13 Smartways To Configure Cisco Device

13SmartWaysToConfigure
YourCiscoIOSDevice
1 2009CiscoSystems,Inc.Allrightsreserved. CiscoPublic BRKNMS-2000
BRKNMS-2000
Housekeeping
Wevalueyourfeedback- don'tforgettocompleteyour
onlinesessionevaluationsaftereachsession&
completetheOverallConferenceEvaluationwhichwill
beavailableonlinefromThursday
VisittheWorldofSolutions
Pleaserememberthisisa'non-smoking'venue!
2009CiscoSystems,Inc.Allrightsreserved. CiscoPublic BRKNMS-2000 2
Pleaserememberthisisa'non-smoking'venue!
Pleaseswitchoffyourmobilephones
Pleasemakeuseoftherecyclingbinsprovided
Pleaseremembertowearyourbadgeatalltimes
Abstract
Haveyoueveraccidentallylockedyourselfoutofaremotedevice?Needtodeployafewhundred
branchroutersacrosstheglobe?
WanttoquicklyapplymaintenanceconfigupdatestoahandfulofdevicesrunningvariousdifferentIOS
releases?
Whatisthemostappropriatemechanismtogetyourtargetconfigintothosenetworkelements?
CiscoIOStodayoffersaplethoraofDeviceManageabilityInstrumentation(DMI)featuresand
CiscoIOStodayoffersaplethoraofDeviceManageabilityInstrumentation(DMI)featuresand
protocolsthatsimplifydeviceconfiguration- bothforhumanbeingsaswellasforsoftwareapplications
andscripts;forlargescaledeploymentsaswellasforsingledevicesandsmallgroups.
ThisBreakoutSessionuncoverssomeofthenot-so-well-knownwaystointeractwithyournetwork
elementsforthepurposeof(re-)configuringthem.
Technologyfundamentalsaswellasthechoiceanduseofappropriatepracticesareillustratedthrough
acombinationofpresentationandbestpracticeexamples.
Thetopicisrelevantfornetworkplannersandadministrators,engineersandsystemintegratorsforboth
enterprisesandserviceproviders.
Welcomeaboard...
Thissessionisnotabout:
AnintroductiontoNMSconcepts
Anin-depthsessionon1singlefeature
EngineeringdetailsoftheIOSparser
NMSapplications
WHAT toconfigureonadevice
WHAT toconfigureonadevice
ThisSessionisabout:
HOW togetconfigurationintoadevice
UsingDeviceManageabilityInstrumentation(DMI)
andEmbeddedAutomations(EASy)
Practicalexamples
Agenda
Introduction
1
2
3
4
5
6
6
7
8
9
10
11
12
13
Summary
Introduction&Overview
ConfigurationinaServiceLifeCycle
config
networkengineer supportstaff
scripts
scriptsandtools applications
IOS
images
*.tcl *.mdf
MOH&IVR
files
xDM
files
devicegroups largescale individualdevices
DemandforDifferentiation
B
u
s
i
n
e
s
s
V
a
l
u
e
R
e
v
e
n
u
e
P
o
t
e
n
t
i
a
l
Compute
Cloud,XaaS,
Computing
Program
EmbeddedAutomation
Systems(EASy)
Customize
DeviceManageability
Instrumentation(DMI)
B
u
s
i
n
e
s
s
V
a
l
u
e
R
e
v
e
n
u
e
P
o
t
e
n
t
i
a
l
Connect
ManagedNetwork
Services
Collaborate
UnifiedComms
Security
BasicSLA
QualityofServiceSLA
TransactionExperienceSLA
Increasein
- Applicationawareness
- Real-timemanagement
- Customrequirements
- Programmability
Configure
BasicInstrumentation
GET/SET
Instrumentation(DMI)
1995 2000 2005 2010 2015
DefinitionofActivities
Deployment
Movephysicalnetworkequipmentinto
itsoperatinglocation
Commissioning
Makenewnetworkequipmentreadyfor
useandreachablebyoperations,NMS
Configuration
Configureanetworkelementdepending
onitsroleandfunctioninthenetwork
Provisioning
Configureportionsofanetworkforthe
purposeofaspecificuserand/orservice
Activation
Enableuserstostartusingaservice
F
o
c
u
s hostnamepe-south
!
enablepasswordc
!
mplsip
!
interfaceLoopbac
ipaddress10.10
FeatureAvailability
MainfocusonwhatisavailableinIOS15.0(1)MonISRplatforms
MostFeatureshavebeenaroundforsometimealready
MoreDetailsinAppendixI
FeatureNavigator:www.cisco.com/go/fn
12.4(4)T 12.4(2)T 12.3(14)T 12.3(4)T 12.3(2)T 12.2(12)T
Cisco7304
Router
Cisco7301
and7200
Routers
Cisco
Catalyst
6500Series
CiscoCatalyst
4500Series
Cisco
3750&
2900
Series
12.2SB 12.2SB/SR 12.2SX/SR 12.2SG 12.2SE T
12.2(1
st
)SB5 12.2(1
st
)SRC 12.2(1
st
)SXH 12.2(12
th
)SG 12.2(6
th)
SE 12.3(2)T
12.2(1
st
)SB5 12.2(1
st
)SRC 12.2(1
st
)SXH 12.2(12
th
)SG 12.2(6
th
)SE 12.3(4)T
12.2(25)S 12.2(31)SB 12.2(1
st
)SXH 12.2(12
th
)SG 12.2(6
th
)SE
12.2(1
st
)SB5 12.2(1
st
)SRC 12.2(1
st
)SXI 12.2(11th)SG 12.2(44)SE 12.3(14)T
12.2(1
st
)SB5 12.2(1
st
)SRC 12.2(1
st
)SXI 12.2(12
th
)SG 12.2(6
th
)SE 12.4(2)T
12.2(1
st
)SB5 12.2(1
st
)SRC 12.2(1
st
)SXI 12.2(12
th
)SG 12.2(6
th
)SE 12.4(4)T
12.2(1
st
)SB5 12.2(1
st
)SRC 12.2(1
st
)SXI 12.2(31)SGA NA NA
12.2(31)SB 12.2(31)SB 12.2(1
st
)SXH 12.2(12
th
)SG 12.2(6
th
)SE
12.2(31)SB 12.2(31)SB HD 12.2(13
th
)SG 12.2(7
th
)SE 12.5(2nd)T
12.4(4)T 12.4(2)T 12.3(14)T 12.3(4)T 12.3(2)T 12.2(12)T
X X X X X X
X X X X X X
X X X X X
X X X X
X X X
CommandLineInterface(CLI)
TheBasics
TheBasics
CommandLineInterface(CLI) Modes
GlobalConfigurationMode
router(config)#
hostname
iproute
interface...
...
LineConfigurationSub-Mode
router(config-line)#
RoutingConfigurationSub-Mode
router(config-router)#
InterfaceConfigurationSub-Mode
router(config-if)#
shutdown
ipaddress
encapsulation...
interface
d
o
.
.
Running
Configuration
PriviledgedEXECMode
router#
show
ping
debug
...
UserEXECMode
router>
show(limited)
ping
enable
...
...
ROMMonitor
rommon#>
DiagnosticBoot(onlyonASR)
router(diag)#
c
o
n
f
t
d
o
.
.
Startup
Configuration
See:www.cisco.com/en/US/docs/ios/preface/usingios.html
enable
ConfigRegister
CommandLineInterface(CLI) Basics1/2
ExecCommandsfromwithinConfigMode (from12.0(21)S,12.2(8)T)
IssueExeccommandswithoutleavingConfigMode
router#conft
router(config)#docopyrunstart
Destinationfilename[startup-config]?
Buildingconfiguration...
[OK]
router(config)#
ASeriesofusabilityfeaturesareavailableinIOS:
router(config)#
CommandAliases (from10.3,12.2(33)SRA)
Pre-definesAliasesareavailableontheCLI
CustomAliasescanbedefinedper(Sub-)Mode
Note:ROMMonitoralsoprovidesanaliascommand
router#showaliases
Execmodealiases:
hhelp
lologout
pping
rresume
sshow
uundebug
unundebug
wwhere
router#conft
Enterconfigurationcommands,oneperline.EndwithCNTL/Z.
router(config)#aliasexecshibshowipinterfacebrief
router(config)#aliasexecshrushowrunning-config
router(config)#aliasexecshrbshowrunning-config|begin
router(config)#aliasconfigurehhostname
Router(config)#aliasinterfacenshnoshutdown
CommandLineInterface(CLI) Basics2/2
InterfaceRangesandMacros (from12.1(5)T,12.1(1)E,IOSXE2.1)
DefineInterfaceRanges/Groups
ApplyConfigtoInterfaceRanges/Groups
router(config)#interfacerangeFastEthernet1- 3
router(config-if-range)#noshut
DefineandUseimmediately
ConsequtiveRange
router(config)#defineinterface-rangemylist FastEthernet2,FastEthernet4- 6
router(config)#interfacerangemacromylist
DefineOnce
Usemultipletimes
ArbitraryGroup
router(config)#interfacerangeFastEthernet5/1.1 FastEthernet5/1.4
router(config-if-range)# encapsulationdot1Q220
Thiswillapply:
VLANID220FastEthernet5/1.1
Workson
Subinterfacesand
VLANRangestoo
from12.2(8)T
WheretostartwithCLI?
FeatureNavigator:
http://www.cisco.com/go/fn
CommandLookupTool: http://tools.cisco.com/Support/CLILookup/
CommandLineInterface(CLI)
MoreAdvanced
MoreAdvanced
Son: Dad, why are there 2 Pilots ?
Dad: One has to prevent the other
from doing stupid things
from doing stupid things
Son: Which one is doing the stupid things ?
Deployment&Activation
IOSConfigurationSafetyFeatures
Contextualconfigurationdiffutility (from12.3(4)T,12.2(25)S)
Easilyshowdifferencesbetweenrunningandstartupconfiguration
CompareanytwoASCIIfiles
Configchangeloggingandnotification (from12.3(4)T,12.2(25)S)
Tracksconfigcommandsenteredperuser,persession
Notificationsentindicatingconfigchangehastakenplacechangescanberetrieved
viaSNMP
viaSNMP
Configurationreplaceandrollback (from12.3(7)T,12.2(25)S)
Replacerunningconfigwithanysavedconfiguration(onlythediffsareapplied)to
returntopreviousstate
Configurationrevert (from12.4(23)T)
AutomaticallyRollbackun-confirmedconfigurations
Configurationlocking (from12.3(14)T,12.2(25)S)
Ensuresexclusiveconfigurationchangeaccess
router#showarchive
Therearecurrently4archiveconfigurationssaved.
Thenextarchivefilewillbenameddisk0:/config-archive-4
Example:UsingConfigRollback
Problem:criticalconfigchangetoaremoteroutermayresultinlossof
connectivity,requiringareload
Solution:replacetherunningconfigurationwiththelatestgood
archiveaftertwominutes unlessthechangemadeisconfirmed
Thenextarchivefilewillbenameddisk0:/config-archive-4
Archive#Name
0
1disk0:/config-archive-1
2disk0:/config-archive-2
3disk0:/config-archive-3 <- MostRecent
router#configreplace disk0:/config-archive-3 time120
:
...yourConfigChangeworkhere...
:
router# noconfigreplace disk0:/config-archive-3
Availablefrom: IOS12.3(7)T,12.2(25)S
router#configterminalreverttime2
RollbackConfirmedChange:Backingupcurrentrunningconfigtoflash:bk-2
Example:UsingConfigRevert
Problem:criticalconfigchangetoaremoteroutermayresultinlossof
connectivity,requiringareload
Solution:reverttherunningconfigurationaftertwominutes unless
thechangemadeisconfirmed
Enterconfigurationcommands,oneperline.EndwithCNTL/Z.
:
...yourConfigChangeworkhere...
:
router#hostnameoops
oops(config)#end
oops#RollbackConfirmedChange:Rollbackwillbegininoneminute.Enter
"configureconfirm"ifyouwishtokeepwhatyou'veconfigured
Availablefrom: IOS12.4(23)T,12.2(33)S
oops#RollbackConfirmedChange:
rollingto:flash:bk-2
Totalnumberofpasses:1
RollbackDone
router#
oops#configconfirm
oops#
or
SimpleScriptingI
IOS.sh
IOS.sh
IOSShell
Problem: SometimesweneedmorethanwhatInterfaceranges,
Macros,AutoSmartPortsandotherCLIfeaturesalreadyoffer.
ButwemaynotwantallthepowerandcomplexityofTclScriptingor
EmbeddedEventManager
Solution: UseIOSShell(IOS.sh)
PhaseIAvailablefrom: IOS12.2(52)SE
IOS.sh#_
IOSShelloffers
EnvironmentVariables MY_VAR=value,%n
PipeandRedirection |
ConditionTesting if[];thenelsefi
Loops
Built-inFunctions showshellfunctions
shellexec<function>
CustomFunctionDefinitions function<name>(){}
IOSShell- Example
Thepre-builtshellfunctionsforAutoSmartPortsareagoodstartingpoint:
switch#showshellfunctions CISCO_AP_AUTO_SMARTPORT
functionCISCO_AP_AUTO_SMARTPORT(){
if[[$LINKUP-eqYES]];then
conft
interface$INTERFACE
macrodescription$TRIGGER
switchporttrunkencapsulationdot1q
switchporttrunkencapsulationdot1q
switchporttrunknativevlan$NATIVE_VLAN
switchporttrunkallowedvlanALL
switchportmodetrunk
switchportnonegotiate
autoqosvoiptrust
mlsqostrustcos
exit
end
fi
if[[$LINKUP-eqNO]];then
:
SimpleScriptingII
TclScriptingandCRON
TclScriptingandCRON
ToolCommandLanguage(TCL)
Languageresourcesfoundat:http://www.tcl.tk/
TCL7.xhasbeeninCiscoIOSsince1994
TCL8.3.4firstreleasedinCiscoIOSin12.3(2)T
andmergedinto12.2(25)S
Use12.3(14)Torlaterforbestresults
SignedTCLScriptsintroducedin12.4(15)T
SignedTCLScriptsintroducedin12.4(15)T
Uselow-memorytopreventmallocfailures
TCLprocessrunsatmediumpriority,sobecarefulwithloops
Router(config)#scriptingtcllow-memory<water_mark>
Router#tclsh slot0:myscript.tcl
Router#tclsh
Router(tcl)#source tftp://10.1.1.1/myscript.tcl
http://www.cisco.com/go/ciscobeyond
http://www.cisco.com/go/eem
http://www.cisco.com/go/ioscommercial
GuideToWritingEEMPoliciesdocumentation
ToolCommandLanguage(TCL)
Router#tclsh
Router(tcl)#puts "HelloThere"
HelloThere
Router(tcl)#ios_config "interfacefa0/0"
"descriptionMainUplink"
Router(tcl)#exit
Router#
TCLCiscoIOS
ExtendedCommands
TCLBuiltInCommand
CiscoIOSCommand
TCLhasthecapabilitytoverifyadigitalsignatureinorderto
indicatetrust:
Ascriptcanrunintwomodes:
IfTCLscriptcontainstherightsignature:
TRUSTEDMODE
SignedTCLScripts
IfTCLscriptcontainstherightsignature:
ItwillbeauthenticatedandrunwithtrustedaccesstoTCL
interpreter
IfTCLscriptdoesntcontaintherightsignature:
Itwillruninalimitedmodeforuntrustedscriptsornotrunatall
TRUSTEDMODE
UNTRUSTEDMODE
See:http://www.cisco.com/en/US/docs/ios/12_4t/netmgmt/configuration/guide/sign_tcl.html
Availablefrom: IOS12.4(15)T,12.4(11)XW
Platforms: 8xx,18xxISRs,26xx,36xx,37xx,IAD,72xx,7301,UC520,
KronScheduler
RunEXECcommandsperiodicallyor
ataspecifiedtime
Firstintroducedin12.3(1)
Runscommandsina
fully-automatedmode
Interactivecommands(e.g.reload)
areNOTsupported
Note:
NTPmustbeconfiguredortherouter
clockmustbeauthoritative
KronandTclcanruntogethersince12.4(4)T
AlternativeOption:useEmbeddedEventManager(EEM)TimerED
HowtotriggeraConfigChange
EmbeddedEventManager(EEM)
EmbeddedEvent
Syslog
email
notification
SNMPset
Counter
CLI
Applets
SNMP
get
SNMP
notification
Application
specific
TCL
Policies
Reloador
switch-over
EEMApplets
multi-event-correlation
IOS.sh
Policies
Actions
ServicePlanning
EEMArchitecture
EmbeddedEvent
Manager
multi-event-correlation
EventDetectors
Syslog
Event
Process
Scheduler
Database
Interface
Descriptor
Blocks
Syslog
ED
Watchdog
ED
Interface
Counter
ED
CLI
ED
OIR
ED
ERM
ED
EOT
ED
RF
ED
none
ED
GOLD
ED
XML
RPC
ED
SNMP
EDs
Remote:
Notification
Local:
Notification
Get/Set
NetFlow
ED
IPSLA
ED
Route
ED
Timer
EDs
Cron
Count
down
HW
EDs
Fan
Temp
Env
...
CDP
LLDP
ED
802.1x
ED
MAC
ED
CLI
Applets
IOS.sh
Policies
SeparateASCIIFile
my-policy.sh
TCL
Policies
SeparateASCIIFile
my-policy.tcl
PartoftheCiscoIOS
Configuration
ServicePlanning
EEMAppletsandPolicies
ProgrammaticApplet
Extensions
my-policy.sh
BasedonCiscoIOS
CLIandShell
Commands
Effectiveshell-like
simplescripting
Registeredviathe
CiscoIOSConfig
my-policy.tcl
BasedonCiscoIOS
CLIandSafeTCL
Commands
Flexibleandpowerful
scriptingcapabilities
Registeredviathe
CiscoIOSConfig
Configuration
BasedonCLI
Commands
SimpleActions
ServicePlanning
Example:TriggeraConfigChange 1/3
Router(config)#ntplogging
Router(config)#ntpupdate-calendar
Router(config)#ntpserver172.16.154.40prefer
Problem: aPKIrelatedconfigchangeonaremotedeviceshouldonly
happenonceNTPhassuccessfullysynchedthetime
SolutionI: useEEMSyslogEventDetectorandaCLIApplettotriggerthe
change
CLIApplet
eventmanagerappletconfig_upon_ntp
eventsyslogpattern".*%NTP-5-PEERSYNC.*"
action1.0syslogmsg"Starting..."
:
...YourConfigChangesHere...
:
action3.0syslogmsg"...done"
Dec1013:03:57.746:%NTP-5-PEERSYNC:NTPsyncedtopeer172.16.254.40
Dec1013:03:57.750:%HA_EM-6-LOG:config_upon_ntp:Starting...
Dec1013:03:57.750:%HA_EM-6-LOG:config_upon_ntp:...done
change
ServicePlanning
Example:TriggeraConfigChange 2/3
IOS.shPolicy
SolutionII: useEEMSyslogEventDetectorandanIOS.shPolicytotrigger
thechange
##::cisco::eem::event_register_syslogpattern.*%NTP-5-PEERSYNC.*
sendlog"Starting..."
enable
conft
hostname$new_hostname
:
SolutionIII: useEEMSyslogEventDetectorandaTCLPolicytotriggerthe
change
:
...YourConfigChangesHere...
:
end
sendlog"...done"
#EndofIOS.shPolicydemoscript
router#
*Dec2218:27:09.659:%HA_EM-6-LOG:sl_cfg_ntp.sh:Starting...
*Dec2218:27:09.801:%SYS-5-CONFIG_I:Configuredfromconsolebyonvty0(EEM:sl_cfg_ntp.sh)
*Dec2218:27:09.927:%HA_EM-6-LOG:sl_cfg_ntp.sh:Sethostnamefromroutertoit-worked
*Dec2218:27:09.927:%HA_EM-6-LOG:sl_cfg_ntp.sh:...done
it-worked#
TCLPolicy
::cisco::eem::event_register_sys|og occurs 1 pattern .*%NTP-5-PEERSYNC.* queue_priority |ow nice 1 maxrun 90
namespace import ::cisco::eem::*
namespace import ::cisco::|ib::*
action_sys|og msg "Starting ..."
set o|dname [info hostname]
set newname "it-worked"
if [catch {c|i_open} resu|t] {
error $resu|t $errorInfo
} e|se {
array set c|i $resu|t
}
Policyruntime
Default=20seconds
Increasethisvalueifyousee
aProcessForcedExit message
fromtherouter.
}
if [catch {c|i_exec $c|i(fd) "enab|e\n conf term\n hostname $newname\n end"} resu|t] {
action_sys|og msg "Fai|ed to set hostname: $resu|t : $errorInfo"
error $resu|t $errorInfo
} e|se {
action_sys|og msg "Set hostname from $o|dname to $newname"
}
c|i_c|ose $c|i(fd) $c|i(tty_id)
action_sys|og msg "... done"
router#
*Dec1010:43:29.061:%HA_EM-6-LOG:config_upon_ntp.tcl:Starting...
*Dec1010:43:29.197:%SYS-5-CONFIG_I:Configuredfromconsolebyonvty0(EEM:config_upon_ntp.tcl)
*Dec1010:43:29.329:%HA_EM-6-LOG:config_upon_ntp.tcl:Sethostnamefromroutertoit-worked
*Dec1010:43:29.329:%HA_EM-6-LOG:config_upon_ntp.tcl:...done
it-worked#
HowtotriggeruponaConfigChange
UsingEEMtotriggeruponconfigchange
TwoOptions:
SyslogEventDetectoruponanypotentialconfigchange
CLIEventDetectoruponspecificCLIcommand
Asynchronous:
TriggerPolicyandthenexecuteCLIcommand
TriggerPolicyandskipCLIcommand
TriggerPolicyandskipCLIcommand
Synchronous:
TriggerPolicyandexecute/skipbasedonexitstatus
_exit_status==0 skipCLIcommand(default)
_exit_status==1 executeCLIcommand
event[tagevent-tag]clipatternregular-expression
{[default][enter][questionmark][tab]}
[sync{yes| noskip{yes| no}]
[modevariable]
[occursnum-occurrences] [periodperiod-value]
[maxrunmaxruntime-number]
Availablefrom: EEM2.1,integratedwithXMLPIfromEEM3.0
Example:UsingEEMCLIEventDetector
Problem: VLAN380shouldnotbeaccidentallyremovedfromatrunk
Solution: useEEMCLIEventDetector:
eventmanagerappletcli-async
eventclipattern"switchporttrunkallowedvlanremove.*380.*"syncnoskipno
action1.0syslogmsg"RemovingVLAN380"
Optiona: Dontpreventanything,justissueasyslognotification:
Optionb: Preventtheentirecommandandissueasyslognotification:
OtherExamples:
nomplsip
norouterisis
debugall
eventmanagerappletcli-sync
eventclipattern"switchporttrunkallowedvlanremove.*380.*"syncyes
action1.0puts"ConfirmremovingVLAN380[yes|no]:"
action2.0getsresponse
action3.0if$responseeqyesgoto5.0
action4.0puts"NOK- VLAN380willNOTberemoved"
action4.1exit0
action5.0puts"OK- VLAN380willberemoved"
action5.1exit1
Optionc: Askforconfirmation,thenalloworpreventtheentirecommand:
eventmanagerappletcli-async-skip
eventclipattern"switchporttrunkallowedvlanremove.*380.*"syncnoskipyes
action1.0syslogmsg"WillNOTremoveVLAN380"
Caveats:commandmaybe(much)biggerthanwhatyoumatch!Ranges!
ManagingVersionsandRevisions
Archive,EEMUpdateandEASyInstaller
Archive,EEMUpdateandEASyInstaller
Problem: Deviceconfigurationsmustbearchivedperiodically,collecting
themfromtheoutsideshouldnotbetheonlyanswer.
Solution1: Manuallycreatemeaningfulcopiesoftherunningconfig:
nexus-7000#copyrunbootflash:/$(TIMESTAMP)-$(SWITCHNAME).conf
Example:ArchivingConfiguration 1/6
nexus-7000#dirbootflash:
29796Apr2717:38:1620092009-04-27-17.38.16-nexus-7000.conf
nexus-7000#showclivariable
VSHVariableList
-----------------
SWITCHNAME=nexus-7000"
TIMESTAMP="2009-04-27-17.47.48"
Note: fromIOS12.3Tonwards,referto$hand$tvariableswithinarchiveconfigpathoption
archive
pathdisk0:/config-archive
maximum7
time-period1440
Solution2: Archivetherunningconfigurationonceeverydaylocally:
Router#showarchive
Therearecurrently3archiveconfigurationssaved.
Thenextarchivefilewillbenameddisk0:config-archive-3
Archive#Name
0
1disk0:config-archive-1
2disk0:config-archive-2<- MostRecent
3
4
5
6
7
Viewthecontentofthearchive:
archive
pathtftp://10.1.1.1
write-memory
Solution3: Archivetherunningconfigurationtotftpuponwrite:
Router#archiveconfig
Note:Configcanalsobearchivedon-demand:
Solution4: UseKrontoscheduleperiodicarchiving(plusotheractivity)
archive
pathtftp://10.1.1.1
!
kronpolicy-listbackupconfig
cliarchiveconfig
!
kronoccurrencebackup-occurat23:23recurring
policy-listbackupconfig
multiplepolicy-listspossible
Solution5: UseEmbeddedEventManager(EEM)withaSyslogEvent
DetectorandaTCLApplettoonlyarchiveconfigsifthere
wasachange
Router(config)#eventmanagerenvironmentfilename<myfile.txt>
DefineEEMEnvironmentVariable
Router(config)#eventmanagerenvironmentfilename<myfile.txt>
Router(config)#eventmanagerdirectoryuserpolicy"flash:/TCL"
Router(config)#eventmanagerpolicyarchive.tcltypeuser
Router(config)#archive
Router(config-archive)#pathflash:disk0
Router(config-archive)#maximum14
RegisterEEMTCLScript
ConfigureArchiveLocationandSize
Thisscriptisavailablefromwww.cisco.com/go/ciscobeyond
(Seehttp://forums.cisco.com/eforum/servlet/EEM?page=eem&fn=script&scriptId=1103 )
::cisco::eem::event_register_syslogpattern".*%SYS-5-CONFIG.*"
#########################################################
#EEMTCLScripttoarchivetheconfiguponchange
#
#DevelopedbyMarisolPalmero
#
#ThefollowingEEMenvironmentvariableisused:
#- filename:nameofthefilespecifiedinthepathcommandwithin
#
#Letscheckifallthevariableexists,otherwisequit
#########################################################
maxrun90
SylogEvent
#########################################################
if{![infoexistsfilename]}{
setresult"Policycannotberun:variablefilenamenotset"
error$result$errorInfo
}
namespaceimport::cisco::eem::*
namespaceimport::cisco::lib::*
if[catch{cli_open}result]{
putsstderr$result
exit1
}else{
arraysetcli1$result
}
Policyruntime
Default=20seconds
Increasethisvalueifyousee
aProcessForcedExit message
fromtherouter.
if[catch{cli_exec$cli1(fd)"en"}result]{
putsstderr$result
exit1
}
setshowarchive[cli_exec$cli1(fd)"showarchive"]
setlines[split$showarchive"\n"]
foreachline$lines{
setresult[regexp{<- MostRecent}$line]
setresult[regexp{<- MostRecent}$line]
if{$result!=0}{
setresult1[regexp{^\s+\d+\s+(.+)-(\d+)\s+<-}$line->pathextension]
setoutput[cli_exec$cli1(fd)"showarchiveconfigdifferences
system:/running-configflash:$filename-$extension"]
if{[regexp"!Nochangeswerefound"$output]}{
break
}else{
cli_exec$cli1(fd)"archiveconfig"
break
}
}}
if{$result==0}{
cli_exec$cli1(fd)"archiveconfig"
}
Archiveiftherewasa
changeofiftherewas
noarchivedversionyet
Archiveiftherewasa
changeofiftherewas
noarchivedversionyet
Example:SynchronizingEEMScripts1/2
Problem: SynchronizeEEMPolicy.tclfilesfromacentralRepository
Solution1: Useeventmanagerupdatecommands
router(config)#eventmanagerdirectoryuserrepositorytftp://172.16.64.1
1. ConfigurethedefaultRepositiory:
router#eventmanagerupdateuserpolicynamemy
%EEM:Updatewillusetherepositorypath:tftp://172.16.64.1
%EEM:Attemptingtocopytftp://172.16.64.1/my.tcltoflash:/eemtcl/my.tcl
2. Singleexeccommandtodownload,un-registerandre-register:
Availablefrom: IOS12.4(20)T
*Dec1020:12:43.198:%HA_EM-6-FMPD_UPDATE_POLICY_COPY:Policyupdatehascopied647bytesf
*Dec1020:12:43.230:%HA_EM-6-FMPD_UPDATE_POLICY_REGISTER:Policyupdatehassuccessfullyr
Loadingmy.tclfrom172.16.64.1(viaFastEthernet0):!
[OK- 647bytes]
%EEM:Copied647bytesfromtftp://172.16.64.1/my.tcltoflash:/eemtcl/my.tcl
%EEM:Policymy.tclhasbeensuccessfullycopiedandre-registered
router#showeventmanagerpolicyregistered
No.ClassTypeEventTypeTrapTimeRegisteredName
1scriptusersyslogOffWedDec1020:12:432008my.tcl
occurs1pattern{.*%NTP-5-PEERSYNC.*}
nice1queue-prioritylowmaxrun90.000schedulerrp_primary
3. Verifyusingshowcommand:
router#eventmanagerupdateuserpolicygroupm.*
2bis. Canalsosynchentiregroups,basedonregularexpressionmatch:
Example:SynchronizingEEMScripts2/2
Solution2: Useneweventmanagerupdatecommand
router#eventmanagerupdateuserpolicynamemy.tclrepositorytftp://10.1.1.1/
%EEM:Updatewillusetherepositorypath:tftp://10.1.1.1
Loadingmy.tclfrom10.1.1.1(viaFastEthernet0):!
[OK- 647bytes]
%EEM:Copied647bytesfromtftp://10.1.1.1/my.tcltoflash:/eemtcl/my.tcl
%EEM:Policymy.tclhasbeensuccessfullycopiedandre-registered
1. Singleexeccommandtospecifyrepository,download,un-registerandre-register:
Availablefrom:IOS15.0(1)M
*Dec1622:09:11.303:%HA_EM-6-FMPD_UPDATE_POLICY_COPY:Policyupdatehascopied647bytesfrom
*Dec1222:09:11.329:%HA_EM-6-FMPD_UPDATE_POLICY_REGISTER:Policyupdatehassuccessfullyre-re
router#showeventmanagerpolicyregistered
No.ClassTypeEventTypeTrapTimeRegisteredName
1scriptusersyslogOffWedDec1020:12:432008my.tcl
occurs1pattern{.*%NTP-5-PEERSYNC.*}
nice1queue-prioritylowmaxrun90.000schedulerrp_primary
2. Verifyusingshowcommand:
router#eventmanagerupdateuserpolicygroupm.*
1bis. Canalsosynchentiregroups,basedonregularexpressionmatch:
Problem: EmbeddedAutomationsbasedonTclScriptingorEmbedded
EventManagermayincludemultiplescripts,policies,configurations,
variablesandpre-requisites.Howcanweinstall(andun-install)allof
theseinaconsistentmanner?
Example:InstallEmbeddedAutomations
Solution: CreateapackageandusetheEASyInstaller
Router#easy-installertftp://10.1.1.1/my-package.tarflash:/easy
See: http://www.cisco.com/go/easy
-----------------------------------------------------------------------
ConfigureandInstallEASyPackagemy-package'
-----------------------------------------------------------------------
1.DisplayPackageDescription
2.ConfigurePackageParameters
3.DeployPackagePolicies
4.VerifyInstalledPackage
5.Exit
Enteroption:
EditingFilesontheCLI
Ed.tcl
Ed.tcl
EditingFiles
Problem: OftenASCIIfilesarebeingusedwhenusingDevice
ManageabilityInstrumentationinIOS:
TclscriptsandEEMTclPolicies
EMMMenuDefinitionFiles
ConfigTemplatesandothertextfiles
DuringDevelopmentandTestitwouldbeusefultobeableto
editthesefilesdirectlyfromIOS.
editthesefilesdirectlyfromIOS.
But:IOSdoesnotincludeanASCIIEditor...
Solution: UseaTclimplementationofanEditorinIOS
TheGNU<ed>editorisaverysimple,
line-basededitoravailableasTcl
implementation
see:http://en.wikipedia.org/wiki/Ed_(Unix)
see:http://www.gnu.org/software/ed/ed.html
EditingFiles Usinged.tcl
router#showflash
:
827091Nov19200810:51:26ed.tcl
968Nov19200811:00:12testfile.txt
a
1. Copyed.tclandasimpletestfiletotheflash:
router(config)#aliasexeced tclshflash:/ed.tcl
2. DefineanAliasforsimplicity:
router#ed flash:/testfile.txt
3. Editthefileusinged:
a addlines
Availablefromwww.cisco.com/go/ciscobeyond (http://tinyurl.com/ed-on-ios)
(Seehttp://forums.cisco.com/eforum/servlet/EEM?page=eem&fn=script&scriptId=1461 )
a
andhereare
yetanothertwolines
.
,n
1lineoneofthetestfile
2linetwoofthetestfile
3anotherline
4andhereare
5yetanothertwolines
w
99
q
router#
router#ed flash:/testfile.txt
65
1,$p
lineoneofthetestfile
linetwoofthetestfile
anotherline
,p
lineoneofthetestfile
linetwoofthetestfile
anotherline
,n
1lineoneofthetestfile
2linetwoofthetestfile
3anotherline
1,$p printlines1tolast
a addlines
w writefile
q quit
. endadding
,p printalllines
,n numberedprintalllines
EmbeddedMenuManager(EMM)
ProvidingInteractiveMenus
ontheCLI
InteractiveMenusontheCLI
Problem: HowtomakesomeCLIcommandsavailableinaguidedway
(forexampleto1stLineSupport,LocalIT,FieldForce,etc)
SolutionI: ConfigureaMenuusingtheold<menu>commands
SolutionII: DefineacustomMenuinEmbeddedMenuManager(EMM)
IOSmenu Command EmbeddedMenuManager(EMM)
IOSmenu Command
easytolearn,simpletouse
limitedfunctionalityandflexibility
menuonly,clionly
selectionsonly
partoftheIOSconfig
widelyavailable
easytolearn,simpletouse
veryflexible
menusandwizards,cliandtcl
selections,inputs,actions,helptexts
separateMDFfile(s)
recentdevelopment 12.4(20)T
MenuConfigCommand 1/2
menuOldMenutitle^C
AsimpleexampleoftheOLDmenucommand^C
menuOldMenuprompt^C
Pleaseselectamenuitem:^C
SimpleMenuDefinedintheConfig
CustomASCIIMenus
PartofIOSConfig
SimpleCLIActions
MenuTitle
Menuname
Pleaseselectamenuitem:^C
menuOldMenutext1Runapingtest
menuOldMenucommand1ping10.1.1.1
menuOldMenuoptions1pause
menuOldMenutext9Exit
menuOldMenucommand9exit
menuOldMenustatus-line
Availablefrom: IOS10.0,12.2(33)S
Caveats:
Remembertoprovidean<exit>option
Simplemenusandactionsonly
Nouserinputotherthanmenuitems
Partoftherunning- andstartup-config
MenuItemLabel
MenuItemAction
MenuConfigCommand 2/2
router#menuOldMenu
Serverrouter"Line0Terminal-type(unknown)
AsimpleexampleoftheOLDmenucommand
1Runapingtest
9Exit
Pleaseselectamenuitem:1
Typeescapesequencetoabort.
Sending5,100-byteICMPEchosto10.1.1.1,timeoutis2seconds:
.....
Successrateis0percent(0/5)
--More
Serverrouter"Line0Terminal-type(unknown)
AsimpleexampleoftheOLDmenucommand
1Runapingtest
9Exit
Pleaseselectamenuitem:
================================================================================
BranchRouterOperationsMenuonbranch-99
ProgrammableMenuFramework
CustomASCIIMenus
XMLbasedMenuDefinitionFiles(MDF)
Range/TypeChecking
TCLScriptingActions
NestedandSequentialMenus(Wizards)
BranchRouterOperationsMenuonbranch-99
Enter?forhelpor?#foritemhelp
--------------------------------------------------------------------------------
1.InstallDiagnosticScripts
2.ChangeHostname
3.RunCPUDiagnosticScript
4.CheckformostrecentEEMPolicyFiles
5.RunWANDiagnosticScript
6.InstantWorldPeace
7.Exit
Enterselection[6]:
See: http://tinyurl.com/emm-in-124t
https://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_emm_ps6441_TSD_Products_Configuration_Guide_Chapter.html
EMMMenuDefinitionFileExample 1/2
<?xmlversion="1.0"?>
<MenuMenuName="NMS"schemaVersion="1.1">
<MenuTitle>
<EmbTCLValue>
<TCLCommand>
return"BranchRouterOperationsMenu on[hostname]"
</TCLCommand>
</EmbTCLValue>
</MenuTitle>
Menunameandrequired
schemaversion
Titlecanbeconstantorgenerated
withTcl
</MenuTitle>
<HelpString>
<ConstantString="ViewandmodifysomecommonNetworkManagement
configurationparameters"/>
</HelpString>
<GlobalTCL>
<TCLCommand>
procget_config{regex}{
setconfig[exec"showrun|inc$regex"]
return$config
}
</TCLCommand>
</GlobalTCL>
:
:
Themenuandeachitemcanhave
itsownhelptext
OptionalglobalTclsectiontostoreprocs
usedthroughoutmenu
EMMMenuDefinitionFileExample 2/2
:
:
<ItemContinuePrompt="true"ItemJustification="LEFT">
<ItemTitle>
<ConstantString=ChangeHostname"/>
</ItemTitle>
<HelpString>
Fromsimplemenuchoicestocompletecustomizedwizards
<HelpString>
<ConstantString="Thisselectionletsyoutypeanewhostname"/>
</HelpString>
<Wizard>
<QueryPrompt>
<ConstantString="Whathostnamedoyousuggest?"/>
</QueryPrompt>
<FreeForm/>
</Wizard>
<IOSConfigCommand>
"hostname$r(1)"
</IOSConfigCommand>
:
:
WhataboutApplicationsI
NETCONFandXMLPI
NETCONFandXMLPI
WhatareNETCONFandXMLPI? 1/2
NETCONF
isaProtocoldesignedtosecurelyexchange
configurationinformationwithanetworkelement
aimstoprovidesimplicitytoalloweasyadoption
intheindustryandacrosshardwarevendors
aimstoprovideextensibilitytoallowdevicesto
expresstheiruniquecapabilities
R
e
s
p
o
n
s
e
R
e
q
u
e
s
t
NETCONF
Client
N
E
T
C
O
N
F
expresstheiruniquecapabilities
See:http://www.ops.ietf.org/netconf/
CiscoIOSXMLPI
ProvidesanXMLInterface toCiscoIOSNetworkElements
Isasecure,unabigousandrobust wayofsendingandreceivingofCLI
commands,withouthavingtoscreenscrape,mediateorexpectscript
UsesNETCONF andeitherSSHv2 orBEEP
Availablefrom: IOS12.4(9)T,12.2(33)SRA,SB,SXI,IOS-XE2.1,NX-OS4.0
Platforms: ASR1000,x8xxISRs,37xx,Cat4k,Cat6k,72xx,73xx,76xx,10k,UC520,Nexus7k
NETCONFServer
Retrievethe
runningconfig
GET-CONFIG
Response
WhatareNETCONFandXMLPI? 2/2
Changethe
runningconfig
Runashow
command
EDIT-CONFIG
Response
GET
Response
<?xmlversion="1.0"encoding="UTF-8"?>
<rpcmessage-id="3"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<edit-config>
<target><running/></target>
<config>
<xml-config-data>
<Device-Configuration>
<ip>
<host>
<NameHost>
Request
Example:Edittherunningconfig
<NameHost>
valhalla
</NameHost>
<HostIPAddress>
10.2.3.5
</HostIPAddress>
</host>
</ip>
</Device-Configuration>
</xml-config-data>
</config>
</edit-config>
</rpc>]]>]]>
<?xmlversion="1.0"encoding="UTF-8"?>
<rpc-replymessage-id="3" xmlns="urn:ietf:params:netconf:base:1.0">
<ok/>
</rpc-reply>
Response
UsingNETCONFoverSSHstep-by-step
1.ConfigureSSH
router(config)#cryptokeygeneratersa
Thenameforthekeyswillbe:router.yourdomain.com
Choosethesizeofthekeymodulusintherangeof360to2048foryour
GeneralPurposeKeys.Choosingakeymodulusgreaterthan512maytake
afewminutes.
Howmanybitsinthemodulus[512]:
%Generating512bitRSAkeys,keyswillbenon-exportable...[OK]
router(config)#ipsshversion2
router(config)#ipsshtime-out60
See:
http://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_cns_netconf.html
http://www.cisco.com/en/US/docs/ios/12_2sr/12_2sra/feature/guide/srnetcon.html
http://www.cisco.com/en/US/docs/ios/12_2sr/12_2srb/feature/guide/srbnetbe.html
2. EnableNETCONFoverSSH:
router(config)#netconfsshacl777
router(config)#netconflock-time30
router(config)#netconfmax-sessions5
OptionalACL
Default:10Seconds
3. ConfigureNETCONFpayloadformatusing*.ODMSpecFiles
router(config)#netconfformatflash:my-spec-file.odm
4. ConfigureYourNETCONFClientApplication(XMLFilesseelinksbelow)
WhataboutApplicationsII
WebServiceManagementAgents(WSMA)
WebServiceManagementAgents(WSMA)
WebServicesManagementAgents(WSMA)
Problem: ThereareCNSAgentsinIOSandConfigEnginetoautomatesome
typicalzero-touch-deploymentandmaintenancescenarios.HowcanIautomate
otherscenariosdirectlyfrommyownApplications?
Solution: WebServicesManagementAgents
(WSMA)providesastandards-based,open
APItoembeddedmanagementAgents.
WSMAApplication
See: http://tinyurl.com/wsma-in-150M
Platforms: x8xxISRs,72xx,73xx,UC520
APItoembeddedmanagementAgents.
PhaseI:
- ConfigAgent
- ExecAgent
- FileSystemAgent
- NotifyAgent(ConfigChangeEvents)
R
e
s
p
o
n
s
e
R
e
q
u
e
s
t
WSMAEngine+Agents
X
M
L
/
S
O
A
P
N
o
t
i
f
i
c
a
t
i
o
n
WSMA ArchitecturePhaseI
WSMAEngine
XML/SOAP
Messages
WSMATransport
SSH HTTP HTTPS
Listeners Initiators
WSMAXML
Schema
WSMAAgents
Config
Agent
Exec
Agent
FileSystem
Agent
Notify
Agent
running
startup
config
exec
mode
filesystem
UsingWSMA step-by-step
1.ConfigureDesiredWSMATransport HTTP,HTTPSorSSHv2:
router(config)#cryptokeygeneratersa
Thenameforthekeyswillbe:router.yourdomain.com
Choosethesizeofthekeymodulusintherangeof360to2048foryour
GeneralPurposeKeys.Choosingakeymodulusgreaterthan512maytake
afewminutes.
Howmanybitsinthemodulus[512]:
%Generating512bitRSAkeys,keyswillbenon-exportable...[OK]
router(config)#ipsshversion2
router(config)#ipsshtime-out60
2. EnableWSMAServiceListener(WSSL):
See: http://tinyurl.com/wsma-in-150M and
http://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_cfg_wsma.html
2. EnableWSMAServiceListener(WSSL):
router(config)#wsmaprofilelistenermy-wsma-profile
router((config-wsma-listen)#transportsshsubsyswsma
3. EnableWSMAAgent(s):
router(config)#wsmaagentexecprofilemy-wsma-profile
4. AssignWSMAID(s):
router(config)#wsmaidip-addressfastethernet0/0
OtherOptions:
hardware-serial
MACAddress
Hostname
string
5. IfXMLFormattedExecOutputisdesired,deployanduse*.ODMSpecFiles
Howtopre-commissionRouters
AutoInstall
AutoInstall
Howtodealwithnewrouters...
IOSAutoInstallFeatureconsistsof:
EthernetInterfaceup
DHCPClient+Option150
Combinedwithexternal
Howtodealwithnewrouters AutoInstall
Combinedwithexternal
DHCPandTFTPServer
thisenablesanewrouterto
automaticallyretrieveadefaultconfiguration
withoutmanualinteractionviaconsolecableortelnet
See:http://www.cisco.com/en/US/docs/ios/12_1t/12_1t5/feature/guide/dt_dhcpa.html
Availablefrom: IOS12.1(5)T,IOS-XE2.1.0
Platforms: ASR1000,x8xxISR,x9xxISR,37xx,ME3400,ME4900,Cat4k,Cat6k,76xx,10k,UC520
Seealso: SmartInstall
Example:AutomatedPre-Commissioning
Problem: Howtoautomaticallypre-commissionanewCiscoISRwithout
manualinterventionontheConsole
Solution: UsetheAutoInstallFeaturecombinedwithanexternalDHCP
andTFTPserver
0. PoweruptheCPEand
connecttoEthernet
1. CPEsendsDHCPDiscover
2. DHCPServerreplieswithOffer
3. CPEsendsDHCPRequest
4. DHCPServerreplieswithoption150
5. CPErequestshostname-confg
filefromTFTP
6. TFTPerversendshostname-
configfiletoCPE
CPEisnowpre-commissioned
Example:AutomatedPre-Commissioning
NEisconnected
totheNetwork
ReverseDNS
successful?
NEgetsnetwork-
configfile fromTFTP
NEgetsanIPaddressvia
BOOTP,SLARPorDHCP
IPmapsto
hostnamein
network-
No
Defaultconfig
fileexistson
No No
WhatexactlyhappensinStep5
NEattemptstoget
hostname-configor
hostname.cfg fromTFTP
successful?
Fileexistson
TFTP?
AutoInstall
Completes
copyrunstart
Yes
Yes
network-
configfile?
Yes
fileexistson
TFTP?
NEgets
router-configor
router.cfg fromTFTP
AutoInstall
Fails
AutoInstall
Completes
manualconfig
completion
Yes
AutoInstall
Fails
No
Caveat:CombineAutoInstallandSDM
Solution:
1. OrderRouterwithnofactorypre-configoption:
2. RunAutoInstall
EnsurecommissioningincludesSDMspecificpre-configand
downloadedSDMfiles:
Caveat: RoutersorderedwithSecurityDeviceManager(SDM)are
pre-configured,butAutoInstallonlyworksonfactory-default.
loggingbuffered51200warnings
iphttpserver
iphttpaccess-class23
iphttpsecure-server
iphttpauthenticationlocal
iphttptimeout-policyidle600life86400requests10000
access-list23permit10.10.10.00.0.0.7
usernameusername privilege15secret0password
linevty04
access-class23in
privilegelevel15
loginlocal
transportinputtelnet
transportinputtelnetssh
linevty515
access-class23in
privilegelevel15
loginlocal
transportinputtelnet
transportinputtelnetssh
downloadedSDMfiles:
3. RunSDM
AutomationandLargeScale
Zero-TouchDeployment
Zero-TouchDeployment
TypicalChallenges:
LargeScale
- morethanjustafew12imageupdates
- morethanafew100configorfileupdates
Robustness
- unreliable/un-managedaccess
- interruptions,outages
Security
Sometimesweneedtoautomate...
Security
- authentication,privacy,
- trustandskillsofon-sitestaff
- unknownhostnames/ipaddresses
Time
- de-couplingofdeploymentandactivation
- manydeviceswithinsmalltimewindow
Cost
- manual,skilledlabourcostvs.automatedsolution
Automateinitialandpartialconfiguration,imageupgrades or
distributionoffiles (anyfile,anyplace)
Zero-TouchDeploymentMethods
Method
CiscoIOS
DeploymentAgents
ExternalMediation
Server
Notes
DOCSIS DOCSIS
CiscoBroadband
AccessCenter(BAC)
ForCableModemAccessOnly
WidelyStandardized
TR-069 TR-069
CiscoBroadband
AccessCenter(BAC)
ForDSLAccess
StandardIsWorkinProgresswith
CurrentlyLooseDefinition,Check
InteropTestfromPlugfest
FlexibilityforScenariosNot
Zero-TouchDeployment=EmbeddedAgents+ExternalMediation
EEM
EmbeddedEvent
Manager
FTP,TFTP,SCP,
FlexibilityforScenariosNot
CoveredbyAnyOtherMethod
SometimesUsedinConcert
withOtherMethods
Kron KronandTCL FTP,TFTP,SCP, WhenEEMIsNotAvailable
DHCP DHCP
CiscoNetwork
Registrar,TFTP
AgnosticofAccessTechnology
PartiallyStandardized,
MultipleOptionsUsed
CNS
CNSConfigAgent
CNSImageAgent
CNSInventoryAgent
CNSEventAgent
CiscoConfiguration
Engine
MostSecureandRobust
AgnosticofAccessTechnology
AgnosticofIPAddressing
Example:Zero-TouchDeployment 1/3
Problem: AlargenumberofTeleworkerRoutershavetobedeployed.
AccessTechnologyandServiceProvidervary;IPAddressingisnotknown
inadvance
Solution: Pre-ConfigureRouterswithagenericboostrapconfig
ThisconfigensuresinitialIPconnectivity,identifiesthedeviceand
communicatesbacktoConfigurationEngineforappropriateconfig
Router#cnsidhardware-serial
Router#cnsconfiginitialMyConfigEngine80eventno-persist
Router#cnsidhardware-serialevent
Router#cnseventMyConfigEngine11011
Note: ManyotheroptionsforID
existandareoftenusedinstead
ofhardware-serial:
CPE
DHCP TFTP
1
3
CCE
DHCP Discover
DHCP Offer
2
DHCP Request
4
DHCP Ack - Option 150
TFTP Request:
bootstrap config
CNR 1. CPEsendsDHCPDiscover
2. DHCPServerreplieswithOffer
3. CPEsendsDHCPRequest
4. DHCPServerreplieswithoption150
5. CPErequestsbootstrap-confg file
viaTFTP
6. TFTPserversendsCPEbootstrap-
config file
W
a
r
e
h
o
u
s
e
5
bootstrap config
6
TFTP Response:
bootstrap config
CNS Config Request (HTTPS)
7
Object ID
Device ID
Read Temp.
Send Config
11
12
13
Success/Fail
Event
Publish
Success/Fail
Event
LDAP
CE
FS
9
10
8
config file
CPEisshippedtoCustomerSite
CustomerOrderlinkedtoCPEID
C
u
s
t
o
m
e
r
P
r
e
m
i
s
e
7. CPEsendsHTTPrequesttoCNS-CE
8. CNS-CEverifiesobjectID
9. CNS-CEverifiesDeviceID
10. CNS-CEreadstemplatefromFileSystem
11. CNS-CEsendsConfig
(=template+parametersfromLDAP)
12. Successfulevent
13. Publishsuccessevent
Thereare:
Data- /InformationFlowviatheNMS
Systems(leftHemisphere)
PhysicalFlow(CPE)totheBranchOffice
orCustomerPremise(rightHemisphere)
router(config)#cnsid?
AsyncAsyncinterface
ZTDAutomationuses:
SeparationtoallowforEfficiency
andFlexibility
CNSDeviceIDandCNSConfig
IDtolinkthetwoFlows
AsyncAsyncinterface
Auto-TemplateAuto-Templateinterface
BVIBridge-GroupVirtualInterface
CDMA-IxCDMAIxinterface
CTunnelCTunnelinterface
DialerDialerinterface
FastEthernetFastEthernetIEEE802.3
Group-AsyncAsyncGroupinterface
LexLexinterface
LoopbackLoopbackinterface
MFRMultilinkFrameRelaybundleinterface
MultilinkMultilink-groupinterface
Port-channelEthernetChannelofinterfaces
Service-Engineciscoserviceenginemodule
TunnelTunnelinterface
VifPGMMulticastHostinterface
Virtual-Dot11RadioVirtualdot11interface
Virtual-PPPVirtualPPPinterface
Virtual-TemplateVirtualTemplateinterface
Virtual-TokenRingVirtualTokenRing
hardware-serialUsehardwareserialnumberasuniqueID
hostnameUsehostnameasuniqueID
stringUseanarbitrarystringastheuniqueID
udiUsetheUDIasuniqueID
vmiVirtualMultipointInterface
WhenDesigningAutomation
UnderstandthebiggerpicturebeforeautomatingindividualSteps
Bestmanualprocessmaynotbeidenticaltobestautomatedprocess
Agenda
Introduction
1
CommandLineInterface(CLI) TheBasics
2
CommandLineInterface(CLI) MoreAdvanced
3
SimpleScriptingI IOS.sh
4
SimpleScriptingII TclScriptingandCRON
5
HowtotriggeraConfigChange EEM
6
HowtotriggeruponaConfigChange EEM
6
HowtotriggeruponaConfigChange EEM
7
ManagingVersionsandRevisions Archive,EASyInstaller
8
EditingFilesontheCLI ed.tcl
9
ProvidingInteractiveMenusontheCLI EMM
10
WhataboutApplicationsI NETCONFandXMLPI
11
WhataboutApplicationsII WSMA
12
Howtopre-commissionRouters IOSAutoInstall
13
AutomationandLargeScale ZeroTouchDeployment
Summary
Wrap-Up&Close
InSummary
AllConfigurationtasks
areNOTequal
ThereareaRangeofUsers/
Applicationswithdifferent
configurationSkillsandNeeds
Itsnotonlyabouttelnetandrunning-config
CiscoIOSoffersaplethoraofconfigurationfeaturesto
addressthespecificneeds
Alwayschoosethebestfit
Q&A
References Instrumentation
DeviceManageabilityInstrumentation(DMI)www.cisco.com/go/instrumentation
EmbeddedEventManager(EEM):www.cisco.com/go/eem
CiscoBeyond EEMCommunity:www.cisco.com/go/ciscobeyond
EmbeddedMenuManager(EMM):http://tinyurl.com/emm-in-124t
EmbeddedPacketCapture(EPC):www.cisco.com/go/epc
FlexibleNetFlow:www.cisco.com/go/netflow andwww.cisco.com/go/fnf
GOLD:http://www.cisco.com/en/US/products/ps7081/products_ios_protocol_group_home.html
GOLD:http://www.cisco.com/en/US/products/ps7081/products_ios_protocol_group_home.html
IPSLA(formerlySAA,formerlyRTR):www.cisco.com/go/ipsla
NetworkAnalysisModule:http://www.cisco.com/go/nam
NetworkBasedApplicationRecognition(NBAR):www.cisco.com/go/nbar
SecurityDeviceManager(SDM):http://www.cisco.com/go/sdm
SmartCallHome:www.cisco.com/go/smartcall
WebServicesManagementAgents(WSMA):http://tinyurl.com/wsma-in-150M
FeatureNavigator:www.cisco.com/go/fn
MIBLocator:www.cisco.com/go/mibs
Q&A
References EmbeddedAutomations
EmbeddedAutomationSystems(EASy)
1. BrowseandDownloadEASyPackages
www.cisco.com/go/easy
2. MakeSuretoalsodownloadEASyInstaller
3. BrowseOtherEmbeddedAutomations
www.cisco.com/go/ciscobeyond
4. LearnAboutTheTechnologyUnderTheHood
www.cisco.com/go/instrumentation
www.cisco.com/go/eem
www.cisco.com/go/pec
5. Discuss,AskQuestions,SuggestAnswers
supportforums.cisco.com
6. UploadyourownExamplestoCiscoBeyond
www.cisco.com/go/ciscobeyond
7. Engageviaask-easy@cisco.com
Questions?
MeettheEngineer
TomakethemostofyourtimeatNetworkersatCisco
Live2010,scheduleaFace-to-FaceMeetingwithatop
CiscoEngineers.
Designedtoprovidea"bigpicture"perspectiveaswellas
"in-depth"technologydiscussions,theseface-to-face
"in-depth"technologydiscussions,theseface-to-face
meetingswillprovidefascinatingdialogueandawealthof
valuableinsightsandideas.
VisittheMeetingCentrereceptiondesklocatedinthe
MeetingCentreinWorldofSolutions
SessionID Title Day
BRKNMS-2000 13SmartwaystoConfigureyourCiscoIOSDevice Tue
BRKNMS-2421 NetworkConfigurationandComplianceManagement Tue
BRKNMS-2004 Managementatworkinthesmallandmediumcustomer Tue
BRKNMS-2005 ManagingCiscoSecurity Wed
BRKNMS-2001 DataCentre- ManagementEndtoEnd Wed
BRKNMS-2007 DeployingDHCPandDNS:BasictoAdvanced Wed
BRKNMS-2008 UnderstandingthebenefitsofEthernetOAM(E-OAM) Wed
BRKNMS-2009
UCNetworkManagement:HowtoEnsureYourUCServicesAreOperatingas
Wed
ManagementandOperationSessions
BRKNMS-2009
UCNetworkManagement:HowtoEnsureYourUCServicesAreOperatingas
Expected!
Wed
BRKNMS-2011 TheeconomicalimpactofNMS/OSSfeaturesonManagedServices Wed
BRKNMS-2012 CiscoIOSStrategyandEvolution Wed
BRKNMS-3132 AdvancedNetFlow Wed
BRKNMS-3003 AdvancedUsingCiscoWorksLMStoitsfullpotential Thu
BRKNMS-2006 PerformanceMeasurementforCriticalIPtrafficwithIPSLAs Thu
BRKNMS-2361 AccountingandPerformanceManagementwithNetworkBasedApplicationRecognition Thu
LABNMS-2001 AdvancedNetworkAutomationandSolutionsusingCiscoIOSEEM Tue+Thu
LABNMS-2005 ImplementingManageabilityandEmbeddedAutomation Tue+Wed
Panel LargeScaleNetworkManagement Tue
Panel CiscoSoftwareActivation Thu
BRKNMS-2000
RecommendedReading
AppendixI:
FeatureAvailability
Note: Thefollowinginformationisprovidedinconfidenceandasis.
Mayincludefutures,subjecttochange;nocommitmentsimplied.
EmbeddedManagement SNMPRoadmap
CiscoIOSSoftware
Platforms
Cisco
10000
Series
Cisco
7600
Series
Cisco
7500
Series
Cisco
7304
Router
Cisco7301
and7200
Routers
Cisco
Catalyst
6500
Series
Cisco
Catalyst
4500Series
Cisco
3750&
2900
Series
ASR-
1000
Cisco
800,
1800&
2800
Series
12.2SB 12.2SR/SX 12.2SB 12.2SB 12.2SB/SR 12.2SX/SR 12.2SG 12.2SE
12.2
XNA
M&T
PeriodicMIBDataCollection
andTransferMechanism
12.2(33)SB
12.2(33)SR
A
12.2(22)S 12.2(33)SB 12.2(33)SRA
12.2(33)SX
H
12.2(44)SG
12.2(35)
SE1
12.2(33)
XNA
12.3(2)T
VPN awareSNMP
Infrastructure
12.2(33)SB
12.2(33)SR
A
12.2(22)S 12.2(33)SB 12.2(33)SRA
12.2(33)SX
H
12.2(44)SG
12.2(7th)
SE
12.2(33)
XNA
12.3(2)T
SNMPoverIPv6 12.2(33)SB
12.2(33)SR
B
12.3(14)T
12.2(33)SB 12.2(33)SRB 12.2(33)SXI 12.2(44)SG
12.2(44)S
E
12.2(33)
XNA
12.3(14)
T
AES(RFC 3826)and3DES
EncryptionforSNMPv3
12.2(33)SB
12.2(33)SR
B
12.2(33)SB 12.2(33)SRB 12.2(33)SXI 12.2(44)SG
12.2(7th)
SE
12.2(33)
XNA
12.4(2)T
ISSU- SNMP 12.2(33)SB
12.2(33)SR
B1
12.2(33)SB
12.2(33)SRB
1
12.2(33)SXI 12.2(44)SG
12.2(33)
XNA
InterfaceMIBEnhancements 12.2(31)SB
12.2(33)SR
A
12.2(31)S
B
12.2(31)SB 12.2(33)SRA
12.2(33)SX
H
12.2(44)SG
12.2(33)
XNA
CEF-MIB 12.2(33)SB
12.2(33)SR
C
12.2(31)S
B
12.2(33)SB 12.2(33)SRC 12.2(44)SG
12.2(TBD)
SE
12.2(33)
XNA
12.4(20)
T
URPF-MIB 12.2(31)SB
12.2(33)SR
C
12.2(31)S
B
12.2(31)SB 12.2(33)SRC 12.2(44)SG
12.2(TBD)
SE
12.2(33)
XNA
12.4(20)
T
SNMPInfrastructureforMTR 12.2(33)SB
12.2(33)SR
B
12.2(33)SB 12.2(33)SRB
IP-TUNNEL-MIB 12.2(33)SB
12.2(33)SR
B
12.2(33)SB 12.2(33)SRB 12.2(44)SG
12.2(33)
XNA
12.4(20)
T
InterfacesMIB:SNMP
contextbasedaccess
12.2(33)SB
12.2(33)SR
B
12.2(33)SB 12.2(33)SRB 12.2(44)SG
12.2(7th)
SE
12.2(33)
XNA
CISCO-DATA-COLLECTION-
MIB
12.2(33)SB
12.2(33)SR
C
12.2(33)SB 12.2(33)SRC 12.2(44)SG
12.2(TBD)
SE
12.2(33)
XNA
12.4(20)
T
CISL- SNMPSupport
(LicensingMIB)
12.2(37)S
E
12.4(20)
T
SNMPsecureViews 12.2(33)SB
12.2(33)SR
A
12.2(22)S 12.2(33)SB 12.2(33)SRA
12.2(33)SX
H
12.2(44)SG
12.2(7th)
SE
12.2(33)
XNA
12.3(2)T
Shipping
CodeCommitted
ECd
EmbeddedManagement SNMPRoadmap
CiscoIOSSoftware
Platforms
Cisco
10000
Series
Cisco
7600
Series
Cisco
7500
Series
Cisco
7304
Router
Cisco7301
and7200
Routers
Cisco
Catalyst
6500
Series
Cisco
Catalyst
4500Series
Cisco
3750&
2900
Series
ASR-
1000
Cisco
800,
1800&
2800
Series
12.2
XNA
M&T
Alarmfilteringsupportin
Cisco-Entity-Alarm-MIB
12.2(33)SR
B
12.2(33)SRB 12.2(33)SXI 12.2(44)SG
12.(33)X
NA
12.4(4)T
SNMPTrapSimulation
12.2(33)SR
E
12.2(33)SRE 12.2(33)SXI
RMON-MIBenhancement
for64bitcountersupport
12.2(33)SR
E
12.2(33)SRE 12.2(33)SXI
SupportforHC-Alarm-MIB
12.2(33)SR
E
12.2(33)SRE 12.2(33)SXI
RFC2576:SNMPv1/v2c
PDU conversionsforproxy 12.3(2)T
PDU conversionsforproxy
forwarder
12.3(2)T
SCP,FTP&RCP Supportin
CISCO-CONFIG-COPY-MIB
12/3(2)T
FileType supportinCISCO-
FLASH-MIB
12.3(2)T
EventMIBandExpression
MIBEnhancements
12.2(33)SR
E
12.2(33)SRE
12.2(1st)S
Y
12.2(44)SG
12.4(20)
T
ShowPortStatus
Command
12.2(33)SR
E
12.2(33)SRE 12.2(33)SXI
SNMPDiagnostic
Enhancements
12.2(33)SR
E
12.2(33)SRE 12.2(33)SY
12.4(20)
T
SNMPSupportforCisco
PowerExtension
12.2(52)SG
12.2(50)S
E
SNMPtrapsupportforEEM
12.4(22)
T
SNMPsupportforNamed
AccessList
12.3(2)T
LicensingMIB
EnhancementforSTG
12.4(11)
T
EmbeddedManagement- Configuration
CiscoIOSSoftware
Platforms
Cisco
10000
Series
Cisco
7600
Series
Cisco
7500
Series
Cisco
7304
Router
Cisco
7301and
7200
Router
Cisco
Catalyst
6500
Series
Cisco
Catalyst
4500
Series
Cisco
3750&
2900
Series
ASR-
1000
Cisco800,
1800&
2800
Series
12.2
XNA
M&T
UDISupportandConfiguration
Enhancements
12.2(28)SB
12.2(18)SX
E5
12.2(18)SX
E5
12.2(33)SR
C
12.2(18)SX
E5
12.2(25)SE
C
12.2(33)
XNA
12.3(4)T
CNSAgents(Configuration
AgentEventAgent,Image
Agent)
12.2(33)SB
12.2(33)SR
B
12.2(31)S
B
12.2(33)SB 12.2(31)SB 12.2(33)SXI
12.2(44)S
G
12.2(25)SE
E
12.2(33)
XNA
12.3(1)
ConfigRetrieveRetry 12.2(33)SB
12.2(33)SR
C
12.2(33)SB
12.2(33)SR
C
12.2(1st)SY
12.2(44)S
G
12.2(44)SE
12.2(33)
XNA
12.4(15)T
CNSAgentsoverIPv6 12.2(33)SB
12.2(33)SR
C
12.2(33)SR
C
12.2(1st)SY
12.2(44)S
G
12.2(33)
XNA
12.4(20)T
C C G XNA
NetconfoverSSHv2,BEEP 12.2(33)SB
12.2(33)SR
A
12.2(33)SB
12.2(33)SR
A
12.2(33)SX
H
12.2(44)S
G
12.2(33)
XNA
12.4(9)T
ConfigChangeNotification
(Netconf)
12.2(33)SB
12.2(33)SR
A
12.2(33)SB
12.2(33)SR
A
12.2(33)SX
H
12.2(44)S
G
12.2(33)
XNA
12.4(9)T
NetconfoverIPv6 12.2(33)SB
12.2(33)SR
C
12.2(33)SB
12.2(33)SR
C
12.2(1st)SY
12.2(44)S
G
12.2(33)
XNA
12.4(20)T
CiscoSoftwareLicensing 12.2(37)SE 12.4(20)T
CNS-InteractiveCLI
12.2(33)SR
C
12.2(33)SR
C
12.2(33)SXI
12.2(44)S
G
12.2(33)
XNA
CommandschedulerPolicyfor
systemstartup
12.2(33)SB
12.2(33)SR
C
12.2(33)SB
12.2(33)SR
C
12.2(1st)SY
12.2(44)S
G
12.2(33)
XNA
12.4(15)T
TR-69agent,EthernetLAN,
Time,ATM,loopback,
traceroute profiles,HTTPclient
APItoclosepersistentconn.
12.4(20)T
WebServicesManagement
Agent
Planning Planning 12.2(1st)SY Planning Planning Planning 12.4(24)T
EmbeddedManagement Infra- Transports
CiscoIOSSoftware
Platforms
Cisco
10000
Series
Cisco
7600
Series
Cisco
7500
Series
Cisco
7304
Router
Cisco7301
and7200
Routers
Cisco
Catalyst
6500
Series
Cisco
Catalyst
4500
Series
Cisco
3750&
2900
Series
ASR-
1000
Cisco
800,1800
&2800
Series
12.2
XNA
M&T
HTTPS- HTTPwithSSL3.0
12.2(33)SB
12.2(33)SR
A
NA 12.2(33)SB 12.2(33)SRA
12.2(33)SX
H
12.2(44)SG
12.2(25)S
E
12.2(33)
XNA
12.3(2)T
HTTP(S)USBSupportFor
ContentDeliveryfromUSB
Media;PAIenhancement;
TACAC+Accountingsupport
12.2(33)SB
12.2(33)SR
C
NA 12.2(33)SB 12.2(33)SRC
12.2(33)SX
I
12.2(44)SG 12.4(15)T
HTTPIPv6Support 12.2(33)SB
12.2(33)SR
C
NA 12.2(33)SB 12.2(33)SRC
12.2(1st)S
Y
12.2(44)SG
12.2(44)S
E
12.2(33)
XNA
12.4(20)T
HTTPIPv6Support 12.2(33)SB
C
NA 12.2(33)SB 12.2(33)SRC
Y
12.2(44)SG
E XNA
12.4(20)T
BEEPInfrastructure;IPV6
Support
12.2(33)SB
12.2(33)SR
A
NA 12.2(33)SB 12.2(33)SRA
12.2(33)SX
H
12.2(44)SG
12.2(7th)
SE
12.2(33)
XNA
12.4(4)T
SOAPIPv6Support 12.2(33)SB
12.2(33)SR
C
NA 12.2(33)SB 12.2(33)SRC
12.2(1st)S
Y
12.2(44)SG
12.2(7th)
SE
12.2(33)
XNA
12.4(20)T
CiscoIOSScriptingwithTCL 12.2(33)SB
12.2(33)SR
C
NA 12.2(33)SB 12.2(33)SRC
12.2(33)SX
H
12.2(44)SG
12.2(TBD)
SE
12.2(33)
XNA
12.3(2)T
TCLSNMPMIBaccess
12.2(33)SB
12.2(33)SR
C
NA 12.2(33)SB 12.2(33)SRC
12.2(33)SX
H
12.2(44)SG
12.2(7th)
SE
12.2(33)
XNA
12.3(7)T
SignedTCLscripts NA 12.4(15)T
TCLoverIPv6 12.2(33)SB
12.2(33)SR
C
NA 12.2(33)SB 12.2(33)SRC
12.2(1st)S
Y
12.2(44)SG
12.2(7th)
SE
12.2(33)
XNA
12.4(20)T
HTTPCookiesupport
(RFC2965)
12.2(1st)S
RE
12.4(20)T
HTTPDigestAuthentication
Support
12.4(20)T
EmbeddedManagement Config/Parser
CiscoIOSSoftware
Platforms
Cisco
10000
Series
Cisco
7600
Series
Cisco
7500
Series
Cisco
7304
Router
Cisco
7301and
7200
Routers
Cisco
Catalyst
6500Series
Cisco
Catalyst
4500Series
Cisco
3750&
2900
Series
ASR-1000
Cisco
800,
1800
&
2800
Series
12.2SB 12.2SR/SX 12.2SB 12.2SB 12.2SB/SR 12.2SX/SR 12.2SG 12.2SE 12.2XNA M&T
ConfigurationReplaceand
ConfigurationRollback,
includingconfigversioning
(archive)andtimedrollback
12.2(33)SB
12.2(33)SR
A
12.2(25)S 12.2(33)SB
12.2(31)SB
2
12.2(33)SXH 12.2(44)SG
12.2(40)S
E
12.2(33)XN
A
12.3(7)
T
ConfigurationChange
NotificationandLogging
12.2(33)SB
12.2(33)SR
A
12.2(25)S 12.2(33)SB 12.2(25)S 12.2(33)SXH 12.2(44)SG
12.2(25)S
EC
12.2(33)XN
A
12.3(4)
T
ContextualConfigurationDiff
Utility
12.2(33)SB
12.2(33)SR
A
12.2(25)S 12.2(33)SB 12.2(33)SXH 12.2(44)SG
12.2(40)S
E
12.2(33)XN
A
12.3(4)
T
ConfigurationGeneration 12.2(33)SR 12.2(33)SR 12.2(33)XN 12.3(7)
ConfigurationGeneration
PerformanceEnhancement
12.2(33)SB
12.2(33)SR
C
12.2(25)S 12.2(33)SB
12.2(33)SR
C
12.2(33)SXI 12.2(44)SG
12.2(33)XN
A
12.3(7)
T
Role-BasedAccessControlCLI
commands
12.2(33)SB
12.2(33)SR
B
12.2(33)SB 12.2(33)SXI 12.2(44)SG
12.2(33)XN
A
12.3(11
)T
ConfigurationPartitioning 12.2(33)SB
12.2(33)SR
B
12.2(33)SB
12.2(33)SR
B
12.2(33)SXI 12.2(44)SG
12.2(7th)S
E
12.2(33)XN
A
ConfigurationRollback
ConfirmedChange
12.2(33)SB
12.2(33)SR
C
12.2(33)SB
12.2(33)SR
C
12.2(33)SXI 12.2(44)SG
12.2(33)XN
A
12.4(20
)T
IPv6forConfigLogger 12.2(33)SB
12.2(33)SR
C
12.2(33)SB
12.2(33)SR
C
12.2(1st)SY 12.2(44)SG
12.2(7th)S
E
12.2(33)XN
A
12.4(20
)T
ConfigLoggerPersistency 12.2(33)SB
12.2(33)SR
A
12.2(33)SB 12.2(33)SXH 12.2(44)SG
12.2(33)XN
A
12.4(11
)T
ExclusiveConfiguration
ChangeAccessandAccess
SessionLocking
12.2(33)SB
12.2(33)SR
A
12.2(33)SB 12.2(33)SXH 12.2(44)SG
12.2(33)XN
A
12.4(11
)T
ConfigChangeTracking
Identifier
12.2(33)SB
12.2(33)SR
C
12.2(33)SB
12.2(33)SR
C
12.2(33)SXI 12.2(44)SG
12.2(33)XN
A
12.4(20
)T
XMLProgrammaticInterface
w/TLSandInitiator
12.2(1st)S
RE
12.2(1st)S
RE
12.2(1st)SY 12.2(47)SG
12.2(7th)S
E
12.4(20
)T
EEMVersion/ProductSupportMatrix
CISCO ACCESS ROUTERS - Current models
EEM
Version
Cisco 800
Series
Cisco 1800
Series
Cisco 2800
Series
Cisco 3800
Series
Cisco 1900
Series
Cisco 2900
Series
Cisco 3900
Series
1.0 12.3(11)T 12.3(11)T 12.3(11)T
2.0
2.1 12.3(14)T1 12.3(14)T1 12.3(14)T1
2.1.5
2.2 12.4(2)T 12.4(2)T 12.4(2)T 12.4(2)T
2.3 12.4(11)T 12.4(11)T 12.4(11)T 12.4(11)T
2.4 12.4(20)T 12.4(20)T 12.4(20)T 12.4(20)T
3.0 12.4(22)T 12.4(22)T 12.4(22)T 12.4(22)T
3.1 15.0(1)M 15.0(1)M 15.0(1)M 15.0(1)M 15.0(1)M 15.0(1)M 15.0(1)M
3.1 15.0(1)M 15.0(1)M 15.0(1)M 15.0(1)M 15.0(1)M 15.0(1)M 15.0(1)M
3.2 15.1(3)T 15.1(3)T 15.1(3)T 15.1(3)T 15.1(3)T 15.1(3)T 15.1(3)T
3.4 Planning Planning Planning Planning Planning Planning Planning
CISCO ACCESS ROUTERS - Old models
EEM
Version
Cisco 1700
Series
Cisco 2600
Series
Cisco
2600XM
Series
Cisco 2691
Series
Cisco 3600
Series
Cisco 3700
Series
1.0 12.3(4)T 12.3(4)T 12.3(4)T 12.3(4)T
2.0
2.1 12.3(14)T1 12.3(14)T1 12.3(14)T1 12.3(14)T1 12.3(14)T1 12.3(14)T1
2.1.5
2.2 12.4(2)T 12.4(2)T 12.4(2)T 12.4(2)T 12.4(2)T 12.4(2)T
2.3 12.4(11)T 12.4(11)T 12.4(11)T 12.4(11)T 12.4(11)T 12.4(11)T
2.4
3.0
3.1
3.2
Shipping
EC
Planning
EEMVersion/ProductSupportMatrix,cont.
CISCO SERVICE AGGREGATION/CORE ROUTERS
EEM
Version
Cisco
ASR1000
Series
Cisco
7200
Series
Cisco
7301
Cisco
7304
Cisco
7600
Series
Cisco
UBR
10000
Cisco
UBR
7200
Cisco
12000
Series
Cisco XR
12000
Cisco
CRS-1
Cisco
ASR
9000
1.0 12.0(26)S
2.0 12.2(27)SBC FM FM FM
2.1 12.3(14)T1 12.3(14)T1 12.2(28)SB 12.2(18)SXF5 12.2(28)SB 12.2(28)SB FM FM FM
2.1.5 FM FM FM
2.2 12.4(2)T 12.4(2)T1 FM FM FM
2.3 2.1XE 12.4(11)T 12.2(33)SB 12.2(33)SB 12.2(33)SRB 12.2(33)SB 12.2(33)SB FM FM FM
2.4 12.2(33)XN RLS7 12.4(20)T 12.2(33)SRE 12.2(33)SRE 12.2(33)SRE 12.2(33)SRE 12.2(33)SRE FM FM FM
3.0 12.2(33)XN RLS7 12.4(22)T 12.2(33)SRE 12.2(33)SRE 12.2(33)SRE 12.2(33)SRE 12.2(33)SRE FM FM FM
3.1 Planning 15.0(1)M Planning Planning Planning Planning Planning Planning Planning Planning Planning
3.2 Planning 15.1(3)T Planning Planning Planning Planning Planning Planning Planning Planning Planning
3.4 Planning Planning Planning Planning Planning Planning Planning Planning Planning Planning Planning
CISCO CATALYST SWITCHES
EEM
Version
Catalyst 3000
Switches
Cisco
3400ME
Switches
Catalyst
4500
Switches
Catalyst
4900
Switches
Catalyst
6500
Switches
1.0
2.0
2.1
IOS w/o Modularity
12.2(18)SXF5
2.1.5
w/ Modularity
12.2(18)SXF4
2.2
2.3 12.2(40)SE 12.2(40)SE 12.2(44)SG 12.2(44)SG 12.2(33)SXH
2.4 12.2 (50) SE 12.2 (50) SE 12.2(52)SG 12.2(52)SG 12.2(33)SXI
3.0 12.2 (52) SE 12.2 (52) SE
Summer'10
(Zanzibar)
12.2 (1st)SY 12.2 (1st)SY
3.1 12.2 (52) SE 12.2 (52) SE
Summer'10
(Zanzibar)
Planning Planning
3.2 12.2 (52) SE 12.2 (52) SE
Summer'10
(Zanzibar)
Planning Planning
3.4 Planning Planning Planning Planning Planning
Shipping
EC
Planning

13 Smartways To Configure Cisco Device

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

13 Smartways To Configure Cisco Device

Uploaded by

Copyright:

Available Formats

13SmartWaysToConfigure

You might also like