Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 
ContentIndex
  
[+] Expand All
[-] Collapse All

No index entries found.

Related Documentation

    Detailed Router Profile Procedures

    This topic presents detailed procedures you can perform using the Router Profiles window. It is organized in the following sections:

    1. Adding, Creating, and Importing Router Profiles
    2. Import Router Profile
    3. Create a New Profile to Populate
    4. Populating a Device Profile
    5. Modifying Entries in a Router Profile
    6. Deleting Entries in a Router Profile
    7. Updating Router Profiles when Router Passwords are Changed
    8. Dual Routing Engine Support
    9. Nodes That Are Inaccessible
    10. Test Profile Connectivity
    11. Profile Sync
    12. Editing Show Commands for Data Collection

    Adding, Creating, and Importing Router Profiles

    1. Select Admin > Task Manager from the drop-down menu.

    Note: If the Task Manager does not appear, login to the IP/MPLSView server and run /u/wandl/bin/status_mplsview. The Task Server and Web Server (JBoss) should be started in order for the Task Manager to appear. In some cases it may take a few minutes for the web server to finish deploying. Once it is done, close and reopen the IP/MPLSView client and try again.

    2. Click on the Router Profiles button. The Router Profiles window is displayed as shown in Figure 11. Router login details can be specified in this window.

    Figure 11: Task Manager Window with Router Profiles Tab Active

    Task Manager Window with Router Profiles Tab Active

    3. You can add routers to the default profile (Default), create a new profile by some other name, or import router profile data into IP/MPLSView. These are discussed later in this chapter.

    4. Once you have finished creating or editing a profile, you must click the Save button to save your changes. Note that the router profile will be stored in /u/wandl/data/.TaskManager/profile.

    5. Test the router profile as described in Test Profile Connectivity. You should also check for appropriate privileges for the commands in the /u/wandl/db/command directory as described in Editing Show Commands for Data Collection.

    6. The main Router Profile operations can be accessed in one of several ways via the graphical interface:

    • Buttons on the bottom of the window: New Profile, Import, Save.
    • Actions menu, accessed by clicking on the Actions button, as depicted in the figure above.
    • Right-click menu, accessed by right-clicking on the left panel of the Router Profiles window.

    Import Router Profile

    The import router profile window is designed for users who have a file with router login information that should be converted into IP/MPLSView file format. This is useful for users who already have router profile information saved in some type of spreadsheet or document. The spreadsheet should be saved out to a text or ASCII format before importing into IP/MPLSView. Note that if you already have router profile information in IP/MPLSView file format, you can simply copy that file over to the /u/wandl/data/.TaskManager/profile directory before opening the Router Profile window.

    The main requirement is that each new router be on a separate line and that the columns be in the same order. The order of the columns is flexible. Possible fields are: IP Address, Host Name, Telnet Timeout, Vendor, Login, Password, Privilege Login, Privilege Password, Enable Level, getTopology, SNMP Get Community String, SNMP Set Community String, SNMP Version, SNMP Port, SNMP Timeout, SNMP Retry, Telnet Retry, Country, City, Access Method (telnet, ssh, telnet|ssh, or ssh|telnet), Secondary IP, SNMPv3 Context Name, SNMPv3 Context Engine, SNMPv3 User Name, SNMPv3 Auth, SNMPv3 Auth PW, SNMPv3 Privacy, SNMPv3 Privacy PW.

    This tutorial will use the following example.

    #This is my new profile
    #IP Address,Host Name,Vendor,Login
    10.1.0.1,RouterA,Juniper,wandl
    10.2.0.1,RouterB,Juniper,wandl
    10.3.0.1,RouterC,Juniper,wandl
    10.4.0.1,RouterD,Juniper,wandl
    10.5.0.1,RouterE,Juniper,wandl

    1. Click the Import button from the Router Profiles window to open up the import wizard.

    2. In the Import Router Profile window, specify a name for the new profile to be created, and locate the file that is to be imported. Indicate whether the file is located on the Server or Local Machine. Then, click the Browse button to navigate to the desired file. Once the file is selected, its contents will then be populated within the Data Preview section of the window.

    Figure 12: Importing Router Profile Data from a Text File

    Importing Router Profile Data from a Text File

    3. When importing a pre-existing IP/MPLSView router profile, the program will detect that it is already in IP/MPLSView format and provide the option to import the entire router profile “Do you want to import all router profiles?”. Click “OK” to import all the profiles, which will be treated as having already encrypted the password. Alternatively, click “Cancel” to import a smaller subset of the router profiles. If selecting the “Cancel” option, remember to select “Treat credentials as encrypted” in the following options, to avoid re-encrypting an already-encrypted password, and rendering the login password invalid.

    4. The SNMP community string is not encrypted by default as the CLI password is. To encrypt it, after importing the router profile, select all the router profiles for which you want to encrypt the SNMP community string. Click Modify and select the SNMP Parameters tab. Then click the Encrypt key button to the right of the SNMP Get field.

    5. In the Data Preview section, select the rows to be processed in the import. You can use the<CTRL> and <SHIFT> keys to perform multiple selection. Or, click the Select All button to select all rows. Then, click Next.

    6. In the following screen’s Delimiter section, select one or more delimiters to use when parsing the profile information. The fields in this particular example are separated by commas, so Comma is selected.

    In the Parsing Options section, the Text qualifier character is used to indicate a single field if that field or column contains the delimiter character, and the Treat consecutive delimiters as one option will concatenate consecutive empty fields or columns into one empty field.

    Select “Treat credentials as encrypted” if you are importing from a previously generated IP/MPLSView router profile, so that the password will not be re-encrypted a second time.

    7. When the Parsed Data in the table below is organized properly into columns as shown below, click Next.

    Figure 13: Parsed Data Columns

    Parsed Data Columns

    8. The last step is to assign column names to the columns in the input file. In the following window, select a column in the Parsed Data table to be assigned. Next, select the associated Column Name under the Set Column Data section, and then click “Set Column Name”. Do this for all columns that you want to parse. Notice as you do so that the red boxes (representing unnamed columns) turn light blue, indicating the column is selected for inclusion in the router profile. If necessary, you can unassign an assigned column by selecting the column and clicking “Skip Selected Column”. When finished, click the Finish button.

    Figure 14: Matching Columns to Column Name

    Matching Columns to Column Name

    9. Click “Finish”. Then, the new profile will appear in the Router Profiles window. Be sure to save changes to this profile before you exit the Router Profiles window, by clicking the Save button. Otherwise any changes will be lost.

    10. Test the new router profile as described in Test Profile Connectivity.

    Create a New Profile to Populate

    In the Router Profiles window (accessed via the Task Manager) click the New Profile button. You will be prompted to enter a name for the new profile. Fill in the text field and click OK. Your new profile name will be added to the Router Profiles list. You can then proceed to add routers to your new profile.

    Note: To delete a profile, you should right-click on the profile name in the left panel of the Router Profiles window. Then, select “Delete Profile(s)” from the popup menu. Alternatively, you can access the delete operation from the Actions submenu.

    Populating a Device Profile

    Determine how you want to logically group your network routers to facilitate config file organization and information entry. You can put them all in the same device profile or separate it into separate device profiles. Later you can select routers from one or multiple groups for collection purposes.

    If you wish to use the Autodiscovery option to discover your network from a subset of all the routers, as described in Chapter 5, Network Discovery , you only need to include in your device profile the seed routers from which you want IP/MPLSView to start the discovery process. For example, to auto-discover using OSPF, enter one router in each OSPF area in order to collect configurations for all the routers in that area. When you perform the auto-discovery, the software creates a new profile that contains the original routers plus newly discovered routers.

    To add entries to your device profile, select the device profile from the left pane of the Device Profiles window to display its contents in the upper right pane. Then, click the Add button. The New Device Profile Entry window is displayed, with the general parameters described in Table 6.

    Figure 15: New Device Profile Entry Window General Parameters

    New Device Profile Entry Window General Parameters

    Table 6: General Parameters in New Device Profile Entry Window

    Parameter

    Description

    Device Name

    Name of the network device, which should be identical to the hostname. During configuration collection, the software uses this name as part of the name of the collected configuration file. The configuration filename uses the format ip.name.cfg. If the device name is left blank, the configuration filename uses the format ip.cfg.

    Device IP

    IP address of the network device.

    Vendor

    Name of the hardware vendor for the device. Possible values include, but are not limited to: Generic, Cisco, Juniper, ERX, Foundry, Riverstone, CRS, and New. If you select Generic as the vendor, the software attempts to guess the vendor by issuing the show version CLI command. For traffic collection purposes, you must specify this field explicitly by choosing a value other than Generic.

    Note: You can also update the Vendor list by adding a new vendor in the Hardware Vendor/Type Manager, provided that you add the related commands in the /u/wandl/db/command directory. See Editing Show Commands for Data Collection for additional information.

    Model

    Model number of the network device.

    OS

    Type of operating system installed on the device.

    OS Version

    Version number of the operating system build installed on the network device.

    Enable Level

    Default = 0; Reserved for future use. (Some devices may require a privilege password with a different enable level)

    Login / Password

    Login ID and password for the network device.

    Privilege Login / Privilege Password

    Login ID and password for situations that require a higher-security login. Use a login that has the appropriate privileges for the vendor-specific show commands listed in Editing Show Commands for Data Collection.

    Timeout

    Timeout value for telnet access method. The default value is 300 seconds.

    Retry

    Number of retries for telnet. The default number of retries is 3.

    Access Method

    Method used to access the network device. Possible values include:

    • telnet—(Default) Use only telnet access.
    • ssh—Use only ssh access.
    • telnet | ssh—Try telnet access first, and then try ssh access if telnet access fails.
    • ssh | telnet—Try ssh access first, and then try telnet access if ssh access fails.

    Agent(s)

    A space-delimited list of one or more intermediate servers that act as gateways to the device. The servers should either have the same login and password as the device, or there should be another entry in the device profile for the intermediate servers to indicate their login and password information. When scheduling a task to collect data for a device through an intermediate server, you must add the intermediate servers to the list of devices to be collected if the intermediate server and the devices have different login and password information.

    Telnet Port

    Port number for telnet access. The default telnet port number is 23.

    SSH Command

    The full path of the command and options used for ssh; for example, /usr/bin/ssh -1 -p 8888

    Management IP

    The management IP address, which is used first to connect to the device, if available. If this connection fails, the software instead uses the IP address of the device.

    Click the SNMP Parameters tab to enter in further details for polling the router via SNMP. Some of the fields for SNMP V3 are grayed out by default, and can be enabled by selecting V3 from the SNMP Version selection box.

    Figure 16: New Device Profile Entry Window SNMP Parameters

    New Device Profile Entry Window SNMP Parameters

    The SNMP parameters are described in the table.

    Table 7: SNMP Parameters in New Device Profile Entry Window

    Parameter

    Description

    SNMP Version

    V1, V2, V2C, V3

    SNMP Port

    Default = 161.

    SNMP Get

    SNMP get community string. The GET community can be optionally encrypted by selecting the encryption icon to the right of this field.

    Note: After you encrypt this field, it cannot be reversed from the Java interface to show the associated text.

    SNMP Set

    SNMP set community string; Reserved for future use

    SNMP Timeout

    Default = 3 seconds.

    SNMP Retry

    Default = 3 retries.

    V3 User Name

    User name

    V3 Context Name

    Context name

    V3 Context Engine

    Hexadecimal string representing the Context Engine ID

    V3 Authentication

    Authentication type, for example, MD5, SHA-1, NONE

    V3 Auth. Password

    Associated authentication key, used to sign the message

    V3 Privacy

    Privacy type, for example, CBC-DES, NONE

    V3 Privacy Password

    Associated privacy key used to encrypt the message’s data portion

    After completing the SNMP parameters, click Add . Your new entry is displayed in the Device Profiles window. The New Device Profile Entry window remains on the screen, allowing you to quickly create another entry. Modify the necessary fields, including Router Name and IP Address, and click Add when you are finished. When you complete adding all entries to your device profile, click Cancel to close the New Device Profile Entry window.

    Modifying Entries in a Router Profile

    1. To modify an entry in the router profile, double-click on its row in the Router Profiles window. Alternatively, select the entry in the table, and click the Modify button.

    2. To modify multiple entries at once, highlight multiple rows in the table by clicking on the <CTRL> and <SHIFT> keys while holding down the mouse. (Use to select disjoint entries, and <SHIFT> to select contiguous entries.) Then, click the Modify button.

    3. Edit just those fields that are to be modified for all selected entries. Note that a blank field, or a field with dashes ‘---’ indicates that no change will be made to those parameters. Click OK.

    4. To move entries from one router profile to another router profile, right-click the entry in the first router profile and select Cut from the first router profile. Then select the second router profile and right-click over any entry and select Paste.

    Deleting Entries in a Router Profile

    To delete entries from the router profile, select them in the table and click the Delete button. You can perform multiple selection by holding down the <CTRL> and <SHIFT> keys while selecting rows.

    Updating Router Profiles when Router Passwords are Changed

    You must update the corresponding router profiles every time a router password (or SNMP community string) on a device is changed in order to enable successful collection(s) to continue. To do so, select the affected entries in the router profile and perform a multiple modification, as described in Modifying Entries in a Router Profile on page 22. Be sure to click the Save button after making the changes.

    Tasks using the router profile will be updated automatically ONLY if Use Profile Directly was selected. Otherwise, if the user did not select Use Profile Directly, the tasks are then created to use a copy of the router profile, and need to be updated when the profile is updated.

    Pre-existing router settings in Traffic Collection Manager will not automatically be updated by changes to the Router Profiles window, and should be re-done in addition to the Router Profiles window. See Chapter 11, Performance Management: Traffic Collection for more details on traffic collection settings.

    Test the new router profile as described in Test Profile Connectivity.

    Dual Routing Engine Support

    Some routers contains more than one routing engine. In this case, only one routing engine is operational at any given point in time. Depending upon which routing engine is active, the hostname and management IP address can be different. In this case, for the traffic collection to recognize that two hostnames belong to the same device, this information may need to be provided as an additional input to IP/MPLSView.

    In the case of Juniper master and backup engines, if the default routing engine naming conventions are used, beginning or ending with “re0” or “re1”, then no special configuration is needed. For such a device, IP/MPLSView will store the hostname as the part in common between the two routing engines, that is, with the re0 and re1 removed, along with any separating characters adjacent to re0 and re1 (for example, “.”, “_”, or “-”).

    For other naming conventions for dual router engines, it is necessary to create a special alias file to indicate which routing engine hostnames belong to the same router. The format of this file is as follows:

    <AliasName> <RoutingEngine0’s Hostname> <Routing Engine1’s Hostname>

    Explanation: If this alias file is specified in the Conversion Options of the Scheduling Live Network Collection Task, then the routers in the topology display would be displayed with the name <AliasName> if the host name of the collected router matches with either <RoutingEngine0’s Hostname> or <Routing Engine1’s Hostname>. The original hostname can still be seen via the hostname field of the Network > Elements > Nodes view, which can be added as a column to the table via the right-click menu.

    In this case, the Router Profile for the device with the dual router engines should contain the AliasName in the Router Name field. The primary IP address can be set to the loopback IP address of the device, assuming that it is the same for both router engines. Alternatively, if there is no common loopback IP address, then the primary and secondary addresses can be set to the master and backup engines’ management IP addresses. In case the primary address fails, then the secondary address would be used.

    Nodes That Are Inaccessible

    For nodes that are inaccessible, an IP/MPLSView format config file can be provided. This file should be included in the /u/wandl/data/collection/. LiveNetwork/config directory to be picked up by the Scheduling Live Network Collection task. The format of the file is as follows;

    HOSTNAME=<nodeName>
    HWTYPE=<hardwareType>
    IP=<NodeAddress>
    INTERFACE=<interfaceName> IP=<interfaceAddress>

    For example, you could configure a device with HWTYPE=CISCO and INTERFACE=Serial1/1.

    Test Profile Connectivity

    Before a task is scheduled using the router profile, it is recommended to first verify that the login details entered are correct. For this verification, the Test Profile Connectivity feature can be used.

    1. In the Router Profile window, select the router profile to test from the left hand pane. Note that the profile connectivity check supports router profile entries with IP ranges, for example, 10.0.0.[1-100] and can be used to check connectivity using a list of different SNMP community strings if the one specified in the router profile is incorrect. Note that for protection from excessive checking, the range checking only allows up to 65535 different IPs, for example, 192.[0-255].[0-255].[0-255] would not be accepted.

    2. Next, select Actions > Test Connectivity. Select whether to check the connectivity of all entries in this router profile or only the selected entries.

    3. Click the Options button.

    • Here you can specify a subset of connectivity checks to perform of ping, telnet, ssh, and snmp.
    • If the SNMP connectivity check fails with the SNMP settings given in the router profile, you can rerun the connectivity check with alternate SNMP community strings. In the SNMP tab of the Test Options window, click the Browse button to upload a file containing a list of community strings, one per line. By default, it will check the same SNMP version as in the router profile. Select Check both v1 and v2c versionsif you want to check both SNMP version 1 and 2c for these alternative strings. The check will go through each community string one by one, until it finds the correct community string. After the check is done, an opportunity is provided to fix the profile with the correct community string.

    4. Click the Start button. The following window appears indicating the status for ping, telnet, SSH, and SNMP.

    Figure 17: Connectivity Checking

    Connectivity Checking

    In the window:

    • Green Checkmark: Connectivity Passed
    • Gray circle: Not applicable (for example, if SSH is not specified in the router profile)
    • Hourglass: Processing
    • Red circle with white X: Connectivity Failed, for example, Not reachable

    5. If there are errors with the current profile that the software can fix, the Profile Fix button will be enabled. For example, the router’s hostname may not match the hostname entered into the router profile or the community string may be incorrect but the correct one may have been found following the steps mentioned in the next session

    6. You can save the results of the connectivity check onto your PC by clicking the Save icon at the bottom left, and then open it in Microsoft Excel(TM).

    Profile Sync

    After scheduling tasks with router profiles, the master profile (/u/wandl/data/.TaskManager/profile/.diag) will contain the last valid login for each device that is connected to.

    Select Actions > Sync to Master Profile to copy over settings from the current profile to the master profile (.diag).

    Select Actions > Sync from Master Profile to copy over setting from the master profile (.diag) to the current profile.

    Editing Show Commands for Data Collection

    In the Router Profile Type drop-down box, the hardware type that is selected will influence the show commands issued and collected by IP/MPLSView on that router. The commands issued by IP/MPLSView can be found in: $WANDL_HOME/db/command (usually /u/wandl/db/command). For example, the following are the default commands for collecting configuration files:

    Type

    Config File Command

    Alcatel

    admin display-config

    Cisco

    show running

    CRS

    show running

    ERX

    show config

    Foundry

    show running

    Huawei

    display current-config

    Juniper

    show config|display inheritance|no-more

    show ted database extensive|no-more

    Riverstone

    show running-config

    These commands are located in the file called <hardware> config (for example, juniper.config).

    If your hardware type is not listed here, or if you have, for example, a Cisco device that uses a different show command than the defaults listed above, you can set the Type field to “New” when adding a new router profile entry. Then, in the server, go to /u/wandl/db/command and edit the file new.config to include the appropriate show command.

    The same applies for collected interface and tunnel path information. These commands are located in the command directory under <hardware>.interface and <hardware> .tunnel_path, respectively.

    In some cases the privileges for these commands are restricted and may need to be adjusted accordingly. For example, for cisco, in some cases show running-config will not be available but show config will be available. For Alcatel, sometimes environment no-more will not be available but admin display-config will be available. Check the /u/wandl/db/command files for additional commands which might be restricted.

    Modified: 2015-12-29