Saturday, March 24, 2012

Cisco CCNA: Network Management


Cisco CCNA: Network Management


Unit 1. LAN Congestion



In this course, you will learn about network management. You will see how congestion affects networks and how to alleviate congestion. You will discover the protocols and tools used to effectively manage a network. Finally, you will be introduced to one of Cisco Systems' workgroup hubs, the FastHub 300.
In this unit, you will learn about congestion, which is one of the major problems faced by network administrators. You will see how to spot congestion and how to alleviate it.

After completing this unit, you should be able to:
  • Identify demand nodes and resource nodes

  • Identify causes of LAN congestion

  • Recognize the signs of LAN congestion

  • List the devices used to segment a LAN


This unit provides information that is relevant to the following CCNA exam objectives:
  • Describe network congestion problem in Ethernet networks

Topic 1.1: What Is Congestion?

*Network Congestion
Network congestion is a condition where the amount of network traffic is more than the network can handle.

*Network Traffic Flow
Network traffic usually flows between demand nodes, which require data and services, and resource nodes, which provide data and services.

*Types of Demand Nodes
There are many types of demand nodes. Examples of demand nodes include workstations, client applications, and terminal services. What these nodes all have in common is their dependence on resources found elsewhere in the network.

*Resource Nodes
Resource nodes also come in many varieties. Examples of resource nodes include servers, printers, routers, and hosts. These devices all provide necessary services to the rest of the network.

*Too Many Nodes
When demand nodes and resource nodes communicate with each other, they use the available bandwidth of the network. When too many nodes need to communicate at the same time, congestion occurs.

Question 1

Topic 1.1.1: Congestion Causes

*Causes of Congestion
There are many causes of network congestion. Anything that affects the available bandwidth of the network is a factor in congestion.
These factors have a cumulative overall effect, and they all need to be taken into consideration when dealing with congestion.

*Too Many Users
One of the major causes of network congestion is the presence of too many users on a network segment or collision domain. When a large number of workstations are competing for access to the same network media, the available bandwidth of the network decreases.

*High-Demand Applications
Applications that require a lot of services from resource nodes are also a leading cause of network congestion. Examples of high-demand applications include groupware, e-mail with large attachments, desktop publishing, and multimedia applications.

*Processing Speeds
Another factor of network congestion is the ever-increasing power and capabilities of new PCs and servers. The fast processing speeds of these components mean that they can move files very quickly and thus use large amounts of the network's bandwidth.

*Internet Usage
Use of the Internet is also a growing cause of network congestion. As more and more users connect to the Internet, network traffic increases. The increasing use of large video and audio clips on Internet web sites also contributes to this problem.

Question 2

Topic 1.1.2: How To Spot Congestion

*Signs of Network Congestion
The signs of network congestion are usually fairly obvious. Common indicators include increases in network delay and utilization as well as an increase in user dissatisfaction.

*Network Delay
Network delay is the time between the start of a transaction by a node and the first response the node receives in answer. If there are a lot of nodes competing for bandwidth, network delay increases. This makes the network appear slower because it takes longer to send and receive data.

*Network Utilization
Network utilization, or channel utilization, is the percentage of time in which the network is actively transporting data. For short periods of time (seconds or even less), network utilization may approach 100% without a problem. This high utilization might occur when a large file is being transferred between two high-performance nodes.

*Average Network Utilization
For longer time periods, it is generally a good idea to check the average network utilization.
In an Ethernet environment, for example, the percentage of network utilization should not exceed 20% when averaged over an 8-hour day, 30% when averaged over the worst hour, and 50% when averaged over the worst 15 minutes. If these values are exceeded, the network is approaching an excessive load.

*User Dissatisfaction
Users are often the first to spot congestion. If users cannot work efficiently due to congestion, their problems must be addressed, even if status reports indicate no problems in network performance.
It should be noted, however, that user dissatisfaction may be due to factors other than congestion, such as high-end applications and low CPU speeds.

Question 3

Question 4

Topic 1.2: Relieving Congestion

*Relieving Congestion
Since congestion is basically a shortage of available bandwidth, relieving congestion entails increasing the available bandwidth. This can be accomplished by either upgrading to a faster network, or by segmenting the network into smaller domains.

*Upgrading the Network
Upgrading the network can sometimes be the best solution. For instance, upgrading from 10Base-T to 100Base-T could be fairly easy and inexpensive if the NICs support both 10 and 100 Mbps transfer rates. This solution would provide the network with ten times the bandwidth of 10Base-T.

*Difficulties of Upgrading
Upgrading from 10Base-5 to 100Base-T, however, could be very difficult and expensive. Not only would all the cables and NICs need to be replaced and a hub acquired, but other differences between the networks — such distance constraints — must be taken into account.

*Segmenting
When upgrading is not a viable solution, or when congestion problems continue after an upgrade, the network may need to be segmented. Segmentation involves the use of network devices, such as bridges, switches, and routers, that split a large domain into smaller domains.

Question 5

Question 6

Topic 1.3: Segmentation

*Segmentation of a Network
Segmentation of a network involves creating workgroups to share a local domain. This is usually accomplished with the use of hubs. These workgroups, or local domains, can then be connected with bridges, switches, and routers.

*Hubs
Hubs have ports connecting to all nodes in the local domain. When a hub receives a signal, it retransmits the signal to the local nodes. Hubs can be either passive, intelligent, or switching. A passive hub simply retransmits data. Intelligent, or manageable hubs allow administrators to monitor the traffic passing through the hub and to configure each port in the hub. A switching hub actually reads the destination address of each frame and then forwards the frame to the correct port.

*Bridges
Bridges work at the Data Link layer by using the MAC address of a frame. They store a list of all MAC addresses in tables for each port. When a bridge receives a frame, it checks the address with its tables to see if the frame needs to be passed along. If there is no table entry for the destination node, the bridge will broadcast the frame to all outgoing ports except the originating port.

*Using Bridges to Keep Network Traffic Down
Bridges do not actually break up large networks into smaller ones. They merely establish domains within the network in order to keep total network traffic down. The advantages of bridges are their reliability, availability, scalability, and manageability. However, bridges rely heavily on broadcasting and increase the time it takes a frame to travel from source to destination, called latency, by 20-30%.

*Switches
Switches are similar to bridges in that they operate at the MAC sublayer of the Data Link layer. In essence, switches are multiport bridges that transmit information only to the applicable port, with each port having a separate collision domain. Switches may also create what are known as virtual LANs, where nodes from different segments may be configured to act as one local area.

*Routers
Routers operate at the Network layer of the OSI model and use logical addresses. Routers act as a switch by forwarding data, but they also determine the best path for data to travel. Routers contain a database of all connected networks and send data to the destination by the shortest path possible. Segmentation with routers actually creates smaller networks.

*Segmenting Into Logical Workgroups
If a network is segmented into logical workgroups, where most communication occurs within the workgroup, most network traffic will remain within a single segment. Thus, segmentation is a valuable process in making a network more efficient.

Question 7


* Exercise 1
Try using the World Wide Web to find more information on network congestion.


Examine the following table
Step Action
1 Use your browser to navigate to your favorite search engine (Yahoo!, LookSmart, Excite, etc.)
2 Perform a search for network congestion terms such as bandwidth, congestion, and network utilization. You may need to use the advanced search features of the search engine you chose.
3 Follow the links to find more information on network congestion.
4 If your connection seems slow, you may be experiencing network congestion.


Topic 1.4: Unit 1 Summary

In this unit you learned the causes of LAN congestion. You saw how to spot congestion when it occurs. In addition, you discovered how to overcome congestion with network upgrades and segmentation with network devices such as bridges, switches, and routers.
In the next unit of this course, you will learn more about LAN segmentation.

Unit 2. Network Segmentation



In this unit, you will learn many aspects of network segmentation. You will see how hubs are used to create workgroups. You will also learn about network devices that are used to segment LANs, such as bridges, switches, and routers.
Each of these devices have their own benefits and drawbacks when they are used to segment a network, and you will discover where these devices are best used.

After completing this unit, you should be able to:
  • Describe how hubs are used to create workgroups.

  • List the benefits of segmentation.

  • Identify network devices used for network segmentation.

  • Recognize the differences between bridges, switches, and routers.

  • List the benefits of segmenting with bridges, switches, and routers.


This unit provides information that is relevant to the following CCNA exam objectives:
  • Describe the benefits of network segmentation with routers

  • Describe the advantages of LAN segmentation

  • Describe LAN segmentation using bridges

  • Describe LAN segmentation using routers

  • Describe LAN segmentation using switches

  • Describe the benefits of network segmentation with bridges

  • Describe the benefits of network segmentation with switches


Topic 2.1: Why Segmentation?

*Network Segmentation
Network segmentation is the process of dividing a network into segments. This process increases the bandwidth available to each segment by keeping local traffic within each segment. Segmentation also reduces collision domains because there are fewer nodes on each segment. The graphic below shows a non-segmented network (a) and a network segmented with a bridge (b).

*Methods of Segmentation
The most common method of segmentation involves the creation of logical workgroups containing nodes that communicate primarily with each other. These nodes normally compete for bandwidth with all the other nodes in the network, but when they are on their own segment they compete for bandwidth only with each other.

*Benefit of Segmenting
In a LAN containing an engineering department and a customer service department on the same segment, all nodes from both departments compete for the same bandwidth. The engineering department probably generates a lot of network traffic that is of little value to the customer service department, and vice versa. By placing these two departments on their own segments, engineering nodes will not compete with customer service nodes for bandwidth, and each segment is not flooded with the local traffic of the other segment.

*Limits to Communication
However, the two departments in the previous example still need to be able to communicate with each other, so some kind of network connection is necessary. This connection can be accomplished by hubs and repeaters, but this would only work for smaller networks because of rules like the 5-4-3 rule of Ethernet and the two-repeater rule in Fast Ethernet (these rules are covered in another course in this series).

*Segmenting Large Networks
Large networks are usually spread out over a larger area than smaller networks, and require network devices with more capabilities than that provided by hubs and repeaters. Large networks might also contain segments that use different protocols, and in these cases network devices must be able to handle the different protocols.

*Network Devices
There are an assortment of network devices designed to provide connectivity between the segments of a network. These devices include bridges, switches, and routers. Each of these devices has its own benefits and drawbacks in connecting various network segments.

Topic 2.2: Creating Workgroups

*Nodes
As mentioned in the previous section, workgroups should contain nodes that communicate primarily with each other. Since these nodes will be sharing the same bandwidth, they need to use the same protocols and operate at the same speed.

*Workgroups
Workgroups are either on the same bus, as in 10Base-2 and 10Base-5, or on the same hub or hub stack, as in 10Base-T or 100Base-T. Hubs for Token Rings and FDDI are called MSAU and DAC, respectively, and rules for their use are covered in another course in this series. This section will concentrate on Ethernet hubs.

*A Typical Hub
A typical hub has multiple ports to which network nodes are attached. Each port may connect to one network node. When data is received from a port, the hub will transmit that data to all ports.

*Types of Hubs
Hubs can be either passive or manageable. Passive hubs merely act as a conduit for data by retransmitting all messages to all ports. Manageable hubs, also called intelligent hubs, allow network administrators to manage different functions of a hub. These functions might include configuring, monitoring, and enabling or disabling each port of the hub.

*Basic Hub Configurations
There are three basic configurations for hubs. These configurations are standalone hubs, stackable hubs, and modular hubs. Standalone hubs are the least expensive hubs. Standalone hubs are usually passive hubs and are best suited for small workgroups of fewer than 12 nodes.

*Stackable Hubs
Stackable hubs are like standalone hubs except that several of them can be stacked to act as one unit. If one of the hubs in a stack is manageable, then the whole stack can be managed from that one hub. Stackable hubs are ideal for small- to medium-sized workgroups that are expected to grow, because another hub can be added to the stack when needed.

*Modular Hubs
Modular hubs are always manageable and expandable. The base for a modular hub is a chassis, or card cage, that contains many card slots to connect the expansion modules to the backplane. The backplane is the circuit board that modules are connected to, and it provides the modules with high-speed communications and a common power supply. Modular hubs can provide customized solutions in large LANs and WANs.

*Combining Different Hub Types
Some hubs are a combination of different hub types. For instance, the Cisco FastHub 300 series of hubs is stackable but also has expansion slots to provide more functionality. The Cisco FastHub 300 series will be examined more closely in the last unit of this course.

Question 8

Question 9

Topic 2.3: Segmentation with Bridges

*Bridges
A bridge is a network device that connects two or more workgroups. These workgroups may be either separate segments of the same LAN, or separate networks altogether.

*Bridge Operation
Bridges operate on the Data Link layer of the OSI model by filtering frames based on their destination MAC addresses. After the entire frame is received by the bridge, it will then forward the frame. If a frame's destination address is to a node on the same segment where the frame originated, the bridge will not forward the frame. If the destination address is to a node on a different segment, the frame is forwarded to the appropriate port.

*Filtering Network Traffic
When a bridge is used within a network, it does not actually divide the network into smaller networks. Instead, it cuts down total network traffic by acting as a filter between the different segments. This filtering keeps the local traffic of workgroups within each workgroup and breaks up the collision domain, but the size of the network does not change.

*Connecting Networks with Bridges
When bridges are used to connect two or more networks, they do not investigate the logical addresses of packets. Packets arriving at a bridge are forwarded to all ports except the originating port. Since the addresses from these packets are not seen by the bridge, and therefore not filtered, broadcast storms can sometimes be a problem when bridges connect two or more networks.

*Benefits of Bridges
The benefits of using bridges are that they increase the available bandwidth for each segment, allow larger networks by connecting large workgroups, and increase the maximum area of a network. Bridges can also act as a firewall by not forwarding frames from certain segments.

*Drawbacks of Bridges
Bridges also have a few drawbacks. Bridges cannot connect segments that operate at different speeds. Bridges increase the latency, which is the time it takes for a frame to go from source to destination, by 20-30% because frames are not forwarded until the entire frame is received. Bridges also increase the likelihood of broadcast storms when they connect two or more different networks. Bridges are discussed in greater detail in another course in this series.

Question 10

Question 11

Question 12

Topic 2.4: Segmentation with Switches

*Switches
A switch is a network device that connects two or more networks or network segments. Switches are very similar to bridges, but are generally faster and provide more functionality.

*Switches in Action
Like bridges, switches work on the Data Link layer of the OSI model. Frames are filtered based on the destination address. Some switches also have the capability of operating on the Network layer, allowing them to forward packets to the proper port. Switches also have the ability to create virtual LANs (VLANs), which are a group of nodes on different segments that can communicate as if they were on the same segment. Switches and VLANs are covered in greater depth in another course in this series.

*Microsegmentation
When switches are used to segment a LAN, each device attached to the switch has its own collision domain, whether the device is a single workstation or a hub workgroup with many workstations. It is becoming popular to replace hubs with switches, providing every node with its own collision domain and full use of the bandwidth. This practice, called microsegmentation, eliminates collisions altogether and greatly improves network performance.

*Benefits of Switches
Switches are a fairly recent development, but they have already become very popular. Switches combine many of the functions of hubs, repeaters, bridges, and routers. They also provide media-rate adaption, which means that they can connect segments that operate at different bandwidths. Switches provide an ideal solution for most network configurations.

*Functions of Switches
Like bridges, switches increase the available bandwidth, allow for larger networks, and overcome distance constraints. Switches also provide dedicated, collision-free bandwidth and a higher port density than bridges.
Switches can forward frames as soon as the destination address is read, which allows them to process frames very rapidly. For this reason, switches have a much lower latency than bridges.

*Potential Problems with Switches
A careful analysis of the network is required before a switch is installed. Placing a switch in a non-congested network or between workgroups with a high level of communication will actually slow network performance due to the delay caused by frame processing. Another potential problem with switches is that switch buffers, where frames are stored before they are retransmitted, sometimes become full, which can lead to lost data and retransmissions.

Question 13

Question 14

Topic 2.5: Segmentation with Routers

*Using Routers
A router is a network device that performs two separate functions. Routers first determine the best route for a packet to take in order for it to reach its destination and then they switch the packet from the originating port to the appropriate destination port.
Unlike bridges and switches, routers actually create separate networks when used for segmentation.

*Operation of Routers
Routers operate on the Network layer of the OSI model and use IP addresses to route information. When a router receives a packet, it determines the best route through the network for the packet to reach its destination.
This is very different from bridges and switches, which forward frames to particular ports based on physical addresses.

*Classifying Routers by Algorithms
Routers may be classified by the algorithms they use for path determination. These algorithms may be static or dynamic, single-path or multi-path, flat or hierarchical, host-intelligent or router-intelligent, intradomain or interdomain, and link state or distance vector. These algorithms are presented in another course in this series along with a more detailed discussion of routers and routing protocols.

*Connecting LANs and WANs
Routers are best used to connect different LANs and WANs. Routers ensure that each of the smaller networks within the large network receives only the data that is meant for it. Routers can also be used to eliminate the problem of broadcast storms, because routers do not forward broadcasts.

*Benefits of Using Routers
The benefits of using routers to segment a network are manageability, functionality, and multiple paths. The manageability comes from the many routing protocols available to the network administrator, which provides flexibility to a router-based system. The functionality comes from vendor features, as in Cisco's flow, error, and congestion control. The multiple paths available to routers mean that they can have more than one active link between devices, providing better throughput and reliability.

*Drawbacks of Routers
The biggest drawback of routers is increased latency compared to bridges and switches. This increase is due the greater complexity of routers and the fact that routers use more software. The latency is also affected by the protocols used. Routers add 20-30% latency for sliding window protocols and 30-40% for acknowledgement-oriented protocols.

Question 15

Question 16


* Exercise 1
Try using the World Wide Web to find out more about LAN segmentation.

Examine the following table
Step Action
1 Use your browser to navigate to your favorite search engine (Yahoo!, LookSmart, Excite, etc.) or to the Cisco home page.
2 Conduct searches on terms such as segmentation, bridge, switch, and router.
3 Follow the links to find out more about these network devices.


Topic 2.6: Unit 2 Summary

In this unit you learned about network segmentation. You saw how workgroups are created with the use of hubs, as well as how bridges, switches, and routers are used to segment a network. You also learned about the benefits and drawbacks of using bridges, switches, and routers in network segmentation and where each of these devices are placed for efficient network design.
In the next unit of this course, you will learn about network management.

Unit 3. Network Management System



In this unit, you will learn about the NMS (Network Management System), including its hardware and software components.
You will also see how the Simple Network Management Protocol (SNMP) and Remote Monitoring (RMON) are used to effectively manage a network.

After completing this unit, you should be able to:
  • Identify the functions of an NMS.

  • Identify the components of an NMS.

  • Recognize SNMP commands and version differences.

  • List the nine RMON groups.


This unit does not address any specific Cisco objectives. However, it does provide background information that is essential for the CCNA exam.
In the course index, questions about background information are indicated with the abbreviation BCK and a short description of the question subject matter.

Topic 3.1: Network Management System

*Complex Networks
When networks expand and subnetworks are created with segmentation, management of the network becomes more complex. This situation is compounded when the subnetworks do not use the same protocols, for example, Ethernet and Token Ring.

*Network Management Systems
NMSs (Network Management Systems) were developed to simplify network management. An NMS automates many of the routine network management tasks that would otherwise be complicated and tedious.

Topic 3.1.1: NMS Functions

*Management Functions
The ISO has defined a network management model containing five categories of management functions. These categories are:
  • Performance management
  • Configuration management
  • Accounting management
  • Fault management
  • Security management


*Performance Management
Performance management measures network performance and maintains the desired level of performance. Examples of elements that fall under performance management include bandwidth utilization, response times, and network throughput.

*Configuration Management
Configuration management keeps track of network configuration information such as the operating system used, the type of interface, and the software used by the network. This information is kept in databases that can provide clues for problem resolution.

*Accounting Management
Accounting management regulates network utilization. This function allows the administrator to measure resource utilization and set usage quotas. Accounting management is used to provide fair and optimal resource utilization across the NMS.

*Fault Management
Fault management detects, logs, and tries to fix network problems. This is the most commonly used function in the ISO network management model, since network problems can cause downtime and loss of productivity.

*Security Management
Security management controls access to network resources. This is done by partitioning network resources into authorized and unauthorized areas. Users are granted access to the areas where they need access, and denied access to inappropriate areas.

Question 17

Question 18

Question 19

Topic 3.1.2: NMS Components

*Managed Devices
An NMS consists of managed devices, network management stations, agents, databases, and protocols. Managed devices are the various nodes of a network. These devices run monitoring software that communicates with the network management station.

*Console
A network management station,or console, is a node that monitors and controls the managed devices. The console polls managed devices for information necessary for network management.
Each managed environment, which consists of all the devices managed as one unit, must have at least one console.

*Agents
Agents are the monitoring software modules located within managed devices. These modules collect management information from the device and store this information in databases called MIBs (Management Information Bases).

*Agents in Action
Agents send information to the console when the managed device is polled by the console or when an alert is necessary. An alert is a priority message sent to the console when certain values set by the network administrator are met or exceeded. Alerts trigger configurable automatic procedures such as logging the alert or shutting down the network.

*NMS Protocols
The protocol used in an NMS controls the makeup of management information and the movement of this information between agents in the managed devices and the consoles. The most common protocol used in an NMS is the SNMP (Simple Network Management Protocol).

Question 20

Topic 3.2: Simple Network Management Protocol

*SNMP Defined
SNMP is an Internet protocol that operates on the Application layer and is part of the TCP/IP protocol suite. This protocol controls the exchange of network management information between network devices. SNMP is a relatively simple protocol, but is still powerful enough to manage very complex networks.

*Replacing SNMP
SNMP was initially meant to be a short-term solution to network management. However, viable alternatives have not appeared yet, and SNMP remains the de facto standard protocol for network management.

*IP Address
In order to be managed by SNMP, devices must first have an IP address. The IP address is necessary since it provides a unique identifier for each device in the network. Once an IP address is assigned to a device, SNMP can distinguish it from other devices.

*Network Management
Network management may be performed from any SNMP workstation or through Telnet to an SNMP workstation (in-band management); or it may be performed from the console (out-of-band management).

*Protocol Data Units
SNMP works by sending messages containing SNMP PDUs (Protocol Data Units) across the network. An SNMP PDU contains the SNMP operation to be performed and the managed characteristics, or objects, that are involved in the operation.

*Versions of SNMP
There are two versions of SNMP currently available, SNMPv1 and SNMPv2. Operations available to both versions of SNMP include the following:
  • Get to retrieve an object from an MIB table in an agent

  • GetNext to retrieve the next object in an MIB table from an agent

  • Set to write over object values in an agent

  • Trap for managed devices to inform the NMS of an event


*SNMPv2 Operations
In addition to the previous SNMP operations, SNMPv2 also uses the following operations:
  • GetBulk to retrieve large amounts of information from an agent

  • Inform to allow NMSs to send trap information to each other


Question 21

Topic 3.2.1: SNMPv1/SNMPv2 Interoperability

*Versions of SNMP
SNMPv1 and SNMPv2 are incompatible with respect to message formats and protocol operations. However, there are two current methods to allow networks to run both versions. These methods involve the use of proxy agents or the use of bilingual NMSs.

*Proxy Agents
Proxy agents are SNMPv2 agents that act as go-betweens for a SNMPv2 NMS and a SNMPv1 agent. In this method, the SNMPv2 NMS sends SNMP messages meant for the SNMPv1 agent to the proxy agent instead. The proxy agent then translates the message to SNMPv1 format and sends it to the SNMPv1 agent. The proxy agent also maps the SNMPv1 trap response to SNMPv2 trap format and then sends it to the SNMPv2 NMS.

*Bilingual SNMPv2
Bilingual SNMPv2 NMSs support both SNMPv1 and SNMPv2. In this method, when the NMS needs to contact an agent, it first checks a database that indicates whether the agent is an SNMPv1 agent or an SNMPv2 agent. Then the NMS communicates with the agent in the appropriate SNMP format.

Topic 3.2.2: SNMP Security Problems

*SNMP Security Problems
SNMP has many security problems, because it does not have any authentication capabilities. This gives rise to problems such as masquerading, modification of information, message sequence and timing modifications, and disclosure. These problems involve entities (such as objects and agents) that behave in an unauthorized fashion.

*Masquerading
Masquerading is where unauthorized entities assume the identity of authorized entities in order to perform functions that would not normally be allowed. This could lead to a number of problems depending on the functions performed by the unauthorized entity.

*Modification of Information
Modification of information is where unauthorized entities alter messages that are generated by authorized entities. This could result in unauthorized accounting or configuration management.

*Message Sequence
Message sequence and timing modifications occur when unauthorized entities reorder, delay, or copy messages generated by authorized entities. This could adversely affect system performance.

*Disclosure
Disclosure occurs when unauthorized entities extract the values of managed objects or monitor exchanges between managers and agents. These values can then be used outside the scope for which they were intended, which can lead to system errors.

*Authentication Capabilities
Without authentication capabilities, SNMP cannot be configured to adjust for security problems. However, many vendors disable the Set operation in SNMP. This stops unauthorized entities from overwriting values from authorized entities but also limits SNMP to monitoring functions only.

Question 22

Question 23

Topic 3.3: Remote Monitoring

*Remote Monitoring
RMON (Remote Monitoring) is a standard MIB that defines MAC-layer statistics and control objects. RMON acts as an agent for SNMP and responds to all polls from the console. RMON has become a very popular standard because it allows vendors and administrators to choose and configure RMON groups to meet their own network needs. For RMON to work, network devices, such as hubs and switches, must be designed to support it.

*Groups Monitoring Elements
RMON has nine groups of monitoring elements: Statistics, History, Host, HostTopN, Matrix, Event, Alarm, Filter, and Packet Capture. Each of these groups is optional, but some groups require information from other groups in order to function properly.

*Statistics and History
The Statistics group gathers statistical data for each device. Examples of statistical data gathered by the Statistics group include information on utilization, packets, CRC errors, collisions, and jabbers.
The History group collects periodic statistical samples. The frequency of sampling and the type of information sampled is set by the network administrator.

*Host, HostTopN, and Matrix Groups
The Host group identifies hosts on the network and collects host information, such as host addresses, the time each host was discovered on the network, and errors.
The HostTopN group ranks hosts according to a statistic type set by the administrator and collects statistics on those hosts. The Host group must be set up in order to use the HostTopN group.
The Matrix group records statistics for data interchange between hosts that have different addresses.

*Event and Alarm
The Event group allows generation of an SNMP trap, a log entry, or both, for any event set by the network administrator. An event occurs when a pre-defined condition is met or threshold values exceeded.
The Alarm group allows the administrator to set threshold values for events in the Event group. When an Event group event value exceeds this threshold, an alarm is generated.

*Filter and Packet Capture Groups
The Filter and Packet Capture groups work together to capture packets. The Filter group establishes parameters for packet capture and sets the channel, which is a path for data flow, for the captured packets.
The Packet Capture group captures the packets that satisfy the parameters of the Filter group.

*Benefit of RMON
The major benefit of RMON is that it extends the functionality of SNMP. The major drawback is that different vendors add proprietary extensions to their products to add even more functionality, which can lead to incompatibility problems between RMON implementations of different vendors.

Question 24


* Exercise 1
Try using your browser to find more information on Network Management Systems, SNMP, and RMON on the World Wide Web.

Examine the following table
Step Action
1 Use your browser to navigate to your favorite search engine (Yahoo!, LookSmart, Excite, etc.)
2 Perform searches on network management systems, SNMP, and RMON.
3 Follow the links to find out more about these topics.


Topic 3.4: Unit 3 Summary

In this unit you learned about the NMS. You saw the components of an NMS and how those components operate together. You also discovered how SNMP and RMON are used by the NMS to manage the network.
In the next unit of this course, you will be introduced to Cisco's FastHub 300 family of Class II repeaters.

Unit 4. Cisco FastHub 300



In this unit, you will be introduced to the Cisco FastHub 300 family of products. You will see the differences between FastHub 300 models. You will also learn about FastHub 300 management capabilities and expansion modules available for the series.

After completing this unit, you should be able to:
  • Identify characteristics of the Cisco FastHub 300 series

  • Interpret the LED displays of the Cisco FastHub 300 series

  • Recognize the differences between Cisco FastHub 316C and 316T

  • List the properties of the Cisco FastHub 300 series expansion modules


This unit does not address any specific Cisco objectives. However, it does provide background information that is essential for the CCNA exam.
In the course index, questions about background information are indicated with the abbreviation BCK and a short description of the question subject matter.

Topic 4.1: FastHub 300 Overview

*Cisco FastHub 300 Series
The Cisco FastHub 300 series is a family of 100Base-T Class II repeaters that are used as manageable hubs. This series is manageable and stackable. This is in contrast to the earlier standalone FastHub 100 models, such as FastHub 104T, FastHub 108T, and FastHub 112F, which are neither manageable nor stackable.

*Repeaters
Repeaters work on the Physical layer of the OSI model by regenerating or amplifying signals to overcome attenuation. Hubs also work on the Physical layer and are central connection points for network devices. Manageable hubs enable an administrator to monitor the traffic passing through the hub and to configure each port in the hub.

*Stackable Hubs
Stackable hubs allow a network administrator to group up to four hubs together to act as one unit. In a Fast Ethernet environment, only two Class II repeaters may be used. However, since up to four FastHubs can be stacked to act as one unit, a Fast Ethernet can have two stacks of four FastHubs, for a total of eight FastHubs.

*Connecting Stacks
Hubs in the FastHub 300 series include 16 ports on each unit. Using two stacks of four FastHubs allows (2 × 4 × 16) or 128 ports. The number 2 is subtracted from this number because one port from each stack is required to connect the two stacks. This leaves 126 open ports, which means the local domain can support up to 126 nodes.

*FastHub Models
The two base models of the FastHub 300 series are the FastHub 316T, which has 16 100Base-TX ports, and the FastHub 316C, which has 15 100Base-TX ports and one 100Base-FX port for a fiber optic connection.

*FastHub 316T
The FastHub 316T also has a port labeled 16X, which is internally crossed. If this port is connected to another port labeled with an X, then a crossover cable is needed. Either the port labeled 16 or the port labeled 16X may be used, but not both. If both ports are connected to network devices, then both ports will be disabled.

Question 25

Question 26

Question 27

Topic 4.2: FastHub 300 Operation

*Monitoring FastHub Operation
The FastHub 300 series operates at bandwidths up to 100 Mbps. There are a variety of LEDs on each unit, which are used to monitor FastHub operation. There are four unit LEDs to monitor system status, collisions, activity, and redundant power. There is also an LED for each port, and these LEDs can be operated in different modes to reflect various port statistics.

Topic 4.2.1: Unit LEDs

*System Status LED
The System Status LED shows whether the unit is powered and operational and also gives an indication if there is a problem in the main board. This LED will be off if the system is powered off, solid green if the system is powered, operational, and without problems, and solid amber if the system is powered but not operational, indicating that the main system board should be checked.

*Group Collision LED
The Group Collision LED shows the collision frequency for all ports in the unit, including ports in expansion modules and other units in the stack. This LED will be off if no collisions are occurring, flashing amber if collisions are occurring, and solid amber if there are lots of collisions occurring.

*Group Activity LED
The Group Activity LED shows network activity for all ports. This LED will be off if there is no network activity, and flashing green if there is network activity.

*Redundant Power Supply LED
The Redundant Power Supply (RPS) LED shows the status of the redundant power supply. This LED will be off if the RPS is off or not available, solid green if the RPS is operational, flashing green if the RPS and the FastHub are both on (indicating a problem), and solid amber if the RPS is not operational.

Note: Either the RPS or the FastHub may be used for power, but not both.


Topic 4.2.2: Port LEDs

*Modes
The port LEDs operate in three modes: STAT (port status), UTL (bandwidth utilization), and ID (unit ID). The current mode is indicated on the Port LED Mode and the current mode may be changed by pressing the Mode Button. The default mode is STAT. If the current mode is changed by the Mode Button, the mode will revert to STAT after 30 seconds.

*STAT Mode
In the STAT mode, port LEDs indicate the status of each port. The LED will be off if the port has no link, green if the port is operational but not active, flashing green if the port is operational and active, alternating amber and green if a FastHub reset is in progress, rapidly alternating amber and green if there is a faulty link, and solid amber if the port is disabled.

*UTL Mode
In UTL mode, port LEDs flash green to indicate bandwidth utilization from left to right in increments of 6.25 Mbps. For example, if only Port 1 is flashing green, network activity is less than or equal to 6.25 Mbps, while if all ports up to Port 9 are flashing green, network activity is between 50 and 56.25 Mbps. There is also one solid green LED which indicates the peak level of bandwidth utilization since the last reset.

*ID Mode
In ID mode, the green port LED indicates the ID number of each unit within the stack. For instance, the unit with a green LED at Port 1 has an ID of 1, the unit with a green LED at Port 2 has an ID of 2, etc. All other port LEDs will be off.

Question 28

Topic 4.3: FastHub 300 Expansion Modules

*Expansion Modules
There are three expansion modules available for the FastHub 300 series. These are the Port Expansion Module, the Network Management Module (NMM), and the Bridge Management Module (BMM). All of these modules are hot-swappable, which means that they can be added without powering down the network.

Topic 4.3.1: Port Expansion Module

*Port Expansion Module
The Port Expansion Module contains 16 100Base-TX ports. This module contains port LEDs which operate just like the port LEDs in the base unit, and which are managed by the Mode Button of the base unit.

*Creating a Workgroup
The addition of 16 ports on each FastHub 300 in a stack of four FastHubs creates a total of 128 ports. If this stack is connected to a similar stack, it creates a workgroup of up to 254 nodes.

Topic 4.3.2: Network Management Module

*Network Management Module
The Network Management Module (NMM) can be placed in the bottom right corner of a FastHub 300. This module provides three levels of management: Port, Unit, and Hub Stack. Port allows ports to be enabled or disabled and shows port statistics, Unit allows examination of any unit in a stack, and Hub Stack allows monitoring of total traffic.

*Using a FastHub Stack
An NMM may be used in a single FastHub or in a FastHub stack. In a FastHub stack, only one NMM is needed to manage the entire stack. However, it is generally a good idea to have a secondary NMM to provide a backup for the primary NMM.

*The NMM Module
The NMM module contains a reset button and a Status LED. The reset button is used to reset the hub (or stack). The Status LED indicates the status of the NMM. This LED will be off if there is no power or the NMM is not seated properly, flashing green if a power-on self-test is in progress, solid green if the NMM is the primary NMM and operational, solid amber if the NMM is the secondary NMM and operational, and flashing amber if the power-on self-test failed.

*Accessing the NMM
The NMM can be accessed through the console port. This port is a EIA/TIA-232 port that can connect to a either a modem or a terminal. The default EIA/TIA-232 only works with XMODEM, but this protocol may be changed with a firmware upgrade. Up to seven Telnet sessions are supported on the console port.

*RMON Agents
The NMM allows SNMP and terminal-based out-of-band management as well as RMON functionality. The FastHub 300 series supports four RMON agents: Statistics, History, Alarms, and Events.

Question 29

Question 30

Topic 4.3.3: Bridge Management Module

*Bridge Management Module
The BMM has all the functionality of the NMM, but also acts as a bridge to another network domain. A BMM has a Console Port for management and two external network ports. One of these external ports is a 10Base-T port, and the other can be either a 100Base-TX or 100Base-FX port.

*Module Operating Status
The BMM has three LEDs labeled MOD, A, and B. The MOD LED shows the module operating status. This LED is off when the BMM power is off, solid green when running the power-on self-test, solid amber when in standby mode, and flashing amber if the power-on self-test failed.

*Port Operating Status
The LEDs labeled A and B show the port operating status of the 10Base-T and 100-BaseT ports, respectively. These LEDs will be off if the link is not operational, green if the link is operational but not active, flashing green if the link is operational and active, alternating green and amber if the port receives packets with errors, and solid amber if the port is disabled or the connected node is malfunctioning.

*Combining Modules
BMMs may be used in conjunction with NMMs. If BMMs and NMMs are used together, BMMs will be designated as the primary manager unless configured otherwise.
If two BMMs are used in the same stack, the default manager is the BMM on the unit with a lower ID.

Question 31

Question 32


* Exercise 1
Try to find more information about the Cisco FastHub 300 series on the World Wide Web.

Examine the following table
Step Action
1 Use your browser to navigate to the Cisco product catalog.
2 Conduct a search on "FastHub 300."
3 Follow the resulting links to find more information on FastHub 300.


Topic 4.4: Unit 4 Summary

In this unit, you learned about the Cisco FastHub 300 family of products. You saw the differences between FastHub models 316T and 316C. You were also introduced to FastHub 300 expansion and management modules such as the 16-port module, the NMM, and the BMM.
In this course, you were introduced to many concepts important in network management. You became familiar with congestion, segmentation, and the NMS.
Posted by at 12:57 PM
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)