Juniper JNCIA JN0-103 – Junos Configuration Basics Part 2
- Tracing
Welcome back. In this lecture we are going to talk about tracing. Let’s begin. All right, so first of all, what do we mean by tracing? Tracing is the juno’s term for what other vendors sometimes call as debugging. When you enable tracing, a trace file is created that is used to store decoded protocols information received or sent by the routing engine. In other words, when you enable tracing, a file is created which contains all the messages captured using the trace function.
Juno sends the tracing results to a specific trace file stored in the VAR log directory or to a remote syslog server. Very important to avoid unnecessary resource consumption, tracing must be stopped when debugging is completed. Let’s look at some options that you can configure when you enable tracing into a file. The first one is file name. It contains the name of the file in which to store the information.
You then have size that indicates the maximum size of each trace file. For example, when a trace file called trace file reaches the maximum size, it is renamed as tracefile zero. When the trace file again reaches the maximum size, trace file zero is now renamed as trace file one and trace file is renamed as trace file zero. This renaming continues until the maximum number of trace files has been reached. The software then overrides the oldest trace file.
The default size is 128 KB. You can then specify the number. This is the maximum number of trace files that can be stored on the device. The default is ten. We have another option called no stamp. This prevents timestamp information from being placed at the beginning of each line in the trace file. The default action is to place the timestamp at the beginning of each line. We then have the option called replays, which replaces an existing file if one exists. The default action is to append to an existing trace file.
The readable option allows any user to view the file and the no world readable option only allows the user who configured the file to view it. All right, now that we’ve seen the options, let’s try to configure a trace file. Let’s get into the terminal and do some configuration. All right, I’m at the terminal. I’m going to first enter the configuration mode and I’m going to enable tracing for security policies. I know we’ve not discussed security policies yet, but it should not be difficult for you to understand how tracing works. Let’s take a look at it. So I’m going to say set security policies.
This is the way you start configuring security policies. I can do a question mark over here and I have the option to enable tracing. So I’m going to say trace options. Let’s do a question mark. First of all, I’m going to specify the file name. So I’m going to call it as file space question mark. And I’m going to give my file name, which is policy dot TXT. Let’s do a question mark. I’m going to specify the size as one MB. Let’s do a question mark and the maximum number of files is going to be two. Hit enter.
Once this is done, we need to specify what level of tracing are we looking at. The way to do that is again, the same command. Set security policies, trace options. Let’s do a question mark. The option to do that is flag. So I’m going to say flag, question mark. Now you have these different levels at which you can trace the output. For this example, just to keep it simple, I’m going to say all to start the trace, we need to finish off with a commit statement. So I’m going to say commit and quit. The commit has finished and now we have started tracing. Let’s look at the trace file. There are two ways to do this. We can use the Show command to view all the messages in the trace file, or we can also use the Monitor command to view the trace messages in real time. We’ll look at the Monitor command later on. Right now let’s do that with the Show command. So I’m going to do show log.
This is the same command that we looked at in the earlier lecture. I’m going to do a question mark and I should see a file with that name. You have that over here. Policy TXT. And by looking at the size, we can find out that some information has been written into that file. Let’s do a control C, and I’m going to say policy TXT. And you can see there’s a bunch of information. Now we’ve enabled tracing for all levels, which is why we have so much of information over here. Yeah, that’s quite a lot of information. And this is the timestamp that we’re talking about. The timestamp is placed at the beginning of every line by default. So as you can see, the trace options are really useful, especially in debugging or troubleshooting scenarios. All right, now let’s talk about interface tracing. Juno supports two types of interface tracing. You have individual interface tracing and you have global interface tracing. When you are tracing a specific interface or an individual interface, you are not allowed to specify a trace file. The Juno’s kernel does the logging in this case.
So the trace information is placed in the system’s messages file. We already know about this file, we have looked at it in the previous lecture. On the other hand, if you are doing global interface tracing, it does support an archive file, the default being VAR log DCD. Of course we can override that. We can also trace the operations of the interface process, which is the device control process or DCD. In short, let’s take a look at this on the command line interface back over here. I’m going to go to edit first. All right, so let’s do this. Set interfaces. Let’s do a question mark. Over here we have the option called Trace Options. Let’s try that. Trace Options. When we do a question mark, we have the option to specify a file name. Question mark. We can give the file name as Interface TXT, hit a question mark and we’ll just do an enter to keep everything at the default settings.
And we have to follow it up with the level of tracing that we need to perform. So I’m going to say set interfaces, set interfaces. Trace options, flag. Let’s do a question mark. Right now. We’ll just keep it very simple and we’ll say all this is global interface tracing. Let’s try and see what happens when we try to trace an individual interface. Set Interfaces I’m going to say Fe One, do a question mark. We have the trace options over here. Trace options. Trace options. Let’s do a question mark. And you’ll notice over here we do not have the option to specify a file name.
So this is what we understood just about a minute ago, that if you’re trying to trace at the global interface level, you can specify a file name. If you’re trying to trace at an individual interface level, we cannot specify the file name. Instead, the messages are stored in the messages file, right? So I’m going to erase this command and I’m going to commit my configuration and exit back into the operational mode.
All right, now let’s check if we’ve got some messages in the trace file. So I’m going to do Show log and the name of the file is interfaces TXT, interface. TXT. And you see that there’s so much of information coming in. In fact, there are multiple files. Now let’s do Show log interface and I’m just going to do a question mark over here just to show you that there are multiple versions of that file created and everything has the latest timestamp.
So there’s a lot of information that is coming in. All right, now let’s go back to the slides. Okay, now, how do we monitor trace files? If you want to monitor your trace files in real time, you can use the Monitor command. This is especially useful when you’re troubleshooting, especially when you’re troubleshooting live with a customer and you want to see what’s happening. The Monitor command is very, very useful. So we can use the Monitor Start command to view real time log information. It is also possible to monitor several log files at one time. If you do that, the messages from each file are identified by the file name. If you’re monitoring multiple files at the same time, you can use the Monitor list command to view all files that are being monitored. And if you want to stop monitoring completely, we can use the Monitor stop command. I’m back at the terminal.
Let’s take a look at that. I’ll start with Control U to erase that line. And I’m going to do monitor. Let’s do a question mark first. So we have the option to start and stop. I’m going to say start, and we can monitor any of these files. Now let’s do this. Let’s monitor the first file that we created, which was called as Policy TXT, and we’ll also monitor the second one called as Interface TXT. Interface TXT. Hit enter. Now both the files are being monitored. Very soon we should start seeing information or messages on the screen. All right, as you can see, there’s a bunch of information flowing on my screen right now. In the meantime, what I did is I actually pause the recording for a second because there was nothing coming into Policy TXT and nothing coming into Interface TXT.
So I actually opened up a new terminal and I was just trying to ping something on the Internet. I was just trying to do a telnet. And what I did is I actually disabled one of the interfaces and I re enabled it just to generate some traffic and just to get some messages. And after doing that, when I came back over here, as you can see, there’s a bunch of information that’s flowing in. We’re actually monitoring a couple of files and you can see the file names over here. If I can just show it to you. Just going to scroll down.
And you can see over here, this one is being monitored from Interface TXT, while this one over here is being monitored from Policy TXT. So if you’re actually monitoring multiple files at the same time, the messages are shown under individual file names like this. Let’s go back over here. This is the end of my screen. Now, if I wanted to quickly find out which files am I monitoring, I can just say Monitor list. You don’t have to worry about the prompt being there or not. Just type in that command Monitor list, hit Enter, and you can see that we are monitoring a couple of files interface TXT and Policy TXT.
If you wanted to stop the monitoring, the command is simple. It’s monitor. Stop. Now, even if your commands are coming in one by one, you’re not getting that prompt. You don’t have to worry about it. Even if your command is getting discontinued, like you’re typing one letter and then there’s a bunch of messages, you’re typing one more letter and so on. You don’t have to worry about your command getting broken up. Just type in Monitor Stop, correctly hit Enter, and monitoring will stop. Right? So I’m just going to do monitor stop. That stops the monitoring. But one thing we have to remember, even the real time monitoring has been stopped.
The messages are still being stored in Policy TXT and Interface TXT. Before I forget, I want to show you how to enable tracing to a remote syslog server. So I’m going to enter configuration mode for that with Edit, and I’m going to say Edit system, not Syslog. I’m going to say Edit system tracing. Perfect. I’ll do a show first. Right now I don’t have any configuration. If you wanted to send your trace files or your trace messages to another Syslog server or a remote syslog server, we can say set space, question mark, destination override question mark, syslog question mark host and then you put in the IP address of that server. For example, 192-16-8121 thing that we must make sure is that 1921-6812 has been configured as a syslog server. Once you configure the server as a Syslog server, make sure that you test it out and it is able to process syslog messages. One last discussion how do we turn off tracing completely and how do we delete the trace files? For that, we need to delete the trace commands that we’ve set. One easy way to find that is using the Show command.
So I’m first going to go to the top of the configuration mode. I’m going to do a show. The Show command can be used to view the entire configuration. I’m going to do a Show space pipe. I’m going to try and match the word Trace options and I’m going to display the set versions of these commands because if I did an Enter right now, I would get an output like this, which does not make sense to me. So I’m going to say Show Pipe, match trace options, pipe Display Set that will show me the entire set command that I typed in Enter. And there I have it. So I’m going to do this delete Interfaces choice options, hit Enter, delete Security Policies, trace options, hit Enter. And if I try to repeat that command, I’m good now, right? So I’m just going to say commit and quit. All right. Now finally, to complete the cleanup process, we need to delete the trace files that have been created. There’s a couple of things that we can do.
Number one, we can clear the contents of that file if we want to retain the file but not the messages in it. Or we could delete the file completely. I’ll show you both the options. Let’s say we wanted to clear the contents. The command to do that would be clear space. The keyword is Log, which is over here, clear log space, question mark. And the two files that we created were interface TXT and Policy TXT. So I’m going to say clear log, interface TXT. That should clear the contents of the file. But the file still continues to exist and we can verify that with Show log. Excuse me. Show log. And I’m going to do Match interface and we do see that the file is still existing, right?
So that’s how you clear the contents of the file. Now let’s say you wanted to delete that file completely. How do we do that? The command is file delete but we need to know the location of the file, the log files and trace files. Are stored in VAR log. So I’m going to say VAR logintervase TXT. And I’ll repeat that for policy TXT. Now the files are deleted. We can verify that. Show log match interface. So there’s a couple of these files. We’ll delete them as well.
And I’m going to say file delete zero GZ. And I’ll repeat that for one GZ. And we are done. We can verify that one more time. Show log match interface. There’s nothing in there. And we can also try to match show log match policy. We’re done. So that’s how you complete the cleanup process. All right, so that’s all the topics that we had to discuss in this lecture. I hope you found it really interesting, and I hope you enjoyed it. If you have any questions, please feel free to let me know. I’d like to thank you for watching, and I’m going to catch you in the next lecture. Thank you.
- Simple Network Management Protocol
Welcome back. In this lecture, we’re going to talk about Simple Network Management Protocol, also known as SNMP. Let’s begin. What is SNMP? SNMP, also known as Simple Network Management Protocol, enables the monitoring of network devices from a central location. To make this work, you have two entities you have an SNMP agent and you have an SNMP manager. The SNMP agent exchanges network management information with the SNMP manager software which is running on a network management system, also known as NMS. In our case, the SNMP agent will be running on the Juno’s device and the SNMP manager software will be running on a server which will be used to collect data from the Juno’s device. The agent responds to requests for information and actions from the manager. The SNMP manager collects information about network connectivity, activity and events by pulling the managed devices. I have a diagram which will help you understand the architecture.
On the left hand side, we have a server on which the SNMP software has been installed. It is known as NMS, or Network Management System. On the right hand side, we have the Juno’s device on which the SNMP agent is running. The Network Management system pulls the Juno’s device, and the Juno’s device sends the responses back to the NMS. Let’s talk about SNMP Management Information Base. SNMP MIB, or SNMP Management Information Base, is a collection of information which is organized hierarchically. This information defines the properties of the objects on the managed device. Everything that you configure on the Juno’s device is an object and it is an object in a database which is known as Management Information Base. The MIB structure is based on a tree structure with related objects being grouped together.
To visualize this, think of registries on Windows devices. The registry is organized in a tree structure with similar values being grouped together. The same applies to management information base. Similar values or similar objects are grouped together. Each object in the MIB is associated with an Identifier, also known as object Identifier or OID, which names the object. The leaf in the tree structure is the actual managed object instance, which represents a resource, event or activity that occurs in your network device. I have a diagram on the screen right now which will help you understand this. On the left hand side, I have the MIB tree which has been expanded. I have also highlighted one of the leaf of the tree. It is called as firewall. Oddservice up. On the right hand side, we have more information about that object. The name is JNX. JS firewall oddservice up.
You have an object Identifier, you have the syntax, you have the status, you have a description for that object, and you have the MIB for the object which is Jsau th MIB, the tree which has been expanded. On the left hand side, let’s talk about SNMP traps and informs. Juno’s devices are able to send notifications to SNMP managers when significant events occur which is most often failures or errors. SNMP notifications may be sent as traps or inform requests. SNMP traps are unconfirmed notifications, while SNMP informs are confirmed notifications. Juno’s SNMP Versions juno supports the following versions of SNMP, and we have three of them SNMP version one, which was the initial implementation of SNMP that defines the architecture and framework for SNMP. We then have SNMP version two, C, which added support for community strings. You can think of community strings as passwords which determine access to SNMP.
Agent MIBs. You then have SNMP version three, which provides data integrity, data origin, authentication message replay, protection, and protection against disclosure of message payload. Let’s talk about SNMP communication. Communication between the SNMP agent and the SNMP manager occurs in one of the following ways. Number one, you have get Bulk and get next requests. These are used by the manager to request information from the agent. The agent returns the information in a GetResponse message. You then have set request? This is used by the manager to change the value of a MIB object controlled by the agent.
The agent indicates the status in a Set response message, and then you have Trap notifications. This is used by the agent to send trap notifications to the manager of significant events that occur on the device. If all this is sounding too confusing, don’t worry too much about it, guys. SNMP is a protocol which is used to monitor and manage your network devices. It is used to collect important metrics from your network devices. It is not a topic which is going to be heavily tested on the exam, but it is a good idea to know it. Let me take you to a Juno’s device terminal and show you some SNMP configuration. All right, as you can see, I’ve already logged in to the Juno’s device. I have entered the configuration mode and I have run the command called Show SNMP. You’ll notice that I have set some information like the name and contact for the device. I have also set a community string. The string in this case is public. The authorization that I’ve approved is read only, and the information is being sent to a manager which is located at this IP address. I have also set a trap.
The trap is for version two, and these are the categories for which traps will be sent. Like we just understood, traps are notifications which are used to indicate critical events on the device, like failures or errors, and I have set traps for these categories. The target for my trap is again the same IP address on which I have installed the network management software. To show you how this whole thing works, I have downloaded a network management software which is known as Spiceworks. If you’re interested, you can do this as well. You can go to Spiceworks. com and you will find an open source tool called as Network Monitor. You can download and install that, but it only runs on Windows servers. As you can see, I’m recording on a Macintosh device. So what I’ve done is I’ve actually spun up a Windows 2012 server on AWS, and I’ve installed Spiceworks on that. And this IP address is the IP address of that Windows server on AWS. I’m going to take you there to show you how this whole thing works. That’s the console of my Windows 2012 server, which is running on AWS. And like I said, the software that I’m using to monitor is Spiceworks.
On this software, I have configured my Juno’s device. It’s actually very easy when you try to add a new device. It’ll ask you for the IP address of the device and the community string, and that’s it. The communication should be established. And as you can see, I’m able to get real time information about the traffic that is flowing through my device. You can see there’s a spike in the traffic right now, which I believe is probably my wife browsing something sitting at home. And I’m actually recording this from outside. This is how you can set up SNMP to monitor your network devices. The bottom line is, SNMP is a protocol which is used to monitor and manage your network devices from the examination perspective. Just remember the differences between SNMP version one, SNMP version two, C, and SNMP version three. Also, remember what SNMP trap and inform means.
We can also check out the statistics of SNMP on the Juno’s device. The way to do that is very simple. I’m back over here. Now, let’s say I wanted to view the SNMP statistics. First of all, I would exit and come back to operational mode, and I would run this command called Show SNMP Statistics. Hit Enter and we can see the SNMP statistics. You can see that there’s a lot of input packets, and there’s also output packets, and you can also see there’s a lot of get requests that are being sent.
You don’t see anything in version three. That’s because I haven’t configured SNMP version three. I’m actually using SNMP version two, C. All right, so that’s all the topics that I wanted to discuss in this lecture. I hope I haven’t confused you too much. If you have any questions about SNMP, about configuring SNMP, about trying out Spiceworks and how to establish the communication, please let me know in the comments section. I will definitely assist you. That’s all for this lecture, guys. I’d like to thank you for watching, and I’m going to you in the next lecture. Thank you.