NTP:
- NTP server: (global) ntp master 7 ß stratum 7
- NTP symmetric active mode: router/switch mutually synchronizes with another NTP host, configured with ntp peer command. (global) ntp peer 10.1.1.1
- NTP broadcast client: Listens to NTP broadcasts on the Ethernet. (int) ntp broadcast client
- NTP client: configures, “ntp server 10.1.1.1”
- Authentication on NTP:
- ntp authentication-key 1 md5 <name>
- ntp authenticate
- ntp trusted-key 1
- under interface configure “ntp broadcast” (broadcast the time)
- show ntp associations
SNMP
- SNMPv1: simple authentication with communities, used MIB-I
- SNMPv2: removed requirement for communities, added GetBulk and inform messages, MIB-II
- SNMPv2c: only difference, allowed SNMPv1 style communities with SNMPv2
- SNMPv3: better security, backward compatibility to communities.
- communities: read-only, read-write, trap.
- Inform requests are acknowledged with an SNMP response packet.
- Messages:
- Response: responds to information in Get and Set requests.
- Inform: A message used b/w SNMP managers to allow MIB data to be exchanged about agents they both manage.
- MIBS:
- RMON is outside MIB-II
- SNMPv3 adds authentication and encryption. MD5 and SHA creates a message digest for each protocol message (authentication) and DES to encrypt messages providing encryption (privacy).
- SNMP embedded event manager
- automatic recovery actions are performed without need to fully reboot the routing device
- allows event management capability directly inside the Cisco IOS devices.
- action snmp-trap enables the traps event-manager command, also requires snmp-server configuration.
- two types of EEM policy: applets and script
- E.g: event manager applet IOSWD_Sample1
- event ioswdsysmon sub1 cpu-proc taskname “task 1” op ge val 25 period 10 (triggers an applet when avg cpu usage is greater than or equat to 25% for 10 seconds. )
- action 1.0 syslog msg “IOSWD_Sample1 Policy Triggered” (generates syslog notification)
0 comments:
Post a Comment