SLA section, Step 6. When you navigate from Monitoring > Provision SLA Definitions and Collect SLA Data and then choose Enable Traps, you can then implement the following steps: The next window, as shown in Figure 8-57, Select CEs for Enable Traps, allows you to select one or more CEs. Figure 8-57 Select CEs for Enable Traps Step 1 Step 2 Step 3 Step 4 Step 5 Click the Customer drop-down menu to choose a specific customer. Click the VPN drop-down menu to choose a specific VPN. The CEs for the chosen customer and VPN appear in the field with the column headings CE Name, Network Name, and Domain Name. Select one or more CEs from which you want to enable traps on the SLAs. Press the Ctrl key to highlight multiple CEs. Click Next to continue. In a window as shown in Figure 8-58, Select Falling Threshold, specify a Threshold Falling value in milliseconds for the SLAs to which you want to enable traps. After you enter a Threshold Falling (msec) value (being sure it does not exceed the Threshold value specified in Figure 8-40, Selecting Values for SLA Common Parameters, ), click Next. 8-72

73 Chapter 8 Provision SLA Definitions and Collect SLA Data Figure 8-58 Select Falling Threshold Step 6 In the next window to appear, as shown in the example in Figure 8-59, Select SLAs for Enable Traps, choose one or more of the SLAs (rows). All of these SLAs have traps disabled. Figure 8-59 Select SLAs for Enable Traps Step 7 Click Next to continue. 8-73

74 Provision SLA Definitions and Collect SLA Data Chapter 8 Step 8 In the next window to appear, as shown in Figure 8-60, Select Security Level, choose one of the following security levels (being sure that all setup steps have been implemented for your choice, as shown in the SNMP Settings section on page 8-48): No Authentication No Encryption (SNMP v2) Authentication No Encryption (SNMP v3) Authentication Encryption (SNMP v3) Figure 8-60 Select Security Level Step 9 Step 10 Click Next to continue. In the next window, as shown in Figure 8-61, Providing a Task Name to Collect Data for SLA Monitoring, provide a unique Task Name. Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can highlight a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. 8-74

75 Chapter 8 Provision SLA Definitions and Collect SLA Data Figure 8-61 Providing a Task Name to Collect Data for SLA Monitoring Step 11 Step 12 Step 13 Step 14 Step 15 Click Next to continue. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 14. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 13. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 14. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 12 or Step 13. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. Disable Traps When you choose Disable Traps, you can disable SNMP traps for existing probes. When you navigate from Monitoring > Provision SLA Definitions and Collect SLA Data and then choose Disable Traps, you can then implement the following steps: The next window, as shown in Figure 8-62, Select CEs for Disable Traps, allows you to select one or more CEs. 8-75

76 Provision SLA Definitions and Collect SLA Data Chapter 8 Figure 8-62 Select CEs for Disable Traps Step 1 Step 2 Step 3 Step 4 Step 5 Click the Customer drop-down menu to choose a specific customer. Click the VPN drop-down menu to choose a specific VPN. The CEs for the chosen customer and VPN appear in the field with the column headings CE Name, Network Name, and Domain Name. Select one or more CEs from which you want to disable traps on the SLAs. Press the Ctrl key to highlight multiple CEs. Click Next to continue. In the next window to appear, as shown in the example in Figure 8-63, Select SLAs for Disable Traps, choose one or more SLAs (rows) that have SLA traps enabled. Figure 8-63 Select SLAs for Disable Traps Step 6 Click Next to continue. 8-76

77 Chapter 8 Provision SLA Definitions and Collect SLA Data Step 7 In the next window to appear, as shown in Figure 8-64, Select Security Level, choose one of the following security levels (being sure that all setup steps have been implemented for your choice, as shown in the SNMP Settings section on page 8-48): No Authentication No Encryption (SNMP v2) Authentication No Encryption (SNMP v3) Authentication Encryption (SNMP v3) Figure 8-64 Select Security Level Step 8 In the next window to appear, as shown in Figure 8-65, Providing a Task Name to Collect Data for SLA Monitoring, provide a unique Task Name. Note From the drop-down menu, you can view the last 30 existing task names for this specific task type. This can facilitate the creation of a unique task name and the adherence to the existing task naming conventions. From the drop-down list, you can highlight a similar task name to the one you want to create and then click on it. The name will appear in the Task Name field. Then you can edit the name to be a unique name. Otherwise, you can highlight Enter Name Here and enter a unique name in the Task Name field. 8-77

78 Provision SLA Definitions and Collect SLA Data Chapter 8 Figure 8-65 Providing a Task Name to Collect Data for SLA Monitoring Step 9 Step 10 Step 11 Step 12 Step 13 Click Next to continue. In the next window, you have the following choices: You can choose to schedule the task once and immediately by selecting Now and clicking Next. In this case, the next step is Step 12. You can choose to customize the frequency and timing of scheduling the task by selecting Future and clicking Next. In this case, the next step is Step 11. You can choose not to schedule the task by selecting No and clicking Next. In this case, the next step is Step 12. In this next window, select your scheduling customization and click Next. See Chapter 13, Scheduling, for a full detailed description of scheduling customization. If you did not schedule the task, you are informed that the task manager is about to save the task. If you did schedule the task, you are informed that the task manager is about to save and schedule the task. If you want to change your mind on the scheduling instructions, click Back and return to Step 10 or Step 11. When you are ready to save and schedule the task, click Next. You are informed that all steps are done. Click Close to close the wizard. 8-78

79 Chapter 8 View Accounting Reports View Accounting Reports Accounting reports, which are based on processed accounting data, provide network usage and planning information. Billing systems can get the traffic usage from the Accounting Server, which leverages collected accounting data and provides complete billing services to customers. After collecting VPN accounting data, explained in the Collect VPN Accounting Data section on page 8-10, you can view reports about VPN accounting data. As shown in Figure 8-66, View Accounting Reports, from the VPN Console window, choose Monitoring > View Accounting Reports, followed by one of the following types of reports: Traffic Summary, page 8-79 Application Type Summary, page 8-81 Customer Summary, page 8-82 PE to PE Traffic Summary, page 8-83 CE to CE Traffic Summary, page 8-85 Type of Service Summary, page 8-86 Customer Traffic Volume (CE CE), page 8-88 Network Traffic Volume (PE PE), page 8-90 Traffic Volume (PE CE), page 8-93 Figure 8-66 View Accounting Reports For information within the Accounting Reports, first see the generic report fields and their explanations in Chapter 14, Reports Overview. Additionally each report has a report-specific Results area and bottom task bar information. Traffic Summary Traffic Summary reports are time-based drill-down reports that display total packets and total K bytes for traffic that can be mapped to the VPN world (VPN Traffic) and otherwise to Unmappable Traffic. Traffic Summary acts as a starting point to get to other reports. 8-79

80 View Accounting Reports Chapter 8 To display a Traffic Summary report, implement the following step: Step 1 From the VPN Console window, choose Monitoring > View Accounting Reports > Traffic Summary, as shown in Figure 8-67, Traffic Summary. Figure 8-67 Traffic Summary You receive a report similar to the example in Figure 8-68, Example Traffic Summary Report. Figure 8-68 Example Traffic Summary Report For a description of the Traffic Summary report, first see the explanation of the generic report fields in Chapter 14, Reports Overview. The section Results Area for Traffic Summary Report provides information specific to the Traffic Summary report. Results Area for Traffic Summary Report The columns of information are as follows: Traffic Type is VPN Traffic or Unmapped Traffic. Total Packets is the number of packets recorded for VPN Traffic or Unmapped Traffic. K Bytes is the amount of data in K bytes recorded for VPN Traffic or Unmapped Traffic. 8-80

81 Chapter 8 View Accounting Reports Application Type Summary Application Type Summary reports provide total packets and total K bytes for each application type. To display an Application Type Summary report, implement the following step: Step 1 From the VPN Console window, choose Monitoring > View Accounting Reports > Application Type Summary, as shown in Figure 8-69, Application Type Summary. Figure 8-69 Application Type Summary You receive a report similar to the example in Figure 8-70, Example Application Type Summary Report. Figure 8-70 Example Application Type Summary Report 8-81

82 View Accounting Reports Chapter 8 For a description of the Application Type Summary report, first see the explanation of the generic report fields in Chapter 14, Reports Overview. The section Results Area for Application Type Summary Report provides information specific to the Application Type Summary report. Results Area for Application Type Summary Report The columns of information are as follows: Application Type shows a list of Layer 4 network applications. Total Packets is the number of packets recorded for a particular application type. K Bytes is the amount of data in K bytes recorded for a particular application type. Customer Summary Customer Summary reports provide total packets and total K bytes for each customer plus drill-down reports for customer site, type of service, and application type. To display a Customer Summary report, implement the following step: Step 1 From the VPN Console window, choose Monitoring > View Accounting Reports > Customer Summary, as shown in Figure 8-71, Customer Summary. Figure 8-71 Customer Summary You receive a report similar to the example in Figure 8-72, Example Customer Summary Report. 8-82

83 Chapter 8 View Accounting Reports Figure 8-72 Example Customer Summary Report For a description of the Customer Summary report, first see the explanation of the generic report fields in Chapter 14, Reports Overview. The section Results Area for Customer Summary Report provides information specific to the Customer Summary report. Results Area for Customer Summary Report The columns of information are as follows: Customer Name lists all VPN customers. Total Packets is the number of packets recorded for a particular customer. K Bytes is the amount of data in K bytes recorded for a particular customer. PE to PE Traffic Summary PE to PE Traffic Summary provides a report of all traffic between PE to PE plus drill-down reports for: PE to connected CE; PE to remote CE; PE traffic; PE to CE. To display a PE to PE Traffic Summary report, implement the following step: Step 1 From the VPN Console window, choose Monitoring > View Accounting Reports > PE to PE Traffic Summary, as shown in Figure 8-73, PE to PE Traffic Summary. 8-83

84 View Accounting Reports Chapter 8 Figure 8-73 PE to PE Traffic Summary You receive a report similar to the example in Figure 8-74, Example PE to PE Traffic Summary Report. Figure 8-74 Example PE to PE Traffic Summary Report For a description of the PE to PE Traffic Summary report, first see the explanation of the generic report fields in Chapter 14, Reports Overview. The section Results Area for PE to PE Traffic Summary Report provides information specific to the PE to PE Traffic Summary report. Results Area for PE to PE Traffic Summary Report The columns of information are as follows: From PE shows a list of PEs from which traffic is originated. PE names is a column for each PE to which traffic is destined. 8-84

85 Chapter 8 View Accounting Reports CE to CE Traffic Summary CE to CE Traffic Summary provides a report of all traffic between CE to CE. To display a CE to CE Traffic Summary report, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > View Accounting Reports > CE to CE Traffic Summary, as shown in Figure 8-75, CE to CE Traffic Summary. Figure 8-75 CE to CE Traffic Summary You receive a window similar to the example in Figure 8-76, Customer Chooser for CE to CE Traffic Summary. Figure 8-76 Customer Chooser for CE to CE Traffic Summary Step 2 Step 3 In the Select a Customer field in Figure 8-76, Customer Chooser for CE to CE Traffic Summary, highlight the row or rows that indicate the customer or customers you want to select. In the Report Time Level drop-down list, select from among the following choices: Today Current Week 8-85

86 View Accounting Reports Chapter 8 Step 4 Current Month Current Year Click OK to generate a report based on the information you specified in this window, as shown in Figure 8-77, Example CE to CE Traffic Summary Report. If you click Cancel, you will return to the VPN Console window. Figure 8-77 Example CE to CE Traffic Summary Report For a description of the CE to CE Traffic Summary report, first see the explanation of the generic report fields in Chapter 14, Reports Overview. The section Results Area for CE to CE Traffic Summary Report provides information specific to the CE to CE Traffic Summary report. Results Area for CE to CE Traffic Summary Report The columns of information are as follows: From CE shows a list of CEs from which traffic is originated. CE names is a column for each CE to which traffic is destined. Type of Service Summary Type of Service Summary reports provide total packets and total K bytes for each TOS. To display a Type of Service Summary report, implement the following step: Step 1 From the VPN Console window, choose Monitoring > View Accounting Reports > Type of Service Summary, as shown in Figure 8-78, Type of Service Summary. 8-86

87 Chapter 8 View Accounting Reports Figure 8-78 Type of Service Summary You receive a report similar to the example in Figure 8-79, Example Type of Service Summary Report. Figure 8-79 Example Type of Service Summary Report For a description of the Type of Service Summary report, first see the explanation of the generic report fields in Chapter 14, Reports Overview. The section Results Area for Type of Service Summary Report provides information specific to the Type of Service Summary report. 8-87

88 View Accounting Reports Chapter 8 Results Area for Type of Service Summary Report The columns of information are as follows: Type of Service is: Class 1/In is the in contract, best class. Class 2/In is the in contract, second best class. Class 3/In is the in contract, third best class. Class 4/In is the in contract, worst class. Class 1/Out is the out of contract, best class. Class 2/Out is the out of contract, second best class. Class 3/Out is the out of contract, third best class. Class 4/Out is the out of contract, worst class. Total Packets is the number of packets recorded for a particular TOS. K Bytes is the amount of data in K bytes recorded for a particular TOS. Customer Traffic Volume (CE CE) Customer Traffic Volume (CE CE) reports on all traffic volume for a specific customer between customer edge router (CE) to CE in packets or K bytes (by TOS). To display a Customer Traffic Volume (CE CE) report, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > View Accounting Reports > Customer Traffic Volume (CE CE), as shown in Figure 8-80, Customer Traffic Volume (CE CE). Figure 8-80 Customer Traffic Volume (CE CE) You receive a window similar to the example in Figure 8-81, CE Chooser for Customer Traffic Volume (CE CE). 8-88

89 Chapter 8 View Accounting Reports Figure 8-81 CE Chooser for Customer Traffic Volume (CE CE) Step 2 Step 3 In the Customer drop-down menu in Figure 8-81, CE Chooser for Customer Traffic Volume (CE CE), click to get a list of Customers. Select the customer for which you want information. In the Customer field, each row of information is about a specific CE for the specified Customer. It includes the following columns of information and a row for each CE. CE Name, which gives the list of all CE names. Network Name, which gives the name of the network to which the CE in this row belongs. Domain Name, which gives the name of the domain to which the CE in this row belongs. Site Name, which gives the name of the site to which the CE in this row belongs. Note Step 4 Step 5 Step 6 In the Customer field, you can click the column header name for any column you want to sort. Select a CE for which you want information and highlight that row. In the Direction area, select either Origin or Destination to select traffic originated from or targeted to the selected CE, respectively. In the Report Time Level drop-down list, select from among the following choices: Today Current Week Current Month Current Year 8-89

90 View Accounting Reports Chapter 8 Step 7 Click OK to generate a report based on the information you specified in this window, as shown in Figure 8-82, Example Customer Traffic Volume (CE CE) Report. If you click Cancel, you will return to the VPN Console window. Figure 8-82 Example Customer Traffic Volume (CE CE) Report For a description of the Customer Traffic Volume (CE CE) report, first see the explanation of the generic report fields in Chapter 14, Reports Overview. The section Results Area for Customer Traffic Volume (CE CE) Report provides information specific to the Customer Traffic Volume (CE CE) report. Results Area for Customer Traffic Volume (CE CE) Report The columns of information are as follows: Destination CE/Origin CE lists the names of all CEs that belong to the same Customer and are end points. The statistics are provided for SLAs for the specific TOS that connects the selected router. Class 1/In is the in contract, best class. Class 2/In is the in contract, second best class. Class 3/In is the in contract, third best class. Class 4/In is the in contract, worst class. Class 1/Out is the out of contract, best class. Class 2/Out is the out of contract, second best class. Class 3/Out is the out of contract, third best class. Class 4/Out is the out of contract, worst class. Network Traffic Volume (PE PE) Network Traffic Volume (PE PE) reports on all traffic volume between provider edge router (PE) to PE in packets or K bytes (by TOS). To display a Network Traffic Volume (PE PE) report, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > View Accounting Reports > Network Traffic Volume (PE PE), as shown in Figure 8-83, Network Traffic Volume (PE PE). 8-90

91 Chapter 8 View Accounting Reports Figure 8-83 Network Traffic Volume (PE PE) You receive a window similar to the example in Figure 8-84, PE Chooser for Network Traffic Volume (PE PE). Figure 8-84 PE Chooser for Network Traffic Volume (PE PE) In the PE field, each row of information is about a specific PE. It includes the following columns of information. PE Name, which gives the list of all PE names. Network Name, which gives the name of the network to which the PE in this row belongs. Domain Name, which gives the name of the domain to which the PE in this row belongs. Provider Name, which gives the name of the provider to which the PE in this row belongs. Note In the PE field, you can click the column header name for any column you want to sort. 8-91

92 View Accounting Reports Chapter 8 Step 2 Step 3 Step 4 Step 5 Select the PE for which you want information and highlight that row. In the Direction area, select whether you want to view the Origin, to select traffic originated from the selected PEs, or the Destination, to select traffic targeted toward the selected PEs. In the Report Time Level drop-down list, select from among the following choices: Today Current Week Current Month Current Year Click OK to generate a report based on the information you specified in this window, as shown in Figure 8-85, Example Network Traffic Volume (PE PE) Report. If you click Cancel, you will return to the VPN Console window. Figure 8-85 Example Network Traffic Volume (PE PE) Report For a description of the Network Traffic Volume (PE PE) report, first see the explanation of the generic report fields in Chapter 14, Reports Overview. The section Results Area for Network Traffic Volume (PE PE) Report provides information specific to the Network Traffic Volume (PE PE) report. Results Area for Network Traffic Volume (PE PE) Report The columns of information are as follows: Destination PE/Origin PE lists the names of all PEs that are end points. The statistics are provided for SLAs for the specific TOS that connects the selected router. Class 1/In is the in contract, best class. Class 2/In is the in contract, second best class. Class 3/In is the in contract, third best class. Class 4/In is the in contract, worst class. Class 1/Out is the out of contract, best class. Class 2/Out is the out of contract, second best class. Class 3/Out is the out of contract, third best class. Class 4/Out is the out of contract, worst class. 8-92

93 Chapter 8 View Accounting Reports Traffic Volume (PE CE) Traffic Volume (PE CE) reports on all traffic between PE to CE (by TOS). To display a Traffic Volume (PE CE) report, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > View Accounting Reports > Traffic Volume (PE CE), as shown in Figure 8-86, Traffic Volume (PE CE). Figure 8-86 Traffic Volume (PE CE) You receive a window similar to the example in Figure 8-87, PE Chooser for Traffic Volume (PE CE). Figure 8-87 PE Chooser for Traffic Volume (PE CE) 8-93

94 View Accounting Reports Chapter 8 In the PE field, each row of information is about a specific PE. It includes the following columns of information. PE Name, which gives the list of all PE names. Network Name, which gives the name of the network to which the PE in this row belongs. Domain Name, which gives the name of the domain to which the PE in this row belongs. Provider Name, which gives the name of the provider to which the PE in this row belongs. Note Step 2 Step 3 Step 4 Step 5 In the PE field, you can click the column header name for any column you want to sort. Select the PE for which you want information and highlight that row. In the Direction area, select whether you want to view the Origin, to select traffic originated from the selected PEs, or the Destination, to select traffic targeted toward the selected PEs. In the Report Time Level drop-down list, select from among the following choices: Today Current Week Current Month Current Year Click OK to generate a report based on the information you specified in this window, as shown in Figure 8-88, Example Traffic Volume (PE CE) Report. If you click Cancel, you will return to the VPN Console window. Figure 8-88 Example Traffic Volume (PE CE) Report For a description of the Traffic Volume (PE CE) report, first see the explanation of the generic report fields in Chapter 14, Reports Overview. The section Results Area for Traffic Volume (PE CE) Report provides information specific to the Traffic Volume (PE CE) report. 8-94

95 Chapter 8 View CAR MIB Reports Results Area for Traffic Volume (PE CE) Report The columns of information are as follows: Destination CE/Origin CE lists the names of all CEs that belong to the same Customer and are end points. The statistics are provided for SLAs for the specific TOS that connects the selected router. Class 1/In is the in contract, best class. Class 2/In is the in contract, second best class. Class 3/In is the in contract, third best class. Class 4/In is the in contract, worst class. Class 1/Out is the out of contract, best class. Class 2/Out is the out of contract, second best class. Class 3/Out is the out of contract, third best class. Class 4/Out is the out of contract, worst class. View CAR MIB Reports Prior to viewing the committed access rate (CAR) management information bases (MIB) reports, you need to poll a router s CAR MIB, as explained in the Poll a Router s CAR MIB section on page The CAR MIB status data is collected and kept in the Repository. The aggregator aggregates the data to generate hourly, daily, weekly, monthly, and yearly data. You can view the collected data in the Repository. From the VPN Console window, choose Monitoring > View CAR MIB Reports, followed by one of the following types of reports, as shown in Figure 8-89, Choose from View CAR MIB Reports : By Customer, page 8-96 By Network, page 8-99 Figure 8-89 Choose from View CAR MIB Reports 8-95

96 View CAR MIB Reports Chapter 8 By Customer To display the CAR MIB status for specific managed customer CE routers, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > View CAR MIB Reports > By Customer, as shown in Figure 8-90, CAR MIB Report by Customer. Figure 8-90 CAR MIB Report by Customer You receive a window similar to the example in Figure 8-91, Customer Chooser for CAR MIB Report by Customer. Figure 8-91 Customer Chooser for CAR MIB Report by Customer Step 2 In the Select a Customer field in Figure 8-91, Customer Chooser for CAR MIB Report by Customer, highlight only one customer for which you want report information. Note The wizard will inappropriately allow you to select more than one customer. Do not do this. If you select more than one customer, only the first customer in the list appears in the report. 8-96

97 Chapter 8 View CAR MIB Reports Step 3 Step 4 In the Report Time Level drop-down list, select from among the following choices: Today Current Week Current Month Current Year Click OK to generate a report based on the information you specified in this window, as shown in Figure 8-92, Example CAR MIB Status Report by Customer. If you click Cancel, you will return to the VPN Console window. Figure 8-92 Example CAR MIB Status Report by Customer For a description of the CAR MIB Status Report by customer, first see the explanation of the generic report fields in Chapter 14, Reports Overview. The following sections provide information specific to the CAR MIB Status Report, by customer: Results Area for CAR MIB Status Report, By Customer section on page 8-97 Bottom Task Bar for CAR MIB Status Report, By Customer section on page 8-98 Results Area for CAR MIB Status Report, By Customer The columns of information are as follows: Router is the router name shown in the directory repository. Interface Name is the interface name shown in the directory repository. The interface name is mapped from the interface index number. Note If the Interface Name field defaults to DUMMY, run the wizard explained in the Populate Interface Information for Cisco Router Targets section on page Then rerun this report. Direction is the traffic direction (Input or Output). Curr Sw Pkts is the number of packets that have been switched at the collected interface. Multiple collections can occur in any aggregated period. Therefore, the current number of switched packets is the total of those multiple collections. Curr Sw KBytes is the number of K bytes that have been switched at the collected interface. Multiple collections can occur in any aggregated period. Therefore, the current number of switched K bytes is the total of those multiple collections. 8-97

98 View CAR MIB Reports Chapter 8 Curr Filtered Pkts is the number of packets that have been filtered out at the collected interface. Multiple collections can occur in any aggregated period. Therefore, the current number of filtered packets is the total of those multiple collections. Curr Filtered KBytes is the number of K bytes that have been filtered out at the collected interface. Multiple collections can occur in any aggregated period. Therefore, the current number of filtered K bytes is the total of those multiple collections. Total Sw Pkts is the total number of packets that have been switched. Total Sw KBytes is the total number of K bytes that have been switched. Total Filtered Pkts is the total number of packets that have been filtered out. Total Filtered KBytes is the total number of K bytes that have been filtered out. Type is the configuration type. The types of traffic that are rate-limited are: all, which is all Traffic quickacc, which is traffic matched to the rate-limit s access list standard Acc, which indicates that traffic matches the standard access list. ACL Index is the Access List Number. Conf. Rate is the Configure Rate, the transmission rate limit. Conf. Limit is the normal burst size in bytes. Ext. Limit is the extended limit, the excess burst size in bytes. Conf. Action is the conformed action, the action taken for those packets that have conformed with the rate limit. The valid options are: drop, which indicates to drop the packet xmit, which indicates to transmit the packet continue, which indicates to continue to evaluate to the subsequent rate limits precedxmit, which indicates to rewrite the IP precedence and transmit the packet Ex. Action is Exceed Action, the action taken for those packets that have exceeded the rate limit. The valid options are: drop, which indicates to drop the packet xmit, which indicates to transmit the packet continue, which indicates to continue to evaluate to the subsequent rate limits precedxmit, which indicates to rewrite the IP precedence and transmit the packet Curr Burst is the instantaneous burst size at the current time. Start Collection Time is the start time for collecting the CAR MIB status. End Collection Time is the end time for collecting the CAR MIB status. Bottom Task Bar for CAR MIB Status Report, By Customer Selections in the bottom task bar for CAR MIB Status Report by customer include the following: By Customer Site is a drop-down menu from which you can select a specific customer site. 8-98

99 Chapter 8 View CAR MIB Reports By Network To display the CAR MIB status for specific PE routers, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > View CAR MIB Reports > By Network, as shown in Figure 8-93, CAR MIB Report by Network. Figure 8-93 CAR MIB Report by Network You receive a window similar to the example in Figure 8-94, Network Chooser for CAR MIB Report by Network. Figure 8-94 Network Chooser for CAR MIB Report by Network Step 2 In the Select a Network field in Figure 8-94, Network Chooser for CAR MIB Report by Network, highlight only one network for which you want report information. Note The wizard will inappropriately allow you to select more than one network. Do not do this. If you select more than one network, only the first network in the list appears in the report. 8-99

100 View CAR MIB Reports Chapter 8 Step 3 Step 4 In the Report Time Level drop-down list, select from among the following choices: Today Current Week Current Month Current Year Click OK to generate a report based on the information you specified in this window, as shown in Figure 8-95, Example CAR MIB Status Report by Network. If you click Cancel, you will return to the VPN Console window. Figure 8-95 Example CAR MIB Status Report by Network For a description of the CAR MIB Status Report by network, first see the explanation of the generic report fields in Chapter 14, Reports Overview. The Results Area for CAR MIB Status Report, By Network section on page provides information specific to the CAR MIB Status Report, by network. Results Area for CAR MIB Status Report, By Network The columns of information are as follows: Router is the router name shown in the directory repository. Interface Name is the interface name shown in the directory repository. The interface name is mapped from the interface index number. Note If the Interface Name field defaults to DUMMY, run the wizard explained in the Populate Interface Information for Cisco Router Targets section on page Then rerun this report. Direction is the traffic direction (Input or Output). Curr Sw Pkts is the number of packets that have been switched at the collected interface. Multiple collections can occur in any aggregated period. Therefore, the current number of switched packets is the total of those multiple collections. Curr Sw KBytes is the number of K bytes that have been switched at the collected interface. Multiple collections can occur in any aggregated period. Therefore, the current number of switched K bytes is the total of those multiple collections

101 Chapter 8 View CAR MIB Reports Curr Filtered Pkts is the number of packets that have been filtered out at the collected interface. Multiple collections can occur in any aggregated period. Therefore, the current number of filtered packets is the total of those multiple collections. Curr Filtered KBytes is the number of K bytes that have been filtered out at the collected interface. Multiple collections can occur in any aggregated period. Therefore, the current number of filtered K bytes is the total of those multiple collections. Total Sw Pkts is the total number of packets that have been switched. Total Sw KBytes is the total number of K bytes that have been switched. Total Filtered Pkts is the total number of packets that have been filtered out. Total Filtered KBytes is the total number of K bytes that have been filtered out. Type is the configuration type. The types of traffic that are rate-limited are: all, which is all Traffic quickacc, which is traffic matched to the rate-limit s access list standard Acc, which indicates that traffic matches the standard access list. ACL Index is the Access List Number. Conf. Rate is the Configure Rate, the transmission rate limit. Conf. Limit is the normal burst size in bytes. Ext. Limit is the extended limit, the excess burst size in bytes. Conf. Action is the conformed action, the action taken for those packets that have conformed with the rate limit. The valid options are: drop, which indicates to drop the packet xmit, which indicates to transmit the packet continue, which indicates to continue to evaluate to the subsequent rate limits precedxmit, which indicates to rewrite the IP precedence and transmit the packet Ex. Action is Exceed Action, the action taken for those packets that have exceeded the rate limit. The valid options are: drop, which indicates to drop the packet xmit, which indicates to transmit the packet continue, which indicates to continue to evaluate to the subsequent rate limits precedxmit, which indicates to rewrite the IP precedence and transmit the packet Curr Burst is the instantaneous burst size at the current time. Start Collection Time is the start time for collecting the CAR MIB status. End Collection Time is the end time for collecting the CAR MIB status

102 View Data Report Chapter 8 View Data Report Note Data reports show all collected data in the database. This includes all data generated by MPLS and IPsec. The reports from View Data Report can be used as a debugging tool to determine whether your collections were successful and available for other reports or applications. From the VPN Console window, choose Monitoring > View Data Report, as shown in Figure 8-96, Choose View Data Report, followed by one of the following types of reports: By Device, page (provides a report of collected data that belongs to a specific target device) By Network, page (provides a report of collected data that belongs to a specific network and all the data that belongs to all the devices in that network) By Dataset Type, page (provides a report of collected data in the Repository of the specified dataset type) Figure 8-96 Choose View Data Report By Device When you display data reports by target device, you will see collected data that belongs to a specific target device. Implement the following steps: Step 1 From the VPN Console window, choose Monitoring > View Data Report > By Device, as shown in Figure 8-97, Choose View Data Report > By Device

103 Chapter 8 View Data Report Figure 8-97 Choose View Data Report > By Device You receive a window similar to the example in Figure 8-98, By Device Target Chooser. Figure 8-98 By Device Target Chooser Step 2 In the Network drop-down menu in Figure 8-98, By Device Target Chooser, click to get a list of networks

104 View Data Report Chapter 8 Step 3 Step 4 Step 5 Step 6 Select the network from which you want information. In the device field, each row of information is about a specific device in the specified network. It includes the following columns of information for each device. Network, which gives the network name chosen from the Network drop-down menu. Name, which gives the name of a target device in the specified network. Domain, which gives the name of the domain to which the target device in this row belongs. Role, which gives the role of the target device. Select a device for which you want information and highlight that row. In the Select a Dataset Type area, use the drop-down menu and highlight the type of data you want to choose. The choices are: CAR MIB Data Mediator Performance Router Config SA Agent Data Traffic Data VFIT Table VPN Traffic Data Click OK to generate a report that shows all the collected data of the selected dataset type that belongs to the selected target device. An example of a generated report is shown in Figure 8-99, Data Report By Device. An explanation of the columns of information is in the Results Area for Data Reports section on page Figure 8-99 Data Report By Device 8-104

105 Chapter 8 View Data Report By Network When you display data reports by network, you will see collected data that belongs to a specific network and the data that belongs to all the devices in that network. Implement the following steps: Step 1 From the VPN Console window, choose Monitoring > View Data Report > By Network, as shown in Figure 8-100, Choose View Data Report > By Network. Figure Choose View Data Report > By Network You receive a window similar to the example in Figure 8-101, By Network Chooser. Figure By Network Chooser Step 2 Step 3 In the Select a Network field, highlight the network from which you want to view data. In the Select a Dataset Type area, use the drop-down menu and highlight the dataset type you want to choose. The choices are: CAR MIB Data Mediator Performance Router Config SA Agent Data 8-105

106 View Data Report Chapter 8 Step 4 Traffic Data VFIT Table VPN Traffic Data Click OK to generate a report that shows all the collected data of the selected dataset type that belongs to the selected network or to all the devices in that network. An example of a generated report is shown in Figure 8-102, Data Report By Network. An example of the columns of information is explained in the Results Area for Data Reports section on page Figure Data Report By Network By Dataset Type When you display data reports by dataset type, you will see a report of collected data in the Repository of the specified dataset type. Implement the following steps: Step 1 From the VPN Console window, choose Monitoring > View Data Report > By Dataset Type, as shown in Figure 8-103, Choose View Data Report > By Dataset Type, followed by one of the following dataset types: CAR MIB Data Mediator Performance Router Config SA Agent Data Traffic Data VFIT Table VPN Traffic Data 8-106

107 Chapter 8 View Data Report Figure Choose View Data Report > By Dataset Type You receive a report of collected data in the Repository of the selected dataset type. An example of a generated report is shown in Figure 8-104, Data Report By Dataset Type. An explanation of the columns of information is explained in the Results Area for Data Reports section on page Figure Data Report By Dataset Type Results Area for Data Reports The result of choosing Monitoring > View Data Report is like the example in Figure 8-105, Example of Data Report

108 View Data Report Chapter 8 Figure Example of Data Report Data can be collected from different types of sources. Data can be collected from a target device or a network. This data can then be presented by target, by network, or by dataset type. For a more specific report, see the following: For a data report by device, see Figure 8-99, Data Report By Device. For a data report by network, see Figure 8-102, Data Report By Network. For a data report by dataset type, see Figure 8-104, Data Report By Dataset Type. The types of information in this report are the following: Source Name is the name of the data source. For example: It is the name of the network when the data is collected from a network and it is the name of the target when the data is collected from a target. Source Domain is applicable only when the data is collected from a target. It is the domain to which the target belongs. If the data is collected from a network, N/A appears. Source Network is applicable only when the data is collected from a target. It is the network to which the target belongs. If the data is collected from a network, N/A appears. Source Role is applicable only when the data is collected from a target. It is the role of the target. If the data is collected from a network, N/A appears. Source Type is the type of the target when data is collected from a target. The value is Network if the data is collected from a network. Data ID is the internal identification of the collected data. Data Catalog is the data type of the collected data. Size (bytes) is the size of the collected data in bytes. Start Time is the time that the collection process started. End Time is the time that the collection process ended

109 Chapter 8 View SLA Reports View SLA Reports After collecting SA Agent data for SLA monitoring, explained in the Collect VPN Routing Information section on page 8-17, you can view reports about the aggregated data. From the VPN Console window, choose Monitoring > View SLA Reports followed by one of the following types of reports, as shown in Figure 8-106, Choose from View SLA Reports. Summary Report, page Jitter Report, page HTTP Report, page Customer Packet Drop (CE CE), page Customer Round Trip Delay (CE CE), page Network Packet Drop (PE PE), page Network Round Trip Delay (PE PE), page SLA Definition, page Figure Choose from View SLA Reports For information within the SLA Reports, first see the generic report fields and their explanations in Chapter 14, Reports Overview. Additionally each report has a report-specific Results area and bottom task bar information. Summary Report When you choose Summary Report, you can drill down to time-based reports that show the parameters: Connectivity as a percentage, Max. Delay in milliseconds, and Threshold Violation as a percentage. These parameters are available in annual, monthly, weekly, daily, and hourly reports. For each parameter, you can generate detailed reports that show more related parameters. The reports can be aggregated by: Source Router (the source of the SLA), SLA identifier, customer name, or VPN name

110 View SLA Reports Chapter 8 To display a Summary Report, implement the following step: Step 1 From the VPN Console window, choose Monitoring > View SLA Reports > Summary Report, as shown in Figure 8-107, Summary Report. Figure Summary Report You receive a report similar to the example in Figure 8-108, Example Summary Report. Note The default report is the Monthly report. Figure Example Summary Report For a description of the Summary Report, first see the explanation of the generic report fields in Chapter 14, Reports Overview. The following sections provide information specific to the Summary Report: Results Area for Summary Report section on page Bottom Task Bar for Summary Report section on page Color Scheme section on page

111 Chapter 8 View SLA Reports Results Area for Summary Report The columns of information are as follows: Connectivity % is the percentage of SA Agent operations that were completed successfully. Max. Delay (ms) is the maximum round-trip time value that was measured (in milliseconds). Threshold Violation % is the percentage of SA Agent operations that were completed after the threshold value. Bottom Task Bar for Summary Report Selections in the bottom task bar for Summary Report include the following: Aggregate By is a drop-down menu from which you can select one of the following: SLA ID is a unique identifier internally defined for each SA Agent router CE belongs. Customer is the name of the Customer. VPN is the name of the VPN to which the router belongs. Source Router is the fully qualified name of the SA Agent router. Details is a drop-down menu from which you can select one of the following: Click Connectivity and you will get information about the following categories: Connectivity %; # Connections; # Timeouts. Click Max. Delay and you will get information about the following categories: Min Delay (ms); Max Delay (ms); Avg. Delay (ms); STD of Delay. Click Threshold Violation and you will get information about the following categories: Threshold Violation %; # Connections Note You can navigate to different types of reports from the Summary Report. Color Scheme When you choose to Aggregate By and the report shows only one parameter, either Connectivity %, Max. Delay (ms), or Threshold Violation %, then in the monthly, weekly, and daily report levels the following color scheme appears: For Connectivity %, 0% is red and 100% is green. The shading varies between these extremes. For Max. Delay (ms), 0 ms is green and 6000 ms and above are red. The shading varies between these extremes. For Threshold Violation % 0% is green and 100% is red. The shading varies between these extremes. Note In these reports green indicates a good state and red indicates a state to be concerned about

112 View SLA Reports Chapter 8 Jitter Report Jitter Report displays statistics that are measured only by Voice Jitter SLAs originated in a selected router. The reports are time based. They show hourly, daily, weekly, monthly, and annual data and can be aggregated by: SLA ID, source router, destination router, VPN, or Customer. Each of the following arguments are shown both in the direction of source to destination and in the direction of destination to source: Packet Drop % Avg. of Positive Jitter (ms) Avg. of Negative Jitter (ms) Average Jitter (ms) Min. Jitter (ms) Max. Jitter (ms) To display a Jitter Report, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > View SLA Reports > Jitter Report, as shown in Figure 8-109, Jitter Report. Figure Jitter Report You receive a window similar to the example in Figure 8-110, CE Chooser for Jitter Report

113 Chapter 8 View SLA Reports Figure CE Chooser for Jitter Report Step 2 Step 3 In the Customer drop-down menu in Figure 8-110, CE Chooser for Jitter Report, click to show a list of Customers. Select the customer for which you want information. In the Customer field, each row of information is about a specific CE for the specified Customer. It includes the following columns of information and a row for each CE. CE Name, which gives the list of all CE names. Network Name, which gives the name of the network to which the CE in this row belongs. Domain Name, which gives the name of the domain to which the CE in this row belongs. Site Name, which gives the name of the site to which the CE in this row belongs. Note Step 4 Step 5 Step 6 In the Customer field, you can click the column header name for any column you want to sort. Highlight the row for the CE for which you want information. In the Direction area, select whether you want to view the traffic going Forward or Backward from the selected CE. In the Jitter Parameter drop-down list, select from among the following choices: Packet Drop % Avg. of Positive Jitter (ms) Avg. of Negative Jitter (ms) Average Jitter (ms) 8-113

114 View SLA Reports Chapter 8 Step 7 Step 8 Min. Jitter (ms) Max. Jitter (ms) In the Report Time Level drop-down list, select from among the following choices: Today Current Week Current Month Current Year. Click OK to generate a report based on the information you specified in this window, as shown in Figure 8-111, Example Jitter Report Forward Max. Jitter Aggregated by Destination Router. If you click Cancel, you will return to the VPN Console window. Figure Example Jitter Report Forward Max. Jitter Aggregated by Destination Router Results Area for Jitter Report For a description of the Jitter Report, first see the explanation of the generic report fields in Chapter 14, Reports Overview. The following sections provide information specific to the Jitter Report: Results Area for Jitter Report section on page Bottom Task Bar for Jitter Report section on page The first column depends on your selection from Aggregate By and subsequent columns depend on the time level you chose. Bottom Task Bar for Jitter Report Selections in the bottom task bar for Jitter Report include the following: Forward and Backward are drop-down menus that provide the possible Jitter parameters: Packet Drop % Avg. of Positive Jitter (ms) Avg. of Negative Jitter (ms) Average Jitter (ms) 8-114

115 Chapter 8 View SLA Reports Min. Jitter (ms) Max. Jitter (ms) Aggregate By is a drop-down menu from which you can select one of the following: Sla ID is a unique identifier internally defined for each SLA. Customer is the name of the customer to which the SA Agent router CE belongs. VPN is the name of the VPN to which the router belongs. Destination Router is the fully qualified name of the SA Agent router. Unspecified is the method of going to an unaggregated report. HTTP Report HTTP Report displays statistics that are measured only by HTTP SLAs. The reports are time based. They show hourly, daily, weekly, monthly, and annual data. To display an HTTP Report, implement the following step: Step 1 From the VPN Console window, choose Monitoring > View SLA Reports > HTTP Report, as shown in Figure 8-112, HTTP Report. Figure HTTP Report The resulting types of reports are explained in the following sections: Summary HTTP Report section on page HTTP Stages Report section on page For each summary report, you can drill down to the corresponding stages report. The stages are the different HTTP protocol stages: dns lookup, tcp connection, and transaction. The reports show the distribution in percentage of parameters among these three stages

116 View SLA Reports Chapter 8 The parameters are: Round Trip Time (ms) Timeouts (#) Errors (#) Summary HTTP Report Similar to the SLA Summary report, the Summary HTTP Report shows the arguments: percentage of connectivity, Max Delay in milliseconds, and percentage of Threshold violation, which may each be aggregated by SLA ID, source router, VPN, or Customer. See the example in Figure 8-113, Summary HTTP Report Aggregated by Source Router. Figure Summary HTTP Report Aggregated by Source Router HTTP Stages Report From each Summary HTTP Report, you can drill down to the corresponding stages report from the Stages Report drop-down menu in the bottom task bar. The stages are the different HTTP protocol stages: DNS, TCP Connection, and Transaction. The reports show the distribution in percentage of arguments in the stages: Round Trip Time (ms), Timeouts (#), and Errors (#). See the example in Figure 8-114, HTTP Stages Report Round Trip Time Aggregated by Source Router

117 Chapter 8 View SLA Reports Figure HTTP Stages Report Round Trip Time Aggregated by Source Router Customer Packet Drop (CE CE) Customer Packet Drop (CE CE) provides reports that show the packet drop percentage among CEs of a specific customer. This information is measured only for the SLAs with the Jitter protocol. The reports are aggregated by class of service. The reports are annually, monthly, weekly, daily, and hourly. You can navigate along the time scale. To display a Customer Packet Drop (CE CE) report, implement the following step: Step 1 From the VPN Console window, choose Monitoring > View SLA Reports > Customer Packet Drop (CE CE), as shown in Figure 8-115, Customer Packet Drop (CE CE). Figure Customer Packet Drop (CE CE) You receive a window similar to the example in Figure 8-116, CE Chooser for Customer Packet Drop (CE CE)

118 View SLA Reports Chapter 8 Figure CE Chooser for Customer Packet Drop (CE CE) Step 2 The information about Figure 8-116, CE Chooser for Customer Packet Drop (CE CE), is explained in the following categories: In the Customer drop-down menu in Figure 8-116, CE Chooser for Customer Packet Drop (CE CE), select one or more rows to select one or more CEs. In the Customer field, each row of information is about a specific CE for the specified Customer. It includes the following columns of information and a row for each CE. CE Name, which gives the list of all CE names. Network Name, which gives the name of the network to which the CE in this row belongs. Domain Name, which gives the name of the domain to which the CE in this row belongs. Site Name, which gives the name of the site to which the CE in this row belongs. Note Step 3 Step 4 Step 5 In the Customer field, you can click the column header name for any column you want to sort. Select one or more CEs for which you want information and highlight those rows. In the Direction area, select whether you want to view the Origin, to select traffic originated from the selected PEs, or the Destination, to select traffic targeted toward the selected PEs. In the Report Time Level drop-down list, select from among the following choices: Today Current Week Current Month Current Year 8-118

119 Chapter 8 View SLA Reports Step 6 Click OK to generate a report based on the information you specified in this window, as shown in Figure 8-117, Example Customer Packet Drop (CE CE) Report. If you click Cancel, you will return to the VPN Console window. Figure Example Customer Packet Drop (CE CE) Report Results Area for Customer Packet Drop (CE CE) Report The columns of information are as follows: Destination CE/Origin CE is names of all CEs that belong to the same Customer and are end points. The statistics are provided for SLAs for the specific COS that connects the selected router. Class 1/In is the in contract, best class. Class 2/In is the in contract, second best class. Class 3/In is the in contract, third best class. Class 4/In is the in contract, worst class. Class 1/Out is the out of contract, best class. Class 2/Out is the out of contract, second best class. Class 3/Out is the out of contract, third best class. Class 4/Out is the out of contract, worst class. Note N/A means there were no completions for this SLA; no meaningful value can be calculated. Customer Round Trip Delay (CE CE) Customer Round Trip Delay (CE CE) provides reports that show the Max/Min and Avg. round-trip time (in milliseconds) among CEs of a specific customer. The statistics are for all the probe types. The reports are aggregated by class of service. The reports are annually, monthly, weekly, daily, and hourly. You can navigate along the time scale. To display a Customer Round Trip Delay (CE CE) report, implement the following step: Step 1 From the VPN Console window, choose Monitoring > View SLA Reports > Customer Round Trip Delay (CE CE), as shown in Figure 8-118, Customer Round Trip Delay (CE CE)

120 View SLA Reports Chapter 8 Figure Customer Round Trip Delay (CE CE) You receive a window similar to the example in Figure 8-119, CE Chooser for Customer Round Trip Delay (CE CE). Figure CE Chooser for Customer Round Trip Delay (CE CE) Step 2 In the Customer drop-down menu in Figure 8-119, CE Chooser for Customer Round Trip Delay (CE CE), select one or more rows to select one or more CEs. In the Customer field, each row of information is about a specific CE for the specified Customer. It includes the following columns of information and a row for each CE. CE Name, which gives the list of all CE names. Network Name, which gives the name of the network to which the CE in this row belongs. Domain Name, which gives the name of the domain to which the CE in this row belongs. Site Name, which gives the name of the site to which the CE in this row belongs

121 Chapter 8 View SLA Reports Note Step 3 Step 4 Step 5 In the Customer field, you can click the column header name for any column you want to sort. Select one or more CEs for which you want information and highlight those rows. In the Report Time Level drop-down list, select from among the following choices: Today Current Week Current Month Current Year Click OK to generate a report based on the information you specified in this window, as shown in Figure 8-120, Example Customer Round Trip Delay (CE CE) Report. If you click Cancel, you will return to the VPN Console window. Figure Example Customer Round Trip Delay (CE CE) Report Results Area for Customer Packet Drop (CE CE) Report The columns of information are as follows: Destination CE/Origin CE is names of all CEs that belong to the same Customer and are end points. The statistics are provided for SLAs for the specific COS that connects the selected router. Class 1/In is the in contract, best class. Class 2/In is the in contract, second best class. Class 3/In is the in contract, third best class. Class 4/In is the in contract, worst class. Class 1/Out is the out of contract, best class. Class 2/Out is the out of contract, second best class. Class 3/Out is the out of contract, third best class. Class 4/Out is the out of contract, worst class. Note N/A means there were no completions for this SLA; no meaningful value can be calculated

122 View SLA Reports Chapter 8 Network Packet Drop (PE PE) Network Packet Drop (PE PE) provides reports that show the packet drop percentage among all the shadow SA Agent CEs in the network. The network packet drop between PEs is measured by the shadow SA Agent CEs that are connected to the PEs. This information is measured only for the SLAs with the Jitter protocol. The reports are aggregated by class of service. The reports are annually, monthly, weekly, daily, and hourly. You can navigate along the time scale. To display a Network Packet Drop (PE PE) report, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > View SLA Reports > Network Packet Drop (PE PE), as shown in Figure 8-121, Network Packet Drop (PE PE). Figure Network Packet Drop (PE PE) You receive a window similar to the example in Figure 8-122, CE Chooser for Network Packet Drop (PE PE)

123 Chapter 8 View SLA Reports Figure CE Chooser for Network Packet Drop (PE PE) Step 2 In the Customer drop-down menu in Figure 8-122, CE Chooser for Network Packet Drop (PE PE), select one or more rows to select one or more PEs. In the Customer field, each row of information is about a specific PE for the specified Customer. It includes the following columns of information and a row for each CE. Shadow SA Agent CE Name, which gives the list of all CE names. Network Name, which gives the name of the network to which the CE in this row belongs. Domain Name, which gives the name of the domain to which the CE in this row belongs. Note Step 3 Step 4 Step 5 Step 6 In the Customer field, you can click the column header name for any column you want to sort. Select one or more CEs for which you want information and highlight those rows. In the Direction area, choose either Origin or Destination to select SLAs originated or targeted to this shadow SA Agent CE, respectively In the Report Time Level drop-down list, select from among the following choices: Today Current Week Current Month Current Year Click OK to generate a report based on the information you specified in this window, as shown in Figure 8-123, Example Network Packet Drop (PE PE) Report. If you click Cancel, you will return to the VPN Console window

124 View SLA Reports Chapter 8 Figure Example Network Packet Drop (PE PE) Report Results Area for Network Packet Drop (PE PE) The columns of information are as follows: Destination Shadow PE/Origin Shadow PE is names of all shadow SA Agent CEs that belong to the same Customer and are end points. The statistics are provided for SLAs for the specific COS that connects the selected router. Class 1/In is the in contract, best class. Class 2/In is the in contract, second best class. Class 3/In is the in contract, third best class. Class 4/In is the in contract, worst class. Class 1/Out is the out of contract, best class. Class 2/Out is the out of contract, second best class. Class 3/Out is the out of contract, third best class. Class 4/Out is the out of contract, worst class. Note N/A means there were no completions for this SLA. Network Round Trip Delay (PE PE) Network Round Trip Delay (PE PE) provides reports that show the Max/Min and Avg. round-trip time among shadow SA Agent CEs in the network. The statistics are for all the probe types. The reports are aggregated by class of service. The reports are annually, monthly, weekly, daily, and hourly. You can navigate along the time scale. To display a Network Round Trip Delay (PE PE) report, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > View SLA Reports > Network Round Trip Delay (PE PE), as shown in Figure 8-124, Network Round Trip Delay (PE PE)

125 Chapter 8 View SLA Reports Figure Network Round Trip Delay (PE PE) You receive a window similar to the example in Figure 8-125, CE Chooser for Network Round Trip Delay (PE PE). Figure CE Chooser for Network Round Trip Delay (PE PE) In the Customer field, each row of information is about a shadow SA Agent CE. It includes the following columns of information and a row for each CE. Shadow SA Agent CE Name, which gives the list of all CE names. Network Name, which gives the name of the network to which the CE in this row belongs. Domain Name, which gives the name of the domain to which the CE in this row belongs

126 View SLA Reports Chapter 8 Note Step 2 Step 3 Step 4 Step 5 In the Customer field, you can click the column header name for any column you want to sort. Select one or more CEs for which you want information and highlight those rows. In the Direction area, choose either Origin or Destination to select SLAs originated or targeted to this shadow SA Agent CE, respectively In the Report Time Level drop-down list, select from among the following choices: Today Current Week Current Month Current Year Click OK to generate a report based on the information you specified in this window, as shown in Figure 8-126, Example Network Round Trip Delay (PE PE) Report. If you click Cancel, you will return to the VPN Console window. Figure Example Network Round Trip Delay (PE PE) Report Results Area for Network Round Trip Delay (PE PE) The columns of information are as follows: Destination Shadow PE/Origin Shadow PE is names of all shadow SA Agent CEs that belong to the same Customer and are end points. The statistics are provided for SLAs for the specific COS that connects the selected router. Class 1/In is the in contract, best class. Class 2/In is the in contract, second best class. Class 3/In is the in contract, third best class. Class 4/In is the in contract, worst class. Class 1/Out is the out of contract, best class. Class 2/Out is the out of contract, second best class. Class 3/Out is the out of contract, third best class. Class 4/Out is the out of contract, worst class

127 Chapter 8 View SLA Reports Note N/A means there were no completions for this SLA. SLA Definition SLA Definition provides a report that shows all the SLAs on the SA Agent routers from which data was collected. The SLA Definition report shows the SLA ID given to each SLA. SLAs in the report may have been deleted but are kept in the SLA Definition to match the old collected data. To display an SLA Definition report, implement the following step: Step 1 From the VPN Console window, choose Monitoring > View SLA Reports > SLA Definition, as shown in Figure 8-127, SLA Definition. Figure SLA Definition You receive a window similar to the example in Figure 8-128, Example SLA Definition Report

128 View SLA Reports Chapter 8 Figure Example SLA Definition Report Results Area for SLA Definition The Results area gives rows of information. Note Click on the column label to sort by that type. For example, if you sort on Source, the IP addresses are displayed numerically. The columns help you identify the particular SLA for which you can show the statistics in the reports. The columns indicate the following: ID is a unique identifier internally defined for each SLA. Status is Active when the SLA exists on the router or Disabled when the probe was deleted or was never created. Source Router is the fully qualified name of the SA Agent router. Customer is the name of the customer to which the SA Agent router CE belongs. Vpn is the name of the VPN to which the router belongs. Source is the address, in dotted IP address format, of the router itself. Target is the address, in dotted IP address format, where the packets will be sent as part of the monitoring process Target Name is the fully qualified name of the SA Agent target router. Target port is the port number on the target to where the monitoring packets will be sent. Protocol is the type of SA Agent operation to be performed (DHCP, DNS, HTTP, ICMP Echo, Jitter, TCPConnect, or UDPEcho). Request size (byte) is a number that represents the number of octets (in bytes) to be placed into the Data portion of the packet. Threshold (ms) is an integer that defines the threshold limit in milliseconds (default: 5000). Class of service can be set in the csm.properties field netsys.sla.reports.tostitles. The default values are: Class4/Out; Class3/Out; Class2/Out; Class1/Out; Class4/In; Class3/In; Class2/In; and Class1/In

129 Chapter 8 View Verification Report Life (sec) is the number of seconds that the probe will be active (-1 is forever; default: -1) DNS server is the string that specifies the IP address, in dotted IP address format, of the name server. Name/Ip To Be Resolved is a string that is either the name or the IP address that is to be resolved by the DNS server. URL is a string that represents the URL to which an HTTP SLA should communicate (applicable for HTTP SLAs). HTTP Proxy Server is a string that represents the proxy server information (applicable for HTTP SLAs). HTTP Operation represents the type of HTTP operation, either HTTPGet or HTTPRaw. HTTP Raw Request stores the contents of the HTTP raw request (applicable for HTTP SLAs). Interval is an integer (0 to 60,000) that represents the inter-packet delay between packets in milliseconds (default: 20). Applicable only for Jitter SLAs. Num. of Packets is an integer that represents the number of packets that need to be transmitted in the Interval. This is applicable only for Jitter SLAs. View Verification Report Verification reports track status information from executed collections. The status information is associated with each individual target. Each collection attempt generates a set of attributes and corresponding status for each target accessed by the collection. Attributes are used to track the success or failure of various operations such as accessing a target or collecting information. These reports provide a quick way to check whether there are any connectivity problems to collected targets (for example, any bad passwords or unreachable targets). The data is merged into a database of most current information, with newer values overwriting older values. The report accessible from View Verification Report provides views of subsets of this data. A short delay may occur between when the collection completes and when the data is visible in these reports. From the VPN Console window, choose Monitoring > View Verification Report, as shown in Figure 8-129, Choose View Verification Report. Figure Choose View Verification Report 8-129

130 View Verification Report Chapter 8 For information within the Verification Reports, first see the generic report fields and their explanations in Chapter 14, Reports Overview. Additionally, verification reports have unique information in the following sections: Results Area for Verification Reports Bottom Task Bar for Verification Reports Results Area for Verification Reports The result of choosing View Verification Report is like the example in Figure 8-130, Example of Verify Collect Latest Summary. Figure Example of Verify Collect Latest Summary This first report provides a summary of the latest connectivity and collection information for all targets. Each row provides a count of how many targets had the listed status for the listed attribute. This report provides a quick way to determine whether there are problems with connections. The columns indicate the following: Attribute. The valid values are as follows: ftp corresponds to ftp access to a target. getnetflow corresponds to collecting NetFlow Collector data from a target, which is part of the Collect VPN Accounting Data collection task (see the Collect VPN Accounting Data section on page 8-10). telnet corresponds to an attempt to telnet to a target. The telnet attribute is a combination of the reachable, login, and enable attributes. If any of these attributes fail, the telnet meta attribute is a failure. vpn_def corresponds to vpn_def collection, which is part of the Collect VPN Routing Information collection task (see the Collect VPN Routing Information section on page 8-17). Status. The valid values are success or failure. Count. This provides a count of how many targets had the specified attribute and status

131 Chapter 8 View Verification Report Bottom Task Bar for Verification Reports As shown in Figure 8-130, Example of Verify Collect Latest Summary, the bottom task bar includes the following buttons, which when clicked provide new reports: Note The All Attributes button shows on the bottom task bar from the Network Summary report. Network Summary Network Summary Connectivity Collections All Attributes Click the Network Summary button to get this report. It provides the same information as in Figure 8-130, Example of Verify Collect Latest Summary. However, the information is broken down by network and an additional column Network is added, as shown in Figure 8-131, Example of Verify Collect Latest Network Summary. Figure Example of Verify Collect Latest Network Summary Connectivity Click the Connectivity button to get this report. It provides detailed connectivity information for each target, as shown in Figure 8-132, Example of Verify Collect Latest Connectivity

132 View Verification Report Chapter 8 Figure Example of Verify Collect Latest Connectivity The purpose of this report is to show any connectivity problems encountered during collections. The first three columns identify a target and the remaining columns provide the connectivity status for the target. This report can be used, for example, to identify any invalid password problems encountered during collections. The columns indicate the following: network provides each target s network. target provides the target and domain. role provides the target's role, either ciscorouter or net flow. reachable indicates whether the target was reachable, either success or failure. login indicates whether a login was possible, either success or failure. enable indicates whether enable mode was possible, either success or failure. tftp indicates whether tftp was possible, either success or failure. ftp indicates whether ftp was possible, either success or failure. snmp_ro indicates whether snmp read only access is possible, either success or failure (no data for this release). snmp_rw indicates whether snmp read/write access is possible, either success or failure (no data for this release). Collections Click the Collections button to get this report, as shown in Figure 8-133, Example of Verify Collect Latest Collections

133 Chapter 8 View Verification Report Figure Example of Verify Collect Latest Collections All Attributes This report does not contain data in this release. The columns indicate the following: network provides each target s network. target provides the target and domain. role provides the target's role, either ciscorouter or net flow. Click the All Attributes button to get this report, as shown in Figure 8-134, Example of Verify Collect Latest Attributes. Figure Example of Verify Collect Latest Attributes 8-133

134 XML Data Query Tool Chapter 8 The columns indicate the following: network provides each target s network. target provides the target and domain. role provides the target's role, either ciscorouter or net flow. attribute. The valid values are as follows: enable indicates whether enable mode is possible. ftp corresponds to ftp access to a target. getnetflow corresponds to collecting NetFlow Collector data from a target, which is part of the Collect VPN Accounting Data collection task (see Collect VPN Accounting Data section on page 8-10). login indicates whether a login is possible. reachable indicates whether a network connection to the target is possible. tftp corresponds to tftp access to a target. vpn_def corresponds to vpn_def collection, which is part of the Collect VPN Routing Information collection task (see Collect VPN Routing Information section on page 8-17). status indicates the status, either success or failure. detail indicates additional details about the attributes; in the other reports, this is included with status. time indicates the time when this attribute was determined. XML Data Query Tool The Extensible Markup Language (XML) Data Query Tool retrieves performance data from the Repository.This method expedites data extraction and avoids overcustomization of the reports. The performance data retrieved by the query is saved to a file in XML format and includes a document type definition (DTD). To gain access to the Data Query Tools, implement the following steps: Step 1 From the VPN Console window, choose Monitoring > XML Data Query Tool, as shown in Figure 8-135, Choose XML Data Query Tool

135 Chapter 8 XML Data Query Tool Figure Choose XML Data Query Tool Step 2 The result is a window as appears in Figure 8-136, Data Query Tools. From this window you can click on any of the choices and the explanation of those paths is as follows: SA Agent Data Query Tool, page Accounting Data Query Tool, page CAR MIB Data Query Tool, page Interface Stats (MIB2) Query Tool, page Figure Data Query Tools 8-135

136 XML Data Query Tool Chapter 8 SA Agent Data Query Tool This section explains how to make all the choices in the SA Agent Data Query Tool. To navigate in the SA Agent Data Query Tool, implement the following steps: Step 1 From the window as shown in Figure 8-136, Data Query Tools, choose SA Agent Data Query Tool. The resulting window is as shown in Figure 8-137, SA Agent Data Query Tools. Figure SA Agent Data Query Tools Step 2 Choose one of the following: SLA Definitions, page SA Agent Data, page SLA Definitions Log, page SA Agent Data Log, page SLA Definitions This tool enables you to retrieve all the Service Level Agreement (SLA) Definitions on the Service Assurance Agent (SA Agent) routers from which data was collected. The definitions are saved as a well-formed, valid XML file that includes a Document Type Definition (DTD). To navigate in the SLA Definitions, implement the following: Step 1 From the window shown in Figure 8-137, SA Agent Data Query Tools, click on SLA Definitions. The result is the window shown in Figure 8-138, SLA Definitions

137 Chapter 8 XML Data Query Tool Figure SLA Definitions Step 2 Step 3 Click on the associated button to choose either of the following: All SLA Definitions Active SLA Definitions only Click Query. The resulting window is as shown in Figure 8-139, SA Agent Process Completion. Figure SA Agent Process Completion 8-137

138 XML Data Query Tool Chapter 8 Step 4 If you want to view the query log, click Query SA Agent Log. The log gives the parameters of the query, an indication of whether information was found, and the number of results found. The results depend on whether you chose All SLA Definitions or Active SLA Definitions only in Step 2. Step 5 If you want to save the results of the query, click Save Result. The result is as shown in Figure 8-140, Save Result. Figure Save Result Step 6 If you chose to save the results in Step 5, browse to the location or enter the location where you want to save the results and click OK. The results are then saved in the specified file as text. SA Agent Data This tool queries the Repository for SA Agent data. The Query can be based on time period and time level of the data. Advanced Query enables the user to organize the data by SLA ID, Customer, VPN, source router, or destination router. The Advanced Query allows the user to specify data retrieval criteria such as protocol, Class of Service, customer, VPN, source router, and destination router. The data is saved as a well-formed, valid XML file that includes a DTD. To navigate in the SA Agent Data Query Tool, implement the following steps: Step 1 From the window as shown in Figure 8-137, SA Agent Data Query Tools, choose SA Agent Data Query Tool. The resulting window is as shown in Figure 8-141, SA Agent Data Query Tools

139 Chapter 8 XML Data Query Tool Figure SA Agent Data Query Tools Step 2 In the top area, the Define the time period area, do the following: In the Begin row, enter the following: Year Enter the 4-digit year in which you want to begin the data query. Month Click on the Month drop-down menu to select the month in which you want to begin the data query. Day Click on the Day drop-down menu to select the day in which you want to begin the data query. Hour Click on the Hour drop-down menu to select the hour in which you want to begin the data query. AM or PM Click on AM or PM to select whether the time in which you want to begin the data query is in the a.m. or p.m., respectively. Minute Enter the minute in which you want to begin the data query. The valid values are 0 to 59. In the End row, enter the following: Year Enter the 4-digit year in which you want to end the data query. Month Click on the Month drop-down menu to select the month in which you want to end the data query. Day Click on the Day drop-down menu to select the day in which you want to end the data query. Hour Click on the Hour drop-down menu to select the hour in which you want to end the data query. AM or PM Click on AM or PM to select whether the time in which you want to end the data query is in the a.m. or p.m., respectively. Minute Enter the minute in which you want to end the data query. The valid values are 0 to

140 XML Data Query Tool Chapter 8 Note The date and time specified in the Begin row must precede the date and time specified in the End row. In the Time Level row, click on the drop-down menu and select whether you want the data query to be: Hourly Daily Weekly Monthly Annual Note Step 3 The queried data start time spans from the Begin to the End specified dates and times. For example, if the Time Level is set to Monthly; the Begin information is set to December 28, 1999 at 12:00 a.m.; and the End information is set to February 25, 2000 at 12:00 a.m., the monthly data of January, 200 and February, 2000 appears. In the bottom area, click one of the following: Click Query to get information based on the time interval specified in the top area. The resulting window is as shown in Figure 8-142, SA Agent Process Completion. Figure SA Agent Process Completion From this window, you can click Query SA Agent Log and receive a status log of the query. Otherwise, you can click Query SA Agent Result and have the ability to save data, which is in XML format, in the directory and file of your choosing

141 Chapter 8 XML Data Query Tool Click Advanced Query to add more criteria to the query. The resulting window is as shown in Figure 8-143, SA Agent Advanced Data Query. Figure SA Agent Advanced Data Query From this window, you can select the aggregation type. Click the drop-down menu, and select one of the following aggregation types: SLA ID Customer Vpn Source Router Destination Router From this window you can also retrieve the data that fits the following criteria: Protocol The selections are: All, ICMP Echo, TCP Connect, UDP Echo, Jitter, DNS, HTTP, or DHCP. Select All or one of the protocols. Class of Service The selections are: All, Fourth Class/out of contract, Third Class/out of contract, Second best Class/out of contract, Best Class/out of contract, Fourth Class/in contract, Third Class/in contract, Second best Class/in contract, or Best Class/in contract. Select All or one of the classes of service. Customer The selections are the names of the created customers. Select All or one customer. Vpn The selections are All or are the names of the created VPNs. Select All or one VPN

142 XML Data Query Tool Chapter 8 Source Router The selections are All or all the routers specified by network name:router name. Select All or one router as the source router. Destination Router The selections are All or all the routers specified by network name:router name. Select All or one router as the destination router. Click either the Advanced Query button, which submits the specified information for an Advanced Query or click Reset, which resets this window to the default settings. Click Reset to reset the top area to its default settings. SLA Definitions Log This selection results in a Query SLA Definitions Log report. Implement the following step: Step 1 Click SLA Definitions Log from the window as shown in Figure 8-137, SA Agent Data Query Tools. SA Agent Data Log This selection results in a Query SA Agent Data Log report. Implement the following step: Step 1 Click SA Agent Data Log from the window as shown in Figure 8-137, SA Agent Data Query Tools. Accounting Data Query Tool This section explains how to make all the selections in the Accounting Data Query Tool. To navigate in the Accounting Data Query Tool, implement the following steps: Step 1 From the window as shown in Figure 8-136, Data Query Tools, choose Accounting Data Query Tool. The resulting window is as shown in Figure 8-144, Accounting Data Query Tool

143 Chapter 8 XML Data Query Tool Figure Accounting Data Query Tool Choose one of the following: Accounting Data, page Accounting Data Log, page Accounting Data This tool queries the repository for Accounting data. The Query can be based on time period and time level of the data. The Advanced Query enables the user to organize the data by application type or by Class of Service, and to retrieve the data for a specific application type and/or Class of Service. Accounting statistics can be retrieved by specifying the source and destination of the traffic. The source and destination can be one of the following: PE router, customer, customer site, or CE router. Querying for the traffic traversing between two CEs requires both CEs to belong to the same customer, likewise for traffic traversing between two sites. The data is saved as a well-formed, valid XML file that includes a DTD. To navigate in the Accounting Data, implement the following steps: Step 1 From the window as shown in Figure 8-144, Accounting Data Query Tool, choose Accounting Data. The resulting window is as shown in Figure 8-145, Accounting Data Query Tools

144 XML Data Query Tool Chapter 8 Figure Accounting Data Query Tools Step 2 In the top area, the Define the time period area, do the following: In the Begin row, enter the following: Year Enter the 4-digit year in which you want to begin the data query. Month Click on the Month drop-down menu to select the month in which you want to begin the data query. Day Click on the Day drop-down menu to select the day in which you want to begin the data query. Hour Click on the Hour drop-down menu to select the hour in which you want to begin the data query. AM or PM Click on AM or PM to select whether the time in which you want to begin the data query is in the a.m. or p.m., respectively. Minute Enter the minute in which you want to begin the data query. The valid values are 0 to 59. In the End row, enter the following: Year Enter the 4-digit year in which you want to end the data query. Month Click on the Month drop-down menu to select the month in which you want to end the data query. Day Click on the Day drop-down menu to select the day in which you want to end the data query. Hour Click on the Hour drop-down menu to select the hour in which you want to end the data query

145 Chapter 8 XML Data Query Tool AM or PM Click on AM or PM to select whether the time in which you want to end the data query is in the a.m. or p.m., respectively. Minute Enter the minute in which you want to end the data query. The valid values are 0 to 59. Note The date and time specified in the Begin row must precede the date and time specified in the End row. In the Time Level row, click on the drop-down menu and select whether you want the data query to be: Hourly Daily Weekly Monthly Annual Note Step 3 The queried data start time spans from the Begin to the End specified dates and times. For example, if the Time Level is set to Monthly; the Begin information is set to December 28, 1999 at 12:00 a.m.; and the End information is set to February 25, 2000 at 12:00 a.m., the monthly data of January, 200 and February, 2000 appears. In the Type of Data row, click on the drop-down menu and select the type of Accounting data to be collected: Summary Statistics contains statistics but not details. Detailed Statistics contains details about the source and destination, including IP addresses and subnets. In the bottom area, click one of the following: Click Query to get information based on the time interval specified in the top area. The resulting window is as shown in Figure 8-146, SA Agent Process Completion

146 XML Data Query Tool Chapter 8 Figure SA Agent Process Completion From this window, you can click Query Accounting Log and receive a status log of the query. Otherwise, you can click Query Accounting Result and have the ability to save data, which is in XML format, in the directory and file of your choosing. Click Advanced Query to add more criteria to the query. The resulting window is as shown in Figure 8-147, Accounting Advanced Data Query

147 Chapter 8 XML Data Query Tool Figure Accounting Advanced Data Query From this window, you can select the aggregation type. Click the drop-down menu, and select one of the following aggregation types: None Application Type Class of Service From this window, you can also retrieve the data that fits the following optional criteria: Application Type Enter a valid application type. Refer to the Application Type Summary section on page 8-81 for an example of the type of information collected. Because this field is optional, if you do not enter information, the application type remains blank. Class of Service The selections are: Fourth Class/out of contract, Third Class/out of contract, Second best Class/out of contract, Best Class/out of contract, Fourth Class/in contract, Third Class/in contract, Second best Class/in contract, or Best Class/in contract. Because this field is optional, if you do not enter information, the Class of Service remains All

148 XML Data Query Tool Chapter 8 From this window, you can also optionally retrieve data from the following sources and in some cases destinations. Select the button next to one of the following selections that are left-justified: For PE If you select this button, click on the associated drop-down menu and select one of the source PEs. Then select one of the indented buttons to identify a destination: To PE (for which you select a destination PE from the drop-down menu); To Customer (for which you select a destination Customer from the drop-down menu); To Customer Site (for which you select both a destination Customer and a destination Customer Site from the drop-down menus); and To CE (for which you select both a destination Customer and a destination Customer CE from the drop-down menus). For Customer If you select this button, click on the associated drop-down menu and select one of the source customers. For Customer Site If you select this button, use the drop-down menus to select both a source Customer and a source Customer Site. Then select the To Customer Site button (for which you select both a destination Customer and a destination Customer Site from the drop-down menus). For CE If you select this button, use the drop-down menus to select both a source Customer and a source Customer CE. Then you may select a destination To CE by using the drop-down menus to select a destination Customer and a destination Customer CE. Click either the Query button, which submits the specified information for an Advanced Query or click Reset, which resets this window to the default settings. Click Reset to reset the top area to its default settings. Accounting Data Log This selection results in a Query Accounting Data Log report. Implement the following step: Step 1 Click Accounting Data Log from the window as shown in Figure 8-144, Accounting Data Query Tool. CAR MIB Data Query Tool This section explains how to make all the choices in the CAR MIB Data Query Tool. To navigate in the CAR MIB Data Query Tool, implement the following steps: Step 1 From the window as shown in Figure 8-136, Data Query Tools, choose CAR MIB Data Query Tool. The resulting window is shown in Figure 8-148, CAR MIB Data Query Tool

149 Chapter 8 XML Data Query Tool Figure CAR MIB Data Query Tool Step 2 Choose one of the following: CAR MIB Data, page CAR MIB Data Log, page CAR MIB Data This tool queries the Repository for CAR MIB status data. CAR is a bandwidth management tool that controls IP traffic transmission rates into the network during periods of network congestion. CAR MIBs provide the status for the token bucket parameters and associated access list. CAR MIB status data is collected and aggregated into hourly, daily, weekly, monthly, and annual bins, and the data is kept in the Repository. The CAR MIB data query is based on time period and time level of the data. The status data can be retrieved for: Customer, for the different managed CE routers that belong to the customer; for Customer Site, for the different mapped CE routers that belong to the customer site; for Network, for the PE routers in the specified network; for Router. The data is saved in a well-formed, valid XML file that includes a DTD. To navigate in the CAR MIB Data, implement the following steps: Step 1 From the window shown in Figure 8-148, CAR MIB Data Query Tool, choose CAR MIB Data. The resulting window is shown in Figure 8-149, CAR MIB Data Query

150 XML Data Query Tool Chapter 8 Figure CAR MIB Data Query Step 2 In the top area, the Define the time period area, do the following: In the Begin row, enter the following: Year Enter the 4-digit year in which you want to begin the data query. Month Click on the Month drop-down menu to select the month in which you want to begin the data query. Day Click on the Day drop-down menu to select the day in which you want to begin the data query. Hour Click on the Hour drop-down menu to select the hour in which you want to begin the data query. AM or PM Click on AM or PM to select whether the time in which you want to begin the data query is in the a.m. or p.m., respectively. Minute Enter the minute in which you want to begin the data query. The valid values are 0 to 59. In the End row, enter the following: Year Enter the 4-digit year in which you want to end the data query. Month Click on the Month drop-down menu to select the month in which you want to end the data query

151 Chapter 8 XML Data Query Tool Day Click on the Day drop-down menu to select the day in which you want to end the data query. Hour Click on the Hour drop-down menu to select the hour in which you want to end the data query. AM or PM Click on AM or PM to select whether the time in which you want to end the data query is in the a.m. or p.m., respectively. Minute Enter the minute in which you want to end the data query. The valid values are 0 to 59. Note The date and time specified in the Begin row must precede the date and time specified in the End row. In the Time Level row, click on the drop-down menu and select whether you want the data query to be: Hourly Daily Weekly Monthly Annual Note Step 3 Step 4 The queried data start time spans from the Begin to the End specified dates and times. For example, if the Time Level is set to Monthly; the Begin information is set to December 28, 1999 at 12:00 a.m.; and the End information is set to February 25, 2000 at 12:00 a.m., the monthly data of January, 200 and February, 2000 appears. In the middle area, click the button next to one of the following choices: For Customer If you select this button, click on the associated drop-down menu and select one of the Customers. For Customer Site If you select this button, use the drop-down menus to select both a source Customer and a source Customer Site. For Network If you select this button, click on the associated drop-down menu and select one of the source Networks. For Router If you select this button, use the drop-down menus to select both a source Network and a router. In the bottom area, click one of the following: Click Query to get information based on the time interval specified in the top area. From the resulting window, you can click Query CAR MIB Data Log and receive a status log of the query. Otherwise, you can click Query CAR MIB Data Result and have the ability to save data, which is in XML format, in the directory and file of your choosing. Click Reset to reset the top and middle areas to their default settings

152 XML Data Query Tool Chapter 8 CAR MIB Data Log This selection results in a Query CAR MIB Data Log report. Implement the following step: Step 1 Click CAR MIB Data Log from the window as shown in Figure 8-148, CAR MIB Data Query Tool. Interface Stats (MIB2) Query Tool This section explains how to make all the choices in the Interface Stats (MIB2) Query Tool. To navigate in the Interface Stats (MIB2) Query Tool, implement the following steps: Step 1 From the window as shown in Figure 8-136, Data Query Tools, choose Interface Stats (MIB2) Query Tool. The resulting window is shown in Figure 8-150, Interface Stats (MIB2) Query Tool. Figure Interface Stats (MIB2) Query Tool Step 2 Choose one of the following: Interface Stats (MIB2), page Interface Stats Log, page Interface Stats (MIB2) This tool queries the Repository for interface statistics (MIB2). The interface statistics are collected and saved into the Repository per router. The statistics include packet counters for the different router interfaces. The interfaces are identified by index number, which is a unique and constant number, at least 8-152

153 Chapter 8 XML Data Query Tool from one reinitialization of the router s network management system to another. The different counters are wrapped around numbers with a maximum value of 2 to the power of The data is saved in a well-formed, valid XML file that include a DTD. To navigate in the Interface Stats (MIB2), implement the following steps: Step 1 From the window shown in Figure 8-150, Interface Stats (MIB2) Query Tool, choose CAR MIB Data. The resulting window is shown in Figure 8-151, Interface Stats Query. Figure Interface Stats Query Step 2 In the top area, the Define the time period area, do the following: In the Begin row, enter the following: Year Enter the 4-digit year in which you want to begin the data query. Month Click on the Month drop-down menu to select the month in which you want to begin the data query. Day Click on the Day drop-down menu to select the day in which you want to begin the data query. Hour Click on the Hour drop-down menu to select the hour in which you want to begin the data query. AM or PM Click on AM or PM to select whether the time in which you want to begin the data query is in the a.m. or p.m., respectively. Minute Enter the minute in which you want to begin the data query. The valid values are 0 to 59. In the End row, enter the following: Year Enter the 4-digit year in which you want to end the data query. Month Click on the Month drop-down menu to select the month in which you want to end the data query