Aaron’s Worthless Words

We all have limited budgets these days. Long gone are the days of unlimited resources and uncontrollable expansion of the [tag]network[/tag], so it’s important that any network dude or dudette pay attention to the open-source world. Below is a list of stuff I use at the office and at home to [tag]monitor[/tag], [tag]trend[/tag], and [tag]alert[/tag] the network. All this stuff is free and runs on Linux to save even more cash.

• [tag]Cacti[/tag] – This is a system for trending pretty much anything. If it has an [tag]SNMP[/tag] value, Cacti can trend it. It’s also really flexible, allowing multiple displays of data and even a mechanism to get values from scripts you write. At the office, we use it to monitor utilization of the circuit and Ethernet ports, CPU and memory of the gear, and the number of connections on the load-balancer. At home, I use it to watch utilization and track the number of connections to the wireless networks.
• [tag]Nagios[/tag] – This is a monitoring and alerting system for all sorts of stuff. It watches hosts and applications for availability and response time, then alerts based on threshold. This is one of the most complicated apps to configure, but, once it’s up, it rocks. I use it at home to monitor all the network gear and systems for response times. I also use it to monitor the web servers and restart them if they’re down.
• [tag]Apache[/tag] – You know what Apache is. You use it already. About 71% of webservers on the Internet are Apache.
• [tag]Squid[/tag] – A caching [tag]proxy[/tag] server by the same guys who do Apache. It can be configured for both inbound and outbound application acceleration. It’s great to put in front of a CMS like Drupal or Joomla. It has a mess of built-in functions that can look for bad requests, do redirects, or completely rewrite requests. At work, it fronts our application and CMS servers so users don’t have access directly to them. At home, it runs on the firewall to serve pages to the Internet. The real webserver actually sits on a box behind the firewall for security.
• [tag]Subversion[/tag] – This is a version control system. Subverions lets you create repositories, check out the contents, edit them, and check them back in. This is good for keeping track of configuration files or scripts you write. We use it at work to track configuration files for Apache, NTP, yum, etc. At home, I use it to keep track of my scripts and Perl module.
• [tag]Rancid[/tag] – This is configuration management for Cisco (and other network) devices. It gets configs from devices and checks them for changes. It’s got built-in alerting and is easy to set up. I use it at home to keep track of the configs on the switches and access points.
• [tag]nfsen[/tag]/[tag]nfdump[/tag] – These are [tag]netflow[/tag] tools. Nfdump is a suite for collecting the data, while nfsen is for displaying the information. Check out netflow if you’ve never worked with it…it’s pretty cool.
• [tag]Dyanmips[/tag]/[tag]dynagen[/tag] – These apps let you run virtual Cisco routers on a machine. You can set up full network deployments for testing and configuration experimentation. It takes a good bit of resources, but it’s well worth it for the functionality. I use it all the time at work to test or tweak configs. I also use it to simulate certification labs.

• (0)

I assume you take every word I say to heart and that you’ve been using [tag]Dynamips[/tag]/[tag]Dynagen[/tag] for a few days now, right? Good. That’s a start, but let’s break down a simple [tag]lab[/tag] to make sure everyone’s on the same page. I run my labs on Linux most of the time, so you’ll see my commands for that platform. You’re a smart one, so you can figure out what to do on Windows.

First of all, everyone download the lab file. This is a very simple lab that I created to do some experimentation with [tag]BGP[/tag]. I modified it a bit to save resources for the general public, though; it’s a lot easier to run 2 2651XMs than 2 7206s, right? Let’s go through the lines.

autostart = False
[localhost]

Yes, that means don’t start up the routers when you fire up dynagen. The second line is the dynamips server you want to use. This will always be localhost unless you’re leveraging another box to use as the emulator. That’s an advanced topic that I’m not going to cover right now, though.

[[2651XM]]
image = /home/jac/labs/images/c2600-adventerprisek9-mz.124-17.img
ram = 96

These lines define the parameters for any 2651Xm that we’ll be using. The image file is the actual IOS image to use. I can’t provide an IOS file for you, so you’ll have to download one yourself and change this line to where you put the file. Guess what the “ram” line is. Wow…you’re a genius if you said it was the amount of RAM to give each 2651XM.

[[ROUTER R1]]
s0/0 = R2 s0/0
f0/0 = LAN 1
model = 2651XM

[[ROUTER R2]]
f0/0 = LAN 2
model = 2651XM

Here’s the meat of the lab. We’re creating 2 2651XMs, called R1 and R2, that each have s0/0 and f0/0 interfaces.

The 2651XM has 2 FastEthernets, so, when you fire up the lab, the routers will have those interfaces, but we don’t care about f0/1 in the scope of this lab. We’ll just ignore it for now. The “LAN” keyword in the f0/0 lines tell how you want the FastEthernets cabled up. We’re trying to do BGP here, so the FastEthernet interfaces are connected to different network (R1 to LAN 1 and R2 to LAN 2).

Notice that, in the R1 configuration, we say that R1’s s0/0 is connected to R2’s s0/0. This lets the routers talk across the serial interfaces in the virtual world. In our lab, this is the link that we’re going to run BGP over to share the paths to the f0/0 interfaces. Very simple setup.

So, let’s fire this guy up. First, make sure you’ve started your dynamips server. I run mine in a screen session to get it out of the way, but it’s your choice. Run “dynamips -H 7200″ to get going and listening on port 7200. When that’s up and running, you simply run dynagen against your lab file with a “dynagen bgp.net”.

If everything is right, you’ll be see the “=>” prompt. Remember that we set autostart to false, so we have to start up our routers. You can type “start R1″ and “start R2″ to get them going, but it can be easier to do a “start /all”. You may run into problems with CPU or memory if you do that, though, so be careful.

If you do a “list” at the dynagen prompt, you should see both of the routers in a “running” state. That’s good, but now what? Time to get on the console. If you’re running your lab on your workstation (the box that’s attached to the keyboard you’re typing on), you can do a “console /all” to bring up all the consoles at once. If you’re doing the lab remotely, you’ll have to telnet to the right port to get a console. That info’s in the last column of the “list” command.

Now comes the configuration, so get to it. Configure these guys to share their routes on the f0/0 interface via BGP. Experiment a little. Experiment a lot. You’re not going to break anything, but remember to save the configuration when you’re done. You can reuse the lab later.

—–

If you’re lazy, you can use the configs that I used for this lab. They’re very, very simple, but they work.

• R1
• R2

• Read comments... (1)

I’ve run across articles for these apps a thousand times, so I thought I’d get in on the action. [tag]Dynamips[/tag] and [tag]dynagen[/tag] are a pair of apps that make simulating [tag]Cisco[/tag] routers very easy. I use them constantly at the office (and even at home on the couch) to try out new configs and even new IOS versions.

Dynamips is the brains behind the operation. It was written to [tag]simulate[/tag] Cisco 7200s for testing, but, eventually, it came to support several platforms, including 3600s, 3700s, and 2600s. You can use it to simulate a whole series of [tag]routers[/tag] that are directly connected together through their interfaces, through virtual switches, or even connected to real interfaces on your box to pass traffic out through the real network. It uses real [tag]IOS[/tag] images, so you can run whatever you can download. The problem with it is that it’s very complicated to use; if you did a fully-populated 7206, your command line would be 5 lines long and not make a lot of sense.

A guy named Greg Anuzelli came along, though, and gave us dynagen. Dynagen utilized the hypervisor functionality of dynamips to make a very easy configuration interface. Now, you can configure a lab by editing an INI-like file and run it against dynagen, which shoves all the right stuff into dynamips for you. It’s easy as cake.

I’ll save the details for later, but make sure you check out these guys. They save me so much time and effort at work and have become an invaluable part of my work day. Yes, it’s that good.

I’ll be sure to share some of my lab if they turn out to be interesting.

• (0)