Network Protocols Test
Applications in today's enterprise networks require different levels of service based upon business requirements. The network can provide a variety of services to help ensure that your mission-critical applications receive the bandwidth they need to deliver the desired performance levels. The difficulty is that today's Internet-based and client-server applications make it difficult for the network to identify and provide the proper level of control you need. NBAR solves this problem by adding intelligent network classification to your infrastructure.
NBAR, an important component of the Cisco Content Networking architecture, is a new classification engine in Cisco IOS Software that can recognize a wide variety of applications, including Web-based applications and client/server applications that dynamically assign TCP or User Datagram Protocol (UDP) port numbers. After the application is recognized, the network can invoke specific services for that particular application. NBAR currently works with quality-of-service (QoS) features to help ensure that the network bandwidth is best used to fulfill your business objectives.
When run on an NBAR-supported Cisco router, this test periodically polls the NBAR MIB to auto-discover the interfaces for which NBAR is enabled, and reports the following for each discovered interface:
- The network protocols handled by that interface;
- The traffic generated for every protocol;
- The bandwidth utilized per protocol.
This way, the test not only reveals busy, bandwidth-intensive interfaces, but also turns the spotlight on specific protocols on those interfaces that are causing excessive bandwidth consumption. Moreover, with the help of these protocol-level usage metrics, administrators can assess how various interfaces and protocols use the network resources, and accordingly fine-tune network policies.
Configuring the eG Agent to use NBAR
The first step to running this test is to enable NBAR on each interface for which you want to collect NBAR statistics.
To enable NBAR, do the following:
The following is a set of commands issued on a router to enable NBAR on the FastEthernet 0/1 interface.
router#enable
Password:*****
router#configure terminal
router-2621(config)#ip cef
router-2621(config)#interface FastEthernet 0/1
router-2621(config-if)#ip nbar protocol-discovery
router-2621(config-if)#exit
router-2621(config)#exit
router-2621(config)#show ip nbar protocol-discovery
Please note that the part in red has to be repeated for each interface individually.
Target of the test : A Cisco device
Agent deploying the test : An external agent
Outputs of the test : One set of results for every protocol handled by every network interface being monitored .
Parameter | Description |
Test period |
How often should the test be executed |
Host |
The host for which the test is to be configured. |
SNMPPort |
The port at which the monitored target exposes its SNMP MIB; the default is 161. |
SNMPversion |
By default, the eG agent supports SNMP version 1. Accordingly, the default selection in the snmpversion list is v1. However, if a different SNMP framework is in use in your environment, say SNMP v2 or v3, then select the corresponding option from this list. |
SNMPCommunity |
The SNMP community name that the test uses to communicate with the firewall. This parameter is specific to SNMP v1 and v2 only. Therefore, if the SNMPVersion chosen is v3, then this parameter will not appear. |
Username |
This parameter appears only when v3 is selected as the snmpversion. SNMP version 3 (SNMPv3) is an extensible SNMP Framework which supplements the SNMPv2 Framework, by additionally supporting message security, access control, and remote SNMP configuration capabilities. To extract performance statistics from the MIB using the highly secure SNMP v3 protocol, the eG agent has to be configured with the required access privileges – in other words, the eG agent should connect to the MIB using the credentials of a user with access permissions to be MIB. Therefore, specify the name of such a user against the Username parameter. |
Context |
This parameter appears only when v3 is selected as the SNMPVersion. An SNMP context is a collection of management information accessible by an SNMP entity. An item of management information may exist in more than one context and an SNMP entity potentially has access to many contexts. A context is identified by the SNMPEngineID value of the entity hosting the management information (also called a contextEngineID) and a context name that identifies the specific context (also called a contextName). If the username provided is associated with a context name, then the eG agent will be able to poll the MIB and collect metrics only if it is configured with the context name as well. In such cases therefore, specify the context name of the username in the context text box. By default, this parameter is set to none. |
Authpass |
Specify the password that corresponds to the above-mentioned Username. This parameter once again appears only if the SNMPversion selected is v3. |
Confirm password |
Confirm the Authpass by retyping it here. |
Authtype |
This parameter too appears only if v3 is selected as the SNMPversion. From the AuthType list box, choose the authentication algorithm using which SNMP v3 converts the specified username and password into a 32-bit format to ensure security of SNMP transactions. You can choose between the following options:
|
Encryptflag |
This flag appears only when v3 is selected as the SNMPversion. By default, the eG agent does not encrypt SNMP requests. Accordingly, the this flag is set to No by default. To ensure that SNMP requests sent by the eG agent are encrypted, select the Yes option. |
Encrypttype |
If the EncryptFlag is set to Yes, then you will have to mention the encryption type by selecting an option from the EncryptType list. SNMP v3 supports the following encryption types:
|
Encryptpassword |
Specify the encryption password here. |
Confirm Password |
Confirm the encryption password by retyping it here. |
Timeout |
Specify the duration (in seconds) within which the SNMP query executed by this test should time out in this text box. The default is 10 seconds. |
Data Over TCP |
By default, in an IT environment, all data transmission occurs over UDP. Some environments however, may be specifically configured to offload a fraction of the data traffic – for instance, certain types of data traffic or traffic pertaining to specific components – to other protocols like TCP, so as to prevent UDP overloads. In such environments, you can instruct the eG agent to conduct the SNMP data traffic related to the monitored target over TCP (and not UDP). For this, set this flag to Yes. By default, this flag is set to No. |
EngineID |
This parameter appears only when v3 is selected as the SNMPVersion. Sometimes, the test may not report metrics when AES192 or AES256 is chosen as the Encryption type. To ensure that the test report metrics consistently, administrators need to set this flag to Yes. By default, this parameter is set to No. |
Active Protocols Only |
By default, this flag is set to No, indicating that, by default, this test reports metrics for all protocols handled by an interface. To ensure that the test monitors only those protocols that are currently active, set this flag to Yes. |
Ignore Interfaces |
Specify a comma-separated list of interfaces to be excluded from monitoring. By default, the test monitors all interfaces for which NBAR is enabled. Accordingly, this parameter is set to none by default. |
Show Protocols |
By default, the test monitors all protocols handled by an interface. This is why, the Show Protocols parameter is set to all by default. To make sure that the test monitors only specific protocols per interface, provide a comma-separated list of protocols here. |
Min Bandwidth Percent |
By default, the value 1 is displayed here. This indicates that, by default, the test will consider only those protocols that are using 1% or more of current traffic. You can increase or decrease this value based on your monitoring needs. If you set this value to 0, then all protocols will be monitored. |
Measurement | Description | Measurement Unit | Interpretation |
---|---|---|---|
Data received |
Indicates the total data received through this interface using this protocol. |
Mbps |
|
Data transmitted |
Indicates the total data transmitted by this interface using this protocol. |
Mbps |
|
Total traffic |
Indicates the total traffic - both incoming and outgoing - handled by this interface for this protocol. |
Mbps |
|
Portion of current traffic for this protocol |
Indicates the percentage of total traffic through this interface that pertains to this protocol. |
Percent |
Compare the value of this measure across protocols to identify the protocol for which there is heavy traffic through this interface. |
Total bandwidth of this interface |
Indicates the total bandwidth of this interface. |
Mbps |
Compare the value of this measure across interfaces to isolate the top consumers of bandwidth usage. |
Percentage of bandwidth for this protocol |
Indicates the percentage of total bandwidth that is utilized by this protocol. |
Percent |
By comparing the value of this measure across protocols, you can easily identify which protocol is bandwidth-intensive. |
Packets received |
Indicates the rate at which packets were received through this interface for this protocol. |
Pkts/sec |
|
Packets sent |
Indicates the rate at which packets were transmitted through this interface for this protocol. |
Pkts/sec |
|
Total packets |
Indicates the rate of packet transmission and reception for this protocol. |
Pkts/sec |
|
Percentage of packet traffic for this protocol |
Indicates the percentage of total packet traffic that pertains to this protocol. |
Percent |
Compare the value of this measure across protocols to identify which protocol is experiencing high packet traffic. |
Inbound rate |
Indicates the inbound bit rate as determined by Protocol Discovery. |
Bits |
|
Outbound rate |
Indicates the outbound bit rate as determined by Protocol Discovery. |
Bits |
|