The Journey of a Network Engineer


August 15, 2011  3:52 AM

How to Configure Citrix NetScaler for Hosted Microsoft Exchange 2010? Part-2



Posted by: Sulaiman Syed
2010, CAS, Citrix, Configure, hosted, how, HUB, Load Balancer, microsoft, NetScaler, OA, OWA, SSL Offload

In part 1 I showed the general architecture of hosted Microsoft Exchange 2010. I mentioned the ports and virtual ports that will be used for the load balancing. In this Entry, I would show what features are needed for Load Balancing, How to import security certificate, and the re-writing policy.

Before starting the configuration on Citrix NetScaler, please make sure that all the features required are enabled. Features are: SSL offloading, compression, write, load balance. The figure shows where and how to enable it.
Feature Sets

as mentioned earlier, we would be SSL offloading from the server, this means that Security Certificate should be installed on the Load Balancer. The certificate has to be mapped to all the names, and ports that we will be load balancing. In our case, we have mapped ports 80,443, pop3, IMAP4, and SMTP with a single certificate.

To import the certificate please do the following: First, we need to import the PKCS#12 into the load balancer.

SSL Menu

Importing Certificate

Next step is installing the imported certificate. Go to the SSL>Certificates>add. as shown below.

SSL certificate menu

Create a name for the Certificate-Key Pair name that you can refer using them certificate with load balancing. The Certificate file Name will be the same file name created in the above step when importing the certificate.

Installing certificate

Once installation is done. the next step is to create the re-write policies. This is required because Load Balancer will be re-writing the actual traffic and sending the new traffic to the CAS. Go to Rewrite and create the action first as shown in the images below.
Photobucket

add re-write actoin

This will create the action, next create the policy that this action will be used in. follow the images shown below.
rewrite-policy Menu
adding rewrite-policy

Our initial /prerequisite setup is done. What would follow is the actual Load Balance configuration in the next Entry.

August 13, 2011  5:21 AM

How to Configure Citrix NetScaler for Hosted Microsoft Exchange 2010? Part-1



Posted by: Sulaiman Syed
2010, CAS, Citrix, Configure, hosted, how, HUB, Load Balancer, microsoft, NetScaler, OA, OWA, SSL Offload

The organization has decided to migrate into the new Hosted Microsoft Exchange 2010.  The current setup consists of 3 Costumer Access Servers (CAS), 3 Hub Transport Server, 2 Mail Box Database Server per group. The organization has two main groups, making the total Mail Box Database servers to be 4. You should know that the end users will be accessing the CAS only, it is the point of contact. CAS then will be talking with mail box servers, active directly, etc,. Since we have 3 servers, and the organization have around 15000 users, a hardware load balancer is a must. We choose Citrix NetScaler. NetScaler is a very robust load balancer, we are very comfortable using it and it never failed us to day.

Hosted Microsoft Exchange 2010

The image above shows a logical diagram of what the servers look like. Yes, i did put a Cisco icon since i didn’t have Citrix NetScaler isometric Vision Stencils. When Retrieving emails The end user will access the CAS. CAS then retrieve the emails from the Mail Box Database. When sending emails, the end user access the CAS, CAS then forwards the email to Mail Box Database (sent items) and to HUB to be routed. When E-mails are coming from outside the organization (public domains) they would go throw the Anti-Spam, then HUB and lastly to Mail Box Database.

Before we Begin Configuring the load balancer, it is necessary to understand which traffic to expect. CAS will usually be expecting the following application traffic,  Outlook Web App (OWA), Active Sync, POP3, IMAP4, RPC Client Acces, Outlook Anywhere (OA). The load balancer will offload the ssl traffic from CAS, thus enabling CAS to provide its resources for serving the costumer.

VIP Port     Server Port    Protocol

OWA:    443           80                HTTPS

AC:       443           80                HTTPS

POP3:    995          110               TCP

IMAP4:  993          143               TCP

RPC:      Any          Any               TCP

OA:       443          80                 HTTPS

While the required ports for HUB operation is mentioned below.

VIP Port     Server Port    Protocol

SMTP:      25           80                   TCP

Return:     443        80                   TCP

Retrun-http: 80     80                    TCP

In the next entry, i would discuss some issues that need to be taken care of before configuring the NetScaler to load balance both CAS and HUB Traffic.


August 7, 2011  4:37 AM

Going toward ISO20000 and ITSM tool



Posted by: Sulaiman Syed
ISO20000, ITIL, ITSM, Service

This post will be different from my usual writings. mainly cause the focus is different. I would be posting more regarding this as the IT department go forward ever further. The organizational to improve the quality decided to apply the ITIL practices.

So, they started by picking up the software tool to help them toward ISO20000. They really did miss the fact that first; they need to change the mind set of employees, or bring the culture being service oriented. Anyways, going to the tool. They shortlisted few Tools, it was up to the committee to decide which tool to pick. I was part of that committee.

What we did, we went to the ITIL endorsement page, there we started to eliminate non-qualifying software. The direction is to pick a Gold Level tool. Then, we went to the Pink Elephant page (They are the official ITIL software evaluators). Again we eliminated some tools.

Afterwards, we started evaluating according to our Request For Proposal (RFP). Let me put the points briefly here.

ITILv3 Ready*
Incident Management
Incident Reporting using IVR, Voicemail, E-mail, Web)
Problem Escalation
Problem Management
Change Management
Assest Magement
Performance Reporting
Monitor Network devices. (Cisco, HP,etc)
Monitor Applications. (Weblogic, WebSphare, .NET, Oracle)
Monitor Databases. (Oracle, MySQL, MS SQL2000, MS SQL2005, MS SQL2008)
Business Application (Oracle E-Business Suite)
Monitor Web servers, services, and websites. ( Apache, IIS, URLs)
Monitor Servers. (Windows 2000, Windows 2003, Windows 2008, Linux, Unix, Vmware)
Monitor Mail servers. (MS Exchange)
Training
5000 PCs for Assest Management
900 Network Devices
20 Network Interfaces for traffic Analysis
170 Servers (real and virtual)
30 Applications
10 Applicationg services
5 Business Applications. (ERP, Student Systems, etc)
50 IT techinicians, 2 Admins and help desk
10 Operators (read only)
Vendor  comptetance
Solution Integrability
Scalability
Workflow building ease
Service desk capability
References in Higher Education
Annual Maintenance Cost

Keep in mind, that in the case more than one solution meets the requirement, the deciding factor becomes the Cost, and the Annual Maintenance Cost.


August 3, 2011  7:09 AM

How to add Static entries to MAC and ARP table in Cisco Switch



Posted by: Sulaiman Syed
ARP, arp table, CAS, Cisco, HTS, mac-address table, microsoft, NLB, static, VMware


NLB
With the introduction of Exchange project, and the new e-mail system, there was a need to load balance Client Access Servers (CAS), and Hub Transport Servers (HTS) to serve the KFUPM community. The Load Balancer is done in software using the Microsoft NLB service.

The design requires the CAS and HTS to be load balanced, currently there are three (3) of each. The servers need to communicate with other vlan 140 servers for various reasons such as replications, authentications, etc.

The Consultant used NLB with Multicast-IGMP. This mode has its own disadvantages. It actually Map Unicast IP address to a Multicast Mac address within the ports. Microsoft TechNet has the NLB details. With this method, there is some work that needed to be done by the network engineers. Since the Servers were virtual, the required changes were not following the standard norms that can be applied for the physical servers.  Referring to VMware Knowledge Base will highlight the changes required in Cisco Switches.

1- Change in ARP table associated the IP to the MAC address.

This was done in both distributions switched.

Conf t

arp 10.140.8.74 0100.5e7f.084a ARPA

arp 10.140.8.75 0100.5e7f.084b ARPA

2- Change in the MAC address table to associate the MAC with the interfaces

Access switch 1 (all ports connected to ESX host directly)

Conf t

mac address-table static xxxx.xxxx.xxxx vlan xx interface GigabitEthernet0/16  GigabitEthernet0/10 GigabitEthernet0/9 GigabitEthernet0/8 GigabitEthernet0/7

GigabitEthernet0/6 GigabitEthernet0/5

Distribution Switch (all ports that connected to switches connected to ESX hosts)

Conf t

mac-address-table static xxxx.xxxx.xxxx vlan xx interface interface Port-channel5 GigabitEthernet1/0/4 GigabitEthernet1/0/3 GigabitEthernet1/0/7

Distribution Switch

Conf t

mac-address-table static xxxx.xxxx.xxxx vlan xx interface interface GigabitEthernet1/0/24 GigabitEthernet1/0/23 GigabitEthernet1/0/4 GigabitEthernet1/0/3 GigabitEthernet1/0/7

Access Switch (All ports going to distributions switch, since no ESX is present)

Conf t

mac-address-table static xxxx.xxxx.xxxx vlan xx interface GigabitEthernet1/0/23 GigabitEthernet1/0/24

As a conclusion, although we have done this work on all switches. This is really not the way. As a recommendation the NLB Design should be changed, since there a lot of manual entries that needed to be worked on the switch. Failures to do so might lead to an outage of service.


August 2, 2011  3:53 AM

Review – SolarWinds Engineer’s Toolset



Posted by: Sulaiman Syed
advance subnet, Calculator, chart, Cisco, config, configviewer, decryption, DNS, dns analyzer, dns resolver, Engineer, gauge, interface, manage, monitor, neighbor map, netflow, Network Discovery, part1, part2, password, ping, port mapper, Review, route viewer, Solarwinds, Studio, subnet, subnetting, Sweep, Syslog, TFTP, Toolset, traceroute

Photobucket
SolarWinds are renowned for their Network performance monitoring tools, they have extended from just network to a whole data center monitoring tool. Their products range from applications, servers, network, storage, and Virtualization monitor and management tools.

One of their good tools that I recommend any network engineer to use is the SolarWinds Engineer’s Toolset. I have used it for a while now, and it made my life easier with some various tasks. It shows its strength when i need to troubleshoot something in the network, or I just want to monitor some certain part of the network with zoomed glasses.

If you are considering to buy this product, and want a a look and feel of what it can do. I have made few entries for them.

  1. Review – SolarWinds Engineer’s Toolset – part 1
  2. Review – SolarWinds Engineer’s Toolset – part 2
  3. Review – SolarWinds Engineer’s Toolset – part 3
Please, feel free to drop me any questions about the product, or what it can do. I would check it out, and get back with an answer.


July 20, 2011  8:20 AM

Introducing Cisco Catalyst 6500 Series Supervisor Engine 2T



Posted by: Sulaiman Syed
6500, Catalyst, Cisco, Engine, MSFC5, multilayer, PFC4, router, S2T, SUP720, Supervisor, switch

Cisco very recently introduced the new SUP engine for the much trusted Catalyst 6500, the Supervisor Engine 2T (S2T). It is much welcomed sup line to already strong and dominant SUP720. You would expect that the new SUP should be better. That is how technology goes forward. I think the most important feature is the increase of the backplane capacity by double. That is 80Gbps.

The S2T gets its name from the fact that the It has 26 Fabric Channels boosting 80Gbps. So 80Gx26 = 2.08Tera. That is why it is called S(up)2T(era) The S2T has 26 Fabric Channel. Each Fabric channel is unidirectional with speed of 80Gbps. Thus, it can support 13 line cards with two Fabric Channels for bidirectional data transfer. 13 line cards? welcome the biggest Catalyst 6500 Chassis 6513-E

The main components of S2T are: Policy Feature Card 4 (PFC4), and Multilayer Switch Feature Card 5 (MSFC5). Lets have a look at what Cisco has to say about them.

Policy Feature Card 4

Supervisor Engine 2T features the integrated Policy Feature Card 4 (PFC4), which improves performance and scalability and provides new and enhanced hardware features. The PFC4 is equipped with a high-performance ASIC complex that enables hardware acceleration for existing and new software features. The PFC4 supports Layer 2 and Layer 3 forwarding, QoS, Netflow and Access Control List (ACLs) and multicast packet replication and processes security policies such as access control lists (ACLs) operations all simultaneously enabled with no performance impact. The PFC4 supports all of these operations for both IPv4 and IPv6. PFC4 also provides enhanced performance and scalability and supports many new innovations such as native VPLS, flexible NetFlow, egress NetFlow, Cisco TrustSec, distributed policers, control plane policing, and comprehensive IPv6 features.

Multilayer Switch Feature Card 5

Supervisor Engine 2T features the Multilayer Switch Feature Card 5 (MSFC5), providing high-performance, multilayer switching and routing intelligence. Equipped with a high-performance processor, the MSFC5 runs both Layer 2 protocols and Layer 3 protocols on the dual-core CPU complex. These include routing protocol support, Layer 2 protocols (for example, Spanning Tree Protocol and VLAN Trunking Protocol), and security services. The MSFC5 builds the Cisco Express Forwarding information base (FIB) table in software and then downloads this table to the hardware application-specific-integrated circuits (ASICs) on the PFC4 and Distributed Forwarding Card 4 (DFC4), if present on a module, which make the forwarding decisions for IP unicast and multicast traffic.

The main Features are:

• Platform scalability: Delivering up to 80 Gbps per slot of switching capacity on E-Series chassis; 2-Terabit aggregate bandwidth capacity using the 6513-E chassis, scaling to 4-Terabit capacity with VSS. Support for up to 1056 ports of 1Gbps and 352 ports of 10Gbps systems deployed with VSS. Providing 1Gbps/10Gbps and 40Gbps interface support to address future customer bandwidth growth requirements.

• Security: Support for Cisco TrustSec, CTS, providing MacSec encryption and Role-Based ACL. Providing control plane policing to address denial of service attacks.

• Virtualization: Native support for VPLS, as well as enhancements such as VPN-aware NAT, VPN statistics, and VPN netflow as important features needed for deployment of network virtualization.

• Netflow application monitoring: Supervisor Engine 2T supports enhanced application monitoring such as Flexible and Sampled Netflow for intelligent and scalable application monitoring.

It is a nice welcome for the Catalyst 6500. S2T will surely be used in Data Center and at Core layers. The nonblocking 8 ports 10G links would be a real advantage to support the current infrastructure. while, it is yet to be seen how the 40G ports will integrate into the data center.


July 20, 2011  7:13 AM

Cisco Catalyst Sup720 V S2T



Posted by: Sulaiman Syed
6500, capacity, Catalyst, Cisco, core, distribution, Nexus, router, S2T, SUP720, switch, vs

Cisco has recently introduced the S2T. We ran a comparison from the prospective of backplane capacity between the Nexus 7000k and Catalyst 6500 previously. We would like to run another comparison between the latest S2T and SUP720-10G-3C. The Supervisor shown below has 2 X2 10G ports, 3 SFP 1G ports, and one 1G management port, not to mention the console port. Pic courtesy of Cisco.

Photobucket

It would be best made in a table format. so that it can be seen easily without confusing or rechecking the paragraphs. The table was made after going through the data sheets of both SUP720 and S2T.

Scalability

Name

VS-S2T-10G

VS-S2T-10G-XL

VS-S720-10G-3C *

VS-S720-10G-3CXL*

IPv4 routing

In hardware

In hardware

In hardware

In hardware

Up to 720 Mpps**

Up to 720 Mpps**

Up to 450 Mpps**

Up to 450 Mpps**

IPv6 routing

In hardware

In hardware

In hardware

In hardware

Up to 390 Mpps**

Up to 390 Mpps**

Up to 225 Mpps**

Up to 225 Mpps**

L2 bridging

In hardware

In hardware

In hardware

In hardware

Up to 720 Mpps**

Up to 720 Mpps**

Up to 450 Mpps**

Up to 450 Mpps**

MPLS

MPLS in hardware to enable use of Layer 3 VPNs and EoMPLS tunneling. Up to 8192 VRFs with a total of up to 256K* forwarding entries per system.

MPLS in hardware to enable use of Layer 3 VPNs and EoMPLS tunneling. Up to 8192 VRFs with a total of up to 1024K forwarding entries per system.

MPLS in hardware to enable use of layer 3 VPNs and EoMPLS tunneling. Up to 1024 VRFs with a total of up to 256,000 routes per system.

MPLS in hardware to enable use of layer 3 VPNs and EoMPLS tunneling. Up to 1024 VRFs with a total of up to 1,000,000 routes per system.

VLAN

4K

4K

4K

4K

Bridge domains

16k

16k

*

*

VPLS

In hardware (Up to 390 Mpps**)

In hardware (Up to 390 Mpps**)

*

*

GRE

In hardware (Up to 390 Mpps**)

In hardware (Up to 390 Mpps**)

In hardware

In hardware

NAT

Hardware assisted

Hardware assisted

Hardware assisted

Hardware assisted

MAC entries

128k

128k

96,000

96,000

Routes

256K(IPv4)

1024K (IPv4)

256,000 (IPv4);

1,000,000 (IPv4);

128K (IPv6)

512K (IPv6)

128,000 (IPv6)

500,000 (IPv6)

Netflow entries

512K

1024K

128,000

256,000

Multicast routes

128K (IPv4)

128K (IPv4)

*

*

128K (IPv6)

128K (IPv6)

*

*

QoS Features and Scalability

Feature

VS-S2T-10G

VS-S2T-10G-XL

VS-S720-10G-3C*

VS-S720-10G-3CXL*

Layer-3 classification and marking access control entries (ACEs)

64K shared for QOS / Security

256K shared for QOS/Security

32 K dedicated for QoS

32K dedicated for QoS

Aggregate traffic rate-limiting policers

16348

16348

1023

1023

Flow-based rate-limiting method; number of rates

Per source address, destination address, or full flow; 64 rates

Per source address, destination address, or full flow; 64 rates

Per source address, destination address, or full flow; 64 rates

Per source address, destination address, or full flow; 64 rates

Layer 2 rate limiters

20 ingress/6 egress

20 ingress/6 egress

*

*

MAC ACLs featuring per-port/per VLAN granularity

Yes

Yes

Yes

Yes

Distributed policers

Yes

Yes

*

*

Shared uFlow policers

Yes

Yes

*

*

Egress uFlow policers

Yes

Yes

*

*

Packet or byte policers

Yes

Yes

*

*

Per port per VLAN

Yes

Yes

*

*

Security Features and Scalability

Feature

VS-S2T-10G

VS-S2T-10G-XL

VS-S720-10G-3C*

VS-S720-10G-3CXL*

Port security

Yes

Yes

Yes

Yes

IEEE 802.1x and 802.1x extensions

Yes

Yes

Yes

Yes

VLAN and router ACLs and port ACLs

Yes

Yes

Yes

Yes

1:1 mask ratio to ACE values

Yes

Yes

*

*

Security ACL entries

64K shared for QOS / Security

256K shared for QOS/Security

32K

32 K

CPU rate limiters (DoS protection)

57

57

10 special case rate limiters plus Control Plane Policing

10 special case rate limiters plus Control Plane Policing

uRPF check (IPv4/IPv6)

Up to 16

Up to 16

Up to 6 paths

Up to 6 paths

Number of interfaces with unique ACL

16k

16k

512

4000

RPF interfaces

16

16

*

*

Private VLANs

Yes

Yes

Yes

Yes

MAC ACLs on IP

Yes

Yes

No

Yes

Logical interfaces

128k

128k

*

*

EtherChannel hash

8 bits

8 bits

3 bits

3 bits

Cisco TrustSec support (including L2 encryption)

Yes

Yes

No

No

CPU HW rate limiters by PPS or BPS

Yes

Yes

*

*

CoPP for multicast

L2 and L3 support

L2 and L3 support

*

*

CoPP for exceptions (MTU, TTL)

Yes

Yes

*

*

CoPP exceptions Netflow support

Yes

Yes

*

*

ACL labels

16K

16K

*

*

Port ACL

8K

8K

*

*

ACL dry run

Yes

Yes

*

*

Hitless ACL changes

Yes

Yes

*

*

MPLS and Virtualization Features

Feature

VS-S2T-10G

VS-S2T-10G-XL

VS-S720-10G-3C*

VS-S720-10G-3CXL*

VSS

Yes

Yes

Yes

Yes

Label imposition/disposition (MPLS-PE), swapping (MPLS-P)

Yes

Yes

Yes

Yes

Label Distribution Protocol (LDP)

Yes

Yes

Yes

Yes

MPLS VPN

Yes

Yes

Yes

Yes

VRF Lite

Yes

Yes

Yes

Yes

QoS mechanisms using experimental (EXP) bits

Yes

Yes

Yes

Yes

MPLS-RSVP-TE

Yes

Yes

Yes

Yes

MPLS differentiated services (diffserv)-aware traffic engineering (MPLS-DS-TE)

Yes

Yes

Yes

Yes

MPLS traceroute

Yes

Yes

Yes, see release notes for details

Yes, see release notes for details

EoMPLS

Yes

Yes

Yes

Yes

EoMPLS tunnels

16k

16k

*

*

Native VPLS in HW

Yes

Yes

*

*

Native L2 over multipoint GRE

Yes

Yes

*

*

VRF-aware operational contexts

Yes

Yes

*

*

VPN Netflow support

Yes

Yes

*

*

VPN aware NAT

Yes

Yes

*

*

VRF-lite scalability

VLAN reuse per sub-interface

VLAN reuse per sub-interface

*

*

Per VPN interface statistics

Yes

Yes

*

*

* The data sheet did not mention it, further research is required to find out.

** Requires DFC3

As it can be seen from the table above. That when it comes to numbers, then the S2T boost as much as 50% increase in terms of performance above the strongest SUP720, which is SUP720-10G-3CXL.


July 17, 2011  2:37 AM

GRE Tunnel ARP entry never times out! – part 3



Posted by: Sulaiman Syed
ARP, bug, Cisco, clear, CSCsa83049, CSCtf16300, entry, ios, mGRE, TAC, Tunnel, wireless, WLSM

For people who were following on this issue, i would like to post some updates. But before that, you can read what is the problem by going to GRE Tunnel ARP entry never times out! and GRE Tunnel ARP entry never times out! – part 2.

So after various troubleshooting. It was concluded that these log messages were nothing but cosmetic. Meaning although they are showing, they don’t change the behavior of the operation. It was stated that the bug causing this is CSCsa83049.

duplicate ip addr message seen on tunnel due to ARP entry not aged out
A mGRE tunnel on a sup720 may report ARP entries that never age out.
This can happen when a mobile node sends a unicast ARP directed to the
default gateway, a.k.a sup720. These entries are not used by the switch to
make a forwarding decision therefore can be ignored.

Workaround:
Clear the ARP table using the “clear arp” command.

Solution:

A solution to prevent the tunnel from either receiving or learning
the ARP entries is been investigated.

We have thought of using Automated “clear arp” using scripts. but, the issue is. “clear arp” will not work for cause we have bug CSCtf16300.

clear arp-cache is not working correctly
Symptom:
“clear arp-cache” command is not removing the stale entries from arp table.

Condition:
-Use cat6500 on 12.2(18)SXF16 or later.

Workaround:
-Use “clear ip arp x.x.x.x” command.

The solution is to change the IOS. But we do required the (SFX) IOS version to run the WLSM.

Anywho, Cisco said that they are investigating and planning on resolving bug CSCsa83049 By end of July, start of Aug. We shall wait till then.


July 15, 2011  1:13 PM

Review – SolarWinds Engineer’s Toolset – Part3



Posted by: Sulaiman Syed
advance subnet, Calculator, chart, Cisco, config, configviewer, decryption, DNS, dns analyzer, dns resolver, Engineer, gauge, interface, manage, monitor, neighbor map, netflow, Network Discovery, part1, part2, part3, password, ping, port mapper, Review, route viewer, Solarwinds, Studio, subnet, subnetting, Sweep, Syslog, TFTP, Toolset, traceroute

IP Address Management has some interesting tools that can be used in the SolarWinds Engineer’s Toolset. One of the tools that make the life of network engineer easy, (which i think should not have been created!!. let the engineers do use their brains for this) is the advance subnet calculator. As it says, it does many other things. From finding subnets, defining the subnet, and all the expected from IP addressing tool.

Photobucket

Photobucket

Photobucket

DNS analyzer is such interesting tool. it will show how a domain name is being used, which servers, their real names, ip address, etc. For example i used www.kfpum.edu.sa since it is hosted in single site, the analysis was straight simple. But doing a www.Yahoo.com is just over killing it, as shown in the second image below. Just looking at it makes my head starts spinning. Although www.google.com provided much simpler output.

Photobucket

Photobucket

DNS resolver will give you the IP address, and the who’s information you would expect from various websites. So, it is really a good tool to track the traffic, and who is using what. The second tool will take a range of IP addresses, and do the who’s analysis.

Photobucket

Photobucket

Lastly, one of the most important tools, that i’ve been using so often is the ConfigViewer. (once you run it, you can upload, download and find the difference). I’ve been using it to download, and mostly compare. I have used it for upload as well after i finished edited the config file. So, it really is very good tool. Eases the operation of working with configuration files.

Photobucket

Photobucket

Photobucket

As seem above, screenshots. First to download the config file. Second image to view it, write on it. (go find what i wrote!!!) and Lastly, to find the difference.

This was the third part of this series. Hopefully soon i will have more features covered.


July 11, 2011  2:16 AM

Review – SolarWinds Engineer’s Toolset – Part2



Posted by: Sulaiman Syed
Calculator, chart, Cisco, config, decryption, DNS, Engineer, gauge, interface, manage, monitor, neighbor map, netflow, Network Discovery, part1, part2, password, ping, port mapper, Review, route viewer, Solarwinds, Studio, subnet, Sweep, Syslog, TFTP, Toolset, traceroute

Once the Toolset is installed, you would want to run the SolarWinds Workspace Studio. It is the main application window that you use to monitor the devices. It has limited management capabilities since it was not designed for such thing.

The Studio enables to use few features that actually matter, most of the features mentioned in the first entry are stand alone applications. The studio let you monitor CPU, Memory, and Links. It further enables you to see the Routes, port maps, and neighbors.

The CPU and Link utilization can be configured thoroughly with proper alarms to be shown in case of exceeding the limits. The image below shows the CPU and Link utilization example

CPU and Response Time

Link Utilization

Link Utilization

The Utilization can be seen in percentage, Gauge or in Charts. Each has its own use, from very abstract values, to detailed (in the charts) value.

The neighbors View is such a good tool to ease the drawing! I mean, it actually traces the network to the number of wanted hops. I have chosen only 1 hop in the image below. It shows the device, and which devices it is connected to with their IP addresses, and interface information. It really extracts the CDP information, which is very rich.

Neighbor Map

This feature will surely help any new network engineer, or even a consultant to have a look and the feel of the network when troubleshooting or understanding the network.

Route Viewer

The above image shows the Route Viewer feature. The user choose the router, and the tool will find the routing table. What i really wanted to see is the incorporation of both map view and route view. So you can see the traceroute but instead of the normal output, you see it graphically.

Port Mapper

The last feature in this entry is the Port Mapper. This tool will find all the ports, the macs associated with it, and many other information such as: IP, DNS name, Link speed, Link queue, and the other information that you can see in cisco devices when using the command “show interface type num/num ”

This concludes part 2 of the review. Tune in for part 3. Lastly, don’t mind my mspaint skills. i had to hide the IP addresses. :)


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: