Snmp monitoring of errors on ethernet interfaces

//EtherLike-MIB
Align-Err 		1.3.6.1.2.1.10.7.2.1.2
FCS-Err 			1.3.6.1.2.1.10.7.2.1.3          
Single-Col		1.3.6.1.2.1.10.7.2.1.4          
Multi-Col			1.3.6.1.2.1.10.7.2.1.5       
Late-Col      1.3.6.1.2.1.10.7.2.1.8
Excess-Col    1.3.6.1.2.1.10.7.2.1.9
Carri-Sen     1.3.6.1.2.1.10.7.2.1.11          
SQETest-Err		1.3.6.1.2.1.10.7.2.1.6
Deferred-Tx   1.3.6.1.2.1.10.7.2.1.7     
IntMacTx-Err  1.3.6.1.2.1.10.7.2.1.10      
IntMacRx-Err  1.3.6.1.2.1.10.7.2.1.16
Symbol-Err		1.3.6.1.2.1.10.7.2.1.18

Runts         1.3.6.1.4.1.9.9.276.1.1.1.1.4 //CISCO-IF-EXTENSION-MIB
Giants				1.3.6.1.4.1.9.9.276.1.1.1.1.5 //CISCO-IF-EXTENSION-MIB
OutDiscards		1.3.6.1.2.1.2.2.1.19						//IF-MIB
OutDiscards		1.3.6.1.4.1.9.9.276.1.1.1.1.11	//CISCO-IF-EXTENSION-MIB 
Xmit-Err			1.3.6.1.2.1.2.2.1.20 	//IF-MIB

// wanted!
Rcv-Err       1.3.6.1.2.1.2.2.1.14 ?????	//IF-MIB
UnderSize     ???
Advertisements

3750/3560 interface policing/shaping/bandwidth limiting

I assume, that QoS is set up as it is dscribed in my previous .
All traffic is sorted to two different queues: iptv(dscp32) is put into queue1, other traffic is put into queue2. I want to police customers traffic into 20mbps, except iptv packets going towards the customer.
Ingress policing
Create policy map:

policy-map shape-20
  class class-default
    police 20M 400000 exceed-action drop

Assign policy map to interface:

interface FastEthernet1/0/2
 service-policy input shape-20

Egress policing
Unfortunately, policy-map containing police action cannot be attached to interface in egress direction. Egress queue2 is shaped to 20mbps:

interface FastEthernet1/0/2
 srr-queue bandwidth shape  0  5  0  0

5 is bandwidth weight and is calculated this way: [interface speed]/[bw weight] = [policed speed]. 100mbps/5=20mbps.

There is another possibility to limit egress speed in the interface. It will limit all egress queues to 20% of interface speed:

interface FastEthernet1/0/2
 srr-queue bandwidth limit 20
 srr-queue bandwidth shape  0  0  0  0 

CDP cluster. Управление свитчем по CDP, если через telnet/ssh не попасть

Switch#configure t
Switch(config)#cluster enable test
Switch(config)#do show cluster candidates

MAC Address Name Device Type PortIf FEC Hops SN PortIf FEC
0017.9509.bc80 call_center WS-C2960-48TT-L Gi0/2 1 0 Gi0/2

отсюда смотрим мак адрес
Switch(config)#cluster member 1 mac-address 0017.9509.bc80 password ПАРОЛЬ
Switch(config)#end
Switch#rcommand 1

call_center#
call_center#
call_center#
call_center#exit
И вот мы уже на удаленном свитче.

Выключение кластера:

Switch(config)#no cluster member 1
Switch(config)#no cluster enable
Switch(config)#
Switch#sh cluster
% Not a management cluster member
Switch#

multicast через nat на cisco router

В глобальном конфиге:
ip multicast-routing
ip nat inside source list 100 interface GigabitEthernet0/0 overload
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
access-list 100 deny ip any any

На внешнем интерфейсе:
ip nat outside
ip pim dense-mode

На внутреннем интерфейсе:
ip pim sparse-mode
ip nat inside
ip pim sparse-mode
ip igmp helper-address

Стэк из 3750. Подключение к slave-члену стэка

Некоторые команды можно посмотреть только зайдя непосредственно на slave стэка.
Делается это такой командой:
37-vib#session 2
37-vib-2#

2 – номер устройства в стеке

Просмотр дропов на cisco

Для большинства свитчей: sh int summary
2950
#sh int g0/1 | i drop
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

2960
sh platform port-asic stats drop gigabitEthernet 0/1

3750, 3560
sh platform port-asic stats drop gigabitEthernet 1/0/1
sh int g0/1 | i drop
Статистика раскладывания пакетов по очередям порта
sh platform port-asic stats enqueue gigabitEthernet 1/0/№

ME-3400
sh platform port-asic stats drop gigabitEthernet 0/1

4900M
sh int g3/9 | i drop