Cisco Systems Prime Network 4 0 Users Manual User Guide, 4.0
49 8baa2e30-a721-4860-8dbb-9918686c8420 Cisco Systems Video Gaming Accessories 4 User Guide |
2015-01-05
: Cisco-Systems Cisco-Systems-Prime-Network-4-0-Users-Manual-203643 cisco-systems-prime-network-4-0-users-manual-203643 cisco-systems pdf
Open the PDF directly: View PDF .
Page Count: 1040
Download | ![]() |
Open PDF In Browser | View PDF |
Cisco Prime Network 4.0 User Guide July 2013 Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices. Text Part Number: OL-29343-01 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. Cisco Prime Network 4.0 User Guide © 1999-2013 Cisco Systems, Inc. All rights reserved. C O N T E N T S Preface xxiii Audience xxiii Document Organization Conventions xxiv xxvi Related Documentation xxvii Obtaining Documentation and Submitting a Service Request xxvii xxvii CHAPTER 1 Setting Up Devices and Using the GUI Clients 1-1 Overview of the GUI Clients 1-1 Prime Network Vision 1-2 Prime Network Events 1-3 Prime Network Administration 1-3 Prime Network Change and Configuration Management Prime Network Operations Reports 1-3 1-3 Setting Up Devices and Validating Device Information 1-4 Configure Basic Device Settings: Name, DNS, NTP, RADIUS, TACACs, ACLs Configure SNMP and SNMP Traps on Device 1-7 Configure Device Ports and Interfaces 1-7 View Device and VRF Routing Tables and Device Interface Briefs 1-9 Ping Destinations and VRFs, and View Trace Route from Device 1-9 Change Device Syslog Logging Level 1-9 View, Copy, and Overwrite Device Configuration Files 1-10 View Users (Telnet Sessions) on Device 1-10 Using Prime Network with Prime Central CHAPTER 2 1-10 Working with the Prime Network Vision Client 2-1 User Roles Required to Work with Basic Operations in Prime Network Vision Launching Prime Network Vision 1-5 2-1 2-2 Changing Your GUI Client Password 2-4 The Prime Network Vision Window 2-4 Prime Network Vision Inventory Tabs Prime Network Vision Maps 2-6 2-5 Cisco Prime Network 4.0 User Guide OL-29343-01 iii Contents Opening Maps 2-7 Navigation Pane 2-7 Content Pane: Map, List, and Links Views Ticket Pane 2-17 Prime Network Vision Status Indicators Severity 2-18 VNE Management States 2-19 Tickets 2-23 Prime Network Vision Toolbar 2-8 2-17 2-23 Prime Network Vision Menu Bar 2-25 File Menu 2-26 Edit Menu 2-27 View Menu 2-27 Node Menu 2-28 Tools Menu 2-28 Activation Menu 2-29 Network Inventory Menu 2-29 Reports Menu 2-30 Window Menu 2-30 Help Menu 2-30 Prime Network Vision Right-Click Menus 2-31 Map Right-Click Menu 2-32 Element Right-Click Menu 2-32 Aggregation Right-Click Menu 2-36 Link Right-Click Menu 2-36 List View Right-Click Menu 2-37 Links View Right-Click Menu 2-39 Ticket Right-Click Menu 2-40 Adjusting the Prime Network Vision GUI Client Settings Filtering and Sorting Tabular Content CHAPTER 3 Viewing and Managing NE Properties 2-42 3-1 User Roles Required to Work with Prime Network Vision Information Available in Element Icons 2-40 3-1 3-3 Viewing the Properties of a Network Element Network Element Badges 3-8 3-6 Inventory Window 3-9 Navigation Pane 3-12 Cisco Prime Network 4.0 User Guide iv OL-29343-01 Contents Content Pane 3-13 Device View Pane 3-13 Device View Pane Toolbar 3-14 Ticket and Events Pane 3-15 Checking VNE Connectivity and Communication Status Viewing the Physical Properties of a Device Redundancy Support 3-21 Viewing Satellite Properties 3-22 3-16 3-19 Working with Ports 3-23 Viewing Port Status and Properties 3-23 Viewing a Port Configuration 3-25 Disabling and Enabling Alarms 3-26 Generating a Port Utilization Graph 3-27 Viewing the Logical Properties of a Network Element 3-27 Logical Inventory Window 3-28 Logical Inventory Navigation Pane Branches 3-29 Logical Inventory Navigation Pane Icons 3-30 Logical Inventory Content Pane Tabs 3-31 Viewing Device Operating System Information 3-31 Running an Activation from the Activation Menu 3-34 Network Activation Window 3-35 Running Activations 3-35 Searching for Activations (Activation History) 3-36 Rolling Back an Activation 3-36 Cloning an Existing Activation 3-37 Deleting Activations 3-37 CHAPTER 4 Device Configurations and Software Images 4-1 What is Change and Configuration Management? 4-1 Set Up Change and Configuration Management 4-3 Prime Network Setup Tasks 4-3 Device Setup Tasks 4-4 Configuration Management Setup Tasks 4-5 NEIM Setup Tasks 4-7 Device Groups Setup Tasks 4-9 Use the CCM Dashboard 4-10 Device Configurations 4-12 What is In the Archive? 4-12 Cisco Prime Network 4.0 User Guide OL-29343-01 v Contents Protect Configurations in the Archive 4-13 Editing an Archive Configuration 4-14 Find Out What is Different Between Configurations 4-14 Copy a Configuration File to a Central Server 4-16 Are Running and Startup Configs Mismatched? (Cisco IOS and Cisco Nexus) Copy the Device Files to the Archive (Backups) 4-18 Fix a Live Device Configuration (Restore) 4-22 Clean Up the Archive 4-25 Find Out What Changed on Live Devices 4-25 4-17 Software Images 4-26 Add New Images to the Repository 4-27 New Devices: Create an Image Baseline 4-28 Distribute Images and Make Sure They Will Work 4-29 What is Upgrade Analysis? 4-30 Distribute Images to Devices 4-31 Activate Cisco IOS Software Images 4-34 Perform Cisco IOS XR Software Package Operations 4-37 Clean Up the Repository 4-44 Configuration Audit 4-45 Manage Configuration Policies 4-46 Schedule Configuration Audit 4-47 View Configuration Audit Jobs and Audit Results 4-48 Compliance Audit 4-50 User Authentication and Authorization 4-51 Creating Policies and Profiles, and Running a Compliance Audit Job 4-52 Creating a Policy 4-52 Creating a Policy Profile 4-57 Auditing Devices 4-58 Viewing the Results of an Audit Job and Running Fixes for Violations 4-59 Global Settings and Administration 4-61 Change Configuration Managemennt Global Settings Change Image Management Global Settings 4-66 Check the Processes 4-68 Manage Jobs 4-68 User Authentication and Authorization 4-69 CHAPTER 5 Working with Prime Network Vision Maps 4-61 5-1 User Roles Required for Working with Prime Network Vision Maps Opening and Closing Maps 5-2 5-5 Cisco Prime Network 4.0 User Guide vi OL-29343-01 Contents Creating and Deleting Maps 5-6 Creating New Maps 5-6 Deleting Maps from the Database 5-8 Adding and Removing NEs from Maps 5-9 Managing Maps 5-11 Selecting Map Viewing Options 5-12 Applying a Background Image 5-12 Using the Overview Window 5-14 Saving Maps 5-15 Finding NEs, Services, and Links, and Elements Affected by Tickets 5-15 Working with Aggregations 5-16 Grouping Network Elements into Aggregations 5-16 Viewing an Aggregation Thumbnail 5-16 Adding Elements to an Existing Aggregation 5-18 Ungrouping Aggregations 5-19 Viewing Multi-Chassis Devices 5-19 Viewing Inter Rack Links 5-20 Viewing Inter Chassis Links 5-20 Working with Overlays 5-21 Filtering Links in a Map 5-25 Opening the CPU Usage Graph 5-27 Communicating with Devices Using Ping and Telnet CHAPTER 6 Working with Links 5-28 6-1 User Roles Required to Work with Links What Are Dynamic and Static Links? 6-1 6-3 Link Discovery and Flickering Ethernet Topology Links 6-3 Viewing Link Properties 6-4 Viewing Link Properties in Prime Network Vision Maps Viewing Link Properties in the Links View 6-8 Viewing Link Properties in the Link Properties Window Link List Pane 6-11 Properties Pane 6-11 Ticket and Events Pane 6-12 Viewing Link Impact Analysis Adding Static Links 6-10 6-12 6-15 Filtering Links Using the Collection Method Selecting a Link 6-4 6-17 6-18 Cisco Prime Network 4.0 User Guide OL-29343-01 vii Contents CHAPTER 7 Labeling NEs Using Business Tags 7-1 User Roles Required to Work with Business Tags and Business Elements Using Chinese Characters 7-2 Attaching and Detaching Business Tags 7-3 Searching for Business Tags and Viewing Their Properties Renaming a Business Element Deleting a Business Element CHAPTER 8 7-7 8-1 User Roles Required to Work with Prime Network Events Launching Prime Network Events 8-2 Working with Cisco Prime Network Events 8-10 Viewing Event Properties 8-10 Viewing Ticket Properties 8-14 Refreshing Cisco Prime Network Events Information Filtering Events 8-18 Exporting Displayed Data 8-21 9 Working with Tickets in Prime Network Vision What are Tickets? 8-1 8-1 Viewing Events and Tickets in Cisco Prime Network Events Event Types and Categories 8-4 Audit Events 8-4 Provisioning Events 8-5 Security Events 8-5 System Events 8-6 Service Events 8-6 Syslogs 8-7 V1 Traps 8-7 V2 Traps 8-8 V3 Traps 8-8 Tickets 8-9 CHAPTER 7-4 7-7 Tracking Faults Using Prime Network Events Setting Up Your Events View 7-1 8-2 8-17 9-1 9-1 User Roles Required to Work with Tickets in Prime Network Vision Viewing Tickets and Network Events for Elements in a Map Managing Tickets in the Tickets Tab 9-4 Filtering Tickets by Network Element 9-6 Filtering Tickets by Criteria 9-7 9-2 9-3 Cisco Prime Network 4.0 User Guide viii OL-29343-01 Contents Viewing Ticket Properties 9-9 Details Tab 9-10 History Tab 9-11 Affected Parties Tab 9-11 Correlation Tab 9-13 Advanced Tab 9-13 Notes Tab 9-14 User Audit Tab 9-14 Managing Tickets 9-15 Impact Analysis in Prime Network CHAPTER 10 Working with Reports 9-17 10-1 User Roles Required to Manage Reports 10-1 Using the Report Manager 10-4 Menu Options 10-6 Report Manager Toolbar 10-6 Navigation Tree 10-7 Content Pane 10-7 Reports Right-Click Options 10-9 Report Categories 10-11 Events Reports 10-11 Inventory Reports 10-18 Network Service Reports 10-20 Generating Reports 10-22 Database Load and Report Generation 10-22 Report Generation Failure 10-22 Report Generation Canceled 10-23 Generating Reports from Report Manager 10-23 Generating Events Reports 10-23 Generating Inventory Reports 10-31 Generating Network Service Reports 10-34 Generating Reports from the Reports Menu 10-37 Generating Reports from Prime Network Vision 10-38 Scheduling Reports 10-38 Managing Reports 10-39 Managing the Maximum Number of Concurrent Reports Viewing and Saving Reports 10-40 Renaming Reports 10-41 Sharing Reports 10-42 10-39 Cisco Prime Network 4.0 User Guide OL-29343-01 ix Contents Moving Reports Between Folders 10-43 Deleting Reports 10-43 Viewing Report Properties 10-44 Defining Report Types 10-45 Managing Report Folders 10-45 Creating Folders 10-45 Moving Folders 10-46 Renaming Folders 10-46 Deleting Folders 10-47 Viewing Folder and Report Type Properties CHAPTER 11 10-47 Using Cisco PathTracer to Diagnose Problems 11-1 User Roles Required to Work with Cisco PathTracer Cisco PathTracer Overview 11-1 11-2 Launching Path Tracer 11-3 Cisco PathTracer Right-Click Menu Options 11-4 Starting a Path Trace 11-5 From the Map View 11-5 From Logical or Physical Inventory 11-7 Examples of Launching Cisco PathTracer 11-7 Viewing Path Traces in Cisco PathTracer Menus 11-16 Toolbar 11-17 Trace Tabs 11-18 Paths Pane 11-18 Path Trace Pane 11-18 Right-Click Menu Options 11-19 11-14 Viewing Path Trace Details 11-20 Menus 11-22 Cisco PathTracer Details Window Toolbar Path Trace Pane 11-23 Details Pane 11-25 11-22 Saving and Opening Cisco PathTracer Map Files Saving Cisco PathTracer Counter Values Rerunning a Path and Comparing Results Viewing Q-in-Q Path Information Viewing L2TP Path Information 11-26 11-26 11-27 11-27 11-28 Using Cisco PathTracer in MPLS Networks 11-29 Cisco Prime Network 4.0 User Guide x OL-29343-01 Contents Cisco PathTracer MPLS Start and Endpoints 11-30 Using Cisco PathTracer for CSC Configurations 11-31 Using Cisco PathTracer for Layer 3 VPNs 11-32 Using Cisco PathTracer for Layer 2 VPNs 11-32 Using Cisco PathTracer for MPLS TE Tunnels 11-33 CHAPTER 12 Monitoring Carrier Ethernet Services 12-1 User Roles Required to Work with Carrier Ethernet Services Viewing CDP Properties 12-6 Viewing Link Layer Discovery Protocol Properties Viewing Spanning Tree Protocol Properties 12-8 12-10 Viewing Resilient Ethernet Protocol Properties (REP) Viewing HSRP Properties 12-14 12-18 Viewing Access Gateway Properties 12-19 Working with Ethernet Link Aggregation Groups Viewing Ethernet LAG Properties 12-23 Viewing mLACP Properties 12-23 12-29 Viewing Provider Backbone Bridge Properties Viewing EFP Properties 12-2 12-32 12-33 Connecting a Network Element to an EFP 12-38 Understanding EFP Severity and Ticket Badges Viewing EVC Service Properties 12-38 12-40 Viewing and Renaming Ethernet Flow Domains 12-42 Working with VLANs 12-45 Understanding VLAN and EFD Discovery 12-45 Understanding VLAN Elements 12-46 Switching Entities Containing Termination Points 12-50 Adding and Removing VLANs from a Map 12-50 Viewing VLAN Mappings 12-53 Working with Associated VLANs 12-55 Adding an Associated VLAN 12-55 Viewing Associated Network VLAN Service Links and VLAN Mapping Properties Viewing VLAN Links Between VLAN Elements and Devices 12-58 Displaying VLANs By Applying VLAN Overlays to a Map45 12-61 Viewing VLAN Service Link Properties 12-63 Viewing REP Information in VLAN Domain Views and VLAN Overlays 12-63 Viewing REP Properties for VLAN Service Links 12-64 Viewing STP Information in VLAN Domain Views and VLAN Overlays 12-66 12-57 Cisco Prime Network 4.0 User Guide OL-29343-01 xi Contents Viewing STP Properties for VLAN Service Links Viewing VLAN Trunk Group Properties 12-68 Viewing VLAN Bridge Properties 12-70 Using Commands to Work With VLANs 12-72 12-67 Understanding Unassociated Bridges 12-73 Adding Unassociated Bridges 12-73 Working with Ethernet Flow Point Cross-Connects 12-75 Adding EFP Cross-Connects 12-76 Viewing EFP Cross-Connect Properties 12-76 Working with VPLS and H-VPLS Instances 12-78 Adding VPLS Instances to a Map 12-79 Applying VPLS Instance Overlays 12-80 Viewing Pseudowire Tunnel Links in VPLS Overlays 12-82 Viewing VPLS-Related Properties 12-83 Viewing VPLS Instance Properties 12-84 Viewing Virtual Switching Instance Properties 12-85 Viewing VPLS Core or Access Pseudowire Endpoint Properties Viewing VPLS Access Ethernet Flow Point Properties 12-89 12-87 Working with Pseudowires 12-90 Adding Pseudowires to a Map 12-90 Viewing Pseudowire Properties 12-93 Displaying Pseudowire Information 12-95 Viewing Pseudowire Redundancy Service Properties 12-96 Applying Pseudowire Overlays 12-98 Monitoring the Pseudowire Headend 12-100 Viewing the PW-HE configuration 12-102 Viewing PW-HE Configured as a Local Interface under Pseudowire 12-104 Viewing PW-HE Generic Interface List 12-105 Viewing PW-HE as an Associated Entity for a Routing Entity 12-105 Viewing PW-HE as an Associated Entity for a VRF 12-105 Working with Ethernet Services 12-106 Adding Ethernet Services to a Map 12-106 Applying Ethernet Service Overlays 12-108 Viewing Ethernet Service Properties 12-109 Viewing IP SLA Responder Service Properties Viewing IS-IS Properties 12-114 Viewing OSPF Properties 12-117 Configuring REP and mLACP 12-112 12-119 Using Pseudowire Ping and Show Commands 12-120 Cisco Prime Network 4.0 User Guide xii OL-29343-01 Contents Configuring IS-IS CHAPTER 13 12-121 Monitoring Carrier Grade NAT Properties 13-1 User Roles Required to View Carrier Grade NAT Properties 13-2 Viewing Carrier Grade NAT Properties in Logical Inventory 13-2 Viewing Carrier Grade NAT Properties in Physical Inventory Configuring CG NAT Service CHAPTER 14 13-6 Monitoring DWDM Properties 14-1 User Roles Required to View DWDM Properties Viewing DWDM in Physical Inventory Viewing G.709 Properties 14-5 Configuring and Viewing DWDM 15 14-1 14-3 Viewing Performance Monitoring Configuration CHAPTER 14-11 14-15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties User Roles Required to View Ethernet OAM Tool Properties Ethernet OAM Overview Viewing Ethernet LMI Properties Viewing Link OAM Properties Configuring CFM Configuring E-LMI Configuring L-OAM 16 15-1 15-1 15-2 Viewing Connectivity Fault Management Properties CHAPTER 13-5 15-3 15-10 15-14 15-18 15-20 15-21 Monitoring Y.1731 IPSLA Configuration Y.1731 Technology: Overview 16-1 16-1 User Roles Required to Work with Y.1731 Probes 16-2 Working with Y.1731 IPSLA Configurations 16-2 Viewing Y.1731 Probe Properties 16-2 Configuring Y.1731 Probes 16-4 CHAPTER 17 IPv6 and IPv6 VPN over MPLS 17-1 User Roles Required to Work with IPv6 and 6VPE Viewing IPv6 Information 17-2 17-2 Cisco Prime Network 4.0 User Guide OL-29343-01 xiii Contents CHAPTER 18 Monitoring MPLS Services 18-1 User Roles Required to Work with MPLS Networks 18-1 Working with MPLS-TP Tunnels 18-4 Adding an MPLS-TP Tunnel 18-5 Viewing MPLS-TP Tunnel Properties 18-7 Viewing LSPs Configured on an Ethernet Link 18-11 Viewing MPLS-TE and P2MP-MPLS-TE links in a map 18-13 Viewing LSP Endpoint Redundancy Service Properties 18-14 Applying an MPLS-TP Tunnel Overlay 18-16 Viewing VPNs 18-18 Viewing Additional VPN Properties 18-20 Managing VPNs 18-21 Creating a VPN 18-21 Adding a VPN to a Map 18-22 Removing a VPN from a Map 18-23 Moving a Virtual Router Between VPNs 18-23 Working with VPN Overlays 18-24 Applying VPN Overlays 18-24 Managing a VPN Overlay Display in the Map View Displaying VPN Callouts in a VPN Overlay 18-25 18-25 Monitoring MPLS Services 18-26 Viewing VPN Properties 18-26 Viewing Site Properties 18-27 Viewing VRF Properties 18-27 Viewing VRF Multicast Configuration details 18-30 Viewing VRF Egress and Ingress Adjacents 18-31 Viewing Routing Entities 18-31 Viewing the ARP Table 18-34 Viewing the NDP Table 18-34 Viewing Rate Limit Information 18-36 Viewing VRRP Information 18-37 Viewing Label Switched Entity Properties 18-39 Multicast Label Switching (mLADP) 18-42 Viewing MP-BGP Information 18-45 Viewing 6rd Tunnel Properties 18-46 Viewing BFD Session Properties 18-47 Viewing Cross-VRF Routing Entries 18-49 Viewing Pseudowire End-to-End Emulation Tunnels 18-50 Viewing MPLS TE Tunnel Information 18-52 Cisco Prime Network 4.0 User Guide xiv OL-29343-01 Contents Configuring VRF 18-53 Configuring IP Interface 18-54 Configuring MPLS-TP 18-54 Locking/Unlocking MPLS-TP Tunnels in Bulk Configuring MPLS-TE 18-57 Configuring MPLS 18-57 Configuring RSVP 18-58 Configuring BGP Configuring VRRP 18-59 18-60 Configuring Bundle Ethernet CHAPTER 19 18-56 18-61 Viewing IP and MPLS Multicast Configurations IP and MPLS Multicast Configuration: Overview 19-1 19-1 User Roles Required to View IP and Multicast Configurations Viewing the Multicast Configurations 19-2 Viewing Multicast Node 19-2 Viewing Multicast Protocols 19-4 Viewing the Address Family (IPv4) Profile Viewing the Address Family (IPv6) Profile Viewing the IGMP profile 19-5 Viewing the PIM Profile 19-7 Multicast Label Switching 19-10 Multicast Routing Entities 19-10 CHAPTER 20 Monitoring MToP Services 19-4 19-5 20-1 User Roles Required to Work with MToP 20-1 Viewing SAToP Pseudowire Type in Logical Inventory Viewing CESoPSN Pseudowire Type in Logical Inventory Viewing Virtual Connection Properties 20-5 Viewing ATM Virtual Connection Cross-Connects Viewing ATM VPI and VCI Properties 20-10 Viewing Encapsulation Information 20-11 Viewing IMA Group Properties Viewing TDM Properties 19-2 20-2 20-3 20-6 20-13 20-16 Viewing Channelization Properties 20-17 Viewing SONET/SDH Channelization Properties 20-18 Viewing T3 DS1 and DS3 Channelization Properties 20-21 Cisco Prime Network 4.0 User Guide OL-29343-01 xv Contents Viewing MLPPP Properties 20-26 Viewing MLPPP Link Properties 20-29 Viewing MPLS Pseudowire over GRE Properties 20-31 Network Clock Service Overview 20-34 Monitoring Clock Service 20-34 Monitoring PTP Service 20-36 Viewing Pseudowire Clock Recovery Properties 20-41 Viewing SyncE Properties 20-45 Applying a Network Clock Service Overlay 20-48 Viewing CEM and Virtual CEM Properties 20-49 Viewing CEM Interfaces 20-50 Viewing Virtual CEMs 20-50 Viewing CEM Groups 20-50 Viewing CEM Groups on Physical Interfaces 20-51 Viewing CEM Groups on Virtual CEM Interfaces 20-52 Configuring SONET Configuring Clock 20-53 20-55 Configuring TDM and Channelization 20-57 Configuring Automatic Protection Switching (APS ) CHAPTER 21 Viewing and Managing SBCs 20-59 21-1 User Roles Required to View SBC Properties 21-2 Viewing SBC Properties in Logical Inventory 21-3 Viewing SBC DBE Properties 21-4 Viewing Media Address Properties 21-4 Viewing VDBE H.248 Properties 21-5 Viewing SBC SBE Properties 21-5 Viewing AAA Properties 21-6 Viewing H.248 Properties 21-7 Viewing Policy Properties 21-7 Viewing SIP Properties 21-10 Viewing SBC Statistics 21-13 Configuring SBC Components CHAPTER 22 Monitoring AAA Configurations Supported Network Protocols 21-14 22-1 22-1 Viewing AAA Configurations in Prime Network Vision Viewing AAA Group Profile 22-2 22-2 Cisco Prime Network 4.0 User Guide xvi OL-29343-01 Contents Viewing Dynamic Authorization Profile 22-3 Viewing Radius Global Configuration Details 22-4 Viewing AAA Group Configuration Details 22-5 Viewing Diameter Configuration Details for an AAA Group 22-6 Viewing Radius Configuration Details for an AAA Group 22-7 Viewing Radius Accounting Configuration Details for an AAA Group 22-7 Viewing the Radius Keepalive and Detect Dead Server Configuration Details for an AAA Group 22-9 Viewing the Radius Authentication Configuration Details for an AAA Group 22-9 Viewing the Charging Configuration Details for an AAA Group 22-10 Viewing the Charging Trigger Configuration Details for an AAA Group 22-11 Configuring AAA Groups 22-12 CHAPTER 23 Monitoring IP Pools 23-1 Viewing the IP Pool Properties 23-1 Modifying and Deleting IP Pools 23-3 CHAPTER 24 Monitoring BNG Configurations 24-1 Broadband Network Gateway (BNG): Overview User Roles Required to Work With BNG 24-1 24-2 Working with BNG Configurations 24-3 View Broadband Access (BBA) Groups 24-3 View Subscriber Access Points 24-5 Diagnose Subscriber Access Points 24-6 View Dynamic Host Configuration Protocol (DHCP) Service Profile View Dynamic Config Templates 24-9 Viewing the Settings for a PPP Template 24-12 Viewing Policy Container Viewing QoS Profile CHAPTER 25 24-7 24-13 24-16 Monitoring Mobile Technologies 25-1 User Roles Required to Work with Mobile Technologies 25-1 GPRS/UMTS Networks 25-4 Overview of GPRS/UMTS Networks 25-4 Working With GPRS/UMTS Network Technologies 25-6 Working with the Gateway GPRS Support Node(GGSN) 25-6 Working with the GPRS Tunneling Protocol User Plane (GTPU) Working with Access Point Names (APNs) 25-13 Working with GPRS Tunneling Protocol Prime (GTPP) 25-23 25-11 Cisco Prime Network 4.0 User Guide OL-29343-01 xvii Contents Working with the Evolved GPS Tunneling Protocol (eGTP) 25-30 Monitoring the Serving GPRS Support Node (SGSN) 25-32 LTE Networks 25-40 Overview of LTE Networks 25-40 Working with LTE Network Technologies 25-41 Monitoring System Architecture Evolution Networks (SAE-GW) 25-42 Working with PDN-Gateways (P-GW) 25-44 Working with Serving Gateway (S-GW) 25-46 Viewing QoS Class Index to QoS (QCI-QoS) Mapping 25-48 Viewing Layer 2 Tunnel Access Concentrator Configurations (LAC) 25-49 Monitoring the HRPD Serving Gateway (HSGW) 25-53 Monitoring Home Agent (HA) 25-65 Monitoring the Foreign Agent (FA) 25-72 Monitoring Evolved Packet Data Gateway (ePDG) 25-83 Monitoring Packet Data Serving Node (PDSN) 25-92 Viewing the Local Mobility Anchor Configuration (LMA) 25-106 Scheduling 3GPP Inventory Retrieval Requests 25-109 Viewing Operator Policies, APN Remaps, and APN Profiles 25-111 Viewing Operator Policies 25-111 Viewing APN Remaps 25-113 Viewing APN Profiles 25-115 Viewing Additional Characteristics of an APN Profile 25-119 Working with Active Charging Service 25-121 Viewing Active Charging Services 25-123 Viewing Content Filtering Categories 25-125 Viewing Credit Control Properties 25-125 Viewing Charging Action Properties 25-128 Viewing Rule Definitions 25-131 Viewing Rule Definition Groups 25-132 Viewing Rule Base for the Charging Action 25-133 Viewing Bandwidth Policies 25-135 Viewing Fair Usage Properties 25-136 ACS Commands 25-136 Mobile Technologies Commands: Summary 25-138 Monitoring the Mobility Management Entity 25-143 Viewing the MME Configuration Details 25-145 Viewing the EMM Configuration Details 25-150 Viewing the ESM Configuration Details 25-151 Viewing the LTE Security Procedure Configuration Details 25-152 Cisco Prime Network 4.0 User Guide xviii OL-29343-01 Contents Viewing the MME Policy Configuration Details Viewing the S1 Interface Configuration Details Viewing the Stream Control Transmission Protocol CHAPTER 26 Monitoring Data Center Configurations 25-153 25-154 25-155 26-1 User Roles Required to Work with Data Center Configurations Virtual Port Channel (vPC) 26-3 Viewing Virtual Port Channel Configuration Viewing vPC Configuration 26-7 26-2 26-5 Cisco FabricPath 26-7 Viewing Cisco FabricPath Configuration 26-9 Monitoring Cisco FabricPath Configuration 26-10 Virtualization 26-11 Viewing Virtual Data Centers 26-13 Viewing the Data Stores of a Data Center 26-13 Viewing the Host Servers of a Data Center 26-14 Viewing all the Virtual Machines managed by vCenter 26-18 Viewing the Virtual Machines of a Data Center 26-19 Viewing the Host Cluster Details 26-22 Viewing the Resource Pool Details 26-24 Viewing the Map Node for an UCS Network Element 26-26 Discovering the UCS Devices by Network Discovery 26-28 Viewing the Virtual Network Devices of a Data Center Viewing the CSR 1000v Properties 26-29 Viewing the VSG Properties 26-30 26-29 Viewing the Compute Server Support Details 26-32 Viewing the Non Cisco Server Details 26-35 Viewing the Mapping between the Compute Server and Hypervisor Viewing the Storage Area Network Support Details 26-37 Viewing the Storage Area Network Configuration Details Viewing the FC Interface Details 26-41 Viewing the FCoE Interface Details 26-43 Viewing the Fibre Channel Link Aggregation 26-44 Searching for Compute Services CHAPTER 27 Monitoring Cable Technologies 26-36 26-37 26-46 27-1 User Roles Required to Work with Cable Technologies 27-2 Viewing the Cable Broadband Configuration Details 27-3 Cisco Prime Network 4.0 User Guide OL-29343-01 xix Contents Viewing the DTI Client Configuration Details 27-4 Viewing the QAM Domain Configuration Details 27-5 Viewing the MAC Domain Configuration Details 27-6 Viewing the Narrowband Channels Configuration Details 27-8 Viewing the Wideband Channels Configuration Details 27-8 Viewing the Fiber Node Configuration Details 27-10 Configure Cable Ports and Interfaces 27-11 View Upstream and Downstream Configuration for Cable Configure QAM 27-12 View QAM Configurations Configure DEPI and L2TP CHAPTER 28 27-12 27-13 27-14 Monitoring ADSL2+ and VDSL2 Technology Enhancements 28-1 User Roles Required to Work with ADSL2+/VDSL2 Technologies 28-1 Viewing the ADSL2+/VDSL2 Configuration Details 28-2 Viewing the ADSL2+/VDSL2 Details for a Device 28-4 Viewing the DSL Bonding Group Configuration Details 28-5 Viewing Transport Models Supported by ADSL2+ and VDSL2 28-8 Viewing the N-to-One Access Profile 28-8 Viewing the One-to-One Access Profile 28-10 Viewing the TLS Access Profile 28-11 APPENDIX A Icon and Button Reference A-1 Icons A-1 Network Element Icons A-2 Business Element Icons A-4 Logical Inventory Icons A-7 Physical Inventory Icons A-10 Links A-10 Link Icons A-11 Link Colors A-12 Link Characteristics Severity Icons A-12 A-13 Buttons A-14 Prime Network Vision Buttons A-14 Table Buttons A-17 Link Filtering Buttons A-17 Prime Network Events Buttons A-18 Cisco Prime Network 4.0 User Guide xx OL-29343-01 Contents Ticket Properties Buttons A-18 Report Manager Buttons A-19 Badges A-19 VNE Communication State Badges A-20 VNE Investigation State Badges A-20 Network Element Technology-Related Badges Alarm and Ticket Badges A-22 A-21 GLOSSARY INDEX Cisco Prime Network 4.0 User Guide OL-29343-01 xxi Contents Cisco Prime Network 4.0 User Guide xxii OL-29343-01 Preface This guide describes Cisco Prime Network 4.0. Prime Network serves as an extensible integration platform for network and service management. At its core is a virtual network mediation model that is rich, open, and vendor-neutral, and supports the management of diverse multiservice and multivendor networks. Additionally, Prime Network provides the following mature NMS functionality: • Network topology discovery and visualization. • Element management, providing near real-time inventory. • Fault management, event correlation, root cause analysis and troubleshooting. • Network service support. This preface contains the following sections: • Audience, page xxiii • Document Organization, page xxiv • Conventions, page xxvi • Related Documentation, page xxvii • Obtaining Documentation and Submitting a Service Request, page xxvii Audience The intended audience for this guide includes: • Network viewers who monitor the network and perform basic (nonprivileged) system functions. • Network operators who perform day-to-day operations such as creating business tags and maps, and managing alarms. • Network configurators who activate services and configure network elements. • System administrators who manage and configure users, network elements, the Prime Network system, and overall security. • System managers or administrators who periodically review and manage the events list using Cisco Prime Network Events (Prime Network Events). • Networking engineers who are interested in understanding how the Prime Network Events fault and root cause analysis mechanism works. These engineers should have networking knowledge at Cisco Certified Network Associate (CCNA) level, and should have received Cisco Prime Network Vision (Prime Network Vision) basic and administrative training. Cisco Prime Network 4.0 User Guide OL-29343-01 xxiii Document Organization This guide contains the following sections: Chapter and Title Description Chapter 1, “Setting Up Devices and Using the GUI Clients” Describes the suite of GUI tools that offer an intuitive interface for managing the network and services, and for performing required system administration activities. Chapter 2, “Working with the Prime Network Vision Client” Describes the user access roles required to use Prime Network Vision, the Prime Network Vision working environment, and how to access Prime Network Vision tools and commands. Chapter 3, “Viewing and Managing NE Properties” Describes the user access roles required to use Prime Network Vision and how to view network element physical and logical properties in any mapped network. Chapter 4, “Device Configurations and Software Images” Describes the features that Change and Configuration Management provides, some initial setup tasks you must perform, and how to work with the GUI. Chapter 5, “Working with Prime Network Vision Describes how to work with the topological maps Maps” displayed in the content pane of the Prime Network Vision window. Chapter 6, “Working with Links” Describes how to view information about static and dynamic links using the Prime Network Vision user interface. Chapter 7, “Labeling NEs Using Business Tags” Describes how to manage and view Prime Network Vision business tags and business elements. Chapter 8, “Tracking Faults Using Prime Network Events” Describes how to use Prime Network Events to track faults. Chapter 9, “Working with Tickets in Prime Network Vision” Describes viewing tickets in Prime Network Vision, how to manage tickets that represent fault scenarios of selected devices or network elements, and fault impact analysis. Chapter 10, “Working with Reports” Describes how to use Prime Network Report Manager to generate, customize, view, and export a variety of reports about events, traps, tickets, syslogs, software versions, elements, and network services. Chapter 11, “Using Cisco PathTracer to Diagnose Describes how to perform end-to-end route Problems” tracing and the performance information displayed simultaneously for the multiple networking layers. Cisco Prime Network 4.0 User Guide xxiv OL-29343-01 Chapter and Title Description Chapter 12, “Monitoring Carrier Ethernet Services” Describes how to view Carrier Ethernet services in Prime Network Vision and how to work with VLANs, pseudowires, overlays, VPLS instances, and Ethernet services. Chapter 13, “Monitoring Carrier Grade NAT Properties” Describes the Carrier Grade Name Address Translation (NAT) properties available in Prime Network Vision. Chapter 14, “Monitoring DWDM Properties” Describes how to view and monitor IP over dense wavelength division multiplexing (DWDM) properties in Prime Network Vision. Chapter 15, “Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties” Describes how to use Prime Network Vision to monitor Ethernet operations, administration, and maintenance (OAM) tools. Chapter 16, “Monitoring Y.1731 IPSLA Configuration” Describes how to view Y.1731 IP Service Level Agreement (SLA) configurations for the OAM functionality in Ethernet networks. Chapter 17, “IPv6 and IPv6 VPN over MPLS” Describes how to use Prime Network Vision to view IPv6 and 6PVE properties. Chapter 18, “Monitoring MPLS Services” Describes how to view and manage aspects of Multiprotocol Label Switching (MPLS) services using Prime Network Vision, including the MPLS service view, business configuration, and maps. This chapter also describes the inventory properties specific to MPLS VPNs, including routing entities, label switched entities (LSEs), BGP neighbors, Multiprotocol BGP (MP-BGP), VRF instances, pseudowires, and traffic engineering (TE) tunnels. Chapter 19, “Viewing IP and MPLS Multicast Configurations” Describes how to view multicast configurations and how Prime Network Vision supports multicast on MPLS and routing entities. Chapter 20, “Monitoring MToP Services” Describes Mobile Transport over Packet (MToP) services and how to view their properties in Prime Network Vision. Chapter 21, “Viewing and Managing SBCs” Describes the Session Border Controller (SBC) properties available in Prime Network Vision. Chapter 22, “Monitoring AAA Configurations” Describes how to view Authentication, Authorization, and Accounting (AAA) configuration, which is a security architecture for distributed systems that determines the access given to users for specific services and the amount of resources they have used. Cisco Prime Network 4.0 User Guide OL-29343-01 xxv Chapter and Title Description Chapter 23, “Monitoring IP Pools” Describes how to view IP pool properties in Prime Network Vision. An IP pool is a sequential range of IP addresses within a certain network. Prime Network provides the flexibility of assigning IP addresses dynamically for services running on a network element. Chapter 24, “Monitoring BNG Configurations” Describes how to view Broadband Network Gateway (BNG) configuration in Prime Network Vision. Chapter 25, “Monitoring Mobile Technologies” Describes how to configure and view the mobile technologies in Prime Network Vision. Chapter 26, “Monitoring Data Center Configurations” Describes the Data Center components and how to view their configurations in Prime Network Vision. Chapter 27, “Monitoring Cable Technologies” Describes the Cable technologies and how to view the cable broadband configuration details. Chapter 28, “Monitoring ADSL2+ and VDSL2 Technology Enhancements” Describes enhancements to ADSL2+, VDSL2 and bonding groups. Appendix A, “Icon and Button Reference” Identifies the icons and buttons used in Prime Network Events and Prime Network Vision. Conventions This guide uses the following conventions: Table 1 Conventions Convention Description string A string is a nonquoted set of characters. For example, when setting an SNMP community string to public, do not use quotation marks around the string, or the string will include the quotation marks. ^ or Ctrl ^ or Ctrl represents the Control key. For example, the key combination ^D or Ctrl-D means hold down the Control key while you press the D key. Alphabetic character keys are indicated in capital letters but are not case sensitive. <> Angle brackets show nonprinting characters, such as passwords. ! An exclamation point at the beginning of a line indicates a comment line. [] Square brackets show optional elements. {} Braces group alternative, mutually exclusive elements that are part of a required choice. | A vertical bar, also known as a pipe, separates alternative, mutually exclusive elements of a choice. boldface font Button names, commands, keywords, and menu items. boldface screen Courier bold shows an example of text that you must enter. font Cisco Prime Network 4.0 User Guide xxvi OL-29343-01 Table 1 Conventions (continued) Convention Description italic font Variables for which you supply values. italic screen font Variables you enter. screen font Courier plain shows an example of information displayed on the screen. Option > Network Choosing a menu item. Preferences Related Documentation Note We sometimes update the documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates. Cisco Prime Network 4.0 Integration Developer Guide is available on the Cisco Prime Network Technology Center website. This guide describes how to use Prime Network integration interfaces. The Prime Network Technology Center is an online resource for additional downloadable Prime Network support content, including help for integration developers who use Prime Network application programming interfaces (APIs). It provides information, guidance, and examples to help you integrate your applications with Prime Network. It also provides a platform for you to interact with subject matter experts. To view the information on the Prime Network Technology Center website, you must have a Cisco.com account with partner level access, or you must be a Prime Network licensee. You can access the Prime Network Technology Center at http://developer.cisco.com/web/prime-network/home. Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html. Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service. Cisco Prime Network 4.0 User Guide OL-29343-01 xxvii Cisco Prime Network 4.0 User Guide xxviii OL-29343-01 CH A P T E R 1 Setting Up Devices and Using the GUI Clients These topics provides an overview of the Prime Network GUI clients, the commands you can use to set up devices, and how to use Prime Network with Prime Central. It contains the following topics: • Overview of the GUI Clients, page 1-1 – Prime Network Vision, page 1-2 – Prime Network Events, page 1-3 – Prime Network Administration, page 1-3 – Prime Network Change and Configuration Management, page 1-3 Note Command Manager and Transaction manager are accessed from the Change and Configuration Management GUI. Please see the Cisco Prime Network 4.0 Customization Guide for information about these components. – Prime Network Operations Reports, page 1-3 • Setting Up Devices and Validating Device Information, page 1-4 • Using Prime Network with Prime Central, page 1-10 Overview of the GUI Clients The following Prime Network GUI clients provide intuitive interface for managing your network and services, and for performing required system administration activities: • Prime Network Vision, page 1-2 • Prime Network Events, page 1-3 • Prime Network Administration, page 1-3 • Prime Network Change and Configuration Management, page 1-3 • Prime Network Operations Reports, page 1-3 Cisco Prime Network 4.0 User Guide OL-29343-01 1-1 Chapter 1 Setting Up Devices and Using the GUI Clients Overview of the GUI Clients Prime Network Vision Prime Network Vision is the main GUI client for Prime Network. Maps of devices create a visualization of the network, from the intricacies of a single device physical and logical inventory, to multi-layer topological information on connections, traffic, and routes. Faults and alarms are graphically displayed with built-in troubleshooting tools. Network elements and links using color cues and graphic symbols to indicate status and alarms. All user actions are controlled by user roles and device scopes. Each user is assigned a role which controls the GUI actions the user can perform. When a user does not have the required permission level to perform a function, the appropriate menu option or button is disabled. Similarly, device scopes, which are named collections of managed network elements, control which devices a user can access. User roles and device scopes are controlled from the Prime Network Administration GUI client. Prime Network Vision is also the launching point for these features. Feature Provides this function: Described in: Path Tracer Route tracing and performance Chapter 11, “Using Cisco PathTracer to Diagnose Problems.” Change and Configuration Management of software images and Chapter 4, “Device Configurations and Software Images” Management (CCM) device configuration files. Use Compliance Audit feature to check compliance of device configurations to deployment policies. Cisco Prime Network 4.0 Customization Guide Transaction Manager (accessed from the CCM GUI) Management and execution of activation workflows (transactions) that are made up of configuration scripts and designed to execute on devices according to a specific sequence or flow. Command Manager (accessed from the CCM GUI) Cisco Prime Network 4.0 Repository of all configuration commands available in the system. It Customization Guide can be used to create new commands and command sequences, which can then be applied to groups of devices. Command Builder Enables the creation and Cisco Prime Network 4.0 management of device configuration Customization Guide commands Report Manager Scheduling and generation of fault, inventory, technology, and other standard reports. Soft Properties Manager Enables the display of additional Cisco Prime Network 4.0 properties in the GUI, and create new Customization Guide TCAs Chapter 10, “Working with Reports.” For more information on the Prime Network Vision GUI client, see Working with the Prime Network Vision Client, page 2-1. Cisco Prime Network 4.0 User Guide 1-2 OL-29343-01 Chapter 1 Setting Up Devices and Using the GUI Clients Overview of the GUI Clients Prime Network Events Prime Network Events is the interface used by system managers and administrators for viewing system events that occur in the network. You can use the GUI to retrieve detailed information about the different types of system events and tickets that are generated; it also helps predict and identify the sources of system problems. The GUI client also provides information about events within the Prime Network system. For more information, see Tracking Faults Using Prime Network Events, page 8-1. Prime Network Administration Prime Network Administration is the GUI client used to manage the Prime Network system, which is comprised of gateway servers, units, AVMs, and VNEs. These components work together to create the information model, which is constantly updated. Administrators use this GUI client to create user accounts, device scopes, polling groups, redundancy settings, and so forth. For information on this GUI client, see the Cisco Prime Network 4.0 Administrator Guide. Prime Network Administration is also the launching point for the following Prime Network components which are launched in a Web GUI client. Feature Provides this function: Described in: VNE Customization Builder (VNE) Enable support for unsupported device types, software versions, modules, and events. Cisco Prime Network 4.0 Customization Guide Network Discovery Automatic discovery of network devices. Cisco Prime Network 4.0 Administrator Guide Prime Network Change and Configuration Management This is a Web GUI component that provides tools for managing the software images and device configuration files used by the devices in your network. It is described in Device Configurations and Software Images, page 4-1. CCM is also the launch point for the following Prime Network features: • Transaction Manager, which is used to manage and execute activations on groups of devices. Information appears in the Transaction Manager tab only if transactions have been created and then added to Prime Network, as described in the Cisco Prime Network 4.0 Customization Guide. • Command Manager, which provides a repository of all commands available in the system. It can be used to create new commands and command sequences, which can then be applied to groups of devices. Command Manager is described in the Cisco Prime Network 4.0 Customization Guide. Prime Network Operations Reports Prime Network Operations Reports is an optional add-on component to Prime Network 4.0 that provides extended reporting functionality. In addition to providing prepackaged, read-only fault, physical inventory, and technology-related reports, it also enables you to create your own reports and to customize some prepackaged reports. For information on this GUI client, see the Cisco Prime Network 4.0 Operations Reports User Guide. Cisco Prime Network 4.0 User Guide OL-29343-01 1-3 Chapter 1 Setting Up Devices and Using the GUI Clients Setting Up Devices and Validating Device Information Setting Up Devices and Validating Device Information Prime Network provides a variety of management and configuration commands that you can launch from the Vision GUI client by right-clicking an NE and selecting Commands. These commands are executed on the actual physical device versus being performed on the network model that is stored in memory (and subsequently on the real device). This is useful to validate information displayed in a Prime Network GUI client against a device, using the device command line interface (CLI). Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands, if you have user permissions to do so. Prime Network also provides a variety of technology-specific commands—such as configuring the clock source for signals on SONET ports, enabling global ELM-I, enabling OAM on an interface. Whether you can use these commands depends on whether the technology is enabled on the device. Note The basic operation commands in this chapter can be executed by all network elements that run on Cisco IOS software, Cisco IOS XR software, and Cisco NX OS software. You will not be able to execute these commands on network elements that have Cisco Catalyst OS software. Note To view the basic operation commands in the Cisco Carrier Packet Transport (CPT) System, you must right-click the Cisco Carrier Packet Transport (CPT) System in the Prime Network Vision List or Map View and click Logical Inventory > CPT Context Container. Execution of command builder scripts will fail under Managed Element and Physical Root. Figure 1-1 illustrates how to launch these commands. Figure 1-1 Launching NE Management and Configuration Commands Cisco Prime Network 4.0 User Guide 1-4 OL-29343-01 Chapter 1 Setting Up Devices and Using the GUI Clients Setting Up Devices and Validating Device Information Note 1 Menu Bar 5 Ticket Pane 2 Tool bar 6 Hide/display Ticket Pane 3 Device Right-click Menu 7 Navigation Pane 4 Status Bar You might be prompted to enter your device access credentials. Once you have entered them, these credentials will be used for every subsequent execution of a command in the same GUI client session. If you want to change the credentials, click Edit Credentials. Edit Credentials button will not be available for SNMP commands or if the command is scheduled for a later time. These topics describe the available commands: • Configure Basic Device Settings: Name, DNS, NTP, RADIUS, TACACs, ACLs, page 1-5 • Configure SNMP and SNMP Traps on Device, page 1-7 • Configure Device Ports and Interfaces, page 1-7 • View Device and VRF Routing Tables and Device Interface Briefs, page 1-9 • Ping Destinations and VRFs, and View Trace Route from Device, page 1-9 • Change Device Syslog Logging Level, page 1-9 • View, Copy, and Overwrite Device Configuration Files, page 1-10 • View Users (Telnet Sessions) on Device, page 1-10 Configure Basic Device Settings: Name, DNS, NTP, RADIUS, TACACs, ACLs Use the following commands to configure system-level settings on the real device. Unless otherwise noted, all of the following commands are launched by right-clicking the device and choosing Commands > Configuration > System. These commands can be executed on all network elements that run on Cisco IOS software, Cisco IOS XR software, Cisco NX OS, and Cisco IOS XE software. You will not be able to execute these commands on network elements that have Cisco Catalyst OS software. Configure the Device Host Name and DNS Command Description Add Host Name Configures the device host name. Remove Host Name Note DNS > Add DNS Server Assigns the device to a Domain Name System (DNS) server to manage translating the host name to and from the device IP address. DNS > Remove DNS Server Be sure to also apply any host name changes to the device in Prime Network so that the name is also updated in the Prime Network model. Cisco Prime Network 4.0 User Guide OL-29343-01 1-5 Chapter 1 Setting Up Devices and Using the GUI Clients Setting Up Devices and Validating Device Information Configure a Device NTP Server Command Description NTP > Add NTP Server Assigns the device to a Network Time Protocol (NTP) server to manage clock synchronization. NTP > Remove NTP Server Configure RADIUS or TACACS Server on Device Command Description TACACS > Add Tacacs Server Assigns the device to a Terminal Access Controller Access-Control System (TACACS) server to manage authentication (uses TCP or UDP). TACACS > Remove Tacacs Server TACACS+ > Add Tacacs+ Server Assigns the device to a TACACS+ server to manage TACACS+ > Remove Tacacs+ Server authentication (uses TCP). RADIUS > Add Radius Server RADIUS > Remove Radius Server Assigns the device to a Remote Authentication Dial In User Service (RADIUS) server to manage centralized authentication, authorization, and accounting (uses UDP). Configure IP Access Control Lists (ACLs) on Device Note Caution These commands are not available on Cisco IOS XR devices. Only advanced users should change ACLs. Command Navigation Description Remove Access List Logical Inventory > Access Lists > ACL > Commands > Configuration > System Removes an NE’s IP ACL, which filters traffic by forwarding or blocking routed packets depending on the ACL entry configurations. Remove Access List Entry Removes the specified ACL entry from the Logical Inventory > Access Lists > double-click ACL > IP ACL. ACL entry > Commands > Configuration > System Cisco Prime Network 4.0 User Guide 1-6 OL-29343-01 Chapter 1 Setting Up Devices and Using the GUI Clients Setting Up Devices and Validating Device Information Configure SNMP and SNMP Traps on Device Use the following commands to configure SNMP settings and SNMP traps on the real device. All of the following commands are launched by right-clicking the device and choosing Commands > Configuration > System. Note These commands can be executed on all network elements that run on Cisco IOS software, Cisco IOS XR software, Cisco NX OS, and Cisco IOS XE software. You will not be able to execute these commands on network elements that have Cisco Catalyst OS software. Command Description SNMP > Add SNMP Configuration SNMP > Update SNMP Configuration 1 SNMP > Remove SNMP Configuration SNMP > Add Traps SNMP > Enable Traps SNMP > Remove Traps Configures SNMP on the device, including community settings, read-write access control, view-based access control, group settings, and so forth. Note Be sure to also apply any SNMP configuration changes to the device in Prime Network so that the settings are also updated in the Prime Network model. Configures traps on the device (for example, improper user authentication, restarts, the closing of a connection, loss of connection to a neighbor router, and so forth). You can choose traps from a drop-down list. 1. The “Update SNMP configuration” command is not applicable for Cisco UBR10K and RFGW10 cards. Configure Device Ports and Interfaces These commands can be executed on all network elements that run on Cisco IOS software, Cisco IOS XR software, Cisco NX OS, and Cisco IOS XE Configure Device Ports Note To apply description or status changes to an interface and port at the same time, use the interface commands listed in Configure Device Interfaces, page 1-8. Cisco Prime Network 4.0 User Guide OL-29343-01 1-7 Chapter 1 Setting Up Devices and Using the GUI Clients Setting Up Devices and Validating Device Information Command Navigation Description Add / Remove / Update port description Physical Inventory > navigate to port > Commands > Configuration Configures the descriptive information that is displayed in GUI clients when the port is selected. Examples are customer information or business case details. Change Port Status Note Disables (Shutdown) or enables (No Shutdown) the port. An example is disabling (No Shutdown) a port in response to a fault so that the port will not generate further errors. Note Modify Port Not supported on the Cisco Carrier Packet Transport (CPT) System. Physical Inventory > Ethernet Slot > navigate to port > Commands > Configuration Assign Port to Vlan Logical Inventory > Routing Entities > DeAssign Port To Routing Entity > Vlan interface > Commands > Configuration Not supported on the Cisco Carrier Packet Transport (CPT) System. (Cisco ASR 5000 series only) Controls a variety of ASR 5000 port characteristics (bindings, contexts, link aggregations, and so forth). For more information, see the appropriate Cisco ASR 5000 documentation. Controls a port’s VLAN assignment. Enter a VLAN between 1-4094. When assigned, the port can communicate only with or through other devices in that VLAN. When deassigned, you can move a port to a new VLAN. Configure Device Interfaces Command Navigation Add Interface Configuration Physical Inventory > Configures descriptive information that is interface > Commands > displayed in GUI clients when the interface (or Configuration port) is selected. Examples are customer information or business case details. Enable Interface Logical Inventory > Routing Entities > Routing Entity > interface > Commands > Configuration Disables or enables an interface (and port). An example is disabling an interface in response to a fault so that the interface will not generate further errors. Logical Inventory > Routing Entities > Routing Entity > Commands > Configuration Configures a software-only interface that emulates an interface. If the virtual interface receives traffic, it immediately reroutes it back to the device. Disable Interface Update Interface Configuration Remove Interface Configuration Add Loopback Interface Description Changes or removes descriptive information that is displayed in GUI clients when the interface (or port) is selected. Examples are customer information or business case details. Cisco Prime Network 4.0 User Guide 1-8 OL-29343-01 Chapter 1 Setting Up Devices and Using the GUI Clients Setting Up Devices and Validating Device Information View Device and VRF Routing Tables and Device Interface Briefs These commands can be executed on all network elements that run on Cisco IOS software, Cisco IOS XR software, and Cisco NX OS. View Interface Briefs and IP Routes Command Navigation Description Show > IP Route Logical Inventory > Routing Entities > Routing Entity > Commands Displays the device routing table. Show > VRF IP route Logical Inventory > VRFs > VRF > Commands Displays the routing table of a selected VRF. Show > IP > Interface Brief NE > Commands Lists all IP interfaces on the device. Ping Destinations and VRFs, and View Trace Route from Device Command Navigation Description OAM > Trace Route from Device NE > Commands Performs a traceroute to a destination address, showing how many hops were required and how long each hop takes. OAM > Ping > Destination From Device OAM > Traceroute VRF1 Pings a specified IP address to see if the IP address is accessible. Logical Inventory > VRFs > VRF > Commands OAM > Ping VRF1 Performs a traceroute from selected VRF to a destination address, showing how many hops were required and how long each hop takes. Pings a specified VRF to see if the VRF is accessible. 1. Not applicable for Cisco UBR10K and RFGW10 cards. Change Device Syslog Logging Level These commands can be executed on all network elements that run on Cisco IOS software, Cisco IOS XR software, Cisco NX OS, and Cisco IOS XE software. Command Navigation Description Syslog Host Logging NE > Commands > Configuration > System Changes the syslog logging level to one of the following: alerts, critical, debugging, emergencies, errors, informational, notifications, warnings Cisco Prime Network 4.0 User Guide OL-29343-01 1-9 Chapter 1 Setting Up Devices and Using the GUI Clients Using Prime Network with Prime Central View, Copy, and Overwrite Device Configuration Files These commands can be executed on all network elements that run on Cisco IOS software, Cisco IOS XR software, Cisco NX OS, and Cisco IOS XE softwar Command Navigation Description Write memory NE > Commands > Configuration Overwrites the startup-config file with the current running-config. Note Show > Running Config NE > Commands Show > Startup Config From FTP From TFTP Not supported on Cisco IOS XR devices. Displays the contents of the device’s current running-config (which can be different from the running-config on file). Displays the contents of the device’s current startup-config. NE > Commands > Tools > File copy Note To FTP To TFTP Not supported on Cisco Carrier Packet Transport (CPT) System. Copies the starting-config or running-config file from a remote source to a local location. The remote source is identified by its IP address. FTP requires the FTP username and password. Copies a local configuration file to a remote destination’s starting-config or running-config file. The remote destination is identified by an IP address. FTP requires the FTP username and password. View Users (Telnet Sessions) on Device Command Navigation Description Users (Telnet Sessions) NE > Commands > Show Provides details about the device’s current Telnet sessions. Using Prime Network with Prime Central Prime Network can be installed as a standalone product or with Cisco Prime Central. When installed with Cisco Prime Central, you can launch Prime Network GUI clients from the Cisco Prime Portal. Cross-launch to and from other suite applications is also supported. The applications share a common inventory. The Cisco Prime Portal uses a single sign-on (SSO) mechanism so that users need not reauthenticate with each GUI client. All session management features are controlled by the portal (such as client timeouts). If a user tries to log into a standalone GUI client, the user will be redirected to the portal login. The only exception is the emergency user, who will still be allowed to log into a standalone GUI client. If the Cisco Prime Performance Manager application is also installed, the Prime Network Event Collector will receive threshold crossing alarm (TCA) events from Prime Performance Manager components and generate a ticket that you can view in Prime Network Events. Cisco Prime Network 4.0 User Guide 1-10 OL-29343-01 Chapter 1 Setting Up Devices and Using the GUI Clients Using Prime Network with Prime Central Prime Network also receives EPM-MIB traps from the network. By default Prime Network receives EPM-MIB traps from any source in the network. If desired, you can configure Prime Network to only process EPM-MIB traps arriving from a specific Prime Performance Manager server. The instructions for doing this are provided on the Cisco Developer Network at http://developer.cisco.com/web/prime-network/home. Cisco Prime Network 4.0 User Guide OL-29343-01 1-11 Chapter 1 Setting Up Devices and Using the GUI Clients Using Prime Network with Prime Central Cisco Prime Network 4.0 User Guide 1-12 OL-29343-01 CH A P T E R 2 Working with the Prime Network Vision Client The following topics describe the user access roles required to use Cisco Prime Network Vision (Prime Network Vision), the Prime Network Vision working environment, and how to access the Prime Network Vision tools and commands: • User Roles Required to Work with Basic Operations in Prime Network Vision, page 2-1 • Launching Prime Network Vision, page 2-2 • Changing Your GUI Client Password, page 2-4 • The Prime Network Vision Window, page 2-4 • Prime Network Vision Status Indicators, page 2-17 • Prime Network Vision Toolbar, page 2-23 • Prime Network Vision Menu Bar, page 2-25 • Prime Network Vision Right-Click Menus, page 2-31 • Adjusting the Prime Network Vision GUI Client Settings, page 2-40 • Filtering and Sorting Tabular Content, page 2-42 User Roles Required to Work with Basic Operations in Prime Network Vision Table 2-1 identifies the GUI default permission or device scope security level that is required to work with Prime Network Vision. Prime Network Vision determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect devices), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the Cisco Prime Network 4.0 Administrator Guide. By default, users with the Administrator role have access to all managed elements. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide OL-29343-01 2-1 Chapter 2 Working with the Prime Network Vision Client Launching Prime Network Vision Table 2-1 Default Permission/Security Level Required for the Basic Prime Network Vision Functions Task Viewer Operator OperatorPlus Configurator Administrator Start Prime Network Vision X X X X X Change a user password —1 in Prime Network Vision —1 —1 —1 X1 Set Prime Network Vision options X X X X X Work with Prime Network Vision tables X X X X X 1. Each user can change their own password, but only the Administrator role can change another user’s password. Launching Prime Network Vision Prime Network Vision is password protected to ensure security. Before you start working with Prime Network Vision, make sure you know your username and password. If you use the standalone application, you also need to know the Prime Network Vision gateway IP address or hostname. • Launch Prime Network Vision from Prime Central—Choose Assure > Prime Network > Vision in the menu bar. The Prime Network Vision application is opened in a separate window. For information on Prime Central, see the Cisco Prime Central User Guide. • Launch Prime Network Vision as a Standalone Application—Choose Start > Programs > Cisco Prime Network > gateway IP address > Cisco Prime Network Vision, and enter your username and password. If any client updates are available, Prime Network automatically installs them. If you see messages that say the server and client have different versions of the application, you need to update your client as described in the Cisco Prime Network 4.0 Installation Guide. The Prime Network Vision GUI opens with the Network Elements tab as default as shown in Figure 2-1. Cisco Prime Network 4.0 User Guide 2-2 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Launching Prime Network Vision Figure 2-1 Prime Network Vision with Network Elements Tab This tab contains the following radio buttons: • Search—This radio button is selected by default and allows you to search for a device by selecting any one of the following options and specifying the relevant search criteria: – Element Type – IP Address – Name – Product – System Name – Vendor • Show All—Selecting this option will display all the devices available in your network. Once the GUI client is displayed, open an existing map or create a new one; see Working with Prime Network Vision Maps, page 5-1. Note If this is not the first time you are logging into Prime Network Vision GUI, then the Prime Network Vision GUI opens with the default Network Elements tab along with the Last Open Maps dialog box. This dialog box will list the names of the maps that you opened previously along with a selected check box next to it. If you want to open the same maps again, then click the OK button. Otherwise, close the dialog box. Cisco Prime Network 4.0 User Guide OL-29343-01 2-3 Chapter 2 Working with the Prime Network Vision Client Changing Your GUI Client Password After logging into Prime Network Vision and launching the application, you can customize the Prime Network Vision settings. For example, you can: • Load the content pane with information when starting Prime Network Vision. • Display network elements in the Prime Network Vision content pane and navigation pane. • Configure audio responses when different alarms are triggered. • Specify the length of time that events should be displayed in the inventory window. For more information on customizing Prime Network Vision startup and display options, see Adjusting the Prime Network Vision GUI Client Settings, page 2-40. Changing Your GUI Client Password The method used to change your password depends on whether authentication is provided by Prime Network or an LDAP server. If you can see the Tools > Change User Password choice in the Prime Network Vision menu, the system is using authentication provided by Prime Network. You can change your password by entering the old and new passwords. If the menu choice is disabled, the system is using an external authentication method. To change your password, contact your administrator. For more information about user authentication, see the Cisco Prime Network 4.0 Administrator Guide. The Prime Network Vision Window Figure 2-2 displays the Prime Network Vision window with an open map. Tip The ticket pane can be displayed or hidden by clicking the arrows below the navigation pane (see Callout 7 in Figure 2-2). Cisco Prime Network 4.0 User Guide 2-4 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client The Prime Network Vision Window Figure 2-2 Prime Network Vision Window 1 GUI client menu bar 5 GUI client status bar (amount of memory used by client and gateway connection status) 2 GUI client toolbar 6 List of tickets on selected item 3 Active map and inventory tabs 7 Toggle to hide/display ticket pane 4 Map view (content pane) 8 Inventory window (navigation pane) Prime Network Vision Inventory Tabs Prime Network Vision includes the following inventory tabs: • Network Elements—Lists all network elements with the information described in Table 2-7, Network Element Information Displayed in List View. If there are tickets associated with the element, an icon is displayed. The color of the icon indicates the ticket severity. • Ethernet Flow Domains—Lists all Ethernet flow domains, including the domain name, the system-defined domain name, and a brief description for each domain. For more information about Ethernet flow domains, see Viewing and Renaming Ethernet Flow Domains, page 12-42. • VTP Domains—Lists all VTP domains. For more information about VTP domains, see Viewing VLAN Trunk Group Properties, page 12-68. Cisco Prime Network 4.0 User Guide OL-29343-01 2-5 Chapter 2 Working with the Prime Network Vision Client The Prime Network Vision Window • Virtual Machines—Lists all the virtual machines. For more information about virtual machines, see Viewing the Virtual Machines of a Data Center, page 26-19. If there are tickets associated with the virtual machine, an icon is displayed. The color of the icon indicates the ticket severity. To open an inventory tab, choose Network Inventory in the menu bar, and choose the required option. The selected inventory table is displayed as shown in Figure 2-3. Figure 2-3 Prime Network Vision Inventory Tabs Prime Network Vision Maps You can create as many maps as required to represent the network views you need. For example, maps can include specific network segments, customer networks, or the particular network elements and services that you require. Each map has three major areas: • A tee-and-branch representation of the network elements and aggregations in the current map. For more information, see Navigation Pane, page 2-7. • A large area showing the map elements and links in a map (topological layout) or in list format. For more information, see Content Pane: Map, List, and Links Views, page 2-8. • A table of tickets associated with elements displayed in the map. For more information, see Ticket Pane, page 2-17. Cisco Prime Network 4.0 User Guide 2-6 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client The Prime Network Vision Window Opening Maps You can open up to five maps at one time. To open a map, choose File > Open Map. The Open Map dialog box is displayed (see Figure 2-4). Figure 2-4 Open Map Dialog Box A check mark in the Opened column indicates that the map is already open. Map tabs display the root node icon and name. In addition, the icon color reflects the highest severity ticket that is not cleared in the map, and an alarm icon indicates the severity of the highest severity ticket that is not acknowledged. For more information about maps, see Working with Prime Network Vision Maps, page 5-1. You can open up to eight tabs at one time. Navigation Pane The navigation pane displays a tree-and-branch representation of the network elements and aggregations defined for the loaded map. The highest level in the navigation tree displays root node icon with the map name. When the map name is changed, the Prime Network Vision window is updated, and the new map name is displayed at the top of the navigation tree and in the window title bar. The lowest level of the navigation tree displays a single network element or service, such as a port, Ethernet flow point, or bridge. Cisco Prime Network 4.0 User Guide OL-29343-01 2-7 Chapter 2 Working with the Prime Network Vision Client The Prime Network Vision Window The navigation pane can include up to two icons for each element. These icons can include alarm icons, communication or investigation state icons, and badges, as shown in Figure 2-5. Alarm icons are always displayed next to the element icon. Figure 2-5 Navigation Pane with Icons For information about the status of network objects, see Prime Network Vision Status Indicators, page 2-17. Content Pane: Map, List, and Links Views The content pane enables you to view and modify low-level information. It supports the following views: • Map view—Displays managed network elements on a geographical map. For more information, see Map View, page 2-8. • List view—Displays the details of the network elements contained in the currently selected hierarchy or subnetwork (map), such as the IP address and system name. For more information, see List View, page 2-12. • Links view—Displays a complete list of the links in the map view and their status. For more information, see Links View, page 2-15. Map View Click Show Map View on the toolbar to display the map view in the Prime Network Vision window. In the map view, Prime Network Vision displays: • Aggregations • Managed network elements – Each network element is displayed as an icon, the color of which reflects severity, as described in Alarm Indicators, page 2-12. – Depending on the size of the icon, additional information can be displayed. For more information, see Information Available in Element Icons, page 3-3. • Ethernet flow point cross-connects • Ethernet services • MPLS-TP tunnels • Pseudowires • VLANs • VPLS instances • VPNs Cisco Prime Network 4.0 User Guide 2-8 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client The Prime Network Vision Window • Links – Service and business links are represented as well as physical and topological links. – Unidirectional links include arrowheads that indicate the direction of the flow, while bidirectional links do not have arrowheads. • Relationships between network elements, aggregations, and networks You can move network elements manually on the map by dragging the required icon. You can also click Layout Map in the toolbar or use your mouse to change the way the elements are displayed on the map. For more information about working with maps, see Chapter 5, “Working with Prime Network Vision Maps.” Element Icons To view icons more easily, zoom in with your mouse. Four sizes are supported. Table 2-2 provides examples of each. For more details about data this is displayed, see Information Available in Element Icons, page 3-3. Table 2-2 Example Icon Prime Network Vision Element Icon Sizes Name and Description Tiny—Elements are displayed as dots. Alarm severity is indicated by colors. Normal—Elements are displayed with icons and names. Alarms include badges. Alarm severity is represented by colors. Large—Same as Normal, with additional NE properties. You can also perform cut-and-paste operations by pressing and dragging the mouse scroll wheel over the text. Huge—Same as Normal, with additional action buttons. Prime Network Vision also provides additional features for working with aggregations. For more information, see Working with Aggregations, page 5-16. The following tables identify some of the icons used to represent network elements and business elements in the Prime Network Vision window’s navigation pane and content pane: • Table 2-3, Network Element Icons • Table 2-4, Business Element Icons Cisco Prime Network 4.0 User Guide OL-29343-01 2-9 Chapter 2 Working with the Prime Network Vision Client The Prime Network Vision Window For a complete list of the icons and their descriptions, see Appendix A, “Icon and Button Reference.” Table 2-3 Icon Network Element Icons Network Element Access pseudowire Icon Network Element Cloud Router ATM switch Digital subscriber line access multiplexer (DSLAM) Basic rate access (BRA) Ethernet switch Cisco 7600 series router Generic SNMP device Cisco ASR 1000 series router Ghost, or unknown device Cisco ASR 5000 series router ICMP device Cisco ASR 9000 series router Lock, or security violation; viewable by a user with a higher permission level Cisco CRS series router Missing icon or ghost NE (the NE was deleted and is no longer managed, or there is no icon for this NE) Cisco MWR 3941 Sun Netra server Cisco Nexus 1000 series devices Service control switch Cisco IOS XR 12000 series router WiFi element Cisco Unified Computing System (UCS) Cisco Prime Network 4.0 User Guide 2-10 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client The Prime Network Vision Window Table 2-4 Icon Business Element Icons Business Element Icon Business Element Aggregation or root node Network Traffic Profile (TP) tunnel Backup pseudowire edge Network VLAN Connection termination point (TP) Ethernet flow point (EFP) MToP service Pseudowire edge EFP cross-connect Pseudowire switching entity Ethernet service Subnet Ethernet virtual connection (EVC) Switching entity Label-Switched Path (LSP) endpoint TP tunnel endpoint LSP midpoint vCenter VNE Missing icon or ghost NE (the NE was deleted and is no longer managed, or there is no icon for this NE) VPLS forward Network LSP Protected LSP Working LSP VPLS instance Network pseudowire VPN Links Prime Network Vision maps contain graphical links that can represent multiple physical, topological, service, and business links. The maximum number of graphical links that can be displayed is specified in the registry. If the number of graphical links exceeds the specified limit, a warning message with a Refresh button is displayed, and the map is surrounded by a red border. The presence of a red border around a map indicates that some links exist that are not displayed in the map. Cisco Prime Network 4.0 User Guide OL-29343-01 2-11 Chapter 2 Working with the Prime Network Vision Client The Prime Network Vision Window To reduce the number of graphical links in a map, click Link Filter in the toolbar, and uncheck the check boxes for the links you do not need to view. Links in maps have tooltips that provide you with information regarding the link endpoints and the number of links represented by the selected link in the map. Click the link tooltip to view additional information about the link in a link quick view window. Click Properties in the link quick view window to open the link properties window. For more information about viewing link properties, see Viewing Link Properties in Prime Network Vision Maps, page 6-4. Note If you apply a link filter to the map, the link tooltip displays only the relevant links. Alarm Indicators Table 2-5 shows the colors that are used to display the severity (or propagated severity) of a network element. The same coloring conventions apply to the link severities. Table 2-5 Icon Note Severity Indicators Color Severity Red Icon Color Severity Critical Light Blue Warning Orange Major Medium Blue Information Yellow Minor Dark blue Indeterminate Green Cleared, Normal, or OK The color of a selected link can be customized. The default color is blue. Right-Click Functions Many functions can be performed by using the right-click menu in the map view, including launching external applications or tools. Some of these functions are also available in the navigation pane, links view, and ticket pane. The specific options that are available in the right-click menu depend on whether you select a network element, click in the map background, select an aggregation, or select a ticket in the ticket pane. For details on the specific right-click options that are available for each scenario, see Prime Network Vision Right-Click Menus, page 2-31. List View Click Show List View in the toolbar to display the Prime Network Vision list view. The list view displays the tabs described in Table 2-6, depending on the items included in the current map and the item selected in the navigation tree. Cisco Prime Network 4.0 User Guide 2-12 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client The Prime Network Vision Window Table 2-6 Prime Network Vision List View Tabs Tab Description Aggregations Aggregations in the current map. Connection TP Connection termination points (TPs) in the current map. EFP Cross-Connect EFP cross-connects in the current map. Ethernet Flow Points EFPs in the current map. Ethernet Services Ethernet services in the current map. EVCs EVCs in the current map. Network Elements Network elements in the current map that are in the user’s scope. Network Pseudowire Network pseudowires in the current map. Network TP Tunnel Network Traffic Profile (TP) tunnels in the current map. Pseudowires Pseudowires in the current map. Pseudowire Edge Pseudowire endpoints in the current map. PW Switching Entity Pseudowire switching entities in the current map. Restricted Elements Network elements in the current map that are not in the user’s scope. Sites Sites for the selected VLAN. Site properties include site name, description, location, and IP interface. Switching Entities Switching entities in the current map. Virtual Routers Virtual routers on the selected VLAN. Virtual router properties include the virtual router name and description. VLANs VLANs in the current map. VLAN properties include VLAN name, identifier, description, and Ethernet flow points. VPLS Forward VPLS forwards in the current map. VPLS Instance VPLS instances in the current map. VPNs VPNs in the current map. VPN properties include VPN name and description Table 2-7 describes the network element properties displayed in the Network Elements tab. (Locked network elements display only managed element information and the locked element icon.) To ensure that you are viewing the latest information, either perform a new search or click the Refresh button. Table 2-7 Network Element Information Displayed in List View Field Name Description Name Name of the network element managed by Cisco, as defined in Cisco Prime Network Administration. The Name property also displays a network element icon. The icon color reflects the highest network element alarm severity. In addition, the management state or an alarm icon is displayed. IP Address IP address used for managing the network element. System Name System name of the network element, as defined in the network element's MIB. If the network element is configured for Telnet access, the prompt is displayed. Severity Current operational health of the network element. Cisco Prime Network 4.0 User Guide OL-29343-01 2-13 Chapter 2 Working with the Prime Network Vision Client The Prime Network Vision Window Table 2-7 Tip Network Element Information Displayed in List View (continued) Field Name Description Unacknowledged Severity of the most severe unacknowledged ticket. Communication State Ability of the VNE to reach the network element, according to the health of the element. For more information about communication states, see the Cisco Prime Network 4.0 Administrator Guide. Investigation State Level of network element discovery that has been performed or is being performed by the VNE. For more information about investigation states, see the Cisco Prime Network 4.0 Administrator Guide. Vendor Vendor name. Product Network element category, such as Router or Eth-Switch (Ethernet switch). Device Series Device series, such as Cisco 7600 Series Routers. Element Type Network element type including the manufacturer’s name, such as Cisco 7200. Software Version Cisco IOS software version running on the network element. Location Location of the network element. Up Since Date and time the network element was last reset. Click the red triangle in a cell to expand the cell and view all the information it contains. You can also use a tooltip to view all the information. See Filtering and Sorting Tabular Content, page 2-42 for more information about filtering, finding details about a network element in Prime Network Vision tables. Table 2-8 describes some of the functions that are available from the right-click menu in the list view. You must select an item for the right-click menu to appear. Not all options are available for all selections. Table 2-8 List View Right-Click Options Right-Click Option Function Related Documentation Inventory View network element inventory Inventory Window, page 3-9 Poll Now Poll the selected element Attach / Detach / Edit Business Tag Configure and view business tag information Chapter 7, “Labeling NEs Using Business Tags” Config Mgmnt View the Configuration Management page in Prime Network Change and Configuration Management Chapter 4, “Device Configurations and Software Images” Image Mgmnt View the Image Management page in Prime Chapter 4, “Device Configurations and Network Change and Configuration Management Software Images” Run Report Generate reports Chapter 10, “Working with Reports” Tools Ping or telnet a VNE, or check VNE CPU usage List View Right-Click Menu, page 2-37 Topology Configure the topology Adding Static Links, page 6-15 Cisco Prime Network 4.0 User Guide 2-14 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client The Prime Network Vision Window Table 2-8 List View Right-Click Options (continued) Right-Click Option Function Related Documentation Properties View network element properties Viewing the Properties of a Network Element, page 3-6 Commands Launch any of the commands that are included with Prime Network Vision Setting Up Devices and Validating Device Information, page 1-4 Management Access Command Builder and Soft Properties Management Cisco Prime Network 4.0 Customization Guide VNE Tools Poll a VNE, or start or stop a VNE Performing a Manual Device Poll, page 3-18 Tip Click a column heading in a table to sort the information by that property. Links View Click Show Links View in the toolbar to display the links view in the Prime Network Vision window. Maps can contain many graphical links, each of which can represent multiple physical, topological, service, and business links. This can make it difficult for you to view the links you are interested in. In addition, if the number of graphical links exceeds the number that can be displayed in a map, not all links are displayed. By using the links view, you can view all links in the map, as well as search for a specific link and view the status of a link. Note You can view and filter the links according to type by using the Link Filter dialog box. For more information, see Filtering Links in a Map, page 5-25. Any links that are added or removed from the map are automatically added or removed from the links view, provided they have not been filtered out. The links view is selection sensitive; that is, the links displayed in the links view depend on the context selected in the navigation pane or map. For example, if an aggregation is selected, the links in the selected aggregation are displayed in the links view. Cisco Prime Network 4.0 User Guide OL-29343-01 2-15 Chapter 2 Working with the Prime Network Vision Client The Prime Network Vision Window Figure 2-6 shows a links view. Figure 2-6 Note Links View An external link has a blue cell background in the table, and you can open the inventory window by clicking the hyperlink. For more information about external links, see Viewing Link Properties in the Links View, page 6-8. Table 2-9 describes the information that is displayed in the links view. Table 2-9 Information Displayed in the Links View Field Name Description Context Name of the map or aggregation containing the link. This field can be empty for either of the following reasons: • One side of the link is not included in the map. • The link is filtered out of all contexts. Severity Link alarm severity, represented by an icon. The icon and its color indicate the alarm severity and thereby the impact of the alarm on the network. For more information about severity, see Map View, page 2-8. A End-Point Element or site that is the source of the link as a hyperlink to the inventory of the element or site. Bi Directional Whether the link is bidirectional or unidirectional: true (bidirectional) or false (unidirectional). If the link is unidirectional (false), the traffic is from A to Z. Cisco Prime Network 4.0 User Guide 2-16 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Status Indicators Table 2-9 Information Displayed in the Links View (continued) Field Name Description Z End-Point Element or site that is the destination of the link as a hyperlink to the inventory of the element or site. Link Type Type of link, such as Physical Layer, LAG, MPLS TE Tunnel, pseudowire (PW) or VPN. The links view toolbar includes the tools described in Table 2-10 and the link filtering buttons described in Table 2-10. Table 2-10 Button Link Filtering Buttons Name Description All Links Displays the complete list of links for the selected context (map or aggregation). In other words, the list is not filtered and all the links are displayed, including external links. External Links Displays links with only one side of the link in this context (map or aggregation) and the other side either not in the map or outside the selected context. Flat Links Displays the links currently visible on the map for the selected context (map or aggregation), excluding any thumbnails. Deep Links Displays the links for the current aggregation where both endpoints are within the currently selected context. For more information about filtering and sorting links in the links view, see Viewing Link Properties in the Links View, page 6-8. For information about the right-click options available in the links view, see Links View Right-Click Menu, page 2-39. Ticket Pane The ticket pane shows the tickets that relate to the elements in the displayed map. It also contains the Latest Events tab that shows the latest incoming events for the elements in the map from the time the map was opened. See Chapter 9, “Working with Tickets in Prime Network Vision” for more information. Prime Network Vision Status Indicators The following topics describe the ways in which the status of an element is displayed in Prime Network Vision: • Severity, page 2-18 • VNE Management States, page 2-19 • Tickets, page 2-23 Cisco Prime Network 4.0 User Guide OL-29343-01 2-17 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Status Indicators Severity Severity indicates the operational health of the element. An element has only one severity value at any given time, and this value is displayed using a severity color. For more information about the colors used to display the severity (or propagated severity) of network elements and links, see Alarm Indicators, page 2-12. Propagation Severity is propagated upward in the network hierarchy, displaying the top-most severity of the network element’s children and thereby ensuring that every single problem in the network is propagated and visible. The same severity propagation rules that are used for network elements apply to links. A link is a child object of an aggregation only if it is fully contained in the aggregation; that is, the network elements on both sides of the link are part of the aggregation, as shown in Figure 2-7 and Figure 2-8. Link Severity Example 1 1 2 180111 Figure 2-7 Figure 2-7 shows critical link 1 between two network elements in an aggregation. This critical link affects the severity of aggregation 2. That is, the aggregation is critical because it contains a link with a critical severity. Link severity affects the context. Link Severity Example 2 1 2 180112 Figure 2-8 Figure 2-8 shows critical link 1 that forms part of a link aggregation. This affects the severity of link 2 because it contains a link with a critical severity. New Ticket Propagation A new ticket indicates a new local fault or accumulates and propagates the number of new faults in its children. Cisco Prime Network 4.0 User Guide 2-18 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Status Indicators When new tickets are accumulated, a label is displayed in the navigation pane and map, based on the following formula: n s [+] where: Symbol Description n The number of alarms with the highest severity that have the source as the network element and are part of the network element ticket(s). s The highest severity level in the new tickets: + • C = Critical • M = Major • m = Minor • W = Warning • N = Normal (cleared alarm) • i = Informational Additional, less severe tickets (optional) exist. For example: • An object with three critical new alarms, two major alarms, and one warning alarm is labeled 3C+. • An object with five minor new alarms is labeled 5m. An icon represents unacknowledged tickets, and the icon color is that of the most severe, unacknowledged ticket. For more information about severity colors and icons, see Alarm Indicators, page 2-12. If all relevant tickets are acknowledged, no bell is displayed. VNE Management States VNEs are the building blocks of the Prime Network model because each VNE maintains a real-time model of a single device, and together, VNEs maintain a model of the entire network. VNE management states indicate: • Whether a VNE can communicate with the device it is modeling and with other Prime Network components (communication state) • How successfully a VNE has modeled the device it represents (investigation state) This enables you to determine the accuracy of the network information and the availability of VNEs to carry out network operations. Management states are always local indications and are not propagated. A partial exception to this rule is the propagation of unreachable VNEs. The management state indication applies only to VNE and its components. A VNE can have only one state at a time (for example, Unsupported or Connecting). Cisco Prime Network 4.0 User Guide OL-29343-01 2-19 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Status Indicators A managed VNE icon consists of a managed element icon and one or two overlay icons, or badges: • The managed element icon displays a symbol of the element, and the color of the symbol indicates the highest severity ticket that is not cleared for the element. An element icon is colored green if either of the following is true: – No ticket of any severity exists for the element. – All tickets that exist for the element have the severity Cleared or Informational. For more information about network element icons, see Element Icons, page 2-9. For more information about severity colors, see Alarm Indicators, page 2-12. • An alarm badge is displayed on top of a managed element icon, and the color of the alarm badge indicates the severity of the highest severity ticket that is not acknowledged for the element. If all tickets are acknowledged, no alarm icon appears. Figure 2-9 shows an example of an element with the following ticket and alarm severities: – The highest severity ticket that is not cleared for the element is Major, as indicated by the orange color applied to the element icon. – The highest severity alarm that is not acknowledged for the element is Cleared or OK, as indicated by the green alarm badge. Figure 2-9 Element with Ticket and Alarm Severity Indicators 1 Element icon with severity Major (orange) 2 Alarm badge with severity Cleared or OK (green) • A VNE management state badge is displayed on top of the managed element icon to indicate the management state of the VNE in the navigation tree and map. For example, a router that is partially reachable by Prime Network Vision is displayed as illustrated in Figure 2-10. Figure 2-10 Element with Overlay Badges 1 3 310517 2 1 Alarm badge with severity Warning. 2 Managed element icon with severity Warning. 3 VNE management state badge of Device Partially Reachable. Cisco Prime Network 4.0 User Guide 2-20 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Status Indicators Table 2-11 and Table 2-12 describe network element communication and investigation states and shows the related badge for each state. Table 2-11 VNE Communication States State Name Description Badge Agent Not Loaded The VNE is not responding to the gateway because it was stopped, or it was just created. This communication state is the equivalent of the Defined Not Started investigation state. None VNE/Agent Unreachable The VNE is not responding to the gateway. This can happen if the unit or AVM is overutilized, the connection between the gateway and unit or AVM was lost, or the VNE is not responding in a timely fashion. (A VNE in this state does not mean the device is down; it might still be processing network traffic.) Connecting The VNE is starting and the initial connection has not yet been made to the device. This is a momentary state. Because the investigation state decorator (the hourglass) will already be displayed, a special GUI decorator is not required. Device Partially Reachable The VNE is not fully reachable because at least one protocol is not operational. Note Device Unreachable This is the default behavior. You can change the settings that determine when Cisco Prime Network moves a VNE to Device Unreachable. For more information, see the Cisco Prime Network 4.0 Administrator Guide. The connection between the VNE and the device is down because all of the protocols are down (though the device might be sending traps or syslogs). Note Tracking Disabled None This is the default behavior. You can change the settings that determine when Cisco Prime Network moves a VNE to Device Unreachable. For more information, see the Cisco Prime Network 4.0 Administrator Guide. The reachability detection process is not enabled for any of the protocols used by the None VNE. The VNE will not perform reachability tests nor will Cisco Prime Network generate reachability-related events. In some cases this is desirable; for example, tracking for Cloud VNEs should be disabled because Cloud VNEs represent unmanaged network segments. Because this is a user-defined mode (rather than an error or transitional mode), Cisco Prime Network does not display a decorator for this state. To troubleshoot a VNE that is in this state, see the Cisco Prime Network 4.0 Administrator Guide. Table 2-12 VNE Investigation States State Name Description Badge Defined Not Started A new VNE was created (and is starting); or an existing VNE was stopped. In this state, the VNE is managed and is validating support for the device type. (This investigation state is the equivalent of the Agent Not Loaded communication state.) A VNE remains in this state until it is started (or restarted). None Unsupported The device type is either not supported by Prime Network or is misconfigured (it is using the wrong scheme, or is using reduced polling but the device does not support it). To extend Cisco Prime Network functionality so that it recognizes unsupported devices, use the VNE Customization Builder. See the Cisco Prime Network 4.0 Customization Guide. Cisco Prime Network 4.0 User Guide OL-29343-01 2-21 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Status Indicators Table 2-12 VNE Investigation States (continued) State Name Description Badge Discovering The VNE is building the model of the device (the device type was found and is supported by Cisco Prime Network). A VNE remains in this state until all device commands are successfully executed at least once, or until there is a discovery timeout. Operational The VNE has a stable model of the device. Modeling may not be fully complete, but None there is enough information to monitor the device and make its data available to other applications, such as activation scripts. A VNE remains in this state unless it is stopped or moved to the maintenance state, or there are device errors. Currently Unsynchronized The VNE model is inconsistent with the device. This can be due to a variety of reasons; for a list of these reasons along with troubleshooting tips, see the topic on troubleshooting VNE investigation state issues in the Cisco Prime Network 4.0 Administrator Guide. Maintenance VNE polling was suspended because it was manually moved to this state (by right-clicking the VNE and choosing Actions > Maintenance). The VNE remains in this state until it is manually restarted. A VNE in the maintenance state has the following characteristics: • Does not poll the device, but handles syslogs and traps. • Maintains the status of any existing links. • Does not fail on VNE reachability requests. • Handles events for correlation flow issues. It does not initiate new service alarms, but does receive events from adjacent VNEs, such as in the case of a Link Down alarm. The VNE is moved to the Stopped state if: it is VNE is moved, the parent AVM is moved or restarted, the parent unit switches to a standby unit, or the gateway is restarted. Partially Discovered The VNE model is inconsistent with the device because a required device command failed, even after repeated retries. A common cause of this state is that the device contains an unsupported module. To extend Cisco Prime Network functionality so that it recognizes unsupported modules, use the VNE Customization Builder. See the Cisco Prime Network 4.0 Customization Guide. Shutting Down The VNE has been stopped or deleted by the user, and the VNE is terminating its connection to the device. Stopped The VNE process has terminated; it will immediately move to Defined Not Started. None More than one management state can occur at the same time. For example, a single overlay icon can be displayed, reflecting the device status based on the following priorities: Unsupported > Discovering > VNE/Agent Unreachable > Device Unreachable > Partially Discovered > Operational. For more information about each of these states and how to troubleshoot any issues, see the Cisco Prime Network 4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide 2-22 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Toolbar Tickets Cisco Prime Network Vision displays an icon with a ticket to indicate the severity of the top-most alarm on the ticket. The icons are the same as those used with network elements (see Table 2-5) and are displayed in Cisco Prime Network Vision as follows: Value Navigation Pane Map Ticket Pane Element with ticket of Major severity Prime Network Vision Toolbar The Prime Network Vision toolbar is context-sensitive and the options vary depending on your selection in the application. Note The functionality that a user can access in Prime Network Vision depends on the user role and the security level of the scopes assigned to the user. For more information, see User Roles Required for Working with Prime Network Vision Maps, page 5-2. Table 2-13 identifies the toolbar buttons and describes the functions that are available in the Prime Network Vision toolbar. Table 2-13 Button Prime Network Vision Toolbar Name Function Open Network Inventory Opens the Network Elements tab. New Map Creates a new map in the database. Open Map Opens a map saved in the database using the Open dialog box. Add to Map Adds an element to the map or to the subnetwork selected in the navigation pane and displayed in the content pane. Save Map Appearance Saves the current map (the background and the location of devices) to the database. Map Options Viewing Options Show Map View Displays the map view in the Prime Network Vision content pane (the button toggles when selected or deselected). Show List View Displays the list view in the Prime Network Vision content pane (the button toggles when selected or deselected). Cisco Prime Network 4.0 User Guide OL-29343-01 2-23 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Toolbar Table 2-13 Button Prime Network Vision Toolbar (continued) Name Function Show Links View Displays the links view in the Prime Network Vision content pane (the button toggles when selected or deselected). Overlay Tools Choose Overlay Type Chooses and displays an overlay of a specific type on top of the elements displayed in the content pane in a map view. Available overlay options are: Show Overlay / Hide Overlay • Ethernet Service • MPLS-TP Tunnel • Network Clock • Pseudowire • VLAN • VPLS • VPN • None—Removes the existing overlays. Displays or hides a previously defined overlay on top of the elements displayed in the map view. Note Refresh Overlay Overlays do not reflect changes that occur in the selected service. As a result, the information in an overlay can become stale. Refreshes the overlay that was last selected. Viewing Tools Go to Parent Moves up one level in the navigation pane and content pane so you can view different information. Link Filter Opens the Link Filter dialog box, enabling you to display or hide different types of links in the map and links views. If a link filter is applied to the map, the Link Filter Applied button is displayed instead. Link Filter Applied Indicates a link filter is currently applied to the map and opens the Link Filter dialog box so you can remove or modify the existing link filter. If no link filter is applied to the map, the Link Filter button is displayed instead. Overview Opens a window displaying an overview of the network. Find Business Tag Opens the Find Business Tag dialog box, enabling you to find and delete a business tag according to name, key, or type. Cisco Prime Network 4.0 User Guide 2-24 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Menu Bar Table 2-13 Button Prime Network Vision Toolbar (continued) Name Function Find Previous Finds the previous instance of the search string entered in the Find in Map dialog box. Find Opens the Find in Map dialog box, enabling you to find an element in the map by its name or IP address. Find Next Finds the next instance of the search string entered in the Find in Map dialog box. Search Tools Map Zoom and Layout Tools Layout Map Defines the way in which the elements are arranged in the Prime Network Vision window: Circular, hierarchical, orthogonal, or symmetric. Fit in Window Fits all elements in the map in the content pane. Normal Selection Mode Activates the normal selection mode. Zoom Selection Mode Activates the zoom selection mode, which enables you to zoom in on a section of the map by clicking and dragging the required area. Pan Mode Activates the pan mode, which enables you to view different areas of the map by clicking and dragging the map. Application-Specific Tools Open Activation Opens the Activation dialog box. For more information, see the Cisco Prime Network 4.0 Customization Guide. Activation History Opens the Activation History dialog box. For more information, see the Cisco Prime Network 4.0 Customization Guide. Prime Network Vision Menu Bar The following topics describe the options that are available in each Prime Network Vision menu: • File Menu, page 2-26 • Edit Menu, page 2-27 • View Menu, page 2-27 • Node Menu, page 2-28 • Tools Menu, page 2-28 • Activation Menu, page 2-29 • Network Inventory Menu, page 2-29 Cisco Prime Network 4.0 User Guide OL-29343-01 2-25 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Menu Bar Note • Reports Menu, page 2-30 • Window Menu, page 2-30 • Help Menu, page 2-30 The functionality that a user can access in Prime Network Vision depends on the user role and the security level of the scopes assigned to the user. For more information, see User Roles Required for Working with Prime Network Vision Maps, page 5-2. Also, the menus are context-sensitive and the options vary depending on your selection in the application. File Menu Table 2-14 describes the options that are available in the Prime Network Vision File menu. For more information, see Chapter 5, “Working with Prime Network Vision Maps.” Table 2-14 File Menu Options File Menu Option Description New Map Creates a new empty map in the database. Open Map Add to Map Save Map Opens a map saved in the database using the Open dialog box. 1 1 Opens the Add dialog box and enables you to add any of the following to the map or to the subnetwork selected in the navigation pane and displayed in the content pane: • Cross Connect • Ethernet Service • MPLS-TP Tunnel • Network Element • Pseudowire • Unassociated Bridge • VLAN • VPLS • VPN Saves the appearance of the map (the background and the location of devices) to the database. Save As Image1 Saves the active map as an image and automatically displays the Save as Image dialog box. Use this dialog box to save an image using a different file format or name. Print Preview1 Displays how the map will look when it is printed. Print 1 Load MultiPath Prints the active map as displayed in the Print Preview dialog box. Loads a Cisco PathTracer multiple-path trace from a file that was previously saved in Cisco PathTracer. Cisco Prime Network 4.0 User Guide 2-26 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Menu Bar Table 2-14 File Menu Options (continued) File Menu Option Description Close Closes the selected map or tab. Exit Exits the Prime Network Vision application and saves the content pane. 1. This option is available only when a map is displayed in the content pane. Edit Menu Table 2-15 identifies the options available in the Prime Network Vision Edit menu. For more information, see Chapter 5, “Working with Prime Network Vision Maps.” Table 2-15 Edit Menu Options Edit Menu Option Description Find in Map Searches for a device in the map that contains the specified text in the name or the IP address fields. Find Business Tag Searches for business tag information in the database. Resize This option is displayed only when element icons or aggregations are selected. Displays the Resize dialog box, enabling you to specify the size of selected icons or aggregations in the map, either by percentage or size. Select All Selects all elements in the map. View Menu Table 2-16 identifies the options available in the Prime Network Vision View menu. For more information, see Using the Overview Window, page 5-14. Table 2-16 View Menu Options View Menu Option Description Layout Defines the way in which the map is displayed in the Prime Network Vision content pane: Circular, hierarchical, orthogonal, or symmetric. Overview Opens a window displaying an overview of the network map. Zoom In Zooms in on the network map. Zoom Out Zooms out of the network map. Fit In Window Displays the entire network map in the content pane. Normal Select Activates the normal selection mode. The selected option is dimmed. Pan Activates the pan mode, which enables you to move around in a map by clicking and dragging. The selected option is dimmed. Zoom Selection Activates the zoom selection mode, which enables you to select an area in a map to zoom in on by clicking and dragging. The selected option is dimmed. Cisco Prime Network 4.0 User Guide OL-29343-01 2-27 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Menu Bar Node Menu Table 2-17 describes the Node menu options. Note Most of the functionality available in this menu is available only when an element icon or an aggregation is selected in the navigation pane or a map. Table 2-17 Node Menu Options Node Menu Option Description Inventory Displays a dialog box that enables you to view the physical and logical inventory. For physical inventory, you can view all the components of the device, such as modules and ports. In addition, you can view the status of each component. For logical inventory, you can view all the profiles and virtual channels or routing tables of the device. For more information, see Chapter 3, “Viewing and Managing NE Properties.” Mark as A Side Starts the process of creating a new static link. This option is enabled when a device, port, or unmanaged network is selected. Mark as Z Side Launches the Add Static Link dialog box, enabling you to create a static link between the two selected nodes. This option is enabled after a device, port, or unmanaged network is selected and after the Mark as A Side option is selected. Note Properties If you select two ports, the Add Static Link dialog box is not displayed. Displays a dialog box enabling you to view the properties of the selected device, such as the severity, IP address, and communication state. For more information, see Chapter 3, “Viewing and Managing NE Properties.” Tools Menu Table 2-18 describes the Tools menu options. Table 2-18 Tools Menu Options Tools Menu Option Description Change User Password Enables you to change the password used when logging into the Prime Network client application suite. The change takes effect the next time you log into the application. Note Options The administrator can also change a user password in Cisco Prime Network Administration. Enables you to customize several of Prime Network’s options, such as whether or not to load the content upon startup. For more information, see Adjusting the Prime Network Vision GUI Client Settings, page 2-40. Cisco Prime Network 4.0 User Guide 2-28 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Menu Bar Table 2-18 Tools Menu Options (continued) Tools Menu Option Description Change and Config Displays the Prime Network Change and Configuration Management dashboard. Mgmnt For more information, see the Chapter 4, “Device Configurations and Software Images.” Command Jobs Displays all Command Builder jobs that have been scheduled and their details. For more information, see the Cisco Prime Network 4.0 Customization Guide. Activation Menu Note Transaction Manager replaces the Prime Network Workflow and Action features in all new installations of Prime Network 4.0. If you have upgraded to Prime Network 4.0, the Workflow and Activation features are still available, but they will be deprecated in the future. We recommend that you use Transaction Manager. See the Cisco Prime Network 4.0 Customization Guide for more information about any of the options in this menu. Table 2-19 describes the Activation menu options. Table 2-19 Activation Menu Options Activation Menu Option Description Activation Opens the Activation dialog box. Activation History Opens the Activation History dialog box. Activation Modification Utility Opens the Activation Modification Utility dialog box. Network Inventory Menu Table 2-20 describes the Network Inventory menu options. Table 2-20 Network Inventory Menu Options Network Inventory Menu Option Description Network Elements Displays a list of the available network elements in the Network Elements tab. For more information, see Prime Network Vision Inventory Tabs, page 2-5. Ethernet Flow Domains Displays a list of the current Ethernet flow domains in the Ethernet Flow Domains tab. For more information, see Viewing and Renaming Ethernet Flow Domains, page 12-42 Cisco Prime Network 4.0 User Guide OL-29343-01 2-29 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Menu Bar Table 2-20 Network Inventory Menu Options (continued) Network Inventory Menu Option Description VTP Domains Displays a list of the current of the VLAN Trunk Protocol (VTP) domains in the VTP Domains tab. For more information, see Viewing VLAN Trunk Group Properties, page 12-68. Virtual Machines Displays a list of the available virtual machines in the Virtual Machines tab. For more information about virtual machines, see Viewing the Virtual Machines of a Data Center, page 26-19. Reports Menu Table 2-21 describes the Reports menu options. Table 2-21 Reports Menu Options Reports Menu Option Description Report Manager Opens the Reports Manager window so you can create, run, and manage reports. Run Report Enables you to run standard or user-defined events, inventory, and network service reports on demand. For more information about Report Manager and reports, see Chapter 10, “Working with Reports.” Window Menu The Prime Network Vision Window menu lists all maps open in the Prime Network Vision content pane, enabling you to move between the maps. The menu also lists any network element inventory tabs that are open. Help Menu Table 2-22 describes the Help menu options. Table 2-22 Help Menu Options Help Menu Option Description Cisco Prime Network Vision Help Opens the online help for Prime Network Vision and Prime Network Events. Icon Reference Opens a window that identifies and describes the icons and buttons used in Prime Network Vision and Prime Network Events. Cisco.com This option is unavailable. About Cisco Prime Network Vision Displays the Prime Network version and any additionally installed applications. Cisco Prime Network 4.0 User Guide 2-30 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Right-Click Menus Prime Network Vision Right-Click Menus If you right-click a specific area, link, network element, device, or alarm in a Prime Network Vision window, a context-sensitive right-click menu is displayed that contains options available for the selected item or items. Right-click menus are also available in many of the inventory and property windows. For example, if you right-click an entry in a logical inventory table, you can view properties specific to that entry. The options that are available depend on the window or table currently displayed and the item selected. The menus are context-sensitive and the options vary according to your selection in the application. For example, the right-click menus for network elements and aggregations are different. Additional right-click options are displayed in the following situations: • If Prime Network is installed as part of the Cisco Prime suite of applications, right-click menus in Prime Network Vision include options for accessing the other Cisco Prime applications. • If Prime Performance Manager is installed in your environment, Prime Network Vision includes right-click options that allow you to generate device, interface, and VRF-related reports using Prime Performance Manager. • The Prime Network Vision installation includes a number of scripts. When these scripts are installed, they are displayed as options in the right-click menus of the devices that support them. For more information about these scripts, see Setting Up Devices and Validating Device Information, page 1-4. The functionality that you can access in Prime Network Vision depends on your user role and the security level of the scopes that you can access. For more information, see User Roles Required for Working with Prime Network Vision Maps, page 5-2. See the following topics for the default options available in Prime Network Vision right-click menus: • Map Right-Click Menu, page 2-32 • Element Right-Click Menu, page 2-32 • Aggregation Right-Click Menu, page 2-36 • Link Right-Click Menu, page 2-36 • List View Right-Click Menu, page 2-37 • Links View Right-Click Menu, page 2-39 • Ticket Right-Click Menu, page 2-40 Cisco Prime Network 4.0 User Guide OL-29343-01 2-31 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Right-Click Menus Map Right-Click Menu The map right-click menu is displayed when you right-click anywhere on a map in the content pane and no elements are selected. Table 2-23 describes the map right-click menu options. Table 2-23 Map Right-Click Menu Options Option Description Go to Parent Moves up one level in the navigation pane and content pane to enable you to view different information. Go to Root Moves to the root level in the navigation pane and content pane to enable you to view different information. Set Map Background Displays a background image for the map in the content pane. For more information, see Applying a Background Image, page 5-12. Element Right-Click Menu The element right-click menu is displayed when you right-click an element in the navigation pane, the content pane, or in the Network Elements inventory tab. Note The element right-click menu is context-sensitive and the options vary depending on your selection in the application. Also, some options might not be available if multiple elements are selected. Table 2-24 describes the options available in the element right-click menu. Table 2-24 Element Right-Click Menu Options Option Description Add Associated VLAN Opens the Add Associated VLAN dialog box so that you can add an associated VLAN to the selected VLAN. For more information, see Adding an Associated VLAN, page 12-55. Aggregate Groups the selected devices into an aggregation in the Prime Network Vision content pane, and enables you to define a name for the new aggregation. For more information, see Chapter 5, “Working with Prime Network Vision Maps.” Note Attach / Detach / Edit Business Tag You cannot aggregate service entities that exist within services. For example, you cannot aggregate VRFs that exist in a VLAN. Allows you to perform the following actions: • Attach a business tag to the selected network element. • Detach a business tag from a network element. • Edit a business tag for a network element. Note The Detach and Edit options are displayed only when a business tag is attached to a network element. For more information, see Chapter 7, “Labeling NEs Using Business Tags.” Cisco Prime Network 4.0 User Guide 2-32 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Right-Click Menus Table 2-24 Element Right-Click Menu Options (continued) Option Description Commands Enables you to launch any of the commands that are included with Prime Network Vision. For more information on the available commands and how to implement them, see Configure Basic Device Settings: Name, DNS, NTP, RADIUS, TACACs, ACLs, page 1-5. Note Config Mgmnt Additional commands may be available for your devices. New commands are often provided in Prime Network Device Packages, which can be downloaded from the Prime Network software download site. For more information on how to download and install DPs and enable new commands, see the information on “Adding Additional Device (VNE) Support” in the Cisco Prime Network 4.0 Administrator Guide. This option is available only if Prime Network Change and Configuration Management is installed. Displays the Configuration Management page for the selected device in Prime Network Change and Configuration Management. For more information, see Chapter 4, “Device Configurations and Software Images.” Delete Deletes the selected item from the map. Disaggregate Ungroups the devices in the selected aggregation in the navigation and map panes. For more information, see Chapter 5, “Working with Prime Network Vision Maps.” Note This option is available only when an aggregation is selected in the navigation pane or map. Edit Move the selected virtual router to the location you specify. Filter Tickets Displays only those tickets that have the selected VNE as the root cause. This option is available only for VNEs that have not been deleted by Prime Network Administration. Hide Connected Devices Hides the devices for sites with one or more connected devices. Image Mgmnt This option is available only if Prime Network Change and Configuration Management is installed. Displays the Image Management page for the selected device in Prime Network Change and Configuration Management. For more information, see Chapter 4, “Device Configurations and Software Images.” Inventory Displays a window enabling you to view the physical and logical inventory. For physical inventory, you can view all the components of the device, such as the modules, ports, and its IP address or configured VLANs. In addition, you can view the status of each component. For logical inventory, you can view all the profiles and VC tables of the device. For more information, see Chapter 3, “Viewing and Managing NE Properties.” Cisco Prime Network 4.0 User Guide OL-29343-01 2-33 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Right-Click Menus Table 2-24 Element Right-Click Menu Options (continued) Option Description Launch external applications Starts an external application or tool that has been configured for access via the right-click menu. For more information, see the Cisco Prime Network 4.0 Customization Guide. Management Contains the following submenu options: • Command Builder—Defines commands and scripts using the Prime Network Command Builder tool (Configurator security level required). • Soft Properties Management—Extends VNEs by adding SNMP MIB or Telnet/SHH/TL-1 properties to the device’s collected information model using the Prime Network Soft Properties Manager (Administrator security level required). For more information about Command Builder and Soft Properties Manager, see the Cisco Prime Network 4.0 Customization Guide. Modify Displays the Modify dialog box so that you can change the selected item’s name, description, or icon. Open Relevant Maps Displays the Open Map dialog box so that you can view and open maps that contain the selected element. PathTracer Launches a path trace from the selected item. Poll Now Polls the selected element. Properties Displays the properties of the selected item, such as the IP address and system name. In addition, you can open the VNE Properties dialog box and manage VNE properties. For more information, see Chapter 3, “Viewing and Managing NE Properties.” Remove from Map Removes the selected device and all its children from the map (navigation pane and content pane). The device that has been removed is still maintained in the network. Rename Renames the selected item. Resize Enables you to resize an object on the map by percentage or size. Run Report Enables you to run standard or user-defined events, inventory, and network service reports on demand. Save as New Map Creates a new map and places the selected aggregation as the root, while leaving the original map intact. Script names Launches available activation and configuration scripts. This can include the commands documented in Setting Up Devices and Validating Device Information, page 1-4. Show as Aggregation / Displays the selected aggregation as a single entity or as a collection of Thumbnail items. The options toggle, depending on whether the aggregation is in a thumbnail or aggregated view. Show CE Device Displays devices for sites or LCPs with one or more hidden, connected devices. Cisco Prime Network 4.0 User Guide 2-34 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Right-Click Menus Table 2-24 Element Right-Click Menu Options (continued) Option Description Tools The Tools option contains the following choices: • CPU Usage—Displays memory and CPU usage information for a device or network element. • Ping—Pings the device from the client station. • Telnet—Communicates with the device using the Telnet window from the client station. Note Topology If you are using a Windows 7 system and want to use the Prime Network Telnet option, you need to set up Telnet on the Windows 7 system as follows: - For Windows 7 32-bit systems, enable the Windows Telnet Client to use the Prime Network Telnet option. - For Windows 7 64-bit systems, a solution is available on the Cisco Developer Network at http://developer.cisco.com/web/prime-network/forums/-/message_b oards/message/2780108. The Topology option enables you to add: • A static link between two devices. • A static topology between a device and an unmanaged network. • A tunnel to a VPN. When working with static links, the following submenu options enable you to define the A Side and Z Side of the link: • Mark as A Side • Mark as Z Side When working with VPNs in VPN Service View, the Add Tunnel submenu option allows you define and configure tunnels. VNE Tools Contains the following submenu options: • Poll Now—Updates the VNE information. • Stop VNE—Stops the VNE. • Start VNE—Starts the VNE. For more information, see Chapter 3, “Viewing and Managing NE Properties.” Cisco Prime Network 4.0 User Guide OL-29343-01 2-35 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Right-Click Menus Aggregation Right-Click Menu The aggregation right-click menu is displayed when you right-click an aggregation in a map. Table 2-25 describes the aggregation right-click menu options. Table 2-25 Aggregation Right-Click Menu Options Option Description Aggregate Groups the selected aggregations into an aggregation in the Prime Network Vision content pane, and enables you to define a name for the new aggregation. For more information, see Chapter 5, “Working with Prime Network Vision Maps.” Disaggregate Ungroups the selected aggregation in the navigation pane and map in the Prime Network Vision window. All the aggregations in the selected node move up one level, and the original aggregation is removed. For more information, see Chapter 5, “Working with Prime Network Vision Maps.” Rename Renames the selected aggregation. Resize Defines the size of selected aggregations in a map according to one of four sizes or according to a percentage of the current size. Remove from Map Removes the selected aggregation and all its children from the navigation pane and the map. Save as New Map Creates a new map and places the selected aggregation as the root, while leaving the original map intact. Run Report Enables you to run standard or user-defined events, inventory, and network service reports. Show as Aggregation / Thumbnail Displays the aggregation as a single entity or as a collection of items. Delete Deletes the selected item. The options toggle, depending on whether the aggregation is in a thumbnail or aggregated view. This option is available when the item is marked with the reconciliation icon. Link Right-Click Menu The Link right-click menu is displayed when you right-click a link in the map view. For more information, see Chapter 6, “Working with Links.” Table 2-26 describes the link right-click menu options. Table 2-26 Link Right-Click Menu Option Option Description Properties Displays the properties of the selected link. Cisco Prime Network 4.0 User Guide 2-36 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Right-Click Menus List View Right-Click Menu The list view right-click menu is displayed when you right-click an entry in the Network Elements tab in the list view table. For more information, see List View, page 2-12. Table 2-27 describes the list view right-click menu options. Table 2-27 List View Right-Click Menu Options - Network Elements Tab Option Description Inventory Displays a window enabling you to view the physical and logical inventory. For physical inventory, you can view all the components of the device, such as the modules, ports, and its IP address or configured VLANs. In addition, you can view the status of each component. For logical inventory, you can view all the profiles and VC tables of the device. For more information, see Chapter 3, “Viewing and Managing NE Properties.” Attach / Detach / Edit Business Tag Allows you to perform the following actions: • Attach a business tag to the selected element. • Remove a business tag from the selected element. • Edit an existing business tag for the selected element. Note The Detach and Edit options are available only when a business tag is attached to a link. For more information, see Chapter 7, “Labeling NEs Using Business Tags.” Config Mgmnt Displays the Configuration Management page for the selected device in Prime Network Change and Configuration Management. For more information, see Chapter 4, “Device Configurations and Software Images.” Image Mgmnt Displays the Image Management page for the selected device in Prime Network Change and Configuration Management. For more information, see Chapter 4, “Device Configurations and Software Images.” Run Report Enables you to run standard or user-defined events, inventory, and network service reports. Show Only Selected Rows Displays only the rows that you select. Show All Rows Displays all table rows that meet the current filtering criteria. Cisco Prime Network 4.0 User Guide OL-29343-01 2-37 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Right-Click Menus Table 2-27 List View Right-Click Menu Options - Network Elements Tab (continued) Option Description Tools Contains the following submenu options: • CPU Usage—Displays memory and CPU usage information for a device or network element. • Ping—Pings the device from the client station. • Telnet—Communicates with the device using the Telnet window from the client station. Note Topology If you are using a Windows 7 system and want to use the Prime Network Telnet option, you need to set up Telnet on the Windows 7 system as follows: - For Windows 7 32-bit systems, enable the Windows Telnet Client to use the Prime Network Telnet option. - For Windows 7 64-bit systems, a solution is available on the Cisco Developer Network at http://developer.cisco.com/web/prime-network/forums/-/message_b oards/message/2780108. Enables you to add: • A static link between two devices. • A static topology between a device and an unmanaged network. • A tunnel to a VPN. When working with static links, the following submenu options enable you to define the A Side and Z Side of the link: • Mark as A Side • Mark as Z Side When working with VPNs in VPN Service View, the Add Tunnel submenu option allows you define and configure tunnels. Launch external applications Launches external applications or tools, such as an SSH client. See the Cisco Prime Network 4.0 Customization Guide. Properties Displays the properties of the selected item, such as the IP address and system name. In addition, you can open the VNE Properties dialog box and manage VNE properties. For more information, see Chapter 3, “Viewing and Managing NE Properties.” Commands Enables you to launch any of the commands that are included with Prime Network Vision. For a complete list of the available commands, see Setting Up Devices and Validating Device Information, page 1-4. Note Additional commands may be available for your devices. New commands are often provided in Prime Network Device Packages, which can be downloaded from the Prime Network software download site. For more information on how to download and install DPs and enable new commands, see the information on “Adding Additional Device (VNE) Support” in the Cisco Prime Network 4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide 2-38 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Prime Network Vision Right-Click Menus Table 2-27 List View Right-Click Menu Options - Network Elements Tab (continued) Option Description Script names Launches available activation and configuration scripts. This includes the commands documented throughout this guide and those you create using Command Manager and Command Builder. A list of scripts is provided in Cisco Prime Network 4.0 Supported VNEs - Addendum. Management Contains the following submenu options: • Command Builder—Defines commands and scripts using the Prime Network Command Builder tool (Configurator security level required). • Soft Properties Management—Extends VNEs by adding SNMP MIB or Telnet/SHH/TL-1 properties to the device’s collected information model using the Prime Network Soft Properties Manager (Administrator security level required). For more information about Command Builder and Soft Properties Manager, see the Cisco Prime Network 4.0 Customization Guide. VNE Tools Contains the following submenu options: • Poll Now—Updates the VNE information. • Stop VNE—Stops the VNE. • Start VNE—Starts the VNE. For more information, see Chapter 3, “Viewing and Managing NE Properties.” Links View Right-Click Menu The links view right-click menu is displayed when you right-click a link in the links view table. For more information, see Chapter 6, “Working with Links.” Table 2-28 describes the links view right-click menu options. Table 2-28 Links View Right-Click Menu Options Option Description Attach Business Tag Attaches a business tag to the selected link. For more information, see Chapter 7, “Labeling NEs Using Business Tags.” Detach/Edit Business Tag Detaches or edits a business tag from the selected link. For more information, see Chapter 7, “Labeling NEs Using Business Tags.” The Detach and Edit options are available only when a business tag is attached to a link. Select Link in Map Highlights the selected link in the content pane. Show Only Selected Rows Displays only the rows that you select. Show All Rows Displays all table rows that meet the current filtering criteria. Properties Displays the properties of the selected link. Cisco Prime Network 4.0 User Guide OL-29343-01 2-39 Chapter 2 Working with the Prime Network Vision Client Adjusting the Prime Network Vision GUI Client Settings Ticket Right-Click Menu The Ticket right-click menu is displayed when you right-click a ticket in the ticket pane. The Ticket right-click menu enables you to view ticket properties and highlights the links or elements that are affected by a ticket. The Ticket menu also enables you to acknowledge, clear, and remove a ticket. For more information, see Chapter 9, “Working with Tickets in Prime Network Vision.” Table 2-29 describes the ticket right-click menu options. Table 2-29 Ticket Right-Click Menu Options Option Description Acknowledge Acknowledges that the ticket is being handled; the ticket is displayed as true in the ticket pane. Acknowledging an alarm removes the alarm icon from the device icon. Multiple tickets can be acknowledged at the same time. Clear Approves the reported faulty ticket and clears the faulty networking entity from Prime Network. The ticket is displayed as Clear in the ticket pane. Note Remove When a Card Out or Link Down alarm occurs, the relevant information is displayed in the inventory and maintained in the VNE. Removes the ticket and all its active subtickets from the ticket pane (this option is only available after the ticket has been cleared). The deleted tickets can be viewed using Cisco Prime Network Events. Multiple tickets can be removed at the same time. Note When a ticket is removed, the information is no longer displayed in the inventory and is removed from the VNE. Clear and Remove Approves the reported faulty ticket and clears the faulty networking entity from Prime Network. In addition, the ticket and all its active subtickets are removed from the ticket pane. Find Affected Elements Finds any elements affected by the selected ticket: • If only one element is affected, it is selected in the Prime Network navigation pane and content area. • If multiple elements are affected, they are displayed in the Affected Elements window. Show Only Selected Rows Displays only the rows that you select. Show All Rows Displays all table rows that meet the current filtering criteria. Properties Displays the Ticket Properties dialog box, enabling you to view ticket information, including impact analysis details of the affected parties and correlated alarms. See Viewing Ticket Properties, page 9-9. Adjusting the Prime Network Vision GUI Client Settings Table 2-30 lists the options for changing the GUI client display and audio settings, and for controlling the startup view and event history. You can adjust these settings by selecting Tools > Options from the main menu. Cisco Prime Network 4.0 User Guide 2-40 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Adjusting the Prime Network Vision GUI Client Settings Table 2-30 Options for Changing Prime Network Vision GUI Client Field Description Startup Load Workspace on Startup Open to content pane on login. Check the box if you do not want to view the content pane when you log in. Display Tab Preferences Map Labels Font Size Font size for map labels (26, 28, 30, 32, and 34; 30 is the default). Severity Show Severity Text (e.g. [3M+] List severity levels in the navigation pane and maps, using the formula described in New Ticket Propagation, page 2-18. Check the box if you do want to see severity text. Show Acknowledged View both acknowledged and unacknowledged alarms in the network element display name. Check the box if you do want to see both unacknowledged and acknowledged alarms. Show Propagated View propagated alarms on the specific entity. Propagated alarms are those that occur on other NEs. Check the box if you do want to see propagated alarms. Display Name How NE name is displayed: • Do not use Business Tag—Display NE name only • Add Business Tag to name—Display NE name and business tag. • Replace name with Business Tag—Display business tag only (when a subscriber is attached to a port, the subscriber name is also added) Audio Tab Enable Audio Response for Alarm Audio notification settings. Check the box if you do want a sound to be issued when an alarm is triggered. Critical The .wav file to use for critical alarms. Major The .wav file to use for major alarms. Minor The .wav file to use for minor alarms. Loop Sound on If critical alarm sound should sound continuously when a critical alarm is triggered. Critical Alarm Check the box if you do want a sound to play continuously. Events Tab Events History Size in Hours Maximum age of events to display in the Network Events and Provisioning Events tab in the inventory window (see Ticket and Events Pane, page 3-15). If you only want to see active events, enter 0 (zero). The default (6 hours) is controlled from the Prime Network Administration GUI client. Cisco Prime Network 4.0 User Guide OL-29343-01 2-41 Chapter 2 Working with the Prime Network Vision Client Filtering and Sorting Tabular Content Filtering and Sorting Tabular Content For tables with extensive data, you can view all of the information in a table cell by hovering your mouse cursor over the cell. These topics explain how to sort and filter tabular information. Sorting Tables Sorting a table lets you arrange existing data in various ways, while filtering a table only displays the information that matches the filter. To sort a table using the Sort Table Values option: Step 1 In the table toolbar, click Sort Table Values. The Sort dialog box is displayed. Figure 2-11 Step 2 Sort Dialog Box In the Sort Operation field, specify the frequency of the sort operation: • Only Once—Sorts the information in the table only once according to the specified criteria. When this option is selected, newly added rows will always be listed at the bottom of the table, regardless of their sort criteria value. Also, if an existing row's value changes, the row will remain where it is. • Continuously/Repeatedly—Sorts the information in the table continuously according to the specified criteria. If you select this option, the Step 3 In the Sort By field, specify the first sort criterion: a. In the first drop-down list, choose the column to use for the first sort criterion. b. In the second drop-down list, choose Ascending or Descending to indicate the sort order. Step 4 If needed, click Step 5 Adjust the sort criteria as needed: Step 6 icon is displayed next to the selected column heading. to add another sort criterion. • To add additional criteria, click • To remove a criterion, click . . Click OK to sort the table using the specified criteria. Cisco Prime Network 4.0 User Guide 2-42 OL-29343-01 Chapter 2 Working with the Prime Network Vision Client Filtering and Sorting Tabular Content Filtering Tables Filtering can be extremely helpful when working with tables that contain many entries. Note If you load a table with many entries, (for example, thousands of entries), it can take a while for the complete table to load. The filtering options in the table toolbar are unavailable until the table has completely loaded. You can tell a table is being filtered if any filter details are displayed in the status line below the table or when you hover the mouse cursor over the filter button. Table 2-31 Table Toolbar Options Option Name Description Filter Filters the information displayed in the table by the criteria you specify. For more information, see Filtering Tables, page 2-43. Clear Filter Clears the existing filter. To define a filter: Step 1 In the toolbar above the table, click Filter. The Filter dialog box is displayed as shown in Figure 2-12. Figure 2-12 Step 2 Step 3 Table Filter Dialog Box In the Match drop-down list, choose the rule for including items that meet the specified criteria: • All—All of the following criteria are to be met. • Any—Any of the following criteria are to be met. For each criterion, specify the following information: a. In the first drop-down list, choose the primary match category. The drop-down list contains all columns in the current table. b. In the second drop-down list, choose the rule to use for this criterion. c. The third field either lists the available values or allows you to enter text using a drop-down list or free text. Cisco Prime Network 4.0 User Guide OL-29343-01 2-43 Chapter 2 Working with the Prime Network Vision Client Filtering and Sorting Tabular Content Tip You can use the “Greater than” or “Less than” rule with a string for filtering. For example, if you want to include all interfaces above Ethernet0/0/3, you can select Greater than and enter the string Ethernet0/0/3 to view interfaces Ethernet0/0/4, Ethernet0/0/5, and so on. Step 4 Click to add another criterion for this filter. Step 5 Add additional criteria as required. To remove a criterion, click Step 6 When you have specified all criteria for the filter, click OK. . The table data is displayed using the defined filter. Step 7 To clear a filter, click Clear Filter in the table toolbar. The table is refreshed and all entries are displayed. Cisco Prime Network 4.0 User Guide 2-44 OL-29343-01 CH A P T E R 3 Viewing and Managing NE Properties The following topics describe the user access roles required to use Cisco Prime Network Vision (Prime Network Vision) and how to view network element physical and logical properties in any mapped network: Note • User Roles Required to Work with Prime Network Vision, page 3-1 • Information Available in Element Icons, page 3-3 • Viewing the Properties of a Network Element, page 3-6 • Inventory Window, page 3-9 • Checking VNE Connectivity and Communication Status, page 3-16 • Viewing the Physical Properties of a Device, page 3-19 • Working with Ports, page 3-23 • Viewing the Logical Properties of a Network Element, page 3-27 • Viewing Device Operating System Information, page 3-31 • Running an Activation from the Activation Menu, page 3-34 Prime Network Vision maintains continuous, real-time discovery of all the physical and logical entities of the network inventory and the relationships among them. The Prime Network Vision distributed system inventory automatically reflects every addition, deletion, and modification that occurs in the network. User Roles Required to Work with Prime Network Vision This topic identifies the roles that are required to work with Prime Network Vision. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the Cisco Prime Network 4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide OL-29343-01 3-1 Chapter 3 Viewing and Managing NE Properties User Roles Required to Work with Prime Network Vision The following tables identify the tasks that you can perform: • Table 3-1 identifies the tasks that you can perform if a selected element is not in one of your assigned scopes. • Table 3-2 identifies the tasks that you can perform if a selected element is in one of your assigned scopes. By default, users with the Administrator role have access to all managed elements. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Table 3-1 Default Permission/Security Level Required for Prime Network Vision Functions - Element Not in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator View maps X X X X X View network element properties — — — — X View network element properties in logical and physical inventory — — — — X View port status and properties — — — — X View VNE properties — — — — X Open the Port Utilization Graph — — — — X Enable and disable port alarms — — — — X1 View tickets in inventory window — — — — X View network events in inventory window — — — — X View provisioning events in inventory window — — — — X Create activation wizards — — — — — Preview and perform activations and deactivations — — — — — View activation details and output — — — — X Search for activations — — — — X Cisco Prime Network 4.0 User Guide 3-2 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Information Available in Element Icons Table 3-2 Default Permission/Security Level Required for Prime Network Vision Functions - Element in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator View maps X X X X X View network element properties X X X X X View network element properties in logical and physical inventory X X X X X View port status and properties — X X X X View VNE properties X X X X X Open the Port Utilization Graph X X X X X 1 X1 Enable and disable port alarms — — — X View tickets in inventory window X X X X X View network events in inventory window X X X X X View provisioning events in inventory window X X X X X Create activation wizards — X X X X Preview and perform activations and deactivations — — — X X View activation details and output X X X X X Search for activations — X X X X 1. To enable and disable port alarms on a device, the Administrator scope level must also be configured for that device. Information Available in Element Icons Element icons in Prime Network Vision maps display different amounts of information according to their size as shown in Table 2-2. Table 3-3 identifies the information that is available for different types of elements for the four icons sizes. Table 3-3 Information Displayed in Element Icons by Size Icon Size Element Type Tiny (Dot) Normal Large Huge Aggregation Color representing the associated alarm severity Name Name in card title Name in card title Bridge Color representing the associated alarm severity Name EFP cross-connect Color representing the associated alarm severity Name • Name in card title and body • Name in card title and body • Number of Ethernet flow points • Number of Ethernet flow points Name in card title Name in card title Cisco Prime Network 4.0 User Guide OL-29343-01 3-3 Chapter 3 Viewing and Managing NE Properties Information Available in Element Icons Table 3-3 Information Displayed in Element Icons by Size (continued) Icon Size Element Type Tiny (Dot) Normal Ethernet flow point Color representing the associated alarm severity Name Ethernet service EVC LSP Endpoint (Working or Protected) LSP Midpoint MPLS-TP Tunnel MPLS-TP Tunnel Endpoint Color representing the associated alarm severity Name Color representing the associated alarm severity Name Color representing the associated alarm severity Name Color Color representing the associated alarm severity Color representing the associated alarm severity Name Name Name Large Huge • Name in card title • Name in card title • Type, such as Trunk, Access, Dot1Q Tunnel, and so on • Type, such as Trunk, Access, Dot1Q Tunnel, and so on • Match criteria • Match criteria • Name in card title • Name in card title • Number of edge EFPs • Number of edge EFPs • Name in card title • Name in card title • Number of instances of domains (VPLS, EoMPLS, bridge, or cross-connect) with a maximum of three lines • Number of instances of domains (VPLS, EoMPLS, bridge, or cross-connect) with a maximum of four lines • Name in card title • Name in card title • Bandwidth • Bandwidth • Attach Business Tag button • Properties button • Name in card title • Name in card title • Forward bandwidth • Forward bandwidth • Reverse bandwidth • Reverse bandwidth • Reverse in and out labels • Reverse in and out labels • Attach Business Tag button • Inventory button • Properties button • Name in card title and body • Attach Business Tag button • Properties button Name in card title and body • Name in card title and body • Name in card title and body • Tunnel identifier • Tunnel identifier • Attach Business Tag button • Inventory button • Properties button Cisco Prime Network 4.0 User Guide 3-4 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Information Available in Element Icons Table 3-3 Information Displayed in Element Icons by Size (continued) Icon Size Element Type Tiny (Dot) Normal Network element Color representing the associated alarm severity Name Pseudowire Pseudowire edge VLAN VPLS VPLS Forward VPN Color representing the associated alarm severity Color representing the associated alarm severity Color representing the associated alarm severity Color representing the associated alarm severity Color representing the associated alarm severity Color representing the associated alarm severity Name Name Name Name Name Name Large Huge • Name in card title • Name in card title • Element model • Element model • IP address • IP address • Software version • Software version • Inventory button • Filter Tickets button • Attach Business Tag button • Name in card title and body • Attach Business Tag button • Properties button Name in card title and body • Name in card title • Name in card title • Local IP address • Local IP address • Peer IP address • Peer IP address • Attach Business Tag button • Inventory button • Properties button • Name in card title • Name in card body • Number of switching entities • Number of edge EFPs Name in card title and body • Name in card title • Name in card title • Number of access EFPs • Number of access EFPs • Number of access pseudowires • Number of access pseudowires • Number of VPLS forwards • Number of VPLS forwards • Name in card title • Name in card title • VPN identifier • VPN identifier • Number of core pseudowires • Number of core pseudowires • Name in card title and body • Attach Business Tag button • Properties button Name in card title and body Cisco Prime Network 4.0 User Guide OL-29343-01 3-5 Chapter 3 Viewing and Managing NE Properties Viewing the Properties of a Network Element Viewing the Properties of a Network Element You can view the general information about a selected network element in the Prime Network Vision map view and view more detailed information by viewing the Properties window for the selected element. You can also perform NE configuration tasks such as changing the NE host name, configuring SNMP settings, adding and managing SNMP traps, and managing other NE server settings (DNS, NTP, RADIUS, TACACs and so forth) using basic commands that are launched from right-click contextual menus. The commands are described in Setting Up Devices and Validating Device Information, page 1-4. Step 1 To view general information about a network element, hover your mouse cursor over the NE icon, and use the mouse scroll to zoom in and out. Step 2 For more detail, open the Properties (inventory) window, double-click the icon. Depending on your selection, either the Properties window or inventory window is displayed with the inventory window providing slightly more information than the Properties window. Figure 3-1 shows the Properties window. Figure 3-1 Properties Window Table 3-4 describes the information displayed in both the Properties and inventory windows. Cisco Prime Network 4.0 User Guide 3-6 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Viewing the Properties of a Network Element Table 3-4 Properties and Inventory Windows Field Description General Tab Element icon Icon representing the element in Prime Network Vision and displaying the current color associated with the element operational health. For more information on severity colors, see Prime Network Vision Status Indicators, page 2-17. The icon might include a badge that indicates an alarm or another item of interest associated with the element. For more information about badges, see Network Element Badges, page 3-8. Element Name Name assigned to the element for ease of identification. Communication State Ability of the VNE to reach the network element and other components in Prime Network. For more information about communication states, see the Cisco Prime Network 4.0 Administrator Guide. Investigation State Level of network element discovery that has been performed or is being performed by the VNE. For more information about investigation states, see the Cisco Prime Network 4.0 Administrator Guide. Vendor Vendor name, as defined in the device MIB. Product Product name of the element, as defined in the device MIB; for example, Router. Device Series Product series that the device belongs to, such as Cisco 7600 Series Routers. Element Type Element model, such as Cisco 7606. Serial Number CPU Usage 1 Serial number of the element. 1 Percentage of CPU currently in use by the element. Memory Usage 1 Amount of memory currently in use by the element. IP Address IP address used for managing the element. System Name Name of the device, as defined in the device MIB. Up Since Date and time the element was last reset. Contact Email address of the person responsible for the element. Location Physical location of the element, as defined in the device MIB. DRAM Usage 1 Percentage of available DRAM currently in use by the element. Flash Device Size NVRAM Size 1 1 Amount of NVRAM available on the element. Software Version Software version running on the element. Software Description Processor DRAM Sending Alarms Amount of flash memory available on the element. 1 1 Description of the system taken from the element. Amount of DRAM currently in use by the element’s processor. Whether or not the element is configured for sending alarms: True or False. Cisco Prime Network 4.0 User Guide OL-29343-01 3-7 Chapter 3 Viewing and Managing NE Properties Viewing the Properties of a Network Element Table 3-4 Properties and Inventory Windows (continued) Field Description Buttons VNE Details Displays the VNE’s general properties, from where you can edit the VNE’s properties, perform maintenance, configure polling rates, and identify IP addresses for which SNMP syslog and trap events are to be generated. For more information, see: VNE Status • VNE Properties Window (VNE Status Button in the content pane of the Inventory Window), page 3-16 • Cisco Prime Network 4.0 Administrator Guide Displays details about the VNE’s communication and connectivity, such as the status of device protocols and whether the device is sending traps and syslogs. For more information, see VNE Communication Status (VNE Details Button in the content pane of the Inventory Window), page 3-17. 1. Displayed only in the inventory window. Network Element Badges Network elements and links can also display badges that are technology-specific, such as a Protected LSP or an STP root. Table 3-5 describes some of the badges that are available in Prime Network Vision. For more information, see the related topics. Table 3-5 Icon Network Element Badges Name Description Related Topic Access gateway An MST or REP access gateway is associated with the element. Viewing Access Gateway Properties, page 12-19 Blocking The element associated with this badge has a REP alternate port. Viewing REP Information in VLAN Domain Views and VLAN Overlays, page 12-63 Clock service A clocking service is running on the associated element. Applying a Network Clock Service Overlay, page 20-48 Lock The associated network LSP is in lockout Viewing MPLS-TP Tunnel state. Properties, page 18-7 Multiple links One or more links is represented by the visual link and at least one of the links contains a badge. Viewing REP Information in VLAN Domain Views and VLAN Overlays, page 12-63 Cisco Prime Network 4.0 User Guide 3-8 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Inventory Window Table 3-5 Icon Network Element Badges (continued) Name Description Related Topic Reconciliation The element with this badge is associated Deleting a Business Element, page 7-7 with a network element that does not exist. For example, the device configuration has changed and a network problem exists. Some elements can be deleted only if their components, such as EFPs, VPLS forwards, or VRFs, display the reconciliation icon. REP primary blocking The element associated with this badge has a REP primary port that is also blocking. Viewing REP Information in VLAN Domain Views and VLAN Overlays, page 12-63 REP primary The element associated with this badge has a REP primary port. Viewing REP Information in VLAN Domain Views and VLAN Overlays, page 12-63 Redundancy service The element associated with this badge is a backup pseudowire or a protected LSP. STP root • Adding an MPLS-TP Tunnel, page 18-5 • Viewing Pseudowire Redundancy Service Properties, page 12-96 The element associated with this badge is Viewing STP Information in a STP root bridge or the root of an STP VLAN Domain Views and tree. VLAN Overlays, page 12-66 Inventory Window Table 3-6 describes the tasks that you can perform from the inventory window and related topics. Table 3-6 Tasks Available from Inventory and Related Topics Task Related Topic Set up devices (server, ports, interfaces, and so forth) and check device information using basic commands (from a right-click menu) Setting Up Devices and Validating Device Information, page 1-4 Add or remove links. Adding Static Links, page 6-15 Generate the Port Utilization graph for physical ports. Generating a Port Utilization Graph, page 3-27 Manage the alarms being sent on a port. Working with Ports, page 3-23 Open Cisco PathTracer and launch a path trace. Using Cisco PathTracer to Diagnose Problems, page 11-1 Cisco Prime Network 4.0 User Guide OL-29343-01 3-9 Chapter 3 Viewing and Managing NE Properties Inventory Window Table 3-6 Tasks Available from Inventory and Related Topics (continued) Task Related Topic Open the Prime Network Command Builder to create customized commands. Cisco Prime Network 4.0 Customization Guide Open the Prime Network Soft Properties Manager to extend the amount of information displayed. Cisco Prime Network 4.0 Customization Guide Check VNE properties and communication status Checking VNE Connectivity and Communication when inventory is incomplete or missing Status, page 3-16 View physical and logical inventory information. View tickets or events for a device, service, or component. • Viewing the Physical Properties of a Device, page 3-19 • Viewing the Logical Properties of a Network Element, page 3-27 Ticket and Events Pane, page 3-15 The inventory window also allows you to view technology-specific information. For more information on viewing technology-specific information in logical inventory or physical inventory, see: • Chapter 12, “Monitoring Carrier Ethernet Services” • Chapter 13, “Monitoring Carrier Grade NAT Properties” • Chapter 14, “Monitoring DWDM Properties” • Chapter 15, “Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties” • Chapter 16, “Monitoring Y.1731 IPSLA Configuration” • Chapter 17, “IPv6 and IPv6 VPN over MPLS” • Chapter 18, “Monitoring MPLS Services” • Chapter 19, “Viewing IP and MPLS Multicast Configurations” • Chapter 20, “Monitoring MToP Services” • Chapter 21, “Viewing and Managing SBCs” • Chapter 22, “Monitoring AAA Configurations” • Chapter 23, “Monitoring IP Pools” • Chapter 24, “Monitoring BNG Configurations” • Chapter 25, “Monitoring Mobile Technologies” • Chapter 26, “Monitoring Data Center Configurations” • Chapter 27, “Monitoring Cable Technologies” • Chapter 28, “Monitoring ADSL2+ and VDSL2 Technology Enhancements” To open the inventory window, do one of the following: • If the element icon is at the largest size, click the Inventory icon. • Double-click an item in the navigation pane or map. • Right-click an element in the navigation pane or map and choose Inventory. Figure 3-2 shows an example of an inventory window. Cisco Prime Network 4.0 User Guide 3-10 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Inventory Window Figure 3-2 Inventory Window 1 2 3 4 5 6 10 320084 9 8 7 1 Navigation pane 6 Content pane 2 Poll Now button (see Performing a Manual Device Poll, page 3-18) 7 Status bar 3 VNE Details button (see VNE Properties Window (VNE Status Button in the content pane of the Inventory Window), page 3-16) 8 Ticket and events pane 4 VNE Status button (see VNE Communication 9 Status (VNE Details Button in the content pane of the Inventory Window), page 3-17) 5 Content pane tabs Device view pane 10 Device view pane toolbar The inventory window displays the physical and logical inventory for the selected item. For more information about the options in the inventory window, see: • Navigation Pane, page 3-12 • Device View Pane, page 3-13 • Device View Pane Toolbar, page 3-14 • Ticket and Events Pane, page 3-15 • Content Pane, page 3-13 Cisco Prime Network 4.0 User Guide OL-29343-01 3-11 Chapter 3 Viewing and Managing NE Properties Inventory Window • Checking VNE Connectivity and Communication Status, page 3-16 • Working with Ports, page 3-23 All areas displayed in the inventory window are correlated; this means that selecting an option in one area affects the information displayed in the other areas. The information displayed in the inventory window varies according to the item selected in the navigation pane. To view logical inventory information, expand the Logical Inventory branch. For more information about logical inventory information, see Viewing the Logical Properties of a Network Element, page 3-27. To view physical inventory information, expand the Physical Inventory branch. For more information about physical inventory information, see Viewing the Physical Properties of a Device, page 3-19. Click Poll Now to update the display with the current VNE information. Click the top right corner to close the inventory window. Navigation Pane The navigation pane in the inventory window displays a tree-and-branch representation of the selected device and its modules. The navigation pane contains two main branches: • Logical Inventory—Includes logical items related to the selected element, such as access lists, ATM traffic profiles, and routing entities. • Physical Inventory—Includes the various device components, such as chassis, satellite, cards, subslots, and so on. When you select an item in the navigation pane, the information displayed in the content pane is updated. You can expand and collapse the branches in the navigation pane to display and hide information as needed. The window heading and the highest level in the navigation pane display the name of the VNE given to the element as defined in Cisco Prime Network Administration. The element icon and status are displayed at the top of the navigation and content panes. The color of the element icon reflects the element operational status. For more information about indicators of operational health and status, see: • Prime Network Vision Status Indicators, page 2-17 • VNE Management States, page 2-19 Status Indicators A status indicator icon appears next to the element icon for any unacknowledged tickets associated with the element. In addition, status indicator icons are displayed next to the specific logical or physical inventory branches that are associated with the ticket. If you click a branch in the navigation pane that contains a status icon, the associated tickets and events are displayed in the tickets and events pane at the bottom of the inventory window. Cisco Prime Network 4.0 User Guide 3-12 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Inventory Window Communication and Investigation State Icons The navigation pane can also display a communication or investigation state icon next to the element icon in the navigation and content panes. For more information about communication and investigation state icons, see VNE Management States, page 2-19. Content Pane The content pane contains two tabs: • General—Contains physical or logical information specific to the item you select in the navigation pane or device view panel; for example, information about pseudowires or the chassis. The General tab can also display context-sensitive tabs and buttons; the buttons displayed depend on your selection in the navigation pane or device view panel. For example, if an ATM port is selected, the Show VC Table, Show Cross-Connect, or Show Encapsulation button might be displayed. • Ports—Lists all ports on the device with their current alarm status, location, and other properties, and enables you to change their status by using a right-click menu. For more information, see Working with Ports, page 3-23. The content pane can also display context-sensitive tabs and buttons; the buttons displayed depend on your selection in the navigation pane or device view panel. For example, if an ATM port is selected, the Show VC Table, Show Cross-Connect, or Show Encapsulation button might be displayed. In addition, you can view the properties of a row in a table by double-clicking the row or by right-clicking the row and choosing Properties. For information about tables that appear in the content pane, see Filtering and Sorting Tabular Content, page 2-42. Device View Pane The device view pane enables you to visually locate elements in the chassis and identify their status. All occupied slots in the chassis are rendered in the device view pane. If a port is down, it is shown in red in both the navigation pane and the device view pane, allowing you to quickly pinpoint the problem. Figure 3-3 provides an example of the device view pane for a Cisco device. The circled slot in the device view pane corresponds to the circled slot in the physical inventory navigation pane. If you click a port in the device view pane (see the circled port), Prime Network Vision displays both the properties of the element and its location in the navigation pane and content pane. Cisco Prime Network 4.0 User Guide OL-29343-01 3-13 Chapter 3 Viewing and Managing NE Properties Inventory Window Figure 3-3 Device View Pane Device View Pane Toolbar The following tools for working with the device view pane: Icon Description Displays an enhanced view of the components within the device in a browse box as you move over the device view panel with the selection tool. Fits the entire view of the element in the device view panel. Cisco Prime Network 4.0 User Guide 3-14 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Inventory Window Ticket and Events Pane The ticket and events pane is displayed at the bottom of the inventory window and contains the following tabs: • Tickets—Displays the tickets that are collected on the selected element, service, or component in the navigation pane. Table 9-3 on page 9-5 describes the information that is available in the Tickets tab. • Network Events—Displays all active network events associated with tickets and alarms, and all archived events with a timestamp that falls within the specified events history size (see Adjusting the Prime Network Vision GUI Client Settings, page 2-40). Table 3-7 describes the information that is available in the Network Events tab. Table 3-7 Network Events Tab in Logical Inventory Field Description Severity Icon indicating the severity of the alarm on the event Event ID Event identifier, assigned sequentially. Time Date and time when the event occurred and was logged and recorded. Description Description of the event. Location Entity that triggered the event. Detection Type Method by which the event was detected, such as Service or Syslog. Alarm ID Identifier of the alarm associated with the event. Ticket ID Identifier of the ticket associated with the event. Causing Event ID Identifier of the causing event. Duplication Count For network events, the duplication count is calculated by the VNE and pertains only to flapping events. The duplication count represents the number of noncleared events aggregated by the flapping event. Reduction Count For network events, the reduction count is calculated by the VNE and pertains only to flapping events. The reduction count represents the number of events that are aggregated by the flapping event. Archived Whether the event is archived: True or False. • Provisioning Events—Available to users with the Configurator role or higher for the selected element. This tab displays provisioning events with their source in the selected element and with a timestamp that falls within the specified events history size (see Adjusting the Prime Network Vision GUI Client Settings, page 2-40). All activations that occur are also included in this tab. Table 8-4 on page 8-5 describes the information that is available in the Provisioning Events tab. Note Provisioning events that are caused by workflows (AVM 66) are not displayed in this table even if the element is affected by the workflow. Cisco Prime Network 4.0 User Guide OL-29343-01 3-15 Chapter 3 Viewing and Managing NE Properties Checking VNE Connectivity and Communication Status When displaying network and provisioning events, Prime Network Vision monitors the history size value defined in the Events tab of the Options dialog box (Tools > Options > Events). The default value is six hours and can be changed in Prime Network Administration. In addition, Prime Network Vision limits the maximum number of network and provisioning events that are sent from the server to client to 15,000 each. If the number of network or provisioning events exceeds the limit specified in the Options Events tab or the 15,000 maximum limit, Prime Network Vision purges the oldest events from table. The purging mechanism runs once per minute. Tip You can display or hide the ticket and events pane by clicking the arrows displayed below the device view panel. Checking VNE Connectivity and Communication Status Virtual Network Elements (VNEs) are the Prime Network entities that simulate managed devices. Each VNE is assigned to manage a single network element instance and is designated by the NE name and IP address. VNEs are created using the Prime Network Administration GUI client. After a VNE is created and started, Prime Network investigates the network element and automatically builds a live model of it including its physical and logical inventory, configuration, and status. As different VNEs build their model, a complete model of the network is created. For the most part, VNE operations are hidden from Prime Network Vision GUI client users because those users are interested in devices, not these back-end processes. But VNEs must have connectivity to a device in order to maintain the NE model. To provide connectivity and polling information, you can view VNE properties from the device inventory: • VNE Status to view the VNE Properties window. This window provides details such as the VNE’s protocol and polling settings and other configuration information. See VNE Properties Window (VNE Status Button in the content pane of the Inventory Window), page 3-16. • VNE Details to view more details about device and VNE connectivity. See VNE Communication Status (VNE Details Button in the content pane of the Inventory Window), page 3-17. VNE Properties Window (VNE Status Button in the content pane of the Inventory Window) Figure 3-4 provides an example of a VNE properties window. This VNE is modeling a Cisco 3620 router. Cisco Prime Network 4.0 User Guide 3-16 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Checking VNE Connectivity and Communication Status Figure 3-4 Note VNE Properties Window VNE status is not the same as device status. A device may be fully reachable and operating even though the VNE status is Down, Unreachable, or Disconnected. The Cisco Prime Network 4.0 Administrator Guide describes these properties in detail, but for a Prime Network Vision GUI Client user, probably the most important information is the VNE status. VNE Communication Status (VNE Details Button in the content pane of the Inventory Window) Figure 3-5 provides an example of a VNE Status Details window for a different VNE. This window provides information about the VNE and device connectivity. Cisco Prime Network 4.0 User Guide OL-29343-01 3-17 Chapter 3 Viewing and Managing NE Properties Checking VNE Connectivity and Communication Status Figure 3-5 VNE Status Details Window The VNE Status Details window provides this information about the VNE: • Its management connectivity state, which has to do with how the VNE was configured • The protocols the VNE is using to communicate with the device and the status of each • Whether the device is generating syslogs or traps In the Management State area, if the Reduced Polling field is true and the Investigation State is Currently Unsychronized, refer to the information in the topic Performing a Manual Device Poll, page 3-18. This information can be useful to users who are troubleshooting device problems. For more information about the VNE Status Details window, see the Cisco Prime Network 4.0 Administrator Guide. Performing a Manual Device Poll The VNE settings determine how often a VNE polls a device to update its model. Some VNEs use the reduced polling (also called event-based polling) mechanism. A reduced polling VNE polls the device when a configuration change syslog is received and immediately updates the VNE information accordingly. In other words, updates are driven by incoming events. The risk with reduced polling is dropped events. But if an event is dropped, the network element shows a Currently Unsynchronized investigation state. If you notice this VNE state, initiate polling by right-clicking the element and choosing VNE Tools > Poll Now. For more information about reduced polling, see the Cisco Prime Network 4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide 3-18 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Viewing the Physical Properties of a Device Viewing the Physical Properties of a Device Each device that is managed by Prime Network is modeled in the same manner. The physical inventory reflects the physical components of the managed network element, as shown in Table 3-8. Table 3-8 Icon Physical Inventory Icons Device Chassis Satellite Shelf Card/Subcard Port/Logical Port Pluggable Transceiver Unmanaged Port Physical inventory is continuously updated for both status and configuration. The addition of a new card, the removal of a card, or any change to the device is reflected by the VNE and updated instantly. If you physically remove an item that Prime Network Vision is managing, the following changes occur in physical inventory, depending on the item removed: • Removing an item other than a pluggable transceiver results in the following changes: – The color of the icon in physical inventory changes to black. – The item’s status changes to Out. The other properties of the removed item reflect the most recent value that was updated from the device with the following exceptions: – Cards—If the card was participating in a card redundancy configuration, the redundancy state changes to None. – Port—The operational status of the port changes to Down. • Removing a pluggable transceiver results in the following changes: – The color of the pluggable transceiver icon changes to gray. – The pluggable transceiver status changes to Disabled. – In the Pluggable Transceiver panel: — The properties are no longer displayed. — The connector type changes to Unknown. — The pluggable port state changes to Out. Cisco Prime Network 4.0 User Guide OL-29343-01 3-19 Chapter 3 Viewing and Managing NE Properties Viewing the Physical Properties of a Device Fans and power supplies are displayed in physical inventory if they are field replacable units (FRUs). The manner in which the fans are displayed depends on whether the fans can be separated or not: • If the fans under the fan trays are inseparable, only the fan trays are represented. • If the fans under the fan trays can be separated, they are shown as separate items in physical inventory. The window displayed for all the devices is similar in appearance. However, the individual sections that are displayed depends on the selected item. For example, when a port that supports pluggable transceivers is selected, the Pluggable Transceiver section is displayed. This section provides information such as the port connector’s type and serial number, as well as an indication whether a transceiver is currently plugged in. Figure 3-6 shows an example of a selection in physical inventory and the available buttons. Figure 3-6 Physical Inventory Example Cisco Prime Network 4.0 User Guide 3-20 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Viewing the Physical Properties of a Device 1 Poll Now button Poll the VNE and update the information as needed. For more information, see Performing a Manual Device Poll, page 3-18. 2 Show VC Table button Displays virtual circuit (VC) information for the selected port. For more information, see Viewing ATM VPI and VCI Properties, page 20-10. 3 4 Show Cross Connect button Displays cross-connect information for incoming and outgoing ports. Show Encapsulation button Displays encapsulation information for incoming and outgoing traffic for the selected item. For more information, see Viewing ATM Virtual Connection Cross-Connects, page 20-6. For more information, see Viewing Encapsulation Information, page 20-11. 5 6 Disable Sending Alarms button Enables you to manage the alarms on a port. Port Utilization Graph button Displays the selected port traffic statistics: Rx/Tx Rate and Rx/Tx Rate History. For more information, see Working with Ports, page 3-23. For more information, see Generating a Port Utilization Graph, page 3-27. — Show DLCI Table button (not displayed) Displays data-link connection identifier (DCLI) information for the selected port. The buttons that are displayed in the physical inventory content pane depend on the selected port. For information about configuring topology from a port, see Adding Static Links, page 6-15. For a detailed description of device properties, see Viewing the Properties of a Network Element, page 3-6. Redundancy Support In Prime Network, redundancy is modeled as part of the physical inventory. You can view the redundancy parameters including the following: Note • Redundancy Configured—Indicates whether redundancy is configured for the Route Switch Processor (RSP) or Route Processor (RP) card. This parameter displays “Working” if redundancy is configured and “None” if it is not configured. • Redundancy Status—Indicates the redundancy status of the RSP or RP card, which can be Active or Standby Mode. • Redundancy Type—The type of redundancy, which can be Stateful or Stateless. This parameter is available only for Cisco ASR9000 and Cisco ASR903 series routers. • Redundancy Info—Provides information about the redundancy technology that is configured. For example, Nonstop Routing (NSR), Stateful Switchover (SSO), or Route Processor Redundancy (RPR). This parameter is available only for Cisco ASR9000 and Cisco ASR903 series routers. If SSO is configured, then the Redundancy type will be Stateful. If RPR is configured, then the Redundancy Type will be Stateless. Cisco Prime Network 4.0 User Guide OL-29343-01 3-21 Chapter 3 Viewing and Managing NE Properties Viewing the Physical Properties of a Device Viewing Satellite Properties Prime Network provides satellite support for Cisco Aggregation Service Router (ASR) 9000 series network elements. Satellites are used to enhance performance bandwidth of Cisco ASR 9000 network elements. Each satellite is modeled as a chassis in the physical inventory. To view the satellite properties: Step 1 In Cisco Prime Network Vision, double-click the required device. Step 2 In the Inventory window, choose Physical Inventory > Satellite. Satellite is modeled as a type of chassis in the physical inventory. Figure 3-7 shows an example of the information (including the slots) displayed when a satellite is selected in the physical inventory branch of the inventory window. Figure 3-7 Satellite Properties Cisco Prime Network 4.0 User Guide 3-22 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Working with Ports One or more satellites are connected to the host Cisco ASR 9000 series network element by using the physical ethernet links, which also act as inter-chassis links (ICLs) for connecting the satellites with the other chassis or satellites within the host. To view the satellite ICLs, choose the Satellite ICL container in the logical inventory of the device. The content pane displays a list of satellite ICLs with the following details. Table 3-9 Satellite ICL Properties Field Description Host Interface Interface by which satellite is configured on the host network element. Click the hyperlink to view the interface properties in the physical inventory. Satellite IC Interface Inter-chassis interface used by the satellite. Click the hyperlink to view the satellite interface properties in the physical inventory. Satellite ID Satellite ID. Click the hyperlink to view the satellite properties in the physical inventory. Satellite Port Range Port associated with the satellite. Satellite Status Connection status of the satellite: Connected or Disconnected. Fabric Link Status Status of the fabric link connected to the satellite. Working with Ports The following topics describe some of the options available for working with ports: • Viewing Port Status and Properties, page 3-23 • Viewing a Port Configuration, page 3-25 • Disabling and Enabling Alarms, page 3-26 • Generating a Port Utilization Graph, page 3-27 You can also perform port configuration tasks such as managing port descriptions, changing port status, assigning ports to VLANs, and so forth using basic commands that are launched from right-click contextual menus. The commands are described in Setting Up Devices and Validating Device Information, page 1-4. Viewing Port Status and Properties Prime Network Vision displays all ports on a device in the Ports tab in the inventory window. This information is available to users with an Operator or higher role on the selected device. Users with a Configurator or higher role can modify the status of a single port or a selected group of ports as described in the following sections: • Disabling and Enabling Alarms, page 3-26 • Generating a Port Utilization Graph, page 3-27 You can export the port list from Prime Network Vision by using the Export to CSV option in the toolbar. Cisco Prime Network 4.0 User Guide OL-29343-01 3-23 Chapter 3 Viewing and Managing NE Properties Working with Ports Figure 3-8 shows an example of the Ports tab in the inventory window. Figure 3-8 Ports Tab in the Inventory Window Table 3-10 describes the information that is displayed in the Ports tab. Table 3-10 Ports Tab in the Inventory Window Field Description Location Location of the port in the device, using the format slot.module/port, such as 1.GigabitEthernet1/14. Type Port type, such as RJ45 or Pluggable. Sending Alarms Whether or not the port is configured for sending alarms: True or False. Pluggable Transceiver For the Pluggable port type, indicates that the port can hold a pluggable transceiver. Port Alias Name used in the device CLI or EMS for the port. Managed Whether or not the port is managed: True or False. Status Port status, such as OK, Major, or Disabled. Cisco Prime Network 4.0 User Guide 3-24 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Working with Ports Viewing a Port Configuration In addition to viewing logical inventory information from the logical inventory branch, you can view services provisioned on physical ports by clicking a physical port in the physical inventory branch. Information that is displayed includes: • Physical layer information. • Layer 2 information, such as ATM and Ethernet. • Subinterfaces used by a VRF. You can also perform port configuration tasks such as managing port descriptions, changing port status, assigning ports to VLANs, and so forth using basic commands that are launched from right-click contextual menus. The commands are described in Setting Up Devices and Validating Device Information, page 1-4. That topic also describes commands for configuring interfaces. To view a port’s configuration: Step 1 In Cisco Prime Network Vision, double-click the required device. Step 2 In the inventory window, choose Physical Inventory > Chassis > Slot > Subslot > Port. Figure 3-9 shows an example of the information (including the subinterfaces) displayed when a port is selected in the physical inventory branch of the inventory window. Figure 3-9 Port Information in the Inventory Window Cisco Prime Network 4.0 User Guide OL-29343-01 3-25 Chapter 3 Viewing and Managing NE Properties Working with Ports The subinterface is a logical interface defined in the device; all of its parameters can be part of its configuration. Table 3-11 describes the information that can be displayed in the Subinterfaces table. Not all fields appear in all Subinterfaces tables. Table 3-11 Subinterfaces Table Field Description Address IP address defined in the subinterface. Mask Subnet mask. VLAN Type Type of VLAN, such as Bridge or IEEE 802.1Q. Double-click the entry to view the Port IP VLAN Properties window containing: • VLAN type • VLAN identifier • Operational status • A brief description of the VLAN Operational State Operational state of the subinterface. VLAN ID VLAN identifier. Inner VLAN CE-VLAN identifier. IP Interface IP interface, hyperlinked to the VRF properties in the inventory window. VRF Name Name of the VRF. Is MPLS Whether this is an MPLS interface: True or False. VC Virtual connection (VC) configured on the interface, hyperlinked to the VC Table window. For more information about VC properties, see Viewing ATM Virtual Connection Cross-Connects, page 20-6. Tunnel Edge Hyperlinked entry to the specific tunnel edge in logical inventory. Binding Hyperlinked entry to the specific bridge or pseudowire in logical inventory. Disabling and Enabling Alarms By default, alarms are enabled on all ports. When the alarms are disabled on a port, no alarms are generated for the port and they are not displayed in the ticket and events pane. To disable alarms on ports: Step 1 Open the inventory window for the required device. Step 2 To disable alarms on individual ports, right-click the port and choose Disable Sending Alarms. The Sending Alarms field displays the value false, indicating that the alarm for the required port has been disabled, and the content pane displays the Enable Sending Alarms button. Cisco Prime Network 4.0 User Guide 3-26 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Viewing the Logical Properties of a Network Element Step 3 To disable alarms on one or more ports at the same time: a. In the inventory window, click the Ports tab. b. In the Ports table, select the required ports. You can select multiple ports by using the Ctrl and Shift keys. c. Right-click one of the selected ports, and choose Disable Sending Alarms. In response, the Sending Alarms field displays the value false for the selected ports. To enable alarms, use the previous procedure but choose Enable Sending Alarms. Generating a Port Utilization Graph Prime Network Vision enables you to view the Rx/Tx Rate and Rx/Tx Rate History of a port. Note Port utilization graphs are for physical ports only. Port utilization graphs are not available for ATM, E1/T1, or ATM IMA interfaces that are included in an IMA group. To view port utilization statistics: Step 1 Open the inventory window and select the required port in physical inventory. Step 2 In the Ethernet CSMA/CD section, click Port Utilization Graph. The following information is displayed in the Port Statistics dialog box: Step 3 • Rx Rate—The reception rate as a percentage. • Rx Rate History—The reception rate history is displayed as a graph. • Tx Rate—The transmission rate as a percentage. • Tx Rate History—The transmission rate history is displayed as a graph. Click to close the Port Statistics dialog box. Viewing the Logical Properties of a Network Element Prime Network Vision enables you to view logical inventory information. Prime Network Vision maintains logical inventory for each network element. The logical inventory reflects dynamic data such as configuration data, forwarding, and service-related components that affect traffic handling in the element. The information displayed in the inventory window changes according to the type of element and branch selected in the navigation pane. You can also perform interface configuration tasks such as enabling and disabling interfaces, adding a loopback interface, showing interface briefs, and so forth using basic commands that are launched from right-click contextual menus. The commands are described in Setting Up Devices and Validating Device Information, page 1-4. That topic also describes commands for configuring ports. Cisco Prime Network 4.0 User Guide OL-29343-01 3-27 Chapter 3 Viewing and Managing NE Properties Viewing the Logical Properties of a Network Element Logical Inventory Window Logical inventory information is displayed in the inventory window as shown in Figure 3-10. Figure 3-10 Note Logical Inventory Information Displayed in the Inventory Window For more information about opening the inventory window, see Inventory Window, page 3-9. Cisco Prime Network 4.0 User Guide 3-28 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Viewing the Logical Properties of a Network Element Logical Inventory Navigation Pane Branches Table 3-12 describes the branches that appear in the logical inventory navigation pane. Table 3-12 Logical Inventory Navigation Pane Branches This branch... Provides information about... 6rd IPv6 rapid development (6rd) tunnels Access Gateway Multiple Spanning Tree (MST) and Resilient Ethernet Protocol (REP) access gateways (AGs) Access Lists Access lists ATM Traffic Profiles Traffic profiles for ATM Bidirectional Forwarding Detection Bidirectional Forwarding Detection BridgeILans Provider Backbone Bridge (PPB) Bridges Configured VLANs Carrier Grade NAT Carrier Grade Name Address Translation (NAT) CFM Connectivity Fault Management (CFM) Cisco Discovery Protocol Cisco Discovery Protocol (CDP) Clock Network clock service, clock recovery, and Precision Time Protocol (PTP) configuration Context Name Context that is configured on devices that support multiple virtual contexts DTI Client DOCSIS Timing Interface (DTI) client that collects DTI server master clock, DOCSIS timestamp, and Time of Day information from the DTI Server Ethernet Link Aggregation Ethernet aggregation groups Ethernet LMI Ethernet Local Management Interface (LMI) Fibre Node CMTS Configuration by Multiple Server Operator (MSO) or service provider Frame Relay Traffic Profiles Traffic profiles for Frame Relay GRE Tunnels Generic routing encapsulation (GRE) tunneling protocol for IP tunnels ICCP Redundancy Inter-Chassis Communication Protocol (ICCP) redundancy groups IMA Groups Inverse Multiplexing over ATM (IMA) groups IP SLA Responder Cisco IOS Service Level Agreements (SLAs) IS-IS Intermediate System-to-Intermediate System (IS-IS) protocol Link Layer Discovery Protocol Link Layer Discovery Protocol (LLDP) Local Switching Local switching LSEs Local switching for MPLS interfaces MAC Domain CMTS Mac Domain implementing DOCSIS function on downstream and upstream paths Cisco Prime Network 4.0 User Guide OL-29343-01 3-29 Chapter 3 Viewing and Managing NE Properties Viewing the Logical Properties of a Network Element Table 3-12 Logical Inventory Navigation Pane Branches (continued) This branch... Provides information about... MLPPP Multilink Point-to-Point (MLPPP) configurations Modular OS Modular operating systems for Cisco IOX XR devices MPBGPs Properties associated with provider edge (PE) network elements. The Multiprotocol Border Gateway Protocols (MP-BGPs) inventory folder contains information such as BGP identifier, local and remote Autonomous System (AS), VRF name, cross-VRF routing, and so on. MPLS-TP MPLS Transport Profile (MPLS-TP). Narrowband Channels DOCSIS 1.x/2.0 protocol downstream channel that contians one RF channel OAM Link operations, administration, and maintenance (OAM). Operating System Operating systems for Cisco IOS devices. OSPF Processes OSPF processes, such as the Shortest Path First (SPF) timer settings, OSPF neighbors, and OSPF interfaces. Pseudowires Pseudowire end-to-end emulation (PW3E) tunnels. Resilient Ethernet Protocol Resilient Ethernet Protocol (REP). Routing Entities Routing table entries and IP interfaces. Session Border Controller Session Border Controller (SBC) configuration. Spanning Tree Protocol Spanning Tree Protocol (STP) and Multiple Spanning Tree Protocol (MSTP) configurations. Traffic Engineering Tunnels Traffic engineering (TE) tunnels. Tunnel Traffic Descriptors Tunnel traffic descriptors associated with the element. VC Switching Entities Cross-connects and VC traffic. VRFs Virtual Routing and Forwarding (VRF). VSIs Virtual Switch Interface (VSI) instance names, associated pseudowire information, virtual circuit IDs, and so on. VTP VLAN Trunk Protocol (VTP) domain names, modes, version numbers, and so on. Wideband Channels Physical RF channels over which MPEG-TS packets are carried Logical Inventory Navigation Pane Icons Each branch in the logical inventory navigation pane is represented by an icon and, if appropriate, includes an icon indicating the status. Table A-3, “Logical Inventory Icons” describes the icons used in the logical inventory navigation pane. Cisco Prime Network 4.0 User Guide 3-30 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Viewing Device Operating System Information Logical Inventory Content Pane Tabs Table 3-13 describes the tabs that are displayed in the logical inventory content pane when you select Logical Inventory, depending on the device configuration. Note Prime Network Vision does not display the tabs in Table 3-13 for devices that support multiple contexts. Instead, when you select Logical Inventory for a device that contains multiple contexts, Prime Network Vision displays a Contexts table that lists the contexts configured on the device. Table 3-13 Logical Inventory Content Pane Tabs Tab Description Data Link Aggregation Containers Lists the data link aggregations configured on the selected entity, such as Ethernet link aggregations. Encapsulation Aggregation Containers Lists the encapsulation aggregations configured on the selected entity. Forwarding Component Containers Lists the context profiles for which logical inventory information can be displayed, such as routing entities and bridges. Operating System Provides information about the operating system on the selected entity. Physical Layer Aggregation Containers Lists aggregations configured at the physical layer for the selected entity, such as IMA groups. Processes Lists the processes running on the selected entity, such as Clock or CDP. Traffic Descriptors Lists the profiles for which logical inventory information can be displayed, such as Frame Relay traffic profiles and Address Resolution Protocol (ARP) entities. Tunnel Containers Lists the types of tunnels that are configured on the selected entity, such as pseudowires or GRE tunnels. Viewing Device Operating System Information Prime Network Vision discovers and automatically displays operating system information for Cisco IOS, Cisco IOS XR, and Cisco IOS XE devices in logical inventory. For other devices, choose the element name at the top of the inventory window navigation pane. Cisco Prime Network 4.0 User Guide OL-29343-01 3-31 Chapter 3 Viewing and Managing NE Properties Viewing Device Operating System Information To view operating system information for Cisco IOS, Cisco IOS XR, or Cisco IOS XE devices: Step 1 In Prime Network Vision, double-click the required device. Step 2 For a Cisco IOS device, view information about the operating system by clicking Logical Inventory and choose the Operating System tab. Table 3-14 describes the information that is displayed in the Operating System tab. Table 3-14 Operating System Information in Logical Inventory Field Description Is K9Sec Whether or not the K9 security feature is enabled on the operating system: True or False Family Cisco family, based on the device platform, such as CRS_IOS or C12K_IOS_XR. SDR Mac Addr Secure Domain Router (SDR) MAC address. This field applies to Cisco IOS XR devices only. Step 3 Software Version Cisco IOS software version, such as 12.2(33)SRC3, Release Software (fc2). Boot Software Cisco IOS system image information. ROM Version Cisco IOS bootstrap software version, such as 12.2(17r)SX3. For a Cisco IOS XR device, view information about the operating system by opening the inventory window and choosing Logical Inventory > Modular OS. Figure 3-11 shows an example of the information that is displayed for Cisco IOS XR devices. Cisco Prime Network 4.0 User Guide 3-32 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Viewing Device Operating System Information Figure 3-11 Modular OS Information in Logical Inventory Table 3-15 describes the information that is displayed for Cisco IOS XR system. Table 3-15 Modular OS Information in Logical Inventory Field Description Is K9Sec Whether or not the K9 security feature is enabled on the operating system: True or False Cw Family Cisco family, based on the device platform, such as CRS_IOS_XR or C12K_IOS_XR. SDR Mac Addr Secure Domain Router (SDR) MAC address. OS Version Cisco IOS XR software version, such as 3.8.0[00]. Boot Software Cisco IOS XR system image information. SDR Name SDR name. SDR Id SDR identifier. ROM Version Cisco IOS XR bootstrap software version, such as 1.51. RAM Size Size, in kilobytes, of the device processor RAM. Cisco Prime Network 4.0 User Guide OL-29343-01 3-33 Chapter 3 Viewing and Managing NE Properties Running an Activation from the Activation Menu Table 3-15 Modular OS Information in Logical Inventory (continued) Field Description OS Packages Table Package Info Information on the individual package and its version, such as disk0:hfr-admin-3.9.3.14 Package Description Description of the package, such as FPD (Field Programmable Device) Package. Composite Name Composite package name of the package with the date and time, such as: Tues Feb 8 20:37:07.966 UTC disk0:comp-hfr-mini-3.9.3.14 Table 3-16 describes the information that is displayed for modular operating systems in the Operating System tab. Table 3-16 Modular OS Information in Operating System Tab Field Description Is K9Sec Whether or not the K9 security feature is enabled on the operating system: True or False Family Cisco family, based on the device platform, such as CRS_IOS_XR or C12K_IOS_XR. Software Version Cisco IOS XR software version, such as 4.0.0[Default]. SDR Mac Addr Secure Domain Router (SDR) MAC address. Boot Software Cisco IOS XR system image information. SDR ID SDR identifier. SDR Name SDR name. ROM Version Cisco IOS XR bootstrap software version, such as 1.54. Running an Activation from the Activation Menu Note Transaction Manager replaces the Prime Network Workflow and Action features in all new installations of Prime Network 4.0. If you have upgraded to Prime Network 4.0, the Workflow and Activation features are still available, but they will be deprecated in the future. We recommend that you use Transaction Manager. Transaction Manager is described in the Cisco Prime Network 4.0 Customization Guide. You can run activation wizards from the GUI client using the Activations main menu. These are wizards that have been created using the Activation Wizard Builder (AWB), which is described in the Cisco Prime Network 4.0 Customization Guide. You can only run activations on devices that are within your device scope. Cisco Prime Network 4.0 User Guide 3-34 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Running an Activation from the Activation Menu These topics describe how to run activations: • Network Activation Window, page 3-35 • Running Activations, page 3-35 • Searching for Activations (Activation History), page 3-36 • Rolling Back an Activation, page 3-36 • Cloning an Existing Activation, page 3-37 • Deleting Activations, page 3-37 Network Activation Window Note Transaction Manager replaces the Prime Network Workflow and Activation features in all new installations of Prime Network 4.0. If you have upgraded to Prime Network 4.0, the Workflow and Activation features are still available, but they will deprecated in the future. We recommend that you use Transaction Manager. Operators can access Activation wizards by launching them from the Activation menu in Prime Network Vision. The window is divided into the following parts. Activation Menu Choices Description Activation Displays available activation wizards. From here operators can launch the wizards, enter the necessary information, and run the activation. Activation History Displays all the activations that have been executed. Activation Modification Utility Used by activation planners to download and upload wizard files. Tip A best practice is to use the AWB to upload and download wizard files. Running Activations Activations can be launched from the Prime Network Vision GUI client. Note The Cisco Developer Network (CDN) has some scripts that you can use as examples for using the framework. Other activation scripts are only available through Cisco Advanced Services. Step 1 From the Vision main menu, choose Activation > Activation. This opens a menu that lists the activations that the user can launch, depending on their user access role. Step 2 Expand the tree and highlight the activation wizard you want to launch, and click Next. Step 3 Enter all of the required data. You can only run activations on devices that are within your device scope. Cisco Prime Network 4.0 User Guide OL-29343-01 3-35 Chapter 3 Viewing and Managing NE Properties Running an Activation from the Activation Menu Step 4 Step 5 Check your entries and preview your changes: a. Click the User Input tab and check all of the values you entered. b. Click the Preview Configuration tab, which displays and validates the CLI commands that will be run on the device. It also highlights any errors so that you can make corrections to your input. Run the activation. Note Step 6 You might be prompted to enter your device access credentials. Once you have entered them, these credentials will be used for every subsequent activation in the same GUI client session. If you want to change the credentials, click Edit Credentials. View the output: a. Select the activation in the Activation History window, right-click and choose Show Output. The information presented in similar to the data displayed in Step 4 except it reflects the real runtime results. – Workflow Output—The sequence of commands that were run on the devices. – CLI Output—The actual CLI commands that were executed for the selected activation (for activations with an Add operation and a Done state). b. If you want to view the output at a later time, export the activation to a local drive by clicking Export to File. We recommend that you do not change the file type in case you seek help from a support team. Searching for Activations (Activation History) The Activation History window displays information about executed activations, even if the activations failed. The window displays a user-friendly search tools that allow you to locate specific activations and filter the results. A counter displays the total number of activations in the system. Keep the following in mind when using the Activation History window: • Searches are case-insensitive and wild card characters are not supported. • Results are returned only if the utility can match attributes with data in the database. If the search results display any empty fields, this is most likely because the search criteria was not entered correctly. If you confirm that the attributes were entered correctly and the fields are still empty, the attributes were probably not used by the activation so they were not saved in the database. Rolling Back an Activation Completed activations can be deactivated—that is, rolled back—to return a device to its original configuration. The rollback is a best effort; in some cases complete rollbacks may not be possible. Before you roll back and activation, you can preview the CLI configuration sequence that will be executed before the rollback is performed. Cisco Prime Network 4.0 User Guide 3-36 OL-29343-01 Chapter 3 Viewing and Managing NE Properties Running an Activation from the Activation Menu Step 1 From the Activation menu, choose Activation History. The Activation History window displays a list of recent activation attempts. Step 2 If necessary, search for the desired activation (see Searching for Activations (Activation History), page 3-36). Step 3 Select the activation and view its details. Activations can be rolled back if the Operation column displays Add and the State column displays Done. Note Step 4 You can attempt a deactivation on an aborted activation to clean up partial rollbacks, but the cleanup is a best effort. Right-click the selected activation and choose Deactivate Preview. You should verify the information in the User Input tab and the Preview configuration tab (errors will be highlighted). If you want to test the deactivation on a single device before performing it on all selected devices, export the preview deactivation sequence to you local drive using Export to File. Then you can copy and paste the commands to a specific device. Step 5 Right-click the selected activation and choose Deactivate. Step 6 On the confirmation dialog box, click Yes and Close. Cloning an Existing Activation Cloning is useful when you know you will have to repeat an activation in the future. The cloning process saves all of the values that you entered in the original activation. This is useful when you have to perform a deactivation, but you know it will be followed be a re-activation with the same settings. Step 1 From the Activation menu, choose Activation. Step 2 Select the activation that you want to clone and click Clone Activation. The Activation History window is displayed. Step 3 Search for the specific activation deployment that contains the settings you want to clone. Note Step 4 The search results return the search based on the activation you have selected. Click OK. The activation clone is created. Deleting Activations Users with Administrator privileges can delete activations and activation templates from the Prime Network Administrator GUI client. Executed activations are automatically purged from the Prime Network database according to the purging settings set by the administrator. For more information on the Administrator GUI client, see the Cisco Prime Network 4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide OL-29343-01 3-37 Chapter 3 Viewing and Managing NE Properties Running an Activation from the Activation Menu Cisco Prime Network 4.0 User Guide 3-38 OL-29343-01 CH A P T E R 4 Device Configurations and Software Images Cisco Prime Network Change and Configuration Management (CCM) provides tools for managing the software images and device configuration files used by the devices in your network. CCM is also the launch point for the following Prime Network features: • Transaction Manager, which is used to manage and execute activations on groups of devices. Information appears in the Transaction Manager tab only if transactions have been created outside of Prime Network and then added to Prime Network, as described in the Cisco Prime Network 4.0 Customization Guide. • Command Manager, which provides a repository of all commands available in the system. It can be used to create new commands and command sequences, which can then be applied to groups of devices. Command Manager is described in the Cisco Prime Network 4.0 Customization Guide. . These topics provide an overview of the features that CCM provides, some initial setup tasks you must perform, and how to work with the GUI: • What is Change and Configuration Management?, page 4-1 • Set Up Change and Configuration Management, page 4-3 • Use the CCM Dashboard, page 4-10 • Device Configurations, page 4-12 • Software Images, page 4-26 • Configuration Audit, page 4-45 • Compliance Audit, page 4-50 • Global Settings and Administration, page 4-61 For information on the devices supported by CCM, see Cisco Prime Network 4.0 Supported Cisco VNEs. What is Change and Configuration Management? Cisco Prime Network Change and Configuration Management provides tools that allow you to manage the software and device configuration changes that are made to devices in your network. Device configuration management tools are provided by the Configuration Management (CM) function, and software image management tools are provided by the Image Management function. Operations can be performed on user-created groups of devices. For more information on user-defined device groups, see Device Groups Setup Tasks, page 4-9. Cisco Prime Network 4.0 User Guide OL-29343-01 4-1 Chapter 4 Device Configurations and Software Images What is Change and Configuration Management? Configuration Management Configuration Management enables you to control and track changes that are made to a device configuration. It uses a change management feature to detect ongoing changes to devices in two ways: • When doing periodic archiving of device configurations. If CM detects a change in a configuration file, it will get the new version of the file from the device and copy it to the archive. • When a configuration change notification is received from a device. This is called event-triggered archiving. You can configure CM to copy a new version of a configuration file to the archive whenever a change is detected, or to queue the changes and then copy the files to the archive according to a schedule. By default, neither of these methods are enabled. You can configure them from the Configuration Management Settings page (see Configuration Management Setup Tasks, page 4-5). Change Logs provide information on the changes made to devices in the network, sorted by their time stamp. The Configuration Management Settings page controls how long these logs are saved. CM saves messages that can be used for debugging in PRIME_NETWORK_HOME/XMP_Platform/logs/ConfigArchive.log. Note All configuration management operations are performed only on devices with Communication State as Reachable and Investigation State as Operational, Partially Discovered, or Currently Unsynchronized. For a Cisco IOS device with SNMPv3 configuration, configuration management operations can be performed only if the device is configured with write permission for CISCO-CONFIG-COPY-MIB MIB group. Compliance Audit (and Configuration Audit) Compliance Audit ensures that existing device configurations comply to your deployment’s policies. Using Compliance Audit, you can create policies that can contain multiple rules, and policies can be grouped together to create a policy profile which can be run on a set of devices, called audit of devices. There is no limit on the number of policies, profiles, rules, and conditions that you can create using Compliance Audit. It can scale up to 35,000 devices. When a device is detected to be not confirming to a determined policy, Compliance Manager calls it a violation. Subsequently, if available, it also recommends a fix, as configured by the administrator. The violation details are saved in DB Schema for your reference later. Compliance Audit replaces Configuration Audit (although Configuration Audit is still available.) Image Management Image Management provides tools for performing rapid, reliable software upgrades and automate the steps associated with upgrade planning and monitoring. This topic provides an overview of both features and an introduction to the Change and Configuration Management dashboard. Cisco IOS and Cisco IOS XR software images are stored in the Prime Network image repository, to which you can add new images by importing them from Cisco.com, from existing devices, from a local file system, or from an external image repository. Software images in the repository are stored in binary format. Before an image is distributed, NEIM performs an upgrade analysis to ensure that the network element is compatible with the image; after an image is distributed, the images are applied immediately. For Cisco IOS XR devices, you can add individual packages, deactivate packages, test changes before committing them, commit changes, and roll packages back to stored rollback points. The image repository is located in the Cisco Prime database. NEIM saves messages that can be used for debugging in PRIME_NETWORK_HOME/XMP_Platform/logs/NEIM.log. Cisco Prime Network 4.0 User Guide 4-2 OL-29343-01 Chapter 4 Device Configurations and Software Images Set Up Change and Configuration Management Note All image management operations are performed only on completely managed devices. (This means the Communication State of the device must be Reachable and Investigation State of the device must be Operational.) Note We recommend that you verify that an image operation is correct on a single device, preferably in a lab, prior to distributing and activating a change in image on multiple devices in a production network. Set Up Change and Configuration Management The following topics explain the setup tasks required for Change and Configuration Management: • Prime Network Setup Tasks, page 4-3 • Device Setup Tasks, page 4-4 • Configuration Management Setup Tasks, page 4-5 • NEIM Setup Tasks, page 4-7 • Device Groups Setup Tasks, page 4-9 Prime Network Setup Tasks Verify the following: • You can control user access in two ways: – By requiring users to enter device credentials before they can execute a CCM operation – By allowing users to run CCM jobs only if they have been granted those privileges (controlled in their user account) For information on enabling these features, see the information on global user settings in the Cisco Prime Network 4.0 Administration Guide. • Verify that CCM is installed. The installation process is described in the Cisco Prime Network 4.0 Installation Guide. CCM can be installed using the network-conf command. The guide includes information about supported browsers, ports that must be available, and so forth. To check if CCM is installed, log into the Prime Network gateway and enter the following command: # cd $PRIME_NETWORK_HOME/Main # dmctl status If you see the following in the output, CCM is installed and running. - Checking Prime Network Web Server Status • [UP] Verify the port to be used. 8043 is the secure HTTP port enabled by default for Change and Configuration Management web client. However, you can still use port 8080 to launch the Change and Configuration Management GUI. To do so, you must manually enable it using this command: # # # # cd $NCCM_HOME/scripts/ ./nccmHTTP.csh enable dmctl stop dmctl start Cisco Prime Network 4.0 User Guide OL-29343-01 4-3 Chapter 4 Device Configurations and Software Images Set Up Change and Configuration Management To disable port 8080, perform the same operation but use the disable argument. • The SCP port being used by a device must match the SCP port configured in the device VNE (the VNE is Prime Network's model of the device). If a device is not using the default SCP port, be sure that the VNE is also configured with the correct port. You can change the VNE's SCP port from the Administration GUI client by editing the VNE properties (the Telnet/SSH tab). See the description of VNE properties in the Cisco Prime Network 4.0 Administration Guide. • If a gateway is behind a firewall, you must open special ports. You do not have to open special ports if units are located behind firewalls (and with NAT). This approach prevents issues when the unit is behind NAT, as the unit does not require a publicly available IP address for the gateway to contact it. • SNMP read-write community in Cisco Prime Network Administration must match that on the devices. Make sure that pop-up windows are enabled on the Firefox and Internet Explorer browsers. • For IPv6, CM and NEIM functions run smoothly on a combination of network and devices with IPv6 addresses. Either the device or the unit must be configured with an IPv6 address to work. For Cisco IOS devices with IPv6 address, the CM and NEIM operations will work only in FTP mode. • For NEIM, verify that the gateway has sufficient space for the storing and staging directories (see Change Image Management Global Settings, page 4-66). • For config and image transfers using TFTP, verify that the TFTP directory is set up and available in the Prime Network gateway and/or unit. To modify and verify the TFTP directory, run the following commands: – To change the TFTP directory, go to the Prime Network directory and run the following commands in the Prime Network gateway: ./runRegTool.sh -gs 127.0.0.1 setavm83/services/tftp/read-dir tftp dir name ./runRegTool.sh -gs 127.0.0.1 set avm83/services/tftp/write-dir tftp dir name – To check the TFTP directory, run the following commands: ./runRegTool.sh -gs 127.0.0.1 get avm83/services/tftp/read-dir ./runRegTool.sh -gs 127.0.0.1 get avm83/services/tftp/write-dir – Restart AVM 83 in the gateway or the unit, by using the following command: anactl -avm 83 restart Device Setup Tasks • Verify that the device is supported. See Cisco Prime Network 4.0 Supported Cisco VNEs.. • For CM, verify that devices are configured to forward configuration change notifications to Prime Network. This is documented as a prerequisite to adding VNEs, in the Cisco Prime Network 4.0 Administrator Guide. (Specifically, if you will be using event-triggered archiving, make sure the logging gateway-IP command is configured on all devices. This command should have been configured as a prerequisite to adding VNEs to Prime Network.) • Simple Network Management Protocol (SNMP) read-write community must be configured on devices. For more information on configuring SNMP community strings for devices, see the Cisco Prime Network 4.0 Administrator Guide. SNMP read-write community in Cisco Prime Network Administration must match that on the devices. Cisco Prime Network 4.0 User Guide 4-4 OL-29343-01 Chapter 4 Device Configurations and Software Images Set Up Change and Configuration Management • Ensure reachability from Prime Network units to devices and vice versa. • Make sure you have performed all of the device configuration prerequisites for adding VNEs. These commands are described in the Cisco Prime Network 4.0 Administrator Guide. • Change and Configuration Management supports FTP for all config and image transfers. Although you can configure a username and password using the ip ftp command, adding the unit’s FTP credentials to the device may not be safe if the network is not secure. Before using FTP for Change and Configuration Management, we recommend that you: – Configure the network device to add the Prime Network Unit User credentials of the unit that manages the device. You need not add the super user credentials of the Prime Network Unit Server to the device configuration. – For Cisco Carrier Packet Transport (CPT) devices, add the Prime Network Unit User credentials to the registry. This is required because Prime Network initiates the FTP operation using a TL1 interface, and the TL1 commands require the username and password as input parameters. After you add this information to the registry, the credentials are automatically read when needed. # $ANAHOME/Mail/runRegTool.sh -gs 127.0.0.1 setEncrypted 127.0.0.1 nccm-settings/ftpsettings/username ftp-username # $ANAHOME/Mail/runRegTool.sh -gs 127.0.0.1 setEncrypted 127.0.0.1 nccm-settings/ftpsettings/password ftp-passwd – Restrict the FTP configuration such that the Prime Network Unit User has read-write access only to the $PRIME_NETWORK_HOME/tftp directory and hence does not have access to unwanted files outside the home directory. Note • FTP support is not available for Cisco IOS XR devices and Cisco Nexus 5000 and Cisco Nexus 7000 series devices. For IPv6, CM and NEIM functions run smoothly on a combination of network and devices with IPv6 addresses. Either the device or the unit must be configured with an IPv6 address to work. For Cisco IOS devices with IPv6 address, the CM and NEIM operations will work only in FTP mode. Configuration Management Setup Tasks Note In the Configuration Management and Image Management Settings pages, Change and Configuration Management does not support the following special characters: • For Password fields—>, <, ', /, \, !, :, ;, and " • For all other fields—`, ~, @, #, $, %, ^, &, *, (, ), +, =, |, {, }, [, ], ', ?, >, <, /, \, !, :, ;, and " The CM features are disabled by default so that you do not encounter unexpected processing loads on your server. The following steps explain what you must do to set up CM. All of these items are configured from the Configuration Management Settings page (Configurations > Settings). Many of these settings can be overridden when you create specific jobs. 1. Configure the transport protocol that Prime Network will use between the device and the gateway. these are controlled from the Transport Protocol area. The options are TFTP, SFTP/SCP, and FTP. The default is TFTP. Note the following: Cisco Prime Network 4.0 User Guide OL-29343-01 4-5 Chapter 4 Device Configurations and Software Images Set Up Change and Configuration Management Caution FTP is not a secure mode of transfer. Use SCP/SFTP instead, for secure config and image transfers. – The TFTP source interface on the devices must be able to reach the unit. Otherwise, the configuration management jobs that require TFTP may fail. – To use SFTP/SCP for config transfers from a device to a unit, you need to ensure that an SSH server is configured and running on the device, such that the device acts as a server and the unit as a client during the transfer. For Cisco IOS XR devices, you need to configure the device with K9 security (k9sec) enabled images such that the SSH server is up and running on the device. – To use SCP as the protocol to retrieve configuration and image files, you must execute the following command on the device: # ip scp server enable 2. Enable CM to perform an initial synchronization of the CM archive files with the configurations that are running on the network devices. Whenever the Prime Network gateway is restarted, CM will perform this synchronization. By default, synchronization is disabled. To enable it, activate Enable Initial Config Syncup. 3. Configure the policies that control how often CM retrieves information from devices and copies configuration files to the archive. By default, all of these settings are disabled. You must answer the following basic questions: a. How much disk space is available? Smaller space may require more frequent purging. b. Should new configuration files be copied (backed up) to the archive on a periodic basis or on an event-driven basis? If configurations are changing frequently and the changes are not important to you, you should use periodic backups by selecting Enable Period Config Backup. This will minimize server workload. Note The periodic setting is recommended. If every change is considered significant, use event-driven backups (Enable Event-Triggered Config Archive). c. For event-driven archiving, should information be copied to the archive immediately upon receiving a change (Sync archive on each configuration change)? Or should changes be queued and then copied at a certain interval (Sync archives with changed configurations every ___ hours and ___ minutes)? If information needs to be copied to the archive immediately, you must sync the archive on each configuration change. Otherwise, you can sync the archive with changed configurations at a certain interval (every 1-24 hours). 4. Enable CM to perform periodic synchronization of out-of-sync devices by selecting Enable Periodic Sync for Out of Sync Devices (24Hours). 5. Enable CM to export archived configuration to an export server on a periodic basis by selecting Enable Periodic Config Export and Export Settings. This allows you to free up disk space while keeping a permanent record of historical archives. 6. Configure when configuration files should be purged from the archive using the Archive Purge Settings. You should consider: – How big are the configuration files? Cisco Prime Network 4.0 User Guide 4-6 OL-29343-01 Chapter 4 Device Configurations and Software Images Set Up Change and Configuration Management – How often are changes made to devices? 7. Specify the default mode of restoring configuration files to the devices using Restore Mode. 8. Configure the SMTP server and e-mail IDs to send notifications on the status of configuration management jobs to users. (You can also specify e-mail settings when you create a job.) 9. Specify the commands that you want CM to exclude when comparing files (for example, clock rates). A set of common exclude commands is provided by default (for example, ntp-clock-period). these are controlled in the Exclude Commands area (see Notes on Exclude Commands, page 4-65). Configuring exclude commands is especially important if you are using event-driven archiving. Doing so avoids unnecessary file backups to the archive. Note NEIM Setup Tasks Note Caution In the Configuration Management and Image Management Settings pages, Change and Configuration Management does not support the following special characters: • For Password fields—>, <, ', /, \, !, :, ;, and " • For all other fields—`, ~, @, #, $, %, ^, &, *, (, ), +, =, |, {, }, [, ], ', ?, >, <, /, \, !, :, ;, and " FTP is not a secure mode of transfer. Use SCP/SFTP instead, for secure config and image transfers. The following are the NEIM prerequisites, all of which are controlled by the Image Management Settings page (Images > Settings). Many of these settings can be overridden when you create specific jobs. 1. Configure the transport protocol that Prime Network will use between the device and the gateway; these are controlled from the Transport Protocol area. The options are TFTP, SFTP/SCP, and FTP. The default is TFTP. Note the following: – The TFTP source interface on the devices must be able to reach the unit. Otherwise, the image management jobs that require TFTP may fail. – To use SFTP/SCP for image transfers from a device to a unit, you need to ensure that an SSH server is configured and running on the device, such that the device acts as a server and the unit as a client during the transfer. For Cisco IOS XR devices, you need to configure the device with K9 security (k9sec) enabled images such that the SSH server is up and running on the device. 2. Configure the gateway staging directory to use when transferring images from Prime Network out to devices in the File Locations area. The default is PRIME_NETWORK_HOME/NCCMComponents/NEIM/staging/. PRIME_NETWORK_HOME is the Cisco Prime Network installation directory (by default, /export/home/network-user; where network-user is the operating system user for the Prime Network application and an example of network-user is network39). 3. In case of insufficient memory, use the Clear Flash option (under Flash Properties). This deletes any one file (other than the running image) and recovers the disk space occupied by the file. This procedure is repeated until adequate space is available in the selected flash. Cisco Prime Network 4.0 User Guide OL-29343-01 4-7 Chapter 4 Device Configurations and Software Images Set Up Change and Configuration Management 4. Enable the warm upgrade facility to reduce the downtime of a device during planned Cisco IOS software upgrades or downgrades (in the Warm Upgrade area). 5. Configure the gateway storing directory to use when transferring images from an outside source into the image repository (from Cisco.com or from another file system). This is controlled from the File Locations area. The default is PRIME_NETWORK_HOME/NCCMComponents/NEIM/images/. PRIME_NETWORK_HOME is the Prime Network installation directory (by default, /export/home/network-user; where network-user is the operating system user for the Prime Network application and an example of network-user is network39). 6. Configure the SMTP server and e-mail IDs to send notifications on the status of image management jobs to users. (You can also specify e-mail settings when you create a job.) This is controlled in the E-mail Settings area. 7. If you plan to download files from Cisco.com, configure the necessary vendor credentials to connect to Cisco.com. These are set in the Vendor Credentials area. If you do not have login privileges, follow the procedure in Obtaining Cisco.com Login Privileges for Image Management, page 4-8. 8. Configure the proxy server details to use while importing images to the archive from Cisco.com (in the Proxy Settings field). 9. If you plan to download images from an external repository, set up the details of the external server to import images to the Prime Network image repository (in the External Server Details area). Obtaining Cisco.com Login Privileges for Image Management Login privileges are required for all Images operations that access Cisco.com. To get access, you must have a Cisco.com account. If you do not have a user account and password on Cisco.com, contact your channel partner or enter a request on the main Cisco website. You can register by going to the following URL: http://tools.cisco.com/RPF/register/register.do To download cryptographic images from Cisco.com, you must have a Cisco.com account with cryptographic access. To obtain the eligibility for downloading strong encryption software images: Step 1 Go to the following URL: http://tools.cisco.com/legal/k9/controller/do/k9Check.x?eind=Y&return_url=http://www.cisco.com Step 2 Enter your Cisco.com username and password, and click Log In. Step 3 Follow the instructions provided on the page and update the user details. Step 4 Click Accept to submit the form. Step 5 To verify whether you have obtained the eligibility to download encrypted software: a. Go to the following URL: http://tools.cisco.com/legal/k9/controller/do/k9Check.x?eind=Y&return_url=http://www.cisco .com b. Enter your username and password, and click Log In. The following confirmation message is displayed: You have been registered for download of Encrypted Software. Cisco Prime Network 4.0 User Guide 4-8 OL-29343-01 Chapter 4 Device Configurations and Software Images Set Up Change and Configuration Management Device Groups Setup Tasks You can create user-defined device groups for ease of performing operations. A static group contains a specific set of devices; new devices must be added manually. A dynamic group is populated according to membership rules; if newly-added devices match the rules, they are automatically added to the group. If you are backing up the configuration archive or importing software images from devices into the repository, and a device group changes during the operation, Prime Network updates the job accordingly such that all the devices available in the group at the time of execution of the job are considered for the backup or import operation. All other job types are not updated; you must delete and recreate the job. To view the existing and create new user-defined device groups: Step 1 Click the Device Groups tab. The Device Groups page appears as shown in Figure 4-1. Figure 4-1 Device Groups Page The Device Groups page displays the name, description, and whether the membership is static or dynamic. To delete a group, click the red X next to the group name. To view the devices in a group, click the hyperlinked group name to view the devices mapped to the group in the Group Members page. The device status, IP address and element type is listed. To display more properties, click the Device Name hyperlink. The status icons are illustrated in the following. Symbol Description Device is in operational state. Device is not in operational state. Most likely the device is in the Maintenance investigation state or the Unreachable communication state. Click the device hyperlink and open the device properties popup to see details about the device. Step 2 To create a new group, click Create and enter the required information. Names must be unique; do not use the reserved names adminGroup and ROOT-DOMAIN. Step 3 In the Membership Update drop-down list box, choose Static or Dynamic. • For dynamic groups, set up a membership rule to indicate which devices must be added to the group. The following figure provides an example of the Create Device Group page for a dynamic group. Cisco Prime Network 4.0 User Guide OL-29343-01 4-9 Chapter 4 Device Configurations and Software Images Use the CCM Dashboard You can set up membership rules with parameters such as device name, range of device IP addresses, and the device element type. For example: Device Name equals 1800 IP Address between 10.77.214.107 Element Type equals Cisco 1801 Note • Step 4 And 10.77.214.171 IPv4 You can choose to include any one or a combination of these parameters in the rule by using the And/Or operator. Also, you can provide multiple values for the Device Name and Element Type parameters as a comma-separated list, if required. For static device groups, in the Group Members section, under the Available Devices list, Prime Network lists all the devices that are available in the database. The following figure provides an example of the Create Device Group page for a static group. Click OK to save the group. Use the CCM Dashboard To launch the GUI from a web browser, enter the following URL in the address bar: https://gateway-IP:8043/ccmweb/ccm/login.htm Note Change and Configuration Management does not support special characters for any of the editable fields in the GUI, including filters. Figure 4-2 shows the CCM Dashboard, which contains four dashlets or subdivisions to display real-time information about the most frequently used software images, devices with startup and running configurations that are not in sync, and recent configuration changes. Cisco Prime Network 4.0 User Guide 4-10 OL-29343-01 Chapter 4 Device Configurations and Software Images Use the CCM Dashboard Figure 4-2 CCM Dashboard Dashlet Provides information about: Top Families Four device families with the highest number of devices in the network. Smaller groups can be viewed by toggling to the tabular form. From here, you can distribute and activate software images to a selected family. Note Configuration Sync Status You may face resizing issues when you hover the cursor over this dashlet, if you have enabled the Right to Left (Hebrew) settings in your browser. (Cisco IOS) Devices for which the startup and running device configurations are in sync or not in sync. Whenever a Cisco IOS configuration file is retrieved from a device and copied to the archive, Prime Network compares the latest version of the startup configuration with the latest version of the running configuration file. If there is a mismatch, Prime Network adds the device to the list of out-of-sync devices. The information is refreshed whenever you click the Dashboard. A “100% Unavailable” message is displayed when there are no Cisco IOS device images or if the initial configuration sync up setting is not enabled (controlled by the “Enable/Disable Initial config sync up on restart” setting on the Configuration Management Settings page). Configuration Changes in the Last Week Number of device configuration changes detected for each day of the previous week. This dashlet is empty when configuration change notification is not enabled (controlled by the “Enable/Disable Event-Triggered Config Archive” setting on the Configuration Management Settings page). Most Recent Configuration Changes Last five device configuration changes that were made to devices in the network. This dashlet is empty if configuration change notification is not enabled. It is controlled by the “Enable/Disable Event Triggered Config Archive” setting on the Configuration Management Settings page (see Change Configuration Managemennt Global Settings, page 4-61). The Commit ID and Diff columns apply only to Cisco IOS XR devices. Other device types will display N/A in those columns. Cisco Prime Network 4.0 User Guide OL-29343-01 4-11 Chapter 4 Device Configurations and Software Images Device Configurations Use the following icons to toggle between different views in the Top Families, Configuration Sync Status, and Configuration Changes in the Last Week dashlets. Icon Description Displays the details in the form of a pie or bar chart. If you hover your mouse cursor over a section in the pie chart, a tooltip displays the information associated with that section. Displays the details in a tabular form. Device Configurations The following topics explain how to work with device configurations: • What is In the Archive?, page 4-12 • Protect Configurations in the Archive, page 4-13 • Find Out What is Different Between Configurations, page 4-14 • Copy a Configuration File to a Central Server, page 4-16 • Are Running and Startup Configs Mismatched? (Cisco IOS and Cisco Nexus), page 4-17 • Copy the Device Files to the Archive (Backups), page 4-18 • Fix a Live Device Configuration (Restore), page 4-22 • Clean Up the Archive, page 4-25 • Find Out What Changed on Live Devices, page 4-25 What is In the Archive? Choose Tools > Change and Config Mgmnt to open Change and Configuration Management. Choose Configurations > Archives to view the contents of the archive. The CM archive maintains copies of device configuration files, storing them in the Prime Network database. Configuration files are stored in readable format, as received from the device. You can edit existing archive files and save for deployment at a later time. The edited archive files are available in the Edited Archive tab. The total number of archives available in the Prime Network database is also displayed in the header. The configuration, after deployment, can also be restored to the original state. Users can only see devices that are in their device scope. For enhanced security, you might be prompted to enter your device access credentials when you try viewing device details or when you try performing configuration changes on devices. This option is enabled if, from the Prime Network Administration > Global Settings > Security Settings > User Account Settings > Execution of Configuration Operations, you checked the option Ask for user credentials when running configuration operations. The Archived Configurations page displays the following information about each configuration file. Cisco Prime Network 4.0 User Guide 4-12 OL-29343-01 Chapter 4 Device Configurations and Software Images Device Configurations Protect Configurations in the Archive Table 4-1 Configuration Information Displayed on Archived Configurations Page Field Description Device Name Name of device. Click the icon next to the device name to open a popup that displays device properties. Additional information is listed depending on the device type: Version • Current active packages on the device—For Cisco IOS XR devices • Active kickstart images—For Cisco Nexus series devices • Priority list—For Cisco ASR 5000 series devices. The priority list displays various combinations of a configuration file and an image file in priority order for the device. An internally-used number. A version will not have an associated configuration file under the following circumstances: • The associated configuration file was deleted from the archive. • The associated configuration file has not yet been copied to the archive. (Prime Network supports queuing change notifications and copying the configuration files to the archive at a later time. See Change Image Management Global Settings, page 4-66.) Click a version number hyperlink to launch the Device Configuration Viewer, from which you can view the contents of a configuration file. Type Type of configuration: • Cisco IOS and Cisco Nexus series devices—Running or Startup • Cisco IOS XR devices—Running or Admin • Cisco ASR 5000 series devices—Running or Boot. For boot configuration, the version is always displayed as 1. • Cisco CPTdevices—Startup Vendor Specifies the device vendor: Cisco or non-Cisco device. Date Changed Date and time of last change, displayed accordingly to the local time zone settings of the client. For Cisco CPT and Cisco ASR 5000 series devices, this field displays N/A. Label User-assigned archive labels. Running Image The software image currently running on the device. Context / Module / Priority For Cisco Nexus series devices, this field displays the virtual device context (VDC) name. For Cisco 7600 series devices, this field displays the module name. For Cisco ASR 5000 series devices, this field displays the boot configuration files with their priorities. For other devices, this field displays N/A. Comments User-assigned free text. Commit Id (Cisco IOS XR only) ID that identifies the last configuration change on the device (maximum number saved is 100). Cisco Prime Network 4.0 User Guide OL-29343-01 4-13 Chapter 4 Device Configurations and Software Images Device Configurations Assigning labels to configuration files is a clear, simple way to identify important configurations and convey critical information. You can manage labels by choosing Labels > Manage. • Adding a label adds it to the catalog where it is made available to all users. Add labels by clicking Add Row. • Deleting a label unassigns the label from configurations that are using it. Likewise, if you edit a label, the change is applied to all configurations using the label. • Unassigning a label does not delete the label from the catalog. • Labels with the “do not purge” property will not be purged from the archive (the delete action is disabled). When calculating the total number of archives to see if the maximum has been reached and archives should be purged, CM does not include configurations with this label in the total (see Change Configuration Managemennt Global Settings, page 4-61). Editing an Archive Configuration You can edit an existing device archive file and save the the edited file. This edited archived file is stored in the Prime Network database, and the edited file can be deployed at any time. This can be viewed from the Edited Archive tab, in the Archive page. Every time you edit and save an existing file, a new version is added in the database, and is also listed in the Edited Archive page. Note The option to edit existing device archive file and save the edited file is not available for non-Cisco devices. Edit archive files following the procedure below: Step 1 From the Archive page, choose a configuration file, and click Edit. Step 2 Edit and save the configuration file. An edited archive version is created. This edited version will belong to the same configuration type as that of the original archive file. The edited archive files can be restored to the devices. Find Out What is Different Between Configurations Prime Network allows you to compare two configuration files that are saved in the archive and display them side by side, highlighting configuration differences and allowing you to move between them. Prime Network excludes a small set of commands by default, such as the NTP clock rate (which constantly changes on a managed network element but is not considered a configuration change). You can change the excluded commands list as described in Change Configuration Managemennt Global Settings, page 4-61. Additions, deletions, and excluded values are color-coded as shown in the following example. Cisco Prime Network 4.0 User Guide 4-14 OL-29343-01 Chapter 4 Device Configurations and Software Images Device Configurations Figure 4-3 Compare Configurations Dialog Box You can compare any types of configurations as long as they run on the same operating system. However, you cannot compare a Cisco IOS configuration with Cisco IOS XR configuration. The following are typical scenarios for using the compare function: Note • Compare the latest and next-to-latest configuration to see the most recent change. • Compare Cisco IOS running and startup configurations to see how they are out of sync. • Compare the configurations on two different devices to find out how they are different. • Compare the configurations after eliminating excluded lines from comparison. When you are trying to compare an archive with an active startup, running, or admin configuration, if there is a change in the device configuration, Prime Network initiates a backup job and creates a latest version of the device configuration file. You can view the latest version of the configuration file in the Archived Configurations page. To compare configurations: Step 1 Choose Configurations > Archives. Step 2 Locate the archives you want to compare. You can click the Version hyperlink next to a device to open the Device Configuration Viewer and quickly view the contents of the configuration file. Cisco Prime Network 4.0 User Guide OL-29343-01 4-15 Chapter 4 Device Configurations and Software Images Device Configurations Step 3 You can choose to do the following: Device Type or OS Supported Function For Cisco IOS XR devices Compare > To Active Running or Compare > To Active Admin Cisco IOS device Compare > To Active Startup or Compare > To Active Running Cisco ASR 5000 series device Compare > To Active Boot or Compare > To Active Running All Compare > Selected Archives Copy a Configuration File to a Central Server You can export configurations to an FTP or SFTP server that is specified on the Configuration Management Settings page. They are exported as a .cfg (configuration) file. Configuration files are saved using the following format: deviceName-configurationType-version-configChangeTimestamp.cfg For example, the following file would contain the 18th version of a running configuration for the device named 7200-5, saved on March 27, 2010 at 2:40:30 P.M: 7200-5-RUNNING_CONFIG-18-2010327144030.cfg Note Export of configuration files of IPv6 devices to servers running Windows OS is not supported. Before You Begin Make sure of the following: • Export location and required credentials, and (for emails) SMTP host and port are configured on the Configuration Management Settings page. • Specified FTP or SFTP server must have sufficient free space to accommodate the exported configurations. Also, the destination subdirectory on the FTP or SFTP server must have the required permissions. To export configuration files: Step 1 Choose Configurations > Archives and locate the archives you want to export. You can click the Version hyperlink next to a device to open the Device Configuration Viewer and quickly view the contents of the configuration file. Step 2 Click Export and set the desired schedule and enter the e-mail ID(s) to which to send a notification after the scheduled export job is complete. For two or more users, enter a comma-separated list of e-mail IDs. A notification e-mail is sent based on the e-mail option specified in the Configuration Management Settings page. Note The time you specify here to schedule the export job is the server time. Cisco Prime Network 4.0 User Guide 4-16 OL-29343-01 Chapter 4 Device Configurations and Software Images Device Configurations Step 3 Click Export. The export job is created and you are redirected to the Job Manager page, where you can monitor the status of the job. Are Running and Startup Configs Mismatched? (Cisco IOS and Cisco Nexus) Cisco IOS and Cisco Nexus series devices contain a startup and running configuration file. The startup configuration is loaded when a device is restarted. Ongoing changes to the device are applied to the running configuration. As a result, unless the running configuration is saved as the startup configuration, upon a device restart, any changes would be lost. It is therefore important to ensure that the device startup and running configurations are in sync. When Prime Network synchronizes a file, it overwrites the startup configuration on the device with the configuration that is currently running on the device. Whenever a configuration file is retrieved from a device and copied to the archive (that is, backed up), Prime Network compares the latest version of the startup configuration with the latest version of the running configuration file. If there is a mismatch, Prime Network adds the device to the list of out-of-sync devices. For Cisco Nexus series devices, CM backs up the startup and running configurations for all VDCs configured in the device. If there is a mismatch between the startup and running configurations of a VDC, CM creates an out-of-sync entry for that VDC. Note The synchronize operation affects only the configurations running on the device. It does not affect any configuration files that are saved in the archive. Configuration sync is not applicable for Cisco CPT and Cisco ASR 5000 series devices. The Dashboard maintains a Configuration Sync Status pie chart that shows how many devices have out-of-sync startup and running configuration files. When you click the pie chart (or choose Configurations > Synchronize), you are directed to the Out of Sync Devices page, where Prime Network lists all of the out-of-sync devices in tabular format. The information is refreshed whenever you choose Configurations > Synchronize. Before You Begin Make sure the specified FTP or SFTP server must have sufficient free space to accommodate the exported configurations. Also, the destination subdirectory on the FTP or SFTP server must have the required permissions. To view differences and synchronize configurations: Step 1 Choose Configurations > Synchronize. Prime Network lists all out-of-sync devices, the date and time when the device configurations were last changed, and when the files were last archived. Figure 4-4 provides an example. The date and time are displayed according to the local time zone settings of the client. Cisco Prime Network 4.0 User Guide OL-29343-01 4-17 Chapter 4 Device Configurations and Software Images Device Configurations Figure 4-4 Configuration Synchronization - Out of Sync Devices Page Step 2 Click the Compare icon to launch the Compare Configuration window, which provides a side-by-side view of the two configurations and highlights the differences. Step 3 Choose the network elements you want to synchronize. This directs Prime Network to overwrite the startup configuration on the device with the configuration that is currently running. Step 4 Click Synchronize. The Schedule Synchronization page opens. Step 5 Set the desired schedule and enter the e-mail ID(s) to which to send a notification after the scheduled synchronization job is complete. For two or more users, enter a comma-separated list of e-mail IDs. The time you specify here to schedule the synchronization job is the server time. Note Step 6 You might be prompted to enter your device access credentials. This option is enabled if, from the Prime Network Administration > Global Settings > Security Settings > User Account Settings > Execution of Configuration Operations, you checked the option Ask for user credentials when running configuration operations. This is an enhanced security measure restrict access to devices. Click Synchronize. Prime Network schedules the job and redirects you to the Jobs page, where you can monitor the status of the job. Copy the Device Files to the Archive (Backups) These topics describe how to automatically and manually back up configuration files to the archive: • Automatic Backups and Manual Backups • Manually Backing Up Configuration Files Backing up a device configuration entails getting a copy of the configuration file from the device, and copying that file to the configuration archive. As part of the backup procedures, it is compared with the latest archived version of the same type (e.g. running with running, startup with startup). A new version of the file is archived only if the two files are different. If the number of archived versions exceeds the maximum, the oldest archive is purged (according to the values on the Configuration Management Settings page). Configurations marked with a “do not purge” label are not removed from the archive by the auto-purging procedures. The backup procedure is also when Prime Network identifies out-of-sync devices. The backup operation includes: • Cisco IOS XR devices: Includes active packages. CCM does not back up running configurations for Cisco IOS XR devices that are managed with non-system user credentials; because copy command is not available in the command-line interface (CLI) for non-system users. Cisco Prime Network 4.0 User Guide 4-18 OL-29343-01 Chapter 4 Device Configurations and Software Images Device Configurations • Cisco Nexus series devices: Startup and running configurations for all VDCs configured in the device. • Cisco 7600 series devices with an ACE card: Startup and running configurations of the ACE card. • Cisco ASR 5000 series devices: Boot configuration file (Prime Network always overwrites the existing boot configuration in the archive) Automatic Backups and Manual Backups Table 4-2 describes the methods you can use to back up configuration files to the archive. None of these methods are enabled by default. Choose the method that is appropriate to your network and how often changes are made to it. For more information, see Configuration Management Setup Tasks, page 4-5. Note Table 4-2 While scheduling automatic backup operations, you might be prompted to enter your device access credentials. The device credentials are taken from the Configuration Settings. This option is enabled if, from the Prime Network Administration > Global Settings > Security Settings > User Account Settings > Execution of Configuration Operations, you checked the option Ask for user credentials when running configuration operations. This is an enhanced security measure restrict access to devices. Methods for Archiving Configuration Files Method Description Initial Sync Activates CM to perform an initial synchronization of the CM archive files with the configurations that are running on the network devices. If this setting is enabled, whenever the Prime Network gateway is restarted, CM performs this synchronization. This behavior is controlled by the Enable Initial Config sync up setting on the Configuration Management Settings page. See Change Image Management Global Settings, page 4-66. Manual A user-driven backup that is controlled from the Configurations > Backup page. Performing a backup from the Backup page overrides all other archive settings. You can schedule the file backup to occur immediately or according to a schedule. Note Any backups scheduled using this method are completely independent of any schedules for ongoing archiving. However, users can only back up devices that are within their scope, and if they have a sufficient device scope-based role. See Manually Backing Up Configuration Files, page 4-20. Cisco Prime Network 4.0 User Guide OL-29343-01 4-19 Chapter 4 Device Configurations and Software Images Device Configurations Table 4-2 Method Ongoing Methods for Archiving Configuration Files (continued) Description • Event-Driven—Backs up device files when Prime Network receives a configuration change notification. Use this method if you consider every configuration file change to be significant. This is controlled by the Enable Event-triggered Config Archive setting on the Configuration Management Settings page. For this form of backup, you can choose one of the following methods for performing the archiving: – Back up the files to the archive immediately when a change is detected. – Queue the changes and back up the files to the archive according to a schedule. Both of these settings are controlled from the Configuration Management Settings page. If you are using event-driven archiving, you should also make sure that exclude commands are properly configured. Exclude commands are commands that Prime Network ignores when comparing configurations, and they are controlled from the Settings page. Using this mechanism eliminates unnecessary file backups to the archive. • Note Periodic—Archives device files every 72 hours and this is configurable. A new archive is created only if the newly-collected device configuration is different from the last version in the archive. Use this method if configurations change frequently and the changes are not important to you. This setting is controlled by the Enable Periodic Config Backup setting on the Configuration Management Settings page. This CM collection is independent of the Prime Network inventory collection. See Change Configuration Managemennt Global Settings, page 4-61. Manually Backing Up Configuration Files Files are automatically backed up to the archive according to the values on the Configuration Management Settings page. To perform an on-demand backup of configuration files to the archive: Step 1 Choose Configurations > Backup. Prime Network lists all devices with the following status symbols as shown in Figure 4-5. Symbol Description Device is available for backup. Device is not available for backup. The device is most likely in the Maintenance investigation state or the Unreachable communication state. Click the device hyperlink and open the device properties popup to see details about the device. Step 2 Choose the devices with files you want to back up. Cisco Prime Network 4.0 User Guide 4-20 OL-29343-01 Chapter 4 Device Configurations and Software Images Device Configurations Figure 4-5 Configuration Backup Page Step 3 To choose devices from a specific device group, click Select Groups. Click the hyperlinked device group name to view the list of devices that belong to the group. Step 4 Select the required device group in the Device Groups page and click OK. The devices that belong to the selected device group are highlighted in the Configuration Backup page. You can also schedule a backup simultaneously for all the devices existing in a group: Step 5 • Select a device group and click Backup Groups. • Enter the scheduling information as explained after Step 5 and click Backup Groups. In the Configuration Backup page, click Backup to configure the backup schedule. By default, the backup is performed as soon as possible. Other schedule choices (once, periodically, weekly, and so forth) are activated when you deselect Start as Soon as Possible. The time you specify here to schedule the synchronization job is the server time. Note You might be prompted to enter your device access credentials. This option is enabled if, from the Prime Network Administration > Global Settings > Security Settings > User Account Settings > Execution of Configuration Operations, you checked the option Ask for user credentials when running configuration operations. This is an enhanced security measure restrict access to devices. Step 6 Enter the e-mail ID(s) to which to send a notification after the schedule backup job is complete. For two or more users, enter a comma-separated list of e-mail IDs. A notification e-mail is sent based on the e-mail option specified in the Configuration Management Settings page. Step 7 Click Backup. Prime Network schedules the job and redirects you to the Jobs page, where you can monitor the status of the job. Note If a backup is scheduled for an entire device group and if there is a change in the group by addition or deletion of devices after job creation, Prime Network updates the job accordingly such that all the devices available in the group at the time of execution of the job are considered for backup. Cisco Prime Network 4.0 User Guide OL-29343-01 4-21 Chapter 4 Device Configurations and Software Images Device Configurations Fix a Live Device Configuration (Restore) CCM performs the configuration restore operation in either overwrite or merge mode, as described in the following. As part of restore operation, the configuration files are backed up again after the restore procedure is complete. • Overwrite mode—CCM overwrites the existing configuration on the device with a configuration file from the archive. After the restore operation is performed, the device configuration is identical to the configuration that was chosen from the archive. The following devices support overwrite mode: Cisco Catalyst 3550 Series Switches Cisco Catalyst 3560 Series Switches Cisco Catalyst 3750 Series Switches Cisco Catalyst 6500 Series Switches (IOS) Cisco 800 Series Routers Cisco 1800 Series Routers Cisco 1700 Series Routers Cisco 2600 Series Multiservice Platform Routers Cisco 2800 Series Integrated Services Routers Cisco 3700 Series Multiservice Access Routers Cisco 3800 Series Integrated Services Routers Cisco 7200 Series Routers Cisco 7600 Series Routers Cisco 10000 Series Routers Cisco 12000 Series Routers (IOS) Cisco ASR 901 Series Routers Cisco ASR 903 Series Routers Cisco MWR 2941 Router For Cisco IOS XR devices, the restore operation rolls back the configuration file to a commit ID associated with the selected archived configuration. If no commit ID is associated with the selected archived version, the restore will fail. For all other devices supported by CCM, restore operations in overwrite mode is not supported. • Note Merge mode—CCM merges the selected configuration file from the archive with the configuration on the device. New commands in the archived version—that is, commands that are not in the device’s current configuration—are pushed to the device. After the restore operation, the device configuration file retains its original commands, but it also contains new commands from the archived version. The restore operation is not applicable to boot configuration files on Cisco ASR 5000 series devices. By default, Prime Network uses the restore mode setting (overwrite or merge) that is specified in the Configuration Management Settings page (see Change Configuration Managemennt Global Settings, page 4-61. However, you can modify the default mode while scheduling the restore operation. If you have selected the overwrite mode, you can use the Use Merge on Failure option to restore the files in merge mode, if overwrite mode fails. If you select the devices by checking the check box next to Devices (in the table headline), only the first 100 devices in the first page are selected. Click Next to move to the next 100 devices. If you filter the devices based on a parameter, only the filtered details are displayed, and by default, no row is selected. Cisco Prime Network 4.0 User Guide 4-22 OL-29343-01 Chapter 4 Device Configurations and Software Images Device Configurations If you selected all the entries in a page, and then deselected one or few options from the selection, and then move to the subsequent pages to select all the devices from the Devices (in the table headline), the selection in the previous page disappears. Before You Begin • Make sure you have installed Flash Player version 10 or higher to view the Configuration Restore page. • Make sure you have the permissions to perform the restore operation. You will not be allowed to schedule a restore job, if you do not have permissions. To restore a configuration: Step 1 Choose Configurations > Restore. Prime Network lists all configuration files in the archive. Figure 4-6 shows an example of a filtered page. Figure 4-6 Step 2 (Cisco IOS only) Specify the type of configuration files you want to restore: Running, Startup, or both. If you choose to restore to startup configuration, Prime Network will first copy the file to running configuration and then to startup configuration. Note Step 3 Configuration Restore Page Cisco IOS XR, Cisco ASR 5000 series, and non-Cisco device configuration files are always restored to the same type. For Cisco CPT devices, the Running option restores the selected configuration to startup config and then to running config on the device. Choose the configuration files you want to restore. You can click the arrow mark next to the device name to view the different versions of the configuration file of the device. You can also click the Version hyperlink to view the contents of a file. If the file is a binary file, clicking the version hyperlink does not open the various versions of the configuration file. If you prefer to restore an edited archive file, open the Edited Archive tab. Select the files and click Next. The list of devices that belong to the same device family with respect to the selected edited configuration is displayed. Select the required devices. Skip to Step 5. Cisco Prime Network 4.0 User Guide OL-29343-01 4-23 Chapter 4 Device Configurations and Software Images Device Configurations Note Step 4 Edited files are restored only in merge mode. If you are restoring to startup mode on the devices ASR 901, ASR 903, and MWR2941, the restore procedure is performed on overwrite mode. If you want to edit a file before restoring it, click Edit Config (edited files are restored only in merge mode). You can view the details of the selected configuration file in the Configuration Editor page as shown in Figure 4-7. Note If you selected non-Cisco devices, the Edit Config button is disabled. Figure 4-7 Configuration Edit Edit the configuration lines, as required. Note the following: • To remove a command, add no in front of the command. • To update a command, add no in front of the command and then add the new command. Step 5 Click Restore. The Config Restore Schedule dialog box opens. Step 6 (Optional) Override the default transport protocol and default restore mode. Step 7 Enter a comma-separated list of e-mail ID(s) to which to send a notification after the scheduled restore job is complete. Cisco Prime Network 4.0 User Guide 4-24 OL-29343-01 Chapter 4 Device Configurations and Software Images Device Configurations Note Step 8 You might be prompted to enter your device access credentials. This option is enabled if, from the Prime Network Administration > Global Settings > Security Settings > User Account Settings > Execution of Configuration Operations, you checked the option Ask for user credentials when running configuration operations. This is an enhanced security measure to restrict access to devices. Click Restore. Prime Network schedules the job and redirects you to the Jobs page, where you can monitor the status of the job. Clean Up the Archive Deleting a file removes it from the archive. You cannot delete an archived file if: • It is marked “do not purge.” • Deleting it would bring the number of versions below the minimum number of versions that must be retained (as specified on the Configuration Management Settings page). When a device is removed from Prime Network, its configuration files are also removed from the archive. To delete a configuration file from the archive: Step 1 Choose Configurations > Archives. Step 2 Choose the configuration file you want to delete. You can click the Version hyperlink to verify the contents of the configuration file. Step 3 To delete a single configuration file, click the delete icon (red X) at the end of the row. If the delete icon is disabled, this means the archive is assigned a label that is marked “do not purge.” To delete this type of configuration, you must first unassign the label from the configuration. Step 4 To delete multiple configuration files, select the required files and then click the Delete button in the table header. Step 5 Confirm your choice. Prime Network schedules the job and redirects you to the Jobs page, where you can monitor the status of the job. Find Out What Changed on Live Devices The Change Logs page displays a list of the latest device configuration changes detected by Prime Network. How Prime Network responds to these changes depends on the values on the Configuration Management Settings page. By default, Prime Network does not get new information from the device and copy it to the archive when a change occurs, but you can set it to do so. See Change Configuration Managemennt Global Settings, page 4-61. All users can view the change logs, regardless of the user access role or assigned device scopes. To view the latest changes, choose Configurations > Change Logs. Figure 4-8 provides an example. Cisco Prime Network 4.0 User Guide OL-29343-01 4-25 Chapter 4 Device Configurations and Software Images Software Images Figure 4-8 Configuration Change Logs The Configuration Change Logs page displays change information, sorted according to the latest time stamp. (For a description of common fields, see Device Configurations, page 4-12.) The date and time stamps are displayed according to the local time zone settings of the client. These fields are specific to the Configuration Change Logs page: Field Description Diff (Cisco IOS XR only) Displays only the commands that were changed. For long text, hover the cursor over the hyperlink to display the entire contents. Compare Launches the Compare Configuration window, which displays the entire original and changed files side by side. This data is generated only if file versions are available. Additions and deletions are color-coded. From here, you can: • Click Show All Lines or Only Differences to display the entire file contents or just the differences between the two files. • Click Previous Diff or Next Diff to jump forward or backward to the previous or next difference between the two files. • Click the arrow buttons or enter the page number to jump forward or backward to view the file contents that are running across pages. • Click Differences Without Excluded Lines to eliminate excluded lines from comparison. Software Images The following topics explain how to work with software images and packages: • Add New Images to the Repository, page 4-27 • New Devices: Create an Image Baseline, page 4-28 • Distribute Images and Make Sure They Will Work, page 4-29 • Activate Cisco IOS Software Images, page 4-34 • Perform Cisco IOS XR Software Package Operations, page 4-37 Cisco Prime Network 4.0 User Guide 4-26 OL-29343-01 Chapter 4 Device Configurations and Software Images Software Images • Clean Up the Repository, page 4-44 Add New Images to the Repository Images are copied to the storing directory specified on the Image Management Settings page. Prime Network verifies whether the file contents are different from the previous version in the repository. If there are no differences, the image is not added to the repository. By default, the storing directory is PRIME_NETWORK_HOME/NCCMComponents/NEIM/images/, where PRIME_NETWORK_HOME is the Prime Network installation directory (by default, /export/home/network-user; where network-user is the operating system user for the Prime Network application and an example of network-user is network310). From there, they are imported into the repository. Note Before importing images, make sure internet connectivity is available to the server; otherwise, the imported images will not be populated with RAM, boot ROM, and feature set. When you download an image from Cisco.com, Prime Network creates a job for the download. The job information is saved, along with other job information, in the database. To import images into the Prime Network image repository: Step 1 Choose Images > Repository. Step 2 Choose the appropriate method: To import from: Choose: Notes Cisco.com web site From Cisco.com Make sure the Cisco.com credentials are set on the Image Management Settings page. You must enter a device type, software version, and feature set. Another IPv4 or IPv6 gateway server From External Repository The GUI will display available images, their size, and whether they already exist in the repository. A file system on the local gateway server From File System Change and Configuration Management displays all images or packages (bin, pie, smu, and so on) from the directory specified in the Image Management Settings page, and also from its sub directory in order to support tar files. Step 3 Select the images and import them. Change and Configuration Management redirects you to the Jobs page, where you can monitor the status of the import job. Step 4 Choose Images > Repository again to refresh the list of images. Step 5 If a field displays NA, the image attributes were not available from the image header. (If pre-existing filters are still in use, you may need to click Clear Filter.) We recommend that you manually enter the information to ensure the accuracy of the upgrade analysis. Step 6 Delete files from the storing directory (if applicable) to free space for future imports. After the import, you can also add informational text to the Comments field. Normally at this point you will distribute the images; see Distribute Images and Make Sure They Will Work, page 4-29. Cisco Prime Network 4.0 User Guide OL-29343-01 4-27 Chapter 4 Device Configurations and Software Images Software Images New Devices: Create an Image Baseline Use this method to create an image baseline—that is, import software images directly from existing devices to the Prime Network image repository. This is useful when you add devices from a new device series or family. This information is imported: Note • Cisco IOS devices: Currently-running images. For Cisco 7600 series devices with ACE cards: ACE card images in the Cisco 7600 supervisor module filesystem (FTP, TFTP, and SCP are all supported). • Cisco IOS XR devices: pie and .vm files corresponding to active packages. Image baseline is not applicable for Cisco CPT devices. To import images from devices into the Prime Network image repository: Step 1 Choose Images > Repository. Step 2 From the Import drop-down list, choose From Devices. The Devices dialog box displays information about the device. For long texts in the Element Type, Software Version, and Running Image fields, hover the cursor over the hyperlink to display the entire contents. Step 3 To import images from devices of a specific group, click Select Groups. Click the hyperlinked device group name to view the list of devices that belong to the group. See Device Groups Setup Tasks, page 4-9 for more information on user-defined device grouping. Step 4 Select the required device group in the Device Groups page and click OK. The devices that belong to the selected device group are highlighted in the Devices page. You can also import all the devices existing in a group. To do so: – Select a device group and click Import from Group. – Enter the scheduling information as explained after Step 5 and click Import from Group. Step 5 In the Devices page, click Import. A scheduler popup window appears. Note Step 6 Enter the scheduling information. By default, jobs are scheduled to run as soon as possible. Note Step 7 You might be prompted to enter your device access credentials. This option is enabled if, from the Prime Network Administration > Global Settings > Security Settings > User Account Settings > Execution of Configuration Operations, you checked the option Ask for user credentials when running configuration operations. This is an enhanced security measure to restrict access to devices. The time you specify here to schedule the import job is the server time. If you do not want to use the default transfer protocol, select a different protocol: • TFTP (unsecured; Cisco ASR 5000 series devices use this protocol for importing images) • SFTP/SCP (secured; Cisco IOS XR devices and Cisco Nexus 5000 and 7000 series devices use SFTP, and Cisco IOS devices use SCP) • FTP (unsecured) Cisco Prime Network 4.0 User Guide 4-28 OL-29343-01 Chapter 4 Device Configurations and Software Images Software Images Step 8 If you have selected two or more devices, click one of the following to specify the operation mode: • Parallel Order—Imports images from all devices at the same time. • Sequential Order—Allows you to specify the order of the devices to import the images from. You can do so by moving the devices up and down in the Device Order box. Note Step 9 Enter the e-mail ID(s) to which to send a notification after the import job is complete. For two or more users, enter a comma-separated list of e-mail IDs. A notification e-mail is sent based on the e-mail option specified in the Image Management Settings page. Note Step 10 The Device Order box will not be available, if the number of devices is more than 300. Prime Network sequences the devices based on the default order (that you used while selecting the devices.) Before you enter the e-mail ID(s), ensure that you have set up the SMTP host and SMTP port in the Image Management Settings page (see Change Image Management Global Settings, page 4-66). The e-mail ID(s) configured in the Image Management Settings page, if any, will be displayed by default. You can modify the e-mail ID(s) if required. Click Import. Prime Network redirects you to the Jobs page, where you can monitor the status of the import job. Note If you chose to import all devices from a group and if there is a change in the group by addition or deletion of devices after job creation, Prime Network updates the job accordingly such that all the devices available in the group at the time of execution of the job are considered. Step 11 Choose Images > Repository again to refresh the list of images. If any of the image information could not be retrieved, the field will display NA. (If pre-existing filters are still in use, you may need to click Clear Filter.) Step 12 If a field displays NA, the image attributes were not available from the image header. (If pre-existing filters are still in use, you may need to click Clear Filter.) We recommend that you manually enter the information to ensure the accuracy of the upgrade analysis. Step 13 Delete files from the storing directory (if applicable) to free space for future imports. After the import, you can also add informational text to the Comments field. Normally at this point you will distribute the images; see Distribute Images and Make Sure They Will Work, page 4-29. Distribute Images and Make Sure They Will Work Prime Network copies an image to a network element without activating it. This lets you perform these tasks before activating the image: • Find out if there is insufficient memory, clear the disk space for distributing the image or package • Do an upgrade analysis to check the suitability of the device for the chosen image Cisco Prime Network 4.0 User Guide OL-29343-01 4-29 Chapter 4 Device Configurations and Software Images Software Images If appropriate, the images can be activated as part of the distribution job, and these tasks can also be performed: • Commit Cisco IOS XR (so that changes are saved across device reloads). • Perform a warm upgrade, where one Cisco IOS image can read in and decompress another Cisco IOS image and transfer control to this new image (thus reducing the downtime of a device during planned software upgrades and downgrades). Note • You can perform a warm upgrade only on Cisco IOS devices 12.3(2)T or later, such as 12.4T, 15.0, 15.1T, and for ISR 800/1800/2800/3800 series and 1900/2900/3900 series. Perform an in-service software upgrade (ISSU) for Cisco ASR 903 devices to update the router software with minimal service interruption. CCM performs a single command upgrade that installs a complete set of sub-packages using one command. Before using CCM to perform a single command upgrade, the ASR 903 device must already be booted in sub-package mode. The device must be configured in SSO redundancy mode. Note Cisco ASR 903 devices must be booted in sub-package mode only through boot flash and not through any sub-directories of boot flash before using CCM to perform an ISSU. For more information, see the Cisco ASR 903 Series Router Chassis Configuration Guide. • Perform an in-service software upgrade (ISSU) for Cisco 9000 series devices and CRS devices to update the router software with minimal service interruption. The option to perform ISSU is supported only for SMU packages. • Activate Cisco ASR 5000 boot configuration files Prime Network uses the image staging location and transport protocol (TFTP, by default) specified on the Image Management Settings page. Prime Network displays the available upgradable modules and the storage partitions (if any) on the network element for the image distribution, from which you can choose the storage location you want to use. The final step is to schedule the distribution job to occur either as soon as possible or at a future date (the default is as soon as possible). What is Upgrade Analysis? An upgrade analysis checks the attributes of the selected image, checks certain device features, and generates a separate report for each device. It is required before any image can be distributed. However, even if the upgrade analysis reports errors, Prime Network will allow you to proceed with the distribution (because an error can be a simple matter of an unpopulated field). Prime Network gathers this information from two sources: • The Prime Network image repository, which contains information about minimum RAM, minimum Flash, and so on, in the image header. • The Prime Network inventory, which contains information about the active images on the device, as well as Flash memory, modules, and processor details. Note For Cisco Nexus 5000 or Cisco Nexus 7000 series devices, Prime Network displays the upgrade analysis results for both the system and kickstart images selected for the device. Cisco Prime Network 4.0 User Guide 4-30 OL-29343-01 Chapter 4 Device Configurations and Software Images Software Images An upgrade analysis verifies that the device contains sufficient RAM or storage, the image is compatible with the device family, and the software version is compatible with the image version running on the device. Table 4-3 denotes the symbols used on the Distribution page. Table 4-3 Status Icons Description Symbol In Device Status Column In Distribution Upgrade Analysis Column or Activation Analysis Results Device is available for upgrade analysis and distribution. Device passed without warnings. Device is not available for upgrade analysis or distribution. Most likely the device is in the Maintenance investigation state or the Unreachable communication state. Click the device hyperlink and open the device properties popup to see details about the device. Device passed with warnings. Click the icon to get more information. n/a Device did not pass analysis. Click the icon to get more information. Distribute Images to Devices The following procedure explains how to perform an image distribution. You can also use this procedure to perform an upgrade analysis and then exit the procedure before performing the distribution. Before You Begin • If you are doing a Cisco IOS XR version upgrade (which upgrades the core package), see Software Images, page 4-26 for information about other packages that you should upgrade at the same time. • The device VNE (the device model in Prime Network) must be in a managed state when you run the command. (This means the VNE Communication State must be Reachable, and the Investigation State must be Normal or Incomplete. For more information on VNE states, see the Cisco Prime Network 4.0 Administrator Guide.) • Make sure you have the permissions to perform the distribute operation. You will not be allowed to schedule a distribution job, if you do not have permissions. To distribute images and use upgrade analysis: Step 1 Choose Images > Distribute. Step 2 Choose the device type (IOS or IOS XR) and selection method (by image or package, or by device). It is often easier to start with devices due to the sometimes cryptic nature of software image names. In this example we start with devices. Cisco Prime Network 4.0 User Guide OL-29343-01 4-31 Chapter 4 Device Configurations and Software Images Software Images Prime Network does not support TAR file operations on devices. If you have TAR files to import, you must extract the TAR file and then import the image from the device. TAR file operations are supported only Cisco Catalyst devices. Note Step 3 a. To choose devices of a specific device group, click Select Groups in the table header. Click the hyperlinked device group name to view the list of devices that belong to the group. b. Select the required device group in the Device Groups page and click OK. c. Choose one or more devices and click Next. Prime Network displays all images or packages which are valid for the selected devices from the internal image repository (for example, kickstart images for Cisco Nexus 5000 or Cisco Nexus 7000, and boot configs for Cisco ASR 5000). You can also choose From External Repository from the drop-down list (in the table header) to display the images or packages from the external image repository. Choose an image and click Next. Note CCM allows image distribution from external repository only through FTP. Make sure you have configured the required credentials for accessing the external image repository in the Image Management Settings page. Step 4 In the Select Storage page, choose a storage location by device or for all devices. This specifies where on the network element the image or package will be copied when it is distributed. This operation is not applicable for Cisco CPT devices. Step 5 Perform an upgrade analysis to check whether the network element has sufficient space for the image or package by clicking Upgrade Analysis. After a few moments, Prime Network displays the results of the analysis in the Upgrade Analysis column. Click the symbol next to the icon to see the Upgrade Analysis report. Description Symbol In Device Status Column In Distribution Upgrade Analysis Column or Activation Analysis Results Device is available for upgrade analysis and distribution. Device passed without warnings. Device is not available for upgrade analysis or distribution. Most likely the device is in the Maintenance investigation state or the Unreachable communication state. Click the device hyperlink and open the device properties popup to see details about the device. Device passed with warnings. Click the icon to get more information. n/a Device did not pass analysis. Click the icon to get more information. If an error is reported, you will see a prompt asking you to confirm whether or not to proceed with the operation. Cisco Prime Network 4.0 User Guide 4-32 OL-29343-01 Chapter 4 Device Configurations and Software Images Software Images Note Check the report to verify whether the storage location has sufficient space for the image or package. If the space is insufficient, the distribution will fail. If there is insufficient memory, you can choose to clear the disk space while scheduling the distribution in the Schedule Distribution page. Step 6 If you do not want to distribute any images or packages (for example, if you only wanted to perform a manual upgrade analysis), click Cancel. Otherwise, proceed to Step 7. Step 7 Click Next to open the Schedule Distribution page in the wizard, and complete the schedule information. Note You can proceed with scheduling the distribution only if upgrade analysis is completed for all the devices (spanning across multiple pages) in the Select Storage page. Field Description Schedule Distribution When the distribution job should run. File Transport Protocol Overrides the default transfer protocol (as configured on the Image Management Settings page). Clear Flash (Optional) In case of insufficient memory, use the Clear Flash option (under Flash Properties). This deletes any one file (other than the running image) and recovers the disk space occupied by the file. This procedure is repeated until adequate space is available in the selected flash. E-mail Id(s) E-mail ID(s) to which to send a notification after the scheduled distribution job is complete. For two or more users, enter a comma-separated list of e-mail IDs. A notification e-mail is sent based on the e-mail option specified in the Image Management Settings page. Install Add Package(s) (Optional) Adds packages during distribution for Cisco IOS XR devices Schedule Activation (Optional) Starts an activation job once the images or packages are distributed (immediately or at future time). For multiple devices, we recommend that you perform the activation separately from the distribution. Process For multi-device jobs, controls the job processes for both distribution and activation. If you chose Sequentially, you can also do the following: Commit Note The time you specify here to schedule the distribution job is the server time. • Specify the order in which the operations should be processed, by moving the items up and down in the Reorderable Rows box. • Stop the job if an error is encountered by checking the Stop if an error occurs check box. Note If the job includes a reload, choose Sequentially. Otherwise, routers in the connectivity path of other routers may reload and cause problems. Commits the packages after distribution for Cisco IOS XR devices. Cisco Prime Network 4.0 User Guide OL-29343-01 4-33 Chapter 4 Device Configurations and Software Images Software Images Field Description Warm Upgrade (For Cisco IOS only) Activates the Warm Upgrade feature to reduce the device downtime during the distribution process. Note ISSU Step 8 You can perform a warm upgrade only on Cisco IOS devices 12.3(2)T or later, such as 12.4T, 15.0, 15.1T, and for ISR 800/1800/2800/3800 series and 1900/2900/3900 series. (For Cisco ASR 9000 series devices, Cisco ASR 903, and Carrier Routing System [CRS] devices only) Activates in-service software upgrade (ISSU) to update the router software with minimal service interruption. For CRS and ASR 9000 series routers, ISSU support is available only for software maintenance upgrade (SMU) package. Click Finished. You are redirected to the Jobs page, where you can check the status of the distribution job. Note Distribution fails if a timeout occurs after 30 minutes. You can view the job results for information on why the distribution failed. Remember to delete older images and packages from the staging directory. Activate Cisco IOS Software Images These topics describe the tasks you can perform from the Activate page: • Activate Cisco IOS Software Images • Activate After Performing Boot Priority Modification for Cisco ASR 5000 Series Devices When a new Cisco IOS image is activated on a device, it becomes the running image on the disk. Deactivated images remain on the disk to be removed by a user. Older images are automatically deactivated. Before You Begin • The device VNE (the device model in Prime Network) must be in a managed state when you run the command. (This means the VNE Communication State must be Reachable, and the Investigation State must be Normal or Incomplete. For more information on VNE states, see the Cisco Prime Network 4.0 Administrator Guide.) • Make sure you have the permissions to perform the activate operation. You will not be allowed to schedule an activation job, if you do not have permissions. Cisco Prime Network 4.0 User Guide 4-34 OL-29343-01 Chapter 4 Device Configurations and Software Images Software Images Activate Cisco IOS Software Images To activate a Cisco IOS image on a network element: Step 1 Choose Images > Activate. Step 2 From the Cisco Devices tab, choose IOS by activation method (IOS by Images or IOS by Devices). It is often easier to start with devices due to the sometimes cryptic nature of software image names. In this example we start with devices. Step 3 Prime Network displays all managed devices. It also displays the images that are currently running on the devices. You can filter by device name, IP address, element type, running image, or software version. Step 4 a. To choose devices of a specific device group, click Select Groups in the table header. Click the hyperlinked device group name to view the list of devices that belong to the group. b. Select the required device group in the Device Groups page and click OK. c. Choose one or more devices and click Next. Prime Network displays all images or packages which are valid for the selected devices from the internal image repository (for example, kickstart images for Cisco Nexus 5000 or Cisco Nexus 7000, and boot configs for Cisco ASR 5000). You can also choose From External Repository from the drop-down list (in the table header) to display the images or packages from the external image repository. Prime Network displays all images or packages which are valid for the selected devices from the internal image repository. Prime Network displays only root level bin files for selection. For a Cisco Nexus 5000 or Cisco Nexus 7000 series device, Prime Network displays the kickstart images available on the device in the Kickstart Images field. The field displays N/A if there are no kickstart images for the device. Step 5 Choose the image that you want to activate on the devices, and click Next. Step 6 For Cisco ASR 5000 series device, the Enter Boot Config page appears. You can activate a boot configuration file on the device in addition to an image. Select a boot configuration file from the available list and click Save and then Next. Step 7 Prime Network performs an image analysis. Check the Image Analysis page to see if analysis was successful. Click the icon in the Analysis column to get information about why the operation can or cannot proceed. Description Symbol In Device Status Column In Distribution Upgrade Analysis Column or Activation Analysis Results Device is available for upgrade analysis and distribution. Device passed without warnings. Device is not available for upgrade analysis or distribution. Most likely the device is in the Maintenance investigation state or the Unreachable communication state. Click the device hyperlink and open the device properties popup to see details about the device. Device passed with warnings. Click the icon to get more information. n/a Device did not pass analysis. Click the icon to get more information. Cisco Prime Network 4.0 User Guide OL-29343-01 4-35 Chapter 4 Device Configurations and Software Images Software Images If it cannot proceed, you will not be permitted to continue. Otherwise, click Next. Step 8 Enter the scheduling information in the Schedule Activation page. By default, jobs are scheduled to run as soon as possible. Note The time you specify here to schedule the activation job is the server time. Step 9 Enter the e-mail ID(s) to which to send a notification after the scheduled activation job is complete. For two or more users, enter a comma-separated list of e-mail IDs. A notification e-mail is sent based on the e-mail option specified in the Image Management Settings page. Step 10 (For Cisco IOS only) Activate the Warm Upgrade option, which allows a Cisco IOS image to read in and decompress another Cisco IOS image and transfer control to this new image (thus reducing the downtime of a device during planned software upgrades and downgrades). Step 11 (For Cisco ASR 903 devices only) Check the ISSU option, to update the router software with minimal service interruption. Step 12 Click one of the following to specify the operation mode, if you have selected two or more devices in the Select Devices page. Step 13 • In Parallel—Activates all packages for the devices at the same time. • Sequentially—Allows you to define the order of the devices to activate the packages for. Click Finished to schedule the activation. Activate After Performing Boot Priority Modification for Cisco ASR 5000 Series Devices To modify boot priorities for Cisco ASR 5000 series devices and then perform activation: Step 1 Choose Images > Activate > IOS and the activation method (by Devices). Step 2 Choose the Cisco ASR 5000 device family from the table header. Prime Network displays all managed Cisco ASR 5000 series devices. It also displays the images that are currently running on the devices. You can filter by device name, IP address, element type, running image, or software version. Step 3 Select a Cisco ASR5000 series device, choose the Perform Edit Boot Priorities option from the drop-down menu in the table header, and then click Next. The Select Boot Config page appears. Step 4 Click the Edit Boot Priorities hyperlink. The Current Boot Priorities table lists the existing boot configuration files with their priorities. Step 5 Provide the following inputs to set up and fetch the desired boot priorities: Step 6 • Number of boot priority entries to be maintained. Value should be in the range of 1-10. • Boot priority number to start with. Value should be in the range of 1-100. Boot priority starting value should be greater than or equal to the number of boot priorities to be maintained. Click Go to generate boot priorities based on the inputs provided. The modified boot priorities are listed in the table below. Cisco Prime Network 4.0 User Guide 4-36 OL-29343-01 Chapter 4 Device Configurations and Software Images Software Images Step 7 You can choose to perform one of the following for each row in the table: • Edit—Modify the boot priority value, the image name, and the configuration file, if required. The modified boot priority value should be unique. • Delete—Delete the boot configuration priority. • Add Row—Add boot priorities to the existing list. CCM generates boot priority values based on the inputs provided. Note that only the top ten boot priorities are considered for the device. Step 8 Click Save. A dialog box appears listing the existing and the modified boot priorities for your confirmation. Step 9 Click Save to confirm and apply the boot priority changes. Step 10 You can then schedule the activation as explained in steps 7 through 13 in the Activate Cisco IOS Software Images topic. Perform Cisco IOS XR Software Package Operations Note We recommend that you do not commit the package change until the device runs with its configuration for a period of time, until you are sure the change is appropriate. In that way, the change is not yet persisted across device reloads. These topics explain how to perform package operations: • Notes on Cisco IOS XR Packages, page 4-37 • Add Cisco IOS XR Packages, page 4-38 • Activate, Deactivate, and Delete Cisco IOS XR Packages, page 4-39 • Synchronize and Upgrade Satellites for Cisco ASR 9000 Devices, page 4-40 • Commit Cisco IOS XR Packages Across Device Reloads, page 4-41 • Roll Back Cisco IOS XR Packages, page 4-42 Notes on Cisco IOS XR Packages Package management includes the add, activate, deactivate, commit, and rollback operations on Cisco IOS XR devices. Before you perform any of these operations, read the following: • Note When doing a version upgrade (which upgrades the core package and involves a router reload) on a Cisco IOS XR device, all of the packages on the router should be upgraded at the same time, as part of the same job. For example, if the c12k-mini, c12k-mgbl, c12k-mpls, c12k-k9sec, and c12k-mcast packages are on the router at version 3.4.1, when upgrading to version 3.5.0, all of the packages must be upgraded at the same time to version 3.5.0. An upgrade pie is required only when you upgrade Cisco IOS XR devices from version 3.x to 4.x. You must deactivate and remove the upgrade pie, if you wish to perform any install operations, including the install commit operation on the devices upgraded from 3.x to 4.x. Cisco Prime Network 4.0 User Guide OL-29343-01 4-37 Chapter 4 Device Configurations and Software Images Software Images • When upgrading the core router package (such as c12k-mini or comp-hfr-mini), the manageability package (such as c12k-mgbl or hfr-mgbl-p) must be upgraded at the same time to ensure that the router remains manageable after the reload. • Cisco IOS XR routers support the clear install rollback oldest x command, that allows you to manage the number of rollback points maintained on the router. Executing this CLI command periodically on the router allows you to limit the number of rollback points. When executing this command, you must ensure that at least one valid rollback point is always maintained to enable Prime Network to show the package status correctly. We recommend that you maintain about 20 rollback points on the router. • NEIM does not support upgrading a router running Cisco IOS software to Cisco IOS XR software. For more information, refer to the System Management Configuration Guide for the Cisco IOS XR release and device of interest. Add Cisco IOS XR Packages Image Management supports package addition as a separate operation for Cisco IOS XR devices. To complete the package management life cycle, Image Management supports adding a package from a pie file, which is already present in the Cisco IOS XR device storage. Before you begin: Make sure you have the permissions to perform package addition. You will not be allowed to schedule a package addition job, if you do not have permissions. To add packages for Cisco IOS XR devices: Step 1 Choose Images > Package Add. The Package Add wizard displays all the Cisco IOS XR devices in the Select Device(s) page. Step 2 Select a device and click Next to open the Select Package(s) page. Prime Network displays all the packages available for the selected device. Step 3 Choose the package(s) that you want to add for the selected device and click Next to open the Schedule Package Addition page in the wizard. Step 4 Enter the scheduling information. By default, jobs are scheduled to run as soon as possible. Note Step 5 The time you specify here to schedule the package addition job is the server time. If you have selected two or more devices in the Select Devices page, click one of the following to specify the operation mode: • In Parallel Order—Add packages for all devices at the same time. • In Sequential Order—Allows you to specify the order of the devices to import the packages for. Step 6 Enter the e-mail ID(s) to which to send a notification after the scheduled package addition job is complete. For two or more users, enter a comma-separated list of e-mail IDs. A notification e-mail is sent based on the e-mail option specified in the Image Management Settings page. Step 7 Click Finished. Prime Network schedules the job and redirects you to the Jobs page, where you can monitor the status of the job. Cisco Prime Network 4.0 User Guide 4-38 OL-29343-01 Chapter 4 Device Configurations and Software Images Software Images Activate, Deactivate, and Delete Cisco IOS XR Packages Note For Cisco IOS XR devices, we recommend that you do not commit the package change until the device runs with its configuration for a period of time, until you are sure the change is appropriate. In that way, the change is not yet persisted across device reloads. Before You Begin • If you are doing a Cisco IOS XR version upgrade (which upgrades the core package), see Software Images, page 4-26 for information about other packages that you should upgrade at the same time. • The device VNE (the device model in Prime Network) must be in a managed state when you run the command. (This means the VNE Communication State must be Reachable, and the Investigation State must be Normal or Incomplete. For more information on VNE states, see the Cisco Prime Network 4.0 Administrator Guide.) To activate or deactivate a Cisco IOS XR package, or delete a Cisco IOS XR package from a device: Step 1 Choose Images > Activate > IOS-XR and the activation method (by Packages or Devices.). It is often easier to start with devices due to the sometimes cryptic nature of software image names. In this example we start with devices. Step 2 Prime Network displays all managed devices. (It also displays the packages that are currently running on the devices.) From this page you can also view the running package of the Cisco IOS XR device. Step 3 a. To choose devices of a specific device group, click Select Groups. In the Device Groups page, you can view the user-defined device groups. Click the hyperlinked device group name to view the list of devices that belong to the group. See Device Groups Setup Tasks, page 4-9 for more information on user-defined device grouping. b. Select the required device group in the Device Groups page and click OK. c. Choose one or more devices and click Next. Prime Network displays all packages which are valid for the selected devices. You can filter your results by package name and version. d. Choose the packages that you want to activate on the devices, and click Next. Specify the operations you want to perform. You can perform different operations on different devices or the same operation on all devices (by selecting the desired operation from the Use the following Operation for all Packages drop-down list in the table header). When you select a device, Prime Network will display all of the packages that are installed on the device. a. Choose a package operation for each package. Cisco IOS XR packages can be removed from a device only if they have been deactivated. If you want to apply the same operation to all packages, choose the operation from the Use the following Operation for all Packages drop-down list in the table header, and click Apply. b. (Optional) Check Test Only to run a test of the activation (or deactivation) procedure on the device. This will not change the real device configuration. (This is similar to using the Compatibility Check option in the rollback process.) c. Click Next. The Package Analysis page is displayed. Check the Package Analysis page to see if analysis was successful. Click the icon in the Analysis column to get information about why the operation can or cannot proceed (it will be one of the icons listed in Table 4-3 on page 4-31). If it cannot proceed, you will not be permitted to continue. Otherwise, click Next. Cisco Prime Network 4.0 User Guide OL-29343-01 4-39 Chapter 4 Device Configurations and Software Images Software Images Step 4 Enter the scheduling information. By default, jobs are scheduled to run as soon as possible. Note The time you specify here to schedule the activation job is the server time. Step 5 Enter the e-mail ID(s) to which to send a notification after the scheduled activation job is complete. For two or more users, enter a comma-separated list of e-mail IDs. A notification e-mail is sent based on the e-mail option specified in the Image Management Settings page. Step 6 (For Cisco ASR 9000 series routers and Cisco Carrier Routing System (CRS) devices only) Check the ISSU option, to update the router software with minimal service interruption. Step 7 Check the Commit check box to commit the packages after activation. Note Step 8 We recommend that you do not commit the package change until the device runs with its configuration for a period of time, until you are sure the change is appropriate. In that way, the change is not yet persisted across device reloads. Click one of the following to specify the operation mode, if you have selected two or more devices in the Select Devices page. • In Parallel—Activates packages for all devices at the same time. • Sequentially—Allows you to define the order of the devices to activate the packages for. Step 9 Click Finished to schedule the activation. Step 10 After the job completes: • For Test Only jobs, repeat this procedure to activate the packages. • If you activated or deactivated a Cisco IOS XR package, remember to commit your changes. However, we recommend that you do not commit the package change until the device runs with its configuration for a period of time, until you are sure the change is appropriate. In that way, the change is not yet persisted across device reloads. See Commit Cisco IOS XR Packages Across Device Reloads, page 4-41. Synchronize and Upgrade Satellites for Cisco ASR 9000 Devices CCM provides satellite support for Cisco ASR 9000 devices. Satellites are used to enhance performance bandwidth of Cisco ASR 9000 devices. Each satellite is a Cisco IOS device connected to the Cisco ASR 9000 device. Multiple satellites can be connected to a single Cisco ASR 9000 device and all communications to the satellites happen only through the Cisco ASR 9000 device. Each satellite has its own configuration and software image. CCM provides the following support for Cisco ASR 9000 device with satellites: • Synchronization of all satellites together. • Activation of the satellite pie image on Cisco ASR 9000 device with and without synchronization of satellites. You must run a CLI/XML command to check for compatibility and then push the image to the remote satellite. Cisco Prime Network 4.0 User Guide 4-40 OL-29343-01 Chapter 4 Device Configurations and Software Images Software Images Synchronize All Satellites Without Performing an Activation To synchronize all satellites together without activation: Step 1 Choose Images > Activate > IOS-XR and the activation method (by Devices). Step 2 Choose the Cisco ASR 9000 device family and the Sync Satellites option from the Select Operations drop-down menu in the table header. Prime Network displays all managed Cisco ASR 9000 series devices having satellites. (It also displays the packages that are currently running on the devices.) Step 3 Click Next to schedule the synchronization for all the satellites together. You cannot select a particular satellite for synchronization. The Select Operation function is not applicable for the Sync Satellites option. Step 4 In the Schedule Activation page, provide the scheduling information for synchronization of all satellites. Note Step 5 The time you specify here to schedule the synchronization job is the server time. Check the Sync Satellite(s) check box and click Finished. The Sync Satellite(s) check box is available only for Cisco ASR 9000 devices having satellites. Activate satellite image on Cisco ASR 9000 device with/without synchronization To activate a satellite image on the Cisco ASR 9000 device with/without satellite synchronization: Step 1 Choose Images > Activate > IOS-XR and the activation method (by Devices). Step 2 Choose the Cisco ASR 9000 device family and the Activate and/or Sync Satellites option from the Select Operations drop-down menu in the table header. Step 3 Perform steps 3 through 7 in the Activate, Deactivate, and Delete Cisco IOS XR Packages, page 4-39 topic. Step 4 Check the Sync Satellite(s) check box, if you wish to upgrade and synchronize the satellites. The Sync Satellite(s) check box is available only for Cisco ASR 9000 devices having satellites. Note Step 5 Synchronization of satellites is done, only if the operation selected is activation or deactivation. Otherwise, synchronization will not happen even if this check box is selected. Click Finished to schedule the activation and/or synchronization. Commit Cisco IOS XR Packages Across Device Reloads Committing a Cisco IOS XR package makes the device package configurations persist across device reloads. The commit operation also creates a rollback point on the device. See Roll Back Cisco IOS XR Packages, page 4-42, for more information on rollback points. Cisco Prime Network 4.0 User Guide OL-29343-01 4-41 Chapter 4 Device Configurations and Software Images Software Images Note We recommend that you do not commit package changes until the device runs with its configuration for a period of time, until you are sure the change is appropriate. In that way, the change is not yet persisted across device reloads. Before You Begin • Verify that the package to be committed is operating properly (for example, by doing a show status command). • The device VNE (the device model in Prime Network) must be in a managed state when you run the command. (This means the VNE Communication State must be Reachable, and the Investigation State must be Normal or Incomplete. For more information on VNE states, see the Cisco Prime Network 4.0 Administrator Guide.) • Make sure you have the permissions to perform the commit operation. You will not be allowed to schedule a commit job, if you do not have permissions. To commit a package after it has been activated, deactivated, or rolled back: Step 1 Choose Images > Commit. Step 2 Choose the network elements with the packages you want to commit. Step 3 Click one of the following (in the table header) to specify the commit mode: Step 4 • Commit in Parallel—Commits all changes at the same time. • Commit Sequentially—Allows you to define the order in which the changes are committed. Enter the scheduling information. Note The time you specify here to schedule the commit job is the server time. Step 5 Enter the e-mail ID(s) to which to send a notification e-mail after the scheduled commit job is complete. For two or more users, enter a comma-separated list of e-mail IDs. A notification e-mail is sent based on the e-mail option specified in the Image Management Settings page. Step 6 Click Commit. By default, jobs are scheduled to run as soon as possible. Roll Back Cisco IOS XR Packages Rolling back a Cisco IOS XR package reverts the device packages to a previous installation state—specifically, to a package installation rollback point. If a package has been removed from a device, all rollback points associated with the package are also removed and it is no longer possible to roll back to that point. Before You Begin • Read Software Images, page 4-26, for information about managing rollback points on Cisco IOS XR devices. • The device VNE (the device model in Prime Network) must be in a managed state when you run the command. (This means the VNE Communication State must be Reachable, and the Investigation State must be Normal or Incomplete. For more information on VNE states, see the Cisco Prime Network 4.0 Administrator Guide.) Cisco Prime Network 4.0 User Guide 4-42 OL-29343-01 Chapter 4 Device Configurations and Software Images Software Images • Make sure you have the permissions to perform the rollback operation. You will not be allowed to schedule a rollback job, if you do not have permissions. To roll back a Cisco IOS XR package: Step 1 Choose Images > Rollback. Prime Network displays all Cisco IOS XR devices. You can filter the results by using the Quick Filter option. Step 2 Choose the network elements. Prime Network populates the rollback points for the selected device package. Step 3 Choose a rollback ID from the Rollback ID drop-down list. The Rollback Point Details field lists the packages that were active when that ID was created. Step 4 To view all of the packages associated with the rollback point, place the mouse cursor on the Rollback Point Details field; see Figure 4-9 for an example. To view the time stamp associated with the selected rollback, see the value displayed in the Time Stamp field. Note The date and time stamps are displayed according to the local time zone settings of the client. Figure 4-9 Step 5 Packages Rollback Page with Rollback Point Details Click OK to close the popup window. Note If a package has been deleted from the repository, the rollback points of the package are still displayed in the GUI. If you choose a rollback point for a deleted package, the rollback will fail. The job results popup provides information explaining why it failed. Step 6 (Optional) Click Compatibility Check in the table header to run a test of the rollback procedure on the device. This will not change the real device configuration. (This is similar to using the Test Only option in the activation process.) Step 7 Click Rollback or Rollback and Commit. Note We recommend that you do not commit package changes until the device runs with its configuration for a period of time, until you are sure the change is appropriate. In that way, the change is not yet persisted across device reloads. See Commit Cisco IOS XR Packages Across Device Reloads, page 4-41. Cisco Prime Network 4.0 User Guide OL-29343-01 4-43 Chapter 4 Device Configurations and Software Images Software Images Step 8 Enter the scheduling information. Note Step 9 Enter the e-mail ID(s) to which to send a notification after the scheduled rollback job is complete. For two or more users, enter a comma-separated list of e-mail IDs. A notification e-mail is sent based on the e-mail option specified in the Image Management Settings page. Note Step 10 The time you specify here to schedule the rollback job is the server time. Before you enter the e-mail ID(s), ensure that you have set up the SMTP host and SMTP port in the Image Management Settings page (see Change Image Management Global Settings, page 4-66). The e-mail ID(s) configured in the Image Management Settings page, if any, will be displayed by default. You can modify the e-mail ID(s) if required. Click Rollback. Clean Up the Repository The repository is purged according to the settings described in NEIM Setup Tasks, page 4-7. When files are removed from the repository, this does not affect files that are installed on the device. However, deleting a package could cause a rollback point to become unexecutable. If a package or version of a package that is associated with a specific rollback point is removed, it will no longer be possible to roll back to that point. See Roll Back Cisco IOS XR Packages, page 4-42. To delete images from the Prime Network image repository: Step 1 Choose Images > Repository. Step 2 Select the image you want to delete and click the Delete button (with red X) in the table header. Step 3 To collectively delete all images in the repository, click the Delete All button in the table header. You will see a prompt asking you to confirm whether or not to proceed with the operation. Step 4 Click OK to confirm and image(s) available in the repository will be deleted. These topics provide administrative information on CCM: • Global Settings and Administration, page 4-61—How to use the Configuration Management Settings page to specify when configurations should be collected, when they should be purged, commands to exclude from comparisons, and other global settings. • Change Image Management Global Settings, page 4-66—How to use the Image Management Settings page to specify the default transfer protocol, staging and storing locations, and credentials for accessing a vendor web site. • Check the Processes, page 4-68—How CCM ensures communication security, authenticates and authorizes users, where log files for debugging purposes are located, and so forth. You should also make sure you have properly set up CCM by reading Configuration Management Setup Tasks, page 4-5. Cisco Prime Network 4.0 User Guide 4-44 OL-29343-01 Chapter 4 Device Configurations and Software Images Configuration Audit Note In the Configuration Management and Image Management Settings pages, CCM does not support the following special characters: • For Password fields—>, <, ', /, \, !, :, ;, and " • For all other fields—`, ~, @, #, $, %, ^, &, *, (, ), +, =, |, {, }, [, ], ', ?, >, <, /, \, !, :, ;, and " Configuration Audit Note Starting Prime Network 4.0, Configuration Audit is being replaced by Compliance Audit. However, if you enabled the option to retain Configuration Audit during an upgrade procedure from Prime Network 3.11 (or earlier), the feature will still available from CCM. For more information on Compliance Audit, see Compliance Audit, page 4-50. CCM facilitates a configuration compliance mechanism, which enables auditing configurations on a device against a specified configuration policy file (also called as a baseline or expected configuration). Prime Network facilitates administering multiple configuration policy files through a Configuration Audit Policy Manager. Each configuration policy is a set of CLI commands that define a desired baseline or expected configuration. Configuration policies can also be configured using valid, Java-based regular expressions. Table 4-4 provides examples of configuration policy CLIs. Table 4-4 Configuration Policy CLI Examples Policy Name Policy Description Policy CLI SamplePolicy1 Sample policy for global configuration auditing spanning-tree mode rapid-pvst SamplePolicy2 Sample policy for global regex and first sub level cli matching audit interface GigabitEthernet(.*) port-type nni SamplePolicy3 Sample policy for global regex, first sub level cli matching, and second sub level regex matching router (.*) address-family ipv4 unicast network (.*) SamplePolicy4 Sample policy for fixed cli matching interface GigabitEthernet3/4 address-family ipv4 unicast Sample Configuration Policy The following example shows a policy that performs audit for BGP configuration for a Cisco IOS router: #BGP Configuration Audit router bgp (.*) neighbor (.*) remote-as (.*) address-family ipv4 If you want an audit check for specific BGP AS or neighbor IP address, the above CLI can be changed accordingly. For example: router bgp 65000 neighbor (.*) remote-as 65001 address-family ipv4 Cisco Prime Network 4.0 User Guide OL-29343-01 4-45 Chapter 4 Device Configurations and Software Images Configuration Audit You can combine multiple different configurations into one policy. For example: #BGP Configuration Audit router bgp (.*) neighbor (.*) remote-as (.*) address-family ipv4 # Interface MEP check interface GigabitEthernet(.*) ethernet (.*) mep domain UP (.*) Configuration audit can be scheduled against multiple configuration files to obtain an audit report that indicates the existence of configuration sequences stated in the baseline policy and any deviations from the baseline. You can define a configuration policy, select the devices that need to be audited against the policy, and schedule the audit job to run immediately or at a later point in time. The audit job compares the CLI commands (as part of the configuration policy) against the actual running configuration on the device to identify the discrepancies. You can view the status of all the scheduled configuration audit jobs in the Job Manager page. The configuration audit results are in the form of a report indicating the discrepancies (missing configuration commands on the device) in red and the matching commands in green. Manage Configuration Policies CCM allows you to create, modify, view, and delete configuration policies. Choose Configuration Audit > Configuration Policies. The Configuration Policies page provides the list of existing policies. You can search the configuration policies by CLI strings. Create Configuration Policy To create a configuration policy: Step 1 In the Configuration Policies page, click Create. Step 2 Provide the policy name and description. Step 3 Enter the CLI commands to set up a baseline configuration for that policy. This can also be a valid, Java-based regular expression. See Table 4-4 for sample configuration CLIs. Step 4 Make sure you follow the guidelines while entering the CLI commands. Click Guidelines to view these guidelines as shown in Figure 4-10. Cisco Prime Network 4.0 User Guide 4-46 OL-29343-01 Chapter 4 Device Configurations and Software Images Configuration Audit Figure 4-10 Create Configuration Policy-Showing Guidelines Edit, View, or Delete Configuration Policy In the Configuration Policies page, you can also do the following: • Select a policy and click Edit to modify the policy description and CLI commands. You cannot modify the policy name. Keep in mind the policy guidelines while modifying the CLI commands. • Select a policy and click View to view the policy name, description, and CLI commands. • Select a policy or multiple policies and click Delete to delete the configuration policies. You cannot delete a policy if it is part of a scheduled audit job. Schedule Configuration Audit You can schedule configuration audit jobs to run immediately or at a later point in time. Note Only a maximum of 10 policies and 500 devices can be used for scheduling an audit job. To schedule a configuration audit job: Step 1 Choose Configuration Audit > Basic Audit. The Select Configuration Policies page lists the available configuration policies. You can search the configuration policies by using CLI strings. Step 2 Select the desired configuration policy from the available list and click Next. Step 3 In the Select Devices page, select the devices that must be audited against the selected configuration policy, and then click Next. Cisco Prime Network 4.0 User Guide OL-29343-01 4-47 Chapter 4 Device Configurations and Software Images Configuration Audit Step 4 In the Schedule Audit page, provide a job name and the scheduling information for the configuration audit job. You can choose to run the audit job immediately or at a later point in time. A popup with the server time is available to assist you in setting up the time for scheduling the audit job. Step 5 Click Audit. You will be redirected to the Configuration Audit Jobs page. Note Once scheduled, you cannot edit the policies or devices that are part of the scheduled job. View Configuration Audit Jobs and Audit Results The Configuration Audit Jobs page (Configuration Audit > Configuration Audit Jobs) provides the following details: • Jobs—This table lists all configuration audit jobs submitted by the login user. The ‘root’ user can view jobs submitted by other users, by selecting the username from the table header. • History—For a selected job in the Jobs table, this table lists all the instances. You can select only one job at a time to view the history details. You can select a job and click View to view the associated devices and policies, and the schedule for the selected audit job. You can also use this page to suspend, resume, cancel, delete, or reschedule a job. To view the configuration audit job details and the audit result: Step 1 Click on the hyperlinked LastRun Result (Success/Partial Success/Failure) against a particular job in the Jobs table. The Configuration Audit Job Details dialog box displays the job details and the audit results for a device and policy combination, as shown in Figure 4-11. The Job Results table includes the device audited, policy against which the device was audited, audit status, and the running configuration version used for the audit. A blue tick mark in the Status column indicates ‘Audit Pass’, and a red X indicates ‘Audit Fail’. Click the hyperlinked policy name to view the configuration policy details, with updates if the policy has been modified. Note For Cisco Nexus devices, the VDC name is also displayed in the Device Name column. Cisco Prime Network 4.0 User Guide 4-48 OL-29343-01 Chapter 4 Device Configurations and Software Images Configuration Audit Figure 4-11 Step 2 Configuration Audit Job Details Click on the hyperlinked Status (Pass/Fail icon) in the Job Results table. Or, click the hyperlinked Success or Failure hyperlink in the Result field of the History table. The Configuration Audit Result dialog box displays the audit result with matching commands (for ‘Audit Pass’) and discrepancies or missing commands (for ‘Audit Fail’) between the policy and the running configuration on the device. See Figure 4-12 for an example of the Configuration Audit Result dialog box for an ‘Audit Fail’ scenario. Figure 4-12 Configuration Audit Result - Audit Fail Cisco Prime Network 4.0 User Guide OL-29343-01 4-49 Chapter 4 Device Configurations and Software Images Compliance Audit The matching commands are displayed in green (see Figure 4-13), while the discrepancies are displayed in red (see Figure 4-12). For a failed job, the Audit Result section also displays the reason why the audit was not successful as shown in Figure 4-12. Some reasons for audit failure are: • Failed to back up running configuration of the device • Device not reachable • Unable to download running configuration • Device not under the scope of the user • Policy is not available • Invalid regular expression in the CLI Figure 4-13 Step 3 Configuration Audit Result - Audit Pass Click Export in the Job Results table to export the audit job results to a .csv file. You can view the job details and audit results in the exported file. Compliance Audit The Compliance Audit feature (Cisco Change and Configuration Management > Compliance Audit) ensures that existing device configurations comply to your deployment’s policies. It replaces the Configuration Audit features that was provided in previous releases of Prime Network. This feature is enabled by default. Cisco Prime Network 4.0 User Guide 4-50 OL-29343-01 Chapter 4 Device Configurations and Software Images Compliance Audit Using Compliance Audit, you can create policies that can contain multiple rules, and policies can be grouped together to create a policy profile which can be run on a set of devices, called audit of devices. There is no limit on the number of policies, profiles, rules, and conditions that you can create using Compliance Audit. It can scale up to 35,000 devices. When a device is detected to be not confirming to a determined policy, Compliance Manager calls it a violation. Subsequently, if available, it also recommends a fix, as configured by the administrator. The violation details are saved in DB Schema for your reference later. In some scenarios, the fix is readily available as configured by the adminstrator and can be directly applied, while in some others, it has to be carefully scrutinized by the administrator before it is run. Automatic application of some of the fixes can be disabled since it may conflict with other policies and configurations that may be specific to the device and the setup. This section contains the following topics: • User Authentication and Authorization, page 4-51 • Creating Policies and Profiles, and Running a Compliance Audit Job, page 4-52 User Authentication and Authorization Compliance Audit uses the security methods employed by Prime Network. These are described in the Cisco Prime Network 4.0 Administrator Guide. Note If authentication fails, check the status of AVM 77 (XMP runtime DM) and Prime Network using Cisco Prime Network Administration. Cisco Prime Network Administration displays AVM 77 only when Ciis installed. For information on how to use Cisco Prime Network Administration, see the Cisco Prime Network 4.0 Administrator Guide. The GUI-based functions and required roles are listed in Table 4-5. The scope of your operation depends on your role and scope. Note If your role is Viewer, you cannot see Compliance Audit listed in CCM despite enabling it in the Registry Controller. The following table lists the permissions: Table 4-5 Default Permission/Security Level Required to Use Compliance Audit Task Administrator Configurator OperatorPlus Operator Viewer Creating policies X X — — — Creating policy profiles X X X X — Executing audit job X X X X — Viewing audit job results X (For all users’ jobs) X (For jobs that the specific user has created) X (For Operator X (For Plus jobs only) Operator jobs only) — Cisco Prime Network 4.0 User Guide OL-29343-01 4-51 Chapter 4 Device Configurations and Software Images Compliance Audit Table 4-5 Default Permission/Security Level Required to Use Compliance Audit (continued) Task Administrator Configurator OperatorPlus Operator Viewer Executing a Fix job X X — — — X (For all users’ jobs) X (For jobs that the specific user has created). — — — Note To execute a fix job, the device-level role of the user must be Configurator or Administrator. The role of the user for a device overrides the role of a user on Prime Network. Viewing the fix job results Creating Policies and Profiles, and Running a Compliance Audit Job Running an audit job the first time requires you to follow a specific workflow: Description See: Step 1 Create a policy containing multiple rules Creating a Policy, page 4-52 Step 2 Group policies into policy profiles so you can apply them Creating a Policy Profile, page 4-57 Step 3 Run the policy against your specified devices Auditing Devices, page 4-58 Step 4 View the results and fix any violations Viewing the Results of an Audit Job and Running Fixes for Violations, page 4-59 Creating a Policy The first step in auditing devices is to create a policy (Compliance Audit > Compliance Policy). The Compliance Policy page (Figure 4-14) appears. Cisco Prime Network 4.0 User Guide 4-52 OL-29343-01 Chapter 4 Device Configurations and Software Images Compliance Audit Figure 4-14 Compliance Policy Page 1 Create Compliance Policy icon 5 New Rule icon 2 Edit Policy Description icon 6 Edit Rule icon 3 Import Policy as XML icon 7 Duplicate Rule icon. 4 Search field 8 Filter icon The following steps explain the procedure: You can either create a new policy or you can import an existing policy by clicking the Import icon. You can export existing policies as XML files to your local drive. Step 1 Click Create Compliance Policy icon and enter the policy details. The policy is listed in the left pane. After you add a new policy, you must associate one or more rules to the policy. Step 2 From the Rule Selector pane, click New Rule icon. For more information on creating a new rule, see Creating a Rule. Creating a Rule For a policy to run against devices and generate violations, you must specify rules within the policy and define the conditions and the relevant fixes for violations. Rules are platform-specific. Each policy must contain at least one rule; however, there is no limitation on the number of rules you can define for a policy. You can also duplicate an existing rule and add to a policy. Click the Duplicate button to clone a rule. Follow the procedure below to create a rule and add the rule to a specific policy: Cisco Prime Network 4.0 User Guide OL-29343-01 4-53 Chapter 4 Device Configurations and Software Images Compliance Audit Step 1 From the left navigation pane, select the policy to which you want to add rules. Step 2 From the work area pane, click the Create Rule icon. Step 3 Enter the following details. For sample rules, see Creating Rules—Samples, page 4-56. Table 4-6 New Rule - Fields Field Description Rule Information All information entered in this section is for your consumption. This information does not impact the conditions and the subsequent violations. Name Enter a name for the rule. Description Enter a brief description Impact Enter a brief note on the impact of the violation that the rule will generate. Suggested Fix Enter a brief description of the fix that will help you decide to choose or to not choose the rule against a specific policy. This description appears when you check the rule in the Rule Selector pane. Platform Selection Available Platforms Check the platforms on which the condition must be run. If you select Cisco Devices, all of Cisco platforms specified in the list are included. The platforms checked in this section impacts the ignore count of an audit job. For example, if you run a rule on all the devices within your scope, including devices not selected in the Available Platforms pane, such devices are not audited and are marked against Ignore count. Rule Inputs New Input Click the New icon to add inputs for the new rule. This field is optional. The input you create in this pane reflects in the Policy Profile page. You must provide rule inputs for the rule you have selected. For example, you can create an input to be IP Address. Any user who wants to run this rule can enter an IP address specific to the rule and add it to a specific profile. Enter the following details: • Title • Identifier—Click the Generate button to generate an identifier based on the title. The identifier is used in Block Start Expression, Conditions Match Criteria (value field), Action Details Tab Violation Message, Fix CLI (if action is Raise a Violation, and Violation Message Type is Define Custom Violation Message for the Condition). • Data Type—Choose a data type. The type of data you enter in the Parameter Substitution field depends on your selection here. • Input Required—Check the option, as required. Cisco Prime Network 4.0 User Guide 4-54 OL-29343-01 Chapter 4 Device Configurations and Software Images Compliance Audit Table 4-6 New Rule - Fields (continued) Field Description Conditions and Actions—Conditions Details tab Condition Scope Details • Condition Scope—Choose the scope of the conditions from one of the below: – Configuration—Checks the complete running configuration – Previously Matched Blocks—Runs the conditions against blocks that have been defined in previous conditions. To run the condition with this option, you must have checked Parse as Block option in one of the previous conditions. You cannot select this option for the first condition of a rule. – Device Properties—This checks against the device properties and not the running configuration. • Device Property—This option is enabled only if you selected Device Properties option in the Condition Scope option. Block Options Parse as Blocks Checking this option enables you to run conditions on specific blocks (as defined in this section) in running configuration files. This option is enabled only if you selected Configuration in the Condition Scope option. Block Start Expression This field is mandatory if Parse as Blocks option is enabled. This must be a regular expression. Rule Inputs can be used here. Block End Expression This field is optional. By default, blocks end when the top-level or a sub-level command begins. If you prefer to break the block earlier, enter the value as a regular expression. Rule Pass Criteria Check the option, as required. If you select: • All Sub Blocks—The rule is marked a success only if all the blocks fulfill the specified condition. • Any Sub Block—The rule is marked a success even if one of the sub blocks fulfill the condition. • Raise One Violation for Each Failing Instance—If you check this option, the violation count specified in the Job view increases by as many number of violations as the condition encounters in each block. Condition Match Criteria Operator Choose an option based on the value you will enter in the subsequent field. Value The value must be a regular expression. This variable can be grepped for use in the subsequent conditions. It follows the convention of condition such as, <2.1> <2.2>... This numerical identifier can be used from the next condition as input parameter for Operator selected in the previous field. Rule Pass Criteria Check the option, as required. If you select: • All Sub Blocks—The rule is marked a success only if all the blocks fulfill the specified condition. • Any Sub Block—The rule is marked a success even if one of the sub blocks fulfill the condition. • Raise One Violation for Each Failing Instance—If you check this option, the violation count specified in the Job view increases by as many number of violations as the condition encounters in each block. Cisco Prime Network 4.0 User Guide OL-29343-01 4-55 Chapter 4 Device Configurations and Software Images Compliance Audit Table 4-6 New Rule - Fields (continued) Field Description New Conditions and Actions—Action Details tab (applicable for both Match Action and Does Not Match Action Select Action Select one of the following actions that Compliance Audit must perform upon detecting a violation: • Continue—If the condition is met or not met, the rule continues to run based on the condition number specified in the field. If a condition number is not specified, the rule skips to the next immediate condition. • Raise a Violation—Raises a violation and stops further execution of rule. • Do Not Raise a Violation—Does not raise a violation; stops further execution of rule. Condition Number Specify the condition number to which the rule must continue with in case the condition is met or is not met. You cannot specify a condition number that is lesser than or equal to the current condition number. This field is enabled only if you selected the option Continue from the Select Action field. Violation Severity Specify a severity that Compliance Audit must flag if a violation is detected. This field is enabled only if you selected one of the options, Raise a Violation from the Select Action field. Violation Message Type Select a message type. If you determine a violation as not fixable (or requiring manual intervention), select the Generate Default Violation Message During Audit option. To enter a fix for a violation, select the option Define Custom Violation Message for the Condition. Violation Message Enter a violation message that is displayed in the Job View window. select the option Define Custom Violation Message for the Condition. Fix CLI Enter a relevant CLI fix if the device does not meet the condition specified. select the option Define Custom Violation Message for the Condition. Do not enter config Note exit t and its exit commands. command is allowed at main and sub-level commands. After you complete adding rules to the policy, a profile must be created. For more information, see Creating a Policy Profile. Creating Rules—Samples This section explains three scenarios in which rules can be created. Problem This policy checks if at least one of the pre-defined DNS servers are configured on device. The following condition checks if either IP name-server 1.2.3.4 or IP name-server 2.3.4.5 is configured on the device, and raises a violation if neither of them are configured. Solution The following settings have to be made in the appropriate sections. Field Value Configuration Scope Configuration Operator Matches the expression Value ip name-server (1.2.3.4|2.3.4.5)$ Match Action Do not raise a violation and exit this rule Cisco Prime Network 4.0 User Guide 4-56 OL-29343-01 Chapter 4 Device Configurations and Software Images Compliance Audit Field Value Does Not Match Action Raise a violation and exit this rule Violation Text DNS Server must be configured as either 1.2.3.4 or 2.3.4.5. Problem This policy checks if at least two NTP servers are configured on the device for NTP server redundancy. The following condition checks if the command ntp server appears at least twice. Solution The following settings have to be made in the appropriate sections. Field Value Configuration Scope Configuration Operator Matches the expression Value (ntp server.*\n){2,} Match Action Continue Does Not Match Action Raise a violation and exit this rule Violation Text At least two NTP servers must be configured. Problem This policy checks if the device is not configured with any prohibited community strings or community strings that must be avoided for SNMP. This condition checks if either snmp-server community public or snmp-server community private is configured on the device. If configured, Compliance Audit raises a violation. Note that <1> in the violation text is replaced with the actual community string configured on the device, at the runtime. In this example, <1> indicates first captured group in the current condition. Solution The following settings have to be made in the appropriate sections. Field Value Configuration Scope Configuration Operator Matches the expression Value snmp-server community (public|private) Match Action Raise a violation and exit this rule. Does Not Match Action Continue Violation Text Community string <1> configured. Creating a Policy Profile After you have created policies, create a policy profile that will contain a set of policies. Go to Compliance Audit > Policy Profile. The Policy Profile page (Figure 4-15) appears. Cisco Prime Network 4.0 User Guide OL-29343-01 4-57 Chapter 4 Device Configurations and Software Images Compliance Audit Figure 4-15 Policy Profile Page 1 Create Policy Profile icon 3 Run Compliance Audit icon 2 Edit Policy Profile Description icon 4 Add Compliance Policy icon Follow the procedure below to create a new policy profile: Step 1 From the left navigation pane, click the Create New Policy Profile icon. Enter name and description of the policy profile. Step 2 Choose a policy profile from the left navigation pane. From the Compliance Policy Selector pane, click the Add Compliance Policy icon. The list of policies appear. Choose the required policies. Step 3 After you choose the policies, select the rules within the selected which you want to audit against. Later, if applicable, enter values for rule inputs. The option to enter rule inputs is available only if you entered input parameters when you created a new rule. Policy Profiles are created and an audit job can be run. Auditing Devices After you create a policy profile, you must choose the devices on which it has to be run. After you choose the devices and schedule an audit, a job with the name of the policy profile name is created. This name defines this job, and can be scheduled periodically. This job name is editable. Step 1 After you have created the profiles, click the Run Compliance Audit icon. The Select Devices window appears. Step 2 Select the devices which you wish to audit. Click Next. Cisco Prime Network 4.0 User Guide 4-58 OL-29343-01 Chapter 4 Device Configurations and Software Images Compliance Audit Step 3 Step 4 The Schedule Audit page appears. Enter the schedule details. Against Choose Configuration option, choose the configuration that you want to be applied: • Use Latest Archived Configuration—If you choose this option, the latest Backup Configuration available in NCCM is used. If the backup configuration is not available, the device is not audited and is marked against non-audited devices. • Use Current Device Configuration—If you choose this option, Prime Network polls for the latest configuration from the device and then performs the audit. Click Audit. An audit job is scheduled. You can view the status of an audit job from the Jobs page. Viewing the Results of an Audit Job and Running Fixes for Violations The status of scheduled jobs appears on the Jobs page (Compliance Audit > Jobs). All audits are logged by Prime Network as jobs. From this page, you can view the violation details and can also apply a fix. After a job is created, you can set the following preferences for the job: • Suspend—Can be applied only on jobs that are scheduled for future. You cannot suspend a job that is running. • Resume—Can be applied only on jobs that have been suspended. • Reschedule—Using this option, you can reschedule a job that has been scheduled for a different time. Choose a job, and click Reschedule. The Compliance Audit Job Rescheduler window opens. Set your preferences. The following options are available against Choose Configuration option: – Use Latest Archived Configuration—If you choose this option, the latest Backup Configuration available in NCCM is used. – Use Current Device Configuration—If you choose this option, Prime Network polls for the latest configuration from the device and performs the audit. Note You might be prompted to enter your device access credentials. This option is enabled if, from the Prime Network Administration > Global Settings > Security Settings > User Account Settings > Execution of Configuration Operations, you checked the option Ask for user credentials when running configuration operations. This is an enhanced security measure to restrict access to devices. • Cancel—Using this option, you can cancel a scheduled job. • View—This option is enabled only for jobs that in Completed state. Using this option, you can view the details of a job, the associated policies and devices. • Delete—This option deletes a job that has been scheduled. This deletes the listing from the GUI. You cannot delete a job that is running. All jobs that are completed are listed in the jobs page. The job is flagged a success only if all the devices audited confirm to the policies specified in the profile. The result, otherwise, is displayed as Failure. The job is called a partial success if job contains a mix of both audited and non-audited devices, with the compliance status of audited devices being a success. You can view the details of the job by clicking the hyperlinked result displayed against each job. When you click the result, the Compliance Job Audit Details window displays the violation details. The Compliance Audit Violation Details window displays the following details: Cisco Prime Network 4.0 User Guide OL-29343-01 4-59 Chapter 4 Device Configurations and Software Images Compliance Audit Table 4-7 Compliance Audit Violation Details- Fields Field Description Job Details and Violations Summary Audited/Non-Audited Devices This displays the number of audited and non-audited devices. For more details on devices, click the hyperlinked count of audited and non-audited devices. Non-audited devices include the count of the following. – The devices that were within the scope of the user while scheduling the job, but has since changed. At the time job ran, these devices were not within the scope of the user. – The devices that were down or were not reachable when the job ran. – CPT device not in IOS mode. These devices are not audited because they do not contain running configuration, which is required for Compliance Manager. – Third Party Devices. – Device not in sync with with Compliance server—that is, the device element type is not available in the Compliance server. – Devices of which backup running configuration cannot be fetched from CCM. Selected Rules Number of rules selected in a policy at the time the policy profile was created. This may be subset of the total number of rules defined for the policy. Compliance State Displays Pass or Fail. All rules in policy for all devices must confirm for the state to display Pass. Violation Count This lists the number of distinct violations (for a particular policy, for the number of devices) that were observed in each job. For example, if a particular policy is violated in 100 devices, the violation count is only 1. Instance Count Summation of the violation count for all the device. For example, if a particular policy is violated in 100 devices, the instance count is 100. Highest Severity The highest severity of the various rules comprising the policy. The highest (as decided at the time of creating rules) is shown. This overrides the lower severity items. Ignore Count This is the count of rules ignored due to devices falling outside the scope of platforms defined against the rule. Violations by Device Violations by Device This window displays the violations at a device level. Select the devices for which require the fix CLI to be applied. Only the devices for which a fix CLI is available can be selected. Click Next. Preview Fix Commands Preview Fix Commands Select a violation to view the respective CLI for the devices. If two or more options are selected, the CLI is appended. To schedule a fix job, click Next. Schedule Schedule Schedule to the fix job. The details of the fix job can be viewed from Compliance Audit > Jobs. The job type is Compliance-Fix You can view the status of a fix job after the job completes. Click the hyperlinked status to view the results of the fix job. Cisco Prime Network 4.0 User Guide 4-60 OL-29343-01 Chapter 4 Device Configurations and Software Images Global Settings and Administration Global Settings and Administration This topic contains the following sections: • Change Configuration Managemennt Global Settings, page 4-61 • Change Image Management Global Settings, page 4-66 • Check the Processes, page 4-68 • Manage Jobs, page 4-68 • User Authentication and Authorization, page 4-69 Change Configuration Managemennt Global Settings To open the Configurations global settings page, choose Configurations > Settings. Table 4-8 lists all of the global settings you can configure for Configuration Management. The backup settings you enter here do not affect the manual backups you can perform by choosing Configurations > Backup. The backups you perform from that page and the backups you configure on this Settings page are completely independent of each other. Note Table 4-8 Make sure that the configuration change detection schedule does not conflict with purging, since both processes are database-intensive. Configuration Archive Global Settings Field Description Export Settings Server Name DNS-resolvable server name. Note CCM supports export servers with IPv4 or IPv6 address. Location The full pathname of the directory to which Prime Network should copy the file on the server specified in the Server Name field. Username The login username that Prime Network should use when connecting to the server specified in the Server Name field. Password The login password that Prime Network should use when connecting to the server specified in the Server Name field. Export Protocol Default export protocol that Prime Network should use when exporting configuration files to another server. The choices are FTP and SFTP. The default is FTP. You can override this protocol while scheduling an export job, if required. Archive Purge Settings Minimum Versions to Retain Minimum number of versions of each configuration that should be retained in the archive (default is 2). Maximum Versions to Maximum number of versions of each configuration that Prime Network should retain (default is 5). Retain The oldest configuration is purged when the maximum number is reached. Configurations marked “do not purge” are not included when calculating this number. Cisco Prime Network 4.0 User Guide OL-29343-01 4-61 Chapter 4 Device Configurations and Software Images Global Settings and Administration Table 4-8 Configuration Archive Global Settings (continued) Field Description Minimum Age to Purge Age (in days) at which configurations should be purged (between 5-360). Configuration Change Purge Settings Purge Change Logs after The age in days at which configuration change notifications (Change Logs) that are sent by devices should be purged. The default is 30 days and the range is 5-360. Global Settings Transport Protocol Enable Periodic Config Backup Default transport protocol that Prime Network should use when copying configuration files to and from a device. The options are TFTP, SFTP/SCP, and FTP. The default is TFTP. Note the following: • The TFTP source interface on the devices must be able to reach the unit. Otherwise, the configuration management jobs that require TFTP may fail. • To use SFTP/SCP for config transfers from a device to a unit, you need to ensure that an SSH server is configured and running on the device, such that the device acts as a server and the unit as a client during the transfer. For Cisco IOS XR devices, you need to configure the device with K9 security (k9sec) enabled images such that the SSH server is up and running on the device. Detect ongoing configuration changes by performing a periodic collection of device information. Use this method if configurations change frequently and those changes are not important to you. CM compares the timestamp for the last configuration change on the archived version with the timestamp on the newer version. If they are different, CM backs the new file to the archive immediately. By default, this is not enabled. You can set up an interval in the range of 1-100 hours. Default value is 72 hours. Note Enable Periodic Sync for Out of Sync Devices (72 Hours) This CM collection is independent of the Prime Network inventory collection. (For Cisco IOS only) Enables automatic synchronization of the out-of-sync devices on a periodic basis. Prime Network adds a device to the list of out-of-sync devices whenever the latest version of the startup configuration is not in sync with the latest version of the running configuration file on the device. Periodic Export Options Enable Periodic Config Export Allows CM to export archived configurations periodically to the export server. You can set up an interval in the range of 1-100 hours to export the archived configurations. The default value for export interval is 24 hours. You can also specify the start time for the periodic export operation. If there are no configuration changes i.e. if the archived configuration is available in the export server, choose one of the following options to indicate how the export job should be performed: • Export configuration file will all configuration—Overwrite the existing configuration on the export server. • Do not export configuration file—Skip configuration export. • Export configuration file with reference to previous configuration file—Create a configuration file with only a reference to the file having the actual configuration. Refer to Configuration Export File Type for Device Families, page 4-66, to know more about the type of configuration files exported for different devices. Cisco Prime Network 4.0 User Guide 4-62 OL-29343-01 Chapter 4 Device Configurations and Software Images Global Settings and Administration Table 4-8 Configuration Archive Global Settings (continued) Field Description Enable Initial Config Syncup Allows CM to fetch the configuration files from the network devices and archive it whenever a new device is added to Prime Network. If this setting is enabled: • CM performs the configuration file fetch operation whenever the Prime Network gateway is restarted. • The Disable Initial Config Syncup on Restart check box is enabled by default to prevent network device performance issues on subsequent Prime Network gateway restarts. To preserve this setting such that CM fetches the configuration files from network devices on Prime Network gateway restarts, you must uncheck the Disable Initial Config Syncup on Restart check box after enabling the Enable Initial Config Syncup option. Note The “sync up” described here pertains to making sure the archive correctly reflects the network device configurations. This is different from the CM Synchronize operation, where devices are checked to make sure their running and startup configurations are the same. This “sync up” is required in order for Prime Network to populate the Configuration Sync Status dashlet (on the dashboard). Disable Initial Config Syncup on Restart Enable Event-Triggered Config Archive Check the check box to set Enable Initial Config Syncup to its default setting (not enabled) if Prime Network restarts. Detect ongoing configuration changes by monitoring device configuration change notifications. This setting also controls whether Prime Network populates the Configuration Changes in the Last Week and the Most Recent Configuration Changes dashlets (on the dashboard). Use this method if you consider every configuration file change to be significant. When a notification is received, CM backs up the new running configuration file to the archive using one of the following methods. Note If you are using event-triggered archiving, you should also make sure that exclude commands are properly configured. Exclude commands are commands that Prime Network ignores when comparing configurations, and they are controlled from the Settings page. Using this mechanism eliminates unnecessary file backups to the archive. Sync archive on each configuration change Upon receiving a change notification from a device, immediately backs up the device configuration file to the archive. Sync archives with changed configurations every ___ hours and ___ minutes Upon receiving a change notification from a device, queue the changes and backs up the device configuration files according to the specified schedule. Cisco Prime Network 4.0 User Guide OL-29343-01 4-63 Chapter 4 Device Configurations and Software Images Global Settings and Administration Table 4-8 Configuration Archive Global Settings (continued) Field Description Device Access Credentials For enhanced security, and to prevent unauthorized access to devices, you might be asked to enter device credentials. This option is enabled if, from the Prime Network Administration > Global Settings > Security Settings > User Account Settings > Execution of Configuration Operations, you checked the option Ask for user credentials when running configuration operations. By default, the device credentials field is populated with the default VNE credentials. You must change the credentials to the device credentials before you save the settings. System jobs will fail, if the credentials entered are incorrect. If you checked the option Ask for user credentials when running configuration operations from Prime Network Administration, and did not change the settings from the Settings page after making the change, all system jobs that are scheduled to run will fail. If the option Ask for user credentials when running configuration operations (from Prime Network Administration) is not enabled, the default VNE credentials are used. Also, if device credentials are entered in the Settings page, and the option Ask for user credentials when running configuration operations is not enabled from Prime Network Administration GUI, the device credentials you have entered in the Settings page are ignored and the default VNE credentials are used. Restore Mode Settings Restore Mode Mode for restoring configuration files to a device: • Overwrite—Prime Network overwrites the existing configuration on the device with the file you selected from the archive. Check the Use Merge on Failure check box to restore configuration files in merge mode, if overwrite mode fails. • Merge—Prime Network merges the existing running or startup configuration on the device with the configuration present in the version you selected from the archive. E-mail Settings SMTP Host SMTP server to use for sending e-mail notifications on the status of configuration management jobs to users. If an SMTP host is configured in the Image Management Settings page, the same value will be displayed here by default. You can modify it, if required. E-mail Id(s) E-mail addresses of users to send a notification to after the scheduled job is complete. For two or more users, enter a comma-separated list of e-mail IDs. For example: xyz@cisco.com,abc@cisco.com The e-mail IDs configured here will appear by default while scheduling the configuration management jobs. However, you can add/modify the e-mail IDs then. SMTP Port SMTP port ID to connect to the host server. The default port is 25. Email Option Choose from the following options to specify when you want to send an e-mail notification for CM jobs: • All—To send a notification e-mail irrespective of the job result. • Failure—To send a notification e-mail only when the job has failed. • No Mail—Do not send a notification e-mail on the job status. The selected option will appear by default while scheduling CM jobs. However, you can modify the option then. Cisco Prime Network 4.0 User Guide 4-64 OL-29343-01 Chapter 4 Device Configurations and Software Images Global Settings and Administration Table 4-8 Configuration Archive Global Settings (continued) Field Description Exclude Commands (Device Selector) Selected devices to which the exclude commands should be applied (that is, the commands will not be considered when comparing any type of device configuration files). The current selection is highlighted in green. All exclude commands applied to that selection will be listed below the device selector. See Notes on Exclude Commands, page 4-65. Category Commands Comma-separated list of commands to be excluded when comparing device configurations for any devices in this category (for example, all Cisco routers) Series Commands Comma-separated list of commands to be excluded when comparing device configurations for any devices in this series (for example, all Cisco 7200 series routers) Device Commands Comma-separated list of commands to be excluded when comparing device configurations for any devices of this same device type (for example, all Cisco 7201 routers) Notes on Exclude Commands Exclude commands are inherited; in other words, if three exclude commands are specified for Cisco routers, all devices is any of the Cisco router families will exclude those three commands when comparing configuration files. Caution Exclude commands configured for a device family (such as Cisco 7200 Routers) will be applied to all device types in that family (Cisco 7201, Cisco 7204, Cisco 7204VXR, and so forth). When you are working in the Exclude Commands GUI, your current selection will be highlighted in green. All exclude commands applied to that selection will be listed below the device selector. When Prime Network compares the router configuration files, it will exclude all of the commands listed in the Device Commands field. If a series is selected (example, Cisco 7200 Series), the commands listed in the Series Commands field will be excluded and so on. The following procedure describes how to configure exclude commands. Step 1 Choose Configurations > Settings. Step 2 In the Exclude Commands area, navigate and choose one of the following (your selection is highlighted in green): Step 3 • A device category • A device series • A device type Enter a comma-separated list of commands you want to exclude when comparing configuration files for that device category, series, or type. You can also edit an existing list of commands. Your entries change to red until they are saved, and all affected device types, series, or categories are indicated in bold font. Step 4 If you want a device type to ignore the parent commands (that is, the series and category commands), check the Ignore Above check box. Step 5 Click Save to save your changes. Cisco Prime Network 4.0 User Guide OL-29343-01 4-65 Chapter 4 Device Configurations and Software Images Global Settings and Administration Configuration Export File Type for Device Families The following table provides the types of configuration files exported for different types of devices. Device Type Configuration File Exported Condition(s) Cisco IOS device Only the latest running configuration If there is no running version, the latest startup configuration is exported Cisco IOS XR device Latest running and startup configuration None Cisco ASR 5000 series devices Latest running configuration If there is no running version, boot configuration is NOT exported Cisco 7600 device with ACE card Latest running configuration If there is no running version, the latest startup configuration is exported Cisco Nexus device Latest running configuration If there is no running version, the latest startup configuration is exported Change Image Management Global Settings To open the Image Management global settings page, choose Images > Settings. Table 4-9 lists all of the global settings you can configure for Image Management. Table 4-9 Image Management Global Settings Field Description Transfer Protocol Default transfer protocol to use when copying images to and from a device. This setting can be overridden when creating a distribution job (for example, if you know a device does not support the default protocol). FTP and TFTP are unsecured. • The TFTP source interface on the devices must be able to reach the unit. Otherwise, the image management jobs that require TFTP may fail. • To use SFTP/SCP for image transfers from a device to a unit, you need to ensure that an SSH server is configured and running on the device, such that the device acts as a server and the unit as a client during the transfer. For Cisco IOS XR devices, you need to configure the device with K9 security (k9sec) enabled images such that the SSH server is up and running on the device. (Cisco IOS XR devices use SFTP, and Cisco IOS devices use SCP). Flash Properties In case of insufficient memory, use the Clear Flash option (under Flash Properties). This deletes any one file (other than the running image) and recovers the disk space occupied by the file. This procedure is repeated until adequate space is available in the selected flash. Warm Upgrade If Warm Upgrade is checked, a Cisco IOS image can read in and decompress another Cisco IOS image and transfer control to this new image. This functionality reduces the downtime of a device during planned Cisco IOS software upgrades or downgrades. This can be overridden when creating the job. Note You can perform a warm upgrade only on Cisco IOS devices 12.3(2)T or later, such as 12.4T, 15.0, 15.1T, and for ISR 800/1800/2800/3800 series and 1900/2900/3900 series. Cisco Prime Network 4.0 User Guide 4-66 OL-29343-01 Chapter 4 Device Configurations and Software Images Global Settings and Administration Table 4-9 Image Management Global Settings (continued) Field Description File Locations Full pathname of directories where images are stored when they are being imported into the Prime Network image repository, or when they are being transferred out of the repository to devices. New directories must be empty and have the proper permissions (read, write, and execute permissions for users). The entries must be full pathnames. In the following default locations, PRIME_NETWORK_HOME is the Prime Network installation directory, normally /export/home/network-user; where network-user is the operating system user for the Prime Network application and an example of network-user is network39. External Server Details E-mail Settings Staging Directory Location where images from the Prime Network image repository are placed before transferring them out to devices. The default is PRIME_NETWORK_HOME/NCCMComponents/NEIM/staging/. Storing Directory Location where images from an outside source are placed before importing them into the Prime Network image repository (from Cisco.com, from existing devices, or from another file system). The default is PRIME_NETWORK_HOME/NCCMComponents/NEIM/images/. Details about external server from which images can be imported into repository. Server Name IP address of the external server (IPv4 or IPv6 addresses supported). Image Location Path where the image is located on the server. User Name Username to access the external server. Password Password to access the external server. SSH Port SSH port ID to connect to the server. Settings for automatic e-mail notifications about the status of jobs. SMTP Host SMTP server to use for sending e-mail notifications on the status of image management jobs to users. If an SMTP host is configured in the Configuration Management Settings page, the same value will be displayed here by default. You can modify it, if required. E-mail Id(s) E-mail address of the user to send a notification to after the scheduled job is complete. For two or more users, enter a comma-separated list of e-mail addresses. For example: xyz@cisco.com,abc@cisco.com The e-mail IDs configured here will appear by default while scheduling the image management jobs. However, you can add/modify the e-mail IDs then. SMTP Port SMTP port ID to connect to the host server. The default port is 25. Email Option Controls when e-mail notifications for NEIM jobs are sent (can be overridden when creating the job): • All—Send a notification irrespective of the job result. • Failure—Send a notification e-mail only when the job has failed. • No Mail—Do not send a notification e-mail on the job status. Cisco Prime Network 4.0 User Guide OL-29343-01 4-67 Chapter 4 Device Configurations and Software Images Global Settings and Administration Table 4-9 Image Management Global Settings (continued) Field Description Proxy Settings Details about proxy server to use when importing images from Cisco.com Vendor Credentials HTTP Proxy HTTP proxy server to use for downloading images from Cisco.com. Port Port address to use for downloading images from Cisco.com. Usernames and passwords that can be used to download images from Cisco.com. (See the procedure described in Check the Processes, page 4-68) Check the Processes CCM runs on AVM 77. To check, start, stop, or restart the process, use the following commands: dmctl dmctl dmctl dmctl status start stop restart Manage Jobs Prime Network redirects you to the Jobs page whenever a CM or image management job is scheduled to run immediately. When a job is created, Cisco Prime Network assigns it a job specification ID and attaches a time stamp, indicating when the job was created. Only the job creator and users with Administrator privileges can change the job settings. Prime Network also facilitates automatic e-mail notification of the status of the CM and NEIM jobs upon completion based on the e-mail option you set up in the configuration and image management settings. The notification is sent to a list of e-mail IDs configured either in the settings page or while scheduling the job. Keeps these items in mind when managing jobs: • All jobs are scheduled based on the server time. • If you choose two or more jobs and click Reschedule, the option defaults to ‘Start as Soon as Possible.’ To view the original time and then reschedule, choose only one job and click Reschedule. • Job properties cannot be edited; you must delete the old job and create a new one. • Jobs are persisted even if the gateway server is restarted. • Only the job creators and users with Administrator and Configurator privileges can perform the actions provided on the Jobs page (suspend, resume, reschedule, cancel, delete, refresh). • Configuration and image management jobs fail under the following conditions: – If the device is not under the scope of the user to perform the config or image operation. – If the user is not authorized to perform the config or image operation. – For Cisco CPT devices, if the device is not in Cisco IOS mode. • Running jobs cannot be suspended or cancelled; you must let them complete. • System-generated jobs cannot be modified. To change the settings, go to Settings > Global Settings > Period Export Options, and modify the options accordingly. Cisco Prime Network 4.0 User Guide 4-68 OL-29343-01 Chapter 4 Device Configurations and Software Images Global Settings and Administration • Cancel stops all future instances of a job. To stop a job and resume it later, use Suspend and Resume • To view the history of a job, choose a job and view the history from the History tab at the bottom of the page. You cannot view history of multiple jobs at the same time; choose only one job at a time. Messages that can be used for debugging are saved in PRIME_NETWORK_HOME/XMP_Platform/logs/JobManager.log. User Authentication and Authorization User Authentication and Authorization CCM uses the security methods employed by Prime Network. These are described in the Cisco Prime Network 4.0 Administrator Guide Note If authentication fails, check the status of AVM 77 (XMP runtime DM) and Prime Network using Cisco Prime Network Administration. Cisco Prime Network Administration displays AVM 77 only when CCM is installed. For information on how to use Cisco Prime Network Administration, see the Cisco Prime Network 4.0 Administrator Guide. The GUI-based functions and required roles are listed in Table 4-10. Note that these functions do not perform any actions on devices. Table 4-10 GUI-Based Access Roles Required to Use CCM Function Viewer Operator OperatorPlus Configurator Administrator X X X X X Delete files from archive 1 X X Add, change, delete archive file labels1 X X Add change, delete archive file comments1 X X Export files from archive1 X X X X Add images to repository X X Delete images from repository X X X X Administer jobs (suspend, delete, and so forth) X X Change settings X X — — Dashboard Access top families Configuration Management Image Management View images in repository X X X Global Tasks View jobs X X X Compliance Audit Creating policies X X — Cisco Prime Network 4.0 User Guide OL-29343-01 4-69 Chapter 4 Device Configurations and Software Images Global Settings and Administration Table 4-10 GUI-Based Access Roles Required to Use CCM (continued) Function Viewer Operator OperatorPlus Configurator Administrator Creating policy profiles X X X X — Executing audit job X X X X — Viewing audit job results X (user’s jobs) X (user’s X X — jobs) (OperatorPlus (Configurator jobs) jobs) Executing a Fix job X X — — — X X — — — Define configuration policies X X Schedule configuration audit X X X X X X X X Edit device group details X X Delete device groups X X Note To execute a fix job, the device-level role of the user must be Configurator or Administrator. The role of the user for a device overrides the role of a user on Prime Network. Viewing the fix job results Configuration Audit View configuration audit jobs and audit results Managing Device Groups Create device groups X X 1. Configuration files are filtered according to the device scope of a user. Table 4-11 lists all of the CCM functions that are that filtered to only show devices in the device scope of a user, along with the role required to perform any functions on those devices. Table 4-11 Device Scope-Based Roles Required to Use CCM Function Viewer Operator Operator Plus Configurator Administrator X X X X X Access configuration changes in X the last week1 X X X X Access most recent configuration X changes1 X X X X X X X X Dashboard Access configuration sync status1 Configuration Management View files in archive1 X Cisco Prime Network 4.0 User Guide 4-70 OL-29343-01 Chapter 4 Device Configurations and Software Images Global Settings and Administration Table 4-11 Device Scope-Based Roles Required to Use CCM (continued) Function Viewer Operator Operator Plus Configurator Administrator Compare files in archive X X X X X X X X X Restore files from archive to devices X X Edit configuration files before restoring them to devices X X X X Distribute images X X Activate and deactivate images X X Commit image changes X X Rollback images X X Create device groups X X Edit device group details X X Delete device groups X X Synchronize configurations Back up (copy) files from devices to archive View configuration change logs X X X X Image Management Managing Device Groups Compliance Audit Creating policies X X — — — Creating policy profiles X X X X — Executing audit job X X X X — Viewing audit job results X X X X — Executing a Fix job — — — X X Viewing the fix job results X X — — — Define configuration policies X X Schedule configuration audit X X X X Configuration Audit View configuration audit jobs and audit results X 1. Although users can view configuration files for devices in their scopes, the actions they can perform on those configuration files are controlled by the GUI-based access roles in Table 4-10. For information on how Prime Network performs user authentication and authorization, including an explanation of user access roles and device scopes, see the Cisco Prime Network 4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide OL-29343-01 4-71 Chapter 4 Device Configurations and Software Images Global Settings and Administration Cisco Prime Network 4.0 User Guide 4-72 OL-29343-01 CH A P T E R 5 Working with Prime Network Vision Maps The topological map is the main tool used by Cisco Prime Network Vision (Prime Network Vision) to display the links and relationships between the network elements and aggregations. The following topics describe how to work with the topological maps displayed in the content pane of the Prime Network Vision window: • User Roles Required for Working with Prime Network Vision Maps, page 5-2 • Opening and Closing Maps, page 5-5 • Creating and Deleting Maps, page 5-6 • Adding and Removing NEs from Maps, page 5-9 • Managing Maps, page 5-11 • Finding NEs, Services, and Links, and Elements Affected by Tickets, page 5-15 • Working with Aggregations, page 5-16 • Working with Overlays, page 5-21 • Filtering Links in a Map, page 5-25 • Opening the CPU Usage Graph, page 5-27 • Communicating with Devices Using Ping and Telnet, page 5-28 You can also perform the following functions from the map and list views if they are configured for your client: • Launch external applications or tools, such as an SSH client. • Launch available scripts and commands, depending on the NE device type, OS, supported technologies, and so forth. Those commands are documented throughout this guide (for example, Setting Up Devices and Validating Device Information, page 1-4). This also includes commands you create using Command Manager and Command Builder. A list of scripts is provided in Cisco Prime Network 4.0 Supported VNEs - Addendum. Cisco Prime Network 4.0 User Guide OL-29343-01 5-1 Chapter 5 Working with Prime Network Vision Maps User Roles Required for Working with Prime Network Vision Maps User Roles Required for Working with Prime Network Vision Maps This topic identifies the roles that are required to work with Prime Network Vision maps. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the Cisco Prime Network 4.0 Administrator Guide. The following tables identify the tasks that you can perform: • Table 5-1 identifies the tasks that you can perform if a selected element is not in one of your assigned scopes. • Table 5-2 identifies the tasks that you can perform if a selected element is in one of your assigned scopes. By default, users with the Administrator role have access to all managed elements. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Table 5-1 Default Permission/Security Level Required for Working with Prime Network Vision Maps - Element Not in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator Apply a background image — — — X X Create maps — — X X X Define a map layout X X X X X Delete maps — — X X X Open maps X X X X X Preview and print maps X X X X X Rename maps — — X X X Save as a new map — — X X X Save as an image X X X X X Save map appearance — — X X X Select viewing options X X X X X Use Overview window X X X X X View maps X X X X X Map-Related Tasks Cisco Prime Network 4.0 User Guide 5-2 OL-29343-01 Chapter 5 Working with Prime Network Vision Maps User Roles Required for Working with Prime Network Vision Maps Table 5-1 Default Permission/Security Level Required for Working with Prime Network Vision Maps - Element Not in User’s Scope (continued) Task Viewer Operator OperatorPlus Configurator Administrator Add elements to a map — — X X X Remove elements from a map — — X X X Resize elements in a map X X X X X Group and ungroup aggregations — — X X X Rename aggregations X X X X X View aggregation thumbnails X X X X X Find affected elements — — — — X Find an element or service X X X X X Find and select a link in X a map1 X X X X X X X X X X X X X X Hide or view an overlay X X X X X Remove an overlay X X X X X Open the CPU Usage Graph — — — — X Use Ping and Telnet to communicate with elements — — — — X Element-Related Tasks Aggregation-Related Tasks Finding Items in Maps Link-Related Task Filter links Overlay-Related Tasks Apply an overlay Other Tasks 1. This applies to links within the selected context, and not links identified as network links. Cisco Prime Network 4.0 User Guide OL-29343-01 5-3 Chapter 5 Working with Prime Network Vision Maps User Roles Required for Working with Prime Network Vision Maps Table 5-2 Default Permission/Security Level Required for Working with Prime Network Vision Maps - Element in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator Apply a background image — — — X X Create maps — — X X X Define a map layout X X X X X Delete maps — — X X X Open maps X X X X X Preview and print maps X X X X X Rename maps — — X X X Save as a new map — — X X X Save as an image X X X X X Save map appearance — — X X X Select viewing options X X X X X Use Overview window X X X X X View maps X X X X X Add elements to a map — — X X X Remove elements from a map — — X X X Resize elements in a map X X X X X Group and ungroup aggregations — — X X X Rename aggregations X X X X X View aggregation thumbnails X X X X X Find affected elements X X X X X Find an element or service X X X X X Find and select a link in X a map1 X X X X Map-Related Tasks Element-Related Tasks Aggregation-Related Tasks Finding Items in Maps Cisco Prime Network 4.0 User Guide 5-4 OL-29343-01 Chapter 5 Working with Prime Network Vision Maps Opening and Closing Maps Table 5-2 Default Permission/Security Level Required for Working with Prime Network Vision Maps - Element in User’s Scope (continued) Task Viewer Operator OperatorPlus Configurator Administrator X X X X X X X X X X Hide or view an overlay X X X X X Remove an overlay X X X X X Open the CPU Usage Graph — — X X X Use Ping and Telnet to communicate with devices — — — X X Link-Related Task Filter links Overlay-Related Tasks Apply an overlay Other Tasks 1. This applies to links within the selected context, and not links identified as network links. Opening and Closing Maps Whenever you open a map, the network information is automatically refreshed. For example, if a device was up the last time that the map was saved and closed, and then the device is moved to maintenance, the next time you open the map the management status of the device is updated accordingly and the device displays a maintenance status. When you first log in, Prime Network Vision lists the maps you recently viewed but did not close when you exited the session. You can also open other maps by choosing File > Open, which displays the Open Map dialog. By default, you can view and work on a maximum of five maps at any given time (per client instance) in the Prime Network Vision window. To change this default setting, contact your Cisco account representative. To create a new map or select a new map, close the required number of maps. You can save maps as images or print them, if desired. To close a map, choose File > Close. Prime Network Vision saves basic map information whether or not you manually save the map. This default information includes device and link additions, device and link removals, aggregations, and disaggregations. If you made any changes that will not be saved, Prime Network Vision prompts you to save the map. Cisco Prime Network 4.0 User Guide OL-29343-01 5-5 Chapter 5 Working with Prime Network Vision Maps Creating and Deleting Maps Creating and Deleting Maps You can create maps that cover specific network segments, customer networks, or any other mix of network elements required. Network maps provide a graphic display of active faults and alarms, and serve as access points for activating services. When you create a map, it is saved in the database and made available to other users if they have sufficient access and security privileges. When you delete a map, it is removed from the database. See these topics for more information: • Creating New Maps, page 5-6 • Deleting Maps from the Database, page 5-8 Creating New Maps To create a new map, choose File > New Map in the main menu. The following figures give examples of how you can create and manipulate maps. To add NEs to maps, see Adding and Removing NEs from Maps, page 5-9. Link Filters Link filters let you choose the links in which you are interested, and then build a map that only displays NEs using those link types. Examples are physical links, data links, MPLS, VLANs, and so forth. When you open the New Map dialog, click the Advanced button and choose the types you want to display. Figure 5-1 Map with Link Filter To create a map with link filters, see Figure 5-13. Cisco Prime Network 4.0 User Guide 5-6 OL-29343-01 Chapter 5 Working with Prime Network Vision Maps Creating and Deleting Maps Aggregations Aggregations are user-defined groups of elements. An aggregation can contain network elements, services, other aggregations, and so forth. Figure 5-2 shows an example of an aggregation. Figure 5-2 Map with Aggregation (Thumbnail View) When you delete an aggregation, the member devices are not deleted from Prime Network; only the aggregation definition is deleted. To create an aggregation, see Working with Aggregations, page 5-16. Overlays Overlays isolate the parts of a network that are being used by a specific service, such as an ethernet service or network clock. Figure 5-3 shows an example of an Ethernet Service overlay, where the ethernet link is using the service. Cisco Prime Network 4.0 User Guide OL-29343-01 5-7 Chapter 5 Working with Prime Network Vision Maps Creating and Deleting Maps Figure 5-3 Map with Overlay To create an overlay, see Working with Overlays, page 5-21. Deleting Maps from the Database If another client is using a map that you are deleting, Prime Network Vision displays a message to those clients advising them that the map is being closed and deleted from the database. To delete a map from Prime Network Vision and the Prime Network Vision database: Step 1 Open the Open Map dialog by choosing File > Open. Step 2 In the Open Map dialog box, complete the following steps: a. Select the map you want to delete. b. In the toolbar, click Delete Map. A confirmation message is displayed. c. Click Yes. The selected map is deleted from the Open Map dialog box, the Prime Network Vision window, and the database. If the map is open when you click Yes, a message is displayed, stating that the map will be closed. d. Click OK to acknowledge that the map can be closed. e. Click Cancel to close the Open Map dialog box. Cisco Prime Network 4.0 User Guide 5-8 OL-29343-01 Chapter 5 Working with Prime Network Vision Maps Adding and Removing NEs from Maps Adding and Removing NEs from Maps When you add an element to a map, the map is automatically saved in the Prime Network Vision database If the element you want to add is outside of your scope, it is not displayed if you enter a search string. You can display all NEs by selecting Show All in Step 2, but devices outside your scope will be displayed with a lock icon. To add an element to a map: Step 1 Choose File > Add to Map > element. Figure 5-4 shows the type of elements you can add to maps. Figure 5-4 Available Elements to Add to Maps If you choose to add a new VPN, the Create VPN dialog box is displayed. For information on creating a VPN, see Creating a VPN, page 18-21 In all other instances, the Add element to map dialog box is displayed, as shown in Figure 5-5. Cisco Prime Network 4.0 User Guide OL-29343-01 5-9 Chapter 5 Working with Prime Network Vision Maps Adding and Removing NEs from Maps Figure 5-5 Step 2 Add Element Dialog Box In the Add element dialog box, do one of the following: If you are working with a very large number of network elements, keep these items in mind: • Search for the elements you want to add to the map. For example, you can search Ethernet Services by the system name, NEs element type, pseudowires by their role, and so forth. Note • If you are working with a large number of NEs, using the search filter Otherwise, it may take some time for all of the NEs to be listed. To view all available elements, choose Show All. The available elements are displayed in the Add element dialog box in table format. The dialog box also displays the date and time at which the list was generated. To update the list, click Refresh. If a network element is not included in your scope, it is displayed with the locked device icon. Step 3 In the Add element dialog box, select the elements that you want to add. You can select and add multiple elements by pressing Ctrl while selecting individual network elements or by pressing Ctrl + Shift to select a group of elements. Cisco Prime Network 4.0 User Guide 5-10 OL-29343-01 Chapter 5 Working with Prime Network Vision Maps Managing Maps Step 4 Click OK. If you selected a large number of elements (for example, more than 25 VLANs or VPLS instances), the action may take a while to complete. The NEs are added to the map and are displayed in the navigation pane and content area. In addition, any associated tickets are displayed in the ticket pane. Removing Elements from a Map When you delete an element or aggregation from a map, it is removed from the map in the database, but the elements are still managed by Prime Network Vision. Note Based on the security level and access permissions assigned, this option might not be available to all users. To remove a network element or aggregation from a map: Step 1 In the navigation pane or map, select the element or aggregation that you want to delete. Step 2 Right-click to display the right-click menu and choose Remove from Map. The selected element or aggregation is removed from the map. The element is removed from the map in the database, but is still managed by Prime Network Vision and can be added again. Managing Maps The following topics describe how to manage maps in Prime Network Vision: • Selecting Map Viewing Options, page 5-12 • Applying a Background Image, page 5-12 • Using the Overview Window, page 5-14 • Saving Maps, page 5-15 Cisco Prime Network 4.0 User Guide OL-29343-01 5-11 Chapter 5 Working with Prime Network Vision Maps Managing Maps Selecting Map Viewing Options Table 5-3 describes the tools that you can use to view and manipulate maps in the Prime Network Vision map pane. Table 5-3 Button Prime Network Vision Map Viewing Options Name Function Layout Map Defines how a topology should be displayed: Circular, hierarchical, orthogonal, or symmetric. The default is circular. When you choose a map layout, the elements align accordingly, using animation by default. Related characteristics, such as the speed of the animation and whether an expanded node causes sibling nodes to move aside, are also configured by settings in the registry. Fit in Window Fits an entire aggregation or map in the map pane. Normal Selection Mode Activates normal selection mode. Zoom Selection Mode Activates the zoom selection mode, which enables you to select an area in the map pane to enlarge by clicking and dragging the zoom mode cursor. Pan Mode Activates the pan mode, which enables you to move around in the map pane by clicking and dragging the pan mode cursor. Applying a Background Image Prime Network Vision allows you to apply a background image to the map view. You can also choose the same background image or different images for other subordinate windows, such as detailed views of aggregations, VLANs, and VPNs. The supported file formats are GIF, JPG/JPEG, and PNG. Note Background images are not supported in thumbnail views. To apply a background image to a map: Step 1 Navigate to the required map in Prime Network Vision. The map can reside at the top level or in a subordinate window. Step 2 Right-click the map background and choose Set Map Background. The Manage Map Background dialog box is displayed, as shown in Figure 5-6. Cisco Prime Network 4.0 User Guide 5-12 OL-29343-01 Chapter 5 Working with Prime Network Vision Maps Managing Maps Figure 5-6 Step 3 Manage Map Background Dialog Box Enter the required information as described in Table 5-4. Table 5-4 Manage Map Background Options Field Description Select Image Applies the selected image to the current map background: 1. Choose Select Image. 2. Click Browse. 3. In the Open dialog box, select the desired image and click OK. The name of the selected image is displayed in the Manage Map Background dialog box. 4. Use Image From Upper Level Remove Image Click OK. The selected image is displayed as the map background. Indicates whether the selected subordinate map should use the same image as the parent map or a different image: • To use the same image that is used by the parent map, choose Use Image from Upper Level. The name of the image used by the parent map is displayed by default. • To use a different image than that used by the parent map, choose Select Image and complete the steps described for that option. Removes the current image from the map background. To remove an image from the current map, click Remove Image. Step 4 Click OK. The current map background is updated as specified. Step 5 To retain the background image for subsequent logins, do one of the following: • Click Save in the toolbar. • Choose File > Save. Cisco Prime Network 4.0 User Guide OL-29343-01 5-13 Chapter 5 Working with Prime Network Vision Maps Managing Maps Using the Overview Window The Prime Network Vision Overview window enables you to display the entire network map or any part of the map that you require in the map pane. The Overview window also enables you to see all the changes and alarms taking place in the network. To open the network Overview window do either of the following: • Click Overview in the main toolbar. • Choose View > Overview from the main menu. Figure 5-7 shows an example of the Overview window. Figure 5-7 Overview Window The Overview window can contain the following components: • Dot—Indicates an element. The dot color indicates the severity of an associated alarm. • Line—Indicates a link. The line color indicates the severity of an associated alarm. • Blue rectangle—Indicates the selection area. The area within the rectangle is displayed in the map pane. Handles on the corners enable you to resize the selection area. • Pan mode cursor—Displayed within the selection area. Use this cursor to move the selection area, and thereby view different elements in the map pane. • Zoom mode cursor—Displayed outside the selection area. Use this cursor to define a new selection area or to zoom in on an existing selection area. Click the upper right corner to close the Overview window. Cisco Prime Network 4.0 User Guide 5-14 OL-29343-01 Chapter 5 Working with Prime Network Vision Maps Finding NEs, Services, and Links, and Elements Affected by Tickets Saving Maps By default, Prime Network Vision saves basic map information whether or not you manually save the map. This default information includes element additions and removals, link additions and removals, aggregations, and disaggregations. However, you must use the Save Map option if you want to retain the following information in the database: • Device location on the map • Thumbnails • Icon size To save these changes, click Save Map Appearance in the main toolbar, then click OK. The map is saved as an image in the directory you specified. Finding NEs, Services, and Links, and Elements Affected by Tickets The following topics describe how to find network elements, services, links, or elements affected by a ticket in Prime Network Vision maps. Table 5-5 Aggregation Thumbnail Options If you want to find... Do this... An NE or service From the Prime Network Vision main menu, choose Edit > Find in Map. Enter an element or service (such as a VPN or VLAN) by entering any part of its name or device IP address. If you want your search to include aggregations, check the Search all map levels check box. From the Links view, right-click the link and choose Find Link in Map. The link is highlighted in the map pane. If two or more lines represent the same link (such as a VRF link), you can choose the appropriate one. A link If more than one edge device contains the same link in the same map or context, all related edge devices are selected in the map. Which NEs are affected by a ticket In the ticket pane, right-click the required ticket and choose Find Affected Elements. If only one element is affected, the affected element is selected in the navigation pane and the content area; if a link is affected, the affected link is selected in the links view. If two or more elements are affected, the affected elements are displayed in the Affected Elements window. Cisco Prime Network 4.0 User Guide OL-29343-01 5-15 Chapter 5 Working with Prime Network Vision Maps Working with Aggregations Working with Aggregations Prime Network Vision enables you to group network elements and display them as an aggregation. Aggregations can contain network elements, services, other aggregations, and so forth. Note You cannot aggregate service entities that exist within a service. For example, you cannot aggregate VRFs that exist within a VLAN. For more information on working with aggregations, see the following topics: • Grouping Network Elements into Aggregations, page 5-16 • Adding Elements to an Existing Aggregation, page 5-18 • Viewing an Aggregation Thumbnail, page 5-16 • Ungrouping Aggregations, page 5-19 • Viewing Multi-Chassis Devices, page 5-19 Grouping Network Elements into Aggregations To aggregate network elements: Step 1 Select the network elements. To select multiple items, press Ctrl. Step 2 Aggregate the network elements by choosing Node > Aggregate. Step 3 In the Aggregation dialog box, enter a unique name for the aggregation and click OK. The aggregation is displayed in the navigation pane and the map pane. Aggregations are displayed as a single entity with the Aggregation icon and a plus sign, as in the following examples: The aggregation icon changes color according to the alarm severity. For more information about severity colors, see Alarm Indicators, page 2-12. Viewing an Aggregation Thumbnail You can view a thumbnail of a selected aggregation in the map pane, including all aggregated elements and any nested aggregations. Cisco Prime Network 4.0 User Guide 5-16 OL-29343-01 Chapter 5 Working with Prime Network Vision Maps Working with Aggregations To display an aggregation thumbnail: Step 1 Select the existing aggregation in the map pane. Step 2 Open the thumbnail by right-clicking the aggregation, and choosing Show Thumbnail. The thumbnail is displayed in the map pane as shown in Figure 5-8. Figure 5-8 Aggregation Thumbnail When a thumbnail is opened, neighboring nodes are moved aside by default to allow room for the thumbnail to expand. Similarly, when a thumbnail is closed, the neighboring nodes usually return to their original locations. This behavior of the neighboring nodes when a thumbnail is opened and closed is configured in the registry, and can be disabled, if required. A dashed gray border around an icon indicates that the element resides within a thumbnail and not at the current map level. Cisco Prime Network 4.0 User Guide OL-29343-01 5-17 Chapter 5 Working with Prime Network Vision Maps Working with Aggregations Table 5-6 describes the options available when working with aggregation thumbnails. Table 5-6 Aggregation Thumbnail Options If you want to... Do this... Rearrange the icons in the thumbnail Click and drag the required icons to arrange them as needed. Resize an icon Select the icon to be resized, and then either click and drag the gray border or right-click a selected icon and choose Resize. The right-click Resize option allows you to resize multiple selected icons at the same time. Resize the thumbnail frame Click and drag one or more icons. If you drag an icon beyond the thumbnail frame, Prime Network Vision adjusts the thumbnail size automatically. View a nested aggregation Click the nested aggregation plus sign. View only the aggregation in the map pane Double-click the thumbnail frame. View the next higher level in the map pane Double-click the current map background. Zoom in or out in the thumbnail Step 3 Position your mouse cursor in the map and use the mouse scroll wheel to zoom in or out. To close the aggregation thumbnail, right-click the thumbnail frame and choose Show As Aggregation. Adding Elements to an Existing Aggregation You can add elements to an existing aggregation at any time. When adding elements to an aggregation, keep in mind that certain restrictions exist. For example, you cannot add an EVC to a VLAN. To add elements to an existing aggregation: Step 1 Select the existing aggregation in the map pane. Step 2 Open the thumbnail by right-clicking the aggregation, and choosing Show Thumbnail. Step 3 Double-click the thumbnail frame to view the aggregation at the map level. Step 4 Click Add to Map to add the required element to the aggregation. Step 5 Return to the map by double-clicking the map background. Cisco Prime Network 4.0 User Guide 5-18 OL-29343-01 Chapter 5 Working with Prime Network Vision Maps Working with Aggregations Ungrouping Aggregations Aggregations can be ungrouped. If the aggregation that you ungroup contains nested aggregations, the nested aggregations move up one level, and the original aggregation is removed. If an element in the aggregation that you ungroup also exists at the parent level, the element is represented only once after the aggregation is ungrouped. As a result, no elements are represented twice at the same level. To ungroup an aggregation: Step 1 Select the required aggregation in Prime Network Vision. Step 2 Ungroup the node by selecting the aggregation in the map pane and choosing Node > Disaggregate. If the aggregation contains elements that already exist at the parent level, a confirmation message is displayed, stating that any duplicate elements will be removed. Step 3 Confirm the disaggregation. The node is disaggregated. Any aggregations in the selected node move up one level, and the original aggregation is removed. Viewing Multi-Chassis Devices Using Prime Network Vision, you can view the physical layout and topology among the multi-chassis devices on the map. The multi chassis devices are grouped as an aggregation and are displayed as a single entity with a plus sign on the map as show in Figure 5-9. The plus sign can be expanded to display the devices under the group as shown in Figure 5-10. You can see the multichassis grouping in the map view for network elements such as Cisco Aggregation Service Router (ASR) 9000 series network element and Cisco Unified Computing System (UCS). If satellites are configured for a Cisco ASR 9000 series network element, you can view the satellites grouped with the other chassis. For more information on how to view satellite properties, see Viewing Satellite Properties, page 3-22. The physical ethernet links used for connecting the multi chassis devices are ICL (Inter Chassis Link) and IRL (Inter Rack Link). For more information on when each of these links are used, see Viewing Inter Rack Links, page 5-20 and Viewing Inter Chassis Links, page 5-20. Cisco Prime Network 4.0 User Guide OL-29343-01 5-19 Chapter 5 Working with Prime Network Vision Maps Working with Aggregations Figure 5-9 Multichassis Devices in Map View Viewing Inter Rack Links Inter Rack Links (IRLs) are used to represent connectivity between the cluster hosts, Cisco ASR 9000 network elements. Figure 5-10 Multiple Chassis in a Cluster To view the cluster IRLs: Step 1 In Prime Network Vision, double-click the cluster device to open the Inventory Window for the device. Step 2 Choose the Cluster IRL container in the logical inventory of the cluster device. The content pane displays a list of cluster IRLs with the following details: • A End Point—Device or site that is the source of the link, hyperlinked to the inventory of the device or site. • Z End Point—Device or site that is the destination of the link, hyperlinked to the relevant entry in the inventory. Viewing Inter Chassis Links Inter Chassis Links (ICLs) are used to represent the connectivity between the host Cisco ASR 9000 network element and the satellites. One or more satellites are connected to the host Cisco ASR 9000 series network element by using the ICLs. Figure 5-11 shows an ICL in the map view. Cisco Prime Network 4.0 User Guide 5-20 OL-29343-01 Chapter 5 Working with Prime Network Vision Maps Working with Overlays Figure 5-11 ICL Connecting a Satellite with a Chassis To view the satellite ICLs: Step 1 In Prime Network Vision, double-click the satellite device to open the Inventory Window for the device. Step 2 Choose the Satellite ICL container in the logical inventory of the cluster device. The content pane displays a list of Satellite ICLs with the following details: Table 5-7 Satellite ICL Properties Field Description Host Interface Interface by which satellite is configured on the host network element. Click the hyperlink to view the interface properties in the physical inventory. Satellite IC Interface Inter-chassis interface used by the satellite. Click the hyperlink to view the satellite interface properties in the physical inventory. Satellite ID Satellite ID. Click the hyperlink to view the satellite properties in the physical inventory. Satellite Port Range Port associated with the satellite. Satellite Status Connection status of the satellite: Connected or Disconnected. Fabric Link Status Status of the fabric link connected to the satellite. Working with Overlays When you apply an overlay to a map, you can isolate the parts of a network that are being used by a specific service. Applying an Overlay To apply an overlay: Step 1 In Prime Network Vision, choose the map in which you want to apply an overlay. Cisco Prime Network 4.0 User Guide OL-29343-01 5-21 Chapter 5 Working with Prime Network Vision Maps Working with Overlays Step 2 From the toolbar, choose Choose Overlay Type > overlay-type where overlay-type is one of the following options: Overlay Option Description Ethernet Service Applies an Ethernet service overlay to the map. MPLS-TP Tunnel Applies and MPLS-TP tunnel overlay to the map. Network Clock Applies a network clock overlay to the map. None Removes any existing overlays on the map. Pseudowire Applies a pseudowire overlay to the map. VLAN Applies a VLAN overlay to the map. VPLS Applies a VPLS instance overlay to the map. VPN Applies a VPN overlay to the map. With the exception of the None option, a dialog box is displayed that allows you to select the specific overlay to apply. Figure 5-12 shows an example of the Select Pseudowire Overlay dialog box. Figure 5-12 Select Pseudowire Overlay Dialog Box Each overlay type allows you to search for specific overlays. Table 5-8 identifies the search fields available for each overlay type. Cisco Prime Network 4.0 User Guide 5-22 OL-29343-01 Chapter 5 Working with Prime Network Vision Maps Working with Overlays Table 5-8 Overlay Type Search Fields Overlay Type • EVC Terminating EFPs • Name • System Name • Description • Name • System Name Network Clock • Name Pseudowire • Description • Is Multisegment Pseudowire • Name • Pseudowire Role • Pseudowire Type • System Name • EFD Name • EFD System Name • ID • Name • System Name • Name • System Defined Name • VPN ID • Description • Name Ethernet Service MPLS-TP Tunnel VLAN VPLS VPN Step 3 Search Fields In the Select Overlay dialog box, do either of the following: • To search for specific overlays: a. Choose Search. b. In the Search field, choose a search category. c. Enter a search string to narrow the display to a range of overlays or to a specific overlay. Table 5-8 identifies the search categories available for each type of overlay. d. Click Go. Search strings are case-insensitive. If you choose Name and enter NET, the overlays that contain “net” in their names are displayed. If you choose System Name and enter System123, only the overlay with the system named System123 is displayed. Cisco Prime Network 4.0 User Guide OL-29343-01 5-23 Chapter 5 Working with Prime Network Vision Maps Working with Overlays • To view all available overlays, choose Show All. The available overlays that meet the specified search criteria are displayed in the Select Overlay dialog box in table format. The dialog box also displays the date and time at which the list was generated. To update the list, click Refresh. Step 4 Select the overlay that you want to apply to the map. The elements and links that are used by the overlay are displayed in the map, and the overlay name and date are displayed in the toolbar, as shown in Figure 5-13. Figure 5-13 Note Overlay Example The overlay is a snapshot taken at a specific point in time and does not reflect changes that occur in the service. As a result, the information in an overlay can become stale. To update the overlay, click Refresh Overlay in the toolbar. Hiding and Viewing Overlays, and Removing Overlays from a Map When an overlay is applied to a map, the Show Overlay/Hide Overlay button becomes active in the toolbar. To hide and view the overlay, click Hide Overlay/Show Overlay in the toolbar. The button toggles depending on whether the overlay is currently displayed or hidden. To remove an overlay, choose Choose Overlay Type > None. The overlay is removed from the map. Cisco Prime Network 4.0 User Guide 5-24 OL-29343-01 Chapter 5 Working with Prime Network Vision Maps Filtering Links in a Map Filtering Links in a Map The links filter enables you to filter the links displayed in the map view and the links view. You can quickly select the types of links to be filtered by selecting from a predefined set of link types in the list, or by manually configuring a customized set of link types. To filter links, do either of the following: • Create a new map, select a filter, and then add the devices to the map. This filter is applied to the new map and only the required link types are visible in the map view and the links view. For more information, see Filtering Links During Map Creation, page 5-25. • Create a map and add the devices with all links enabled and visible in the map view and links view. You can then filter (display or hide) the different types of links as required. For more information, see Filtering Links in an Existing Map, page 5-27. The links filter applies to all aspects of Prime Network Vision: the map view, links view, ticket pane, severity calculation, and other items, such as memory consumption and thresholds. Prime Network Vision holds only the links that are relevant to the filter and synchronizes the links with the gateway according to that filter. For more information about links in Prime Network Vision, see Chapter 6, “Working with Links.” Filtering Links During Map Creation To filter links while creating a map: Step 1 Open the Create Map dialog box by choosing File > New Map from the main menu. The Create Map dialog box is displayed. For more information, see Creating and Deleting Maps, page 5-6. Step 2 Click Advanced. The Link Filter dialog box is displayed. Cisco Prime Network 4.0 User Guide OL-29343-01 5-25 Chapter 5 Working with Prime Network Vision Maps Filtering Links in a Map Figure 5-14 Link Filter Dialog Box The Link Filter dialog box displays a list of all the types of links that you can filter in the map view and links view. Note Step 3 By default all link types are selected in the Link Filter dialog box. That is, all links are displayed in the map view and links view. Select the required option from the Group drop-down list: • All—All the links are displayed in the map view and links view. • Custom—Only the links defined for the customized filter are displayed in the map view and links view. • Data Link—The data link layer class of links (ATM and Frame Relay) is displayed in the map view and links view. • None—None of the links are displayed in the map view and links view. • Physical—Only the physical links are displayed in the map view and links view. • VPN—Only VPN-related links (GRE, Pseudowire, VPN, and VPN IPv6) are displayed in the map view and links view. Note You can customize the Group drop-down list options by selecting an option and adding or removing the required link types. The next time the Link Filter dialog box is opened, the Custom option is displayed with the specified link types. Step 4 Click Apply to apply the defined link filter settings and continue with more selections. Step 5 Click OK when you have completed your selections. Cisco Prime Network 4.0 User Guide 5-26 OL-29343-01 Chapter 5 Working with Prime Network Vision Maps Opening the CPU Usage Graph Step 6 In the Create Map dialog box, enter a name for the new map and click OK. An empty new map is displayed in the navigation pane and content area, and the Link Filter Applied button is displayed in the to indicate that the links have been filtered. Step 7 Add the required elements to the map. For more information, see Creating and Deleting Maps, page 5-6. The links are displayed in the map view and links view according to your selections. Filtering Links in an Existing Map You can also create a map, add elements with all links enabled and visible in the map view and links view, and then filter (display or hide) the different types of links as required. To filter links in an existing map: Step 1 Click Link Filter in the main toolbar. Step 2 In the Link Filter dialog box, uncheck the check boxes for the links that you do not want to display in the map view and links view. Step 3 Click Apply to apply the defined link filter settings and continue with more selections. Step 4 Click OK when you have completed your selections. The links are displayed in the map view and links view according to the defined filter, and the Link Filter Applied button is displayed in the to indicate that the links are filtered. Opening the CPU Usage Graph Prime Network Vision enables you to display memory and CPU usage information for a device or network element, including its history. To open the CPU usage graph: Step 1 Right-click a network element in the navigation tree and choose Tools > CPU Usage. The CPU Usage dialog box displays the following information: • CPU Usage—The CPU usage rate as a percentage. • CPU Usage History—The CPU usage rate history is graphically displayed. • Memory Usage—The memory usage rate as a percentage. • Memory Usage History—The memory usage rate history is graphically displayed. Step 2 If desired, click Save to CSV File to export the displayed data. Step 3 Click the upper right corner to close the CPU Usage dialog box. Cisco Prime Network 4.0 User Guide OL-29343-01 5-27 Chapter 5 Working with Prime Network Vision Maps Communicating with Devices Using Ping and Telnet Communicating with Devices Using Ping and Telnet Prime Network Vision enables you to communicate with devices in the following ways: • Pinging a Device, page 5-28 • Telneting a Device, page 5-28 Pinging a Device Prime Network Vision enables you to ping a device to verify that the device is responding. The ping is performed from the client to the device, and not from the Prime Network Vision unit hosting the VNE to the device. To ping a device, right-click a device in the navigation tree or map, and choose Tools > Ping. The results are displayed in a new window. Telneting a Device Prime Network Vision enables you to communicate with a device using the Telnet window. The Telnet session is performed from the client to the device, and not from the Prime Network Vision unit hosting the VNE to the device. Note If you are using a Windows 7 system, you must enable the Windows Telnet Client before you can use the Prime Network Telnet option. - For Windows 7 32-bit systems, enable the Windows Telnet Client to use the Prime Network Telnet option. - For Windows 7 64-bit systems, a solution is available on the Cisco Developer Network at http://developer.cisco.com/web/prime-network/forums/-/message_boards/message/2780108. To telnet a device: Step 1 Right-click a device in the navigation tree or map, and choose Tools > Telnet. A terminal window opens. Step 2 Log in and use the Telnet window as needed. Cisco Prime Network 4.0 User Guide 5-28 OL-29343-01 CH A P T E R 6 Working with Links The following topics describe how to view information about static and dynamic links using the Cisco Prime Network Vision (Prime Network Vision) user interface: • User Roles Required to Work with Links, page 6-1 • What Are Dynamic and Static Links?, page 6-3 • Link Discovery and Flickering Ethernet Topology Links, page 6-3 • Viewing Link Properties, page 6-4 • Viewing Link Impact Analysis, page 6-12 • Adding Static Links, page 6-15 • Filtering Links Using the Collection Method, page 6-17 • Selecting a Link, page 6-18 User Roles Required to Work with Links This topic identifies the GUI default permission or element scope security level that is required to work with links in Prime Network Vision. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the Cisco Prime Network 4.0 Administrator Guide. The following tables identify the tasks that you can perform: • Table 6-1 identifies the tasks that you can perform if a selected element is not in one of your assigned scopes. • Table 6-2 identifies the tasks that you can perform if a selected element is in one of your assigned scopes. By default, users with the Administrator role have access to all managed elements. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide OL-29343-01 6-1 Chapter 6 Working with Links User Roles Required to Work with Links Table 6-1 Default Permission/Security Level Required for Working with Links - Element Not in User’s Scope Task Viewer 1 Operator X 1 OperatorPlus X 1 Configurator X Administrator 1 X View link properties in Map view X View link properties in Links view X2 X2 X2 X2 X View link properties in the Link Properties window — — — — X View link impact analysis — — — — X Add static links — — — — X Filter links using collection method X X X X X Find and select a link in X a map X X X X 1. Link properties are limited in the Map view; not all link information is available. 2. Link properties are limited in the Links view; not all link information is available. Table 6-2 Default Permission/Security Level Required for Working with Links - Element in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator View link properties in Map view X X X X X View link properties in Links view X1 X1 X1 X1 X View link properties in the Link Properties window X X X X X View link impact analysis — — — — X Add static links — — — X X Filter links using collection method X X X X X Find and select a link in X a map X X X X 1. Link properties are limited in the Links view; not all information is available. Cisco Prime Network 4.0 User Guide 6-2 OL-29343-01 Chapter 6 Working with Links What Are Dynamic and Static Links? What Are Dynamic and Static Links? Dynamic links are the physical and logical links that exist between elements in the network. These links are discovered by Prime Network using various protocols (such as STP, CDP, and LLDP). The ongoing process of autodiscovery maintains this topological information. Property information is provided for links that are: • Between two devices. • Between a device and an aggregation that connects this device to another device inside the aggregation. • Between two aggregations that contain devices that cross the aggregations. If a link is unidirectional, Prime Network Vision displays an arrowhead on the link. If it is bidirectional, an arrowhead is not displayed. Static links are links that are created at the VNE level but are not updated. These links do not perform any configuration or provisioning on a device or in the network. Static links are useful for map visualization and network correlation; for example, if Prime Network Vision does not discover a link that you know exists in the network, you can create a static link that is displayed in the map. For correlation purposes, Prime Network Vision treats the static link as if it were a physical or logical link and allows correlation flows to go through the static link. For information on creating static links, see Adding Static Links, page 6-15. Link Discovery and Flickering Ethernet Topology Links As mentioned in What Are Dynamic and Static Links?, page 6-3, Prime Network discovers topology links using various protocols, such as STP, CDP, and LLDP. In some situations, the link configurations themselves can prevent Prime Network from discovering the correct information. For example, if Layer 2 protocol tunneling is configured and the discovery protocols are tunneled, Prime Network can create an incorrect link. This scenario results in a flickering link that is first created incorrectly due to tunneled discovery information, and then disconnected when the Prime Network counters test discovers that the counters on the edges of the link do not match. During the next topology cycle, Prime Network recreates the link, which is disconnected again during the counters test. A link is considered flickering when it is connected, disconnected, and reconnected when using the same connection technique because the topology information is conflicting. When this situation occurs, Prime Network generates a system event with the message “Physical Link discovery inconsistent.” To prevent an ongoing cycle of link creation and disconnecting, Prime Network detects such case of flickering links, creates a system event with the message “Inconsistent Physical Link Discovery between system:interface1 and system:interface2,” and stops the link from flickering by disconnecting it. To remedy the situation, we recommend that you wait until the link disappears from the map and then create a static link. Note This feature applies only to Ethernet links. Cisco Prime Network 4.0 User Guide OL-29343-01 6-3 Chapter 6 Working with Links Viewing Link Properties Viewing Link Properties In maps, you can view a link only if both ends of the link are in your scope. However, Prime Network Vision provides an option that allows users to view links and any associated tickets if only one end of the link is in your scope. For more information about this option, see the Cisco Prime Network 4.0 Administrator Guide. Prime Network Vision provides information about links in the following ways: • Through the physical characteristics of the link in a map, tooltips, and link quick views—See Viewing Link Properties in Prime Network Vision Maps, page 6-4. • In the Links view—See Viewing Link Properties in the Links View, page 6-8. • In the link properties window—See Viewing Link Properties in the Link Properties Window, page 6-10. Viewing Link Properties in Prime Network Vision Maps The representation of a link in a map provides information about that link. The characteristics that provide information about a link are: • Whether the link is solid or dashed. • Whether or not the link displays an arrow at one end. • Link color. Table 6-3 describes the link variations that can be displayed in a map and provides examples of each. Table 6-3 Link Properties in Prime Network Vision Maps Link Characteristic Description Example Solid Line vs. Dashed Line Solid line Physical, topological, or service link, such as a link between two devices. Dashed line Association or business link between such elements as EVCs, VPLS service instances, or VPN components. Cisco Prime Network 4.0 User Guide 6-4 OL-29343-01 Chapter 6 Working with Links Viewing Link Properties Table 6-3 Link Properties in Prime Network Vision Maps (continued) Link Characteristic Description Example Link Widths Normal Contains links of the same group. Available groups are: Wide • Business • GRE • MPLS-TP • Pseudowire • VLAN • All others Aggregated links that contain links of different groups. When viewing a map at a low zoom level, aggregated links cannot be distinguished in the GUI. Tunnel A tunnel, with the center color representing the severity of any alarms on the link. Arrowhead vs. No Arrowhead No arrowhead Bidirectional link. Arrowhead Unidirectional link, with the flow in the direction of the arrowhead. Link Color Red Critical alarm is on the link. Orange Major alarm is on the link. Yellow Minor alarm is on the link. Green Link is operating normally. Blue Link is selected. Note The color of a selected link is customizable. The default color is blue. For more information on link colors, see Map View, page 2-8. Cisco Prime Network 4.0 User Guide OL-29343-01 6-5 Chapter 6 Working with Links Viewing Link Properties To view link properties: Step 1 Hover your mouse cursor over the required link in a map. A link tooltip is displayed as shown in Figure 6-1. Figure 6-1 Link Tooltip in Prime Network Vision The tooltip contains the following information about the link: • Link endpoints, identified by the element or service name. • The number of links represented by the line on the map. Examples of tooltips are: Step 2 • 169.254.12.34 <--> 169.254.56.78 6 links • 22@169.254.12.34 <--> CEM1/2:1@169.254.56.78 1 link To view additional link information, click the tooltip. The link quick view window is displayed as shown in Figure 6-2. Cisco Prime Network 4.0 User Guide 6-6 OL-29343-01 Chapter 6 Working with Links Viewing Link Properties Figure 6-2 Link Quick View Example 1 Number of links represented by the single link in the map. In this example, 29 links. 2 Link endpoints. 3 List of all links represented by the link in the map with the following information, as appropriate: 4 • Type of link, such as Physical, MPLS, or Tunnel. For a complete list of the types of links and their abbreviations, see Link Icons, page A-11. • Link detail, such as the interface used on each endpoint, service name, or type of service. • Link alarm status, indicated by the link color. Hyperlink to the link properties window. The Properties button is available for physical, topographical, and service links, but is not available for business links (dashed links). For more information, see Viewing Link Properties in the Link Properties Window, page 6-10. Step 3 To view more link properties, click Properties in the link quick view. For more information about the link properties window, see Viewing Link Properties in the Link Properties Window, page 6-10. Cisco Prime Network 4.0 User Guide OL-29343-01 6-7 Chapter 6 Working with Links Viewing Link Properties Viewing Link Properties in the Links View The links shown in a map represent many other links as described in Viewing Link Properties in Prime Network Vision Maps, page 6-4. By using the links view, you can view a list of all links represented in a map and their status. To display the links view in the Prime Network Vision window, click Show Links View in the main toolbar. Figure 6-3 shows an example of the links view. Figure 6-3 Note Links View A link external to the network has a blue cell background in the table. Any links that are added or removed from the map are automatically added or removed from the links view, provided they have not been filtered out. Cisco Prime Network 4.0 User Guide 6-8 OL-29343-01 Chapter 6 Working with Links Viewing Link Properties Table 6-4 describes the information that is displayed in the links view. Table 6-4 Links View Content Field Description Context Name of the map or aggregation containing the link. The links view can include multiple contexts. This field can be empty for either of the following reasons: • One side of the link is not included in the map. • The link is filtered out of all contexts. Severity Severity bell icon, colored according to the severity of the alarm on the link and indicating the impact of the alarm on the network. For more information, see Prime Network Vision Status Indicators, page 2-17. A End Point Device or site that is the source of the link, as a hyperlink to the inventory of the device or site. Bidirectional Whether the link is bidirectional or unidirectional: True (bidirectional) or False (unidirectional). Z End Point Device or site that is the destination of the link, hyperlinked to the relevant entry in inventory. Link Type Type of link, such as Physical Layer, VPN, MLPPP, or MPLS. By default, the links displayed in the links view are sorted according to link type and the deep collection method. The buttons in Table 6-5 are displayed at the top of the links view and enable you to filter the links according to the collection method. Note If you load a map with many links (for example, thousands of links), it can take a while for the complete list of links to load. The filtering options in the table are unavailable until the table has completely loaded. Table 6-5 Icon Links View Tools Name Description All Links Complete list of links for the selected map or aggregation. External Links Links with one side of the link in the selected map or aggregation and the other side of the link outside the currently selected map or aggregation. Flat Links Links currently visible in the map pane for the selected map or aggregation, excluding any thumbnails. Deep Links Links for the selected aggregation and any nested aggregations, with both endpoints within the currently selected map or aggregation. Cisco Prime Network 4.0 User Guide OL-29343-01 6-9 Chapter 6 Working with Links Viewing Link Properties For more information about filtering links using the collection method, see Filtering Links Using the Collection Method, page 6-17. Viewing Link Properties in the Link Properties Window The link properties window contains general information about the selected link, details of the link connection, and technology-specific information appropriate for the link. In a Prime Network Vision map, open the link properties window by right-clicking a link and choosing Properties. The link properties window is displayed as shown in Figure 6-4. Figure 6-4 Link Properties Window 1 Properties pane (see Properties Pane, page 6-11) 3 Ticket and events pane (see Ticket and Events Pane, page 3-15) 2 Status bar 4 Link list pane (see Link List Pane, page 6-11) Note If multiple links exist between the elements or aggregations, the link properties window displays information for all the links. Cisco Prime Network 4.0 User Guide 6-10 OL-29343-01 Chapter 6 Working with Links Viewing Link Properties The information displayed in the link properties window changes according to the ports or subports selected in the link list pane. Link List Pane In the link properties window, the link list pane displays a list of the links that are represented by a single link on the map. Each link has a single entry in the link list pane. When an entry is selected in the link list pane, the information displayed in the properties pane is updated. The color of the icon in the link list pane reflects its severity. For more information about severity, see Prime Network Vision Status Indicators, page 2-17. The heading and the link list pane display the left and right link identifiers between the two nodes, the device alias, and Connection Termination Point (CTP). Properties Pane The properties pane enables you to view the following, depending on your selection in the link list pane: • Properties of a selected link, including port properties information. • Hyperlinks to relevant entries in logical or physical inventory. • Status. The properties pane displays the link type, port alias, and port location, all of which uniquely identify the port. The port location information is also displayed as a hyperlink to the inventory window. The properties pane also displays the parameters for each end of the link, aligned under the relevant link identifier. Any discrepancies between the link’s ports are displayed in red. The following fields are displayed in the Connection Information area for physical links: • Type—Type of connector, such as fiber optic. • Status—Status of the link, such as OK. • Port Alias—Name used in the device CLI or EMS for the selected port. • Managed—Whether or not the link is managed: True or False. • Pluggable Port State—Whether or not a pluggable module is inserted. • Location—Location of the entity, slot number, and port on the slot, as a hyperlink that opens the properties of the relevant location. Depending on the link and its configuration, the following areas containing status and configuration information are displayed in the properties pane: • Ethernet CSMA/CD • Gigabit Ethernet • LAG • MLPPP • MP-BGP • MPLS Link Information • PPP • Pseudowire Cisco Prime Network 4.0 User Guide OL-29343-01 6-11 Chapter 6 Working with Links Viewing Link Impact Analysis • T1 • VRF IP addresses are displayed in IPv4 or IPv6 format, as appropriate. Depending on the type of link, the following areas might be displayed: • Affected Parties—Enables you to view all elements potentially affected by the link. For more information, see Viewing Link Impact Analysis, page 6-12. • Labels—Enables you to view all LSPs on an Ethernet link. For more information, see Viewing LSPs Configured on an Ethernet Link, page 18-11. • VCs—Enables you to view configured and misconfigured VCs on an ATM link. For more information, see Viewing ATM VPI and VCI Properties, page 20-10. Ticket and Events Pane The ticket and events pane is displayed at the bottom of the link properties window and contains the following tabs: • Tickets—Displays the tickets that are collected on the selected element, service, or component in the navigation pane. Table 9-3 describes the information that is available in the Tickets tab. • Network Events—Displays all active network events associated with tickets and alarms, and all archived events with a timestamp that falls within the specified events history size (see Adjusting the Prime Network Vision GUI Client Settings, page 2-40). Table 3-7 on page 3-15 describes the information that is available in the Network Events tab. When displaying network events, Prime Network Vision monitors the history size value defined in the Events tab of the Options dialog box (Tools > Options > Events). The default value is six hours and can be changed in Prime Network Administration. In addition, Prime Network Vision limits the maximum number of network and provisioning events that are sent from the server to client to 15,000 each. If the number of network or provisioning events exceeds the limit specified in the Options Events tab or the 15,000 maximum limit, Prime Network Vision purges the oldest events from table. The purging mechanism runs once per minute. Tip You can display or hide the ticket and events pane by clicking the arrows displayed below the device view panel. Viewing Link Impact Analysis Prime Network Vision enables you to select a network link and calculate the elements that might be affected if the link were to go down. This enables you to perform proactive impact analysis when a fault has not actually occurred. Note Impact analysis applies only to physical links. Cisco Prime Network 4.0 User Guide 6-12 OL-29343-01 Chapter 6 Working with Links Viewing Link Impact Analysis To calculate impact analysis: Step 1 Select a map or aggregation in the navigation pane, and click Show Links View in the main toolbar. The links view is displayed in the content pane. Step 2 In the table toolbar, click Link Filter. The Link Filter dialog box is displayed. For information about the Link Filter dialog box, see Filtering Links in a Map, page 5-25. Step 3 In the Filter dialog box: a. In the Match drop-down list, choose All. b. In the field drop-down list, choose Link Type. c. In the operand drop-down list, choose Equals. d. In the matching criteria drop-down list, choose Physical Layer. e. Click OK. Only physical links are displayed in the links view. Step 4 In the links view, right-click the required link and choose Properties. The Topological Link Properties window is displayed. Note Resize the window as needed to view all the information. Figure 6-5 Topological Link Properties Window Cisco Prime Network 4.0 User Guide OL-29343-01 6-13 Chapter 6 Working with Links Viewing Link Impact Analysis Step 5 Click Calculate Affected. The total number of potentially affected parties is displayed in the Affected Parties area. Step 6 Click Show Affected. The Affected Parties window is displayed as shown in Figure 6-6. Figure 6-6 Affected Parties Window Step 7 To view the potentially affected destinations if a link were go to down, click an entry in the Source table. The potentially affected destinations are displayed in the Destination table. Step 8 To view source or destination properties in inventory, click the required hyperlinked entry. Note The Affected Parties window occasionally displays entries that start with the word Misconfigured. Entries that start with Misconfigured indicate that the flow has stopped unexpectedly between the source and destination points. An unexpected termination point can be a routing entity, bridge, or VC switching entity. The significant aspects of Misconfigured entries are: - Because the link does not terminate as expected, the link is not actually impacted. - An error might exist in the configuration or status of the termination points. We recommend that you check the configuration and status of the affected termination points. Cisco Prime Network 4.0 User Guide 6-14 OL-29343-01 Chapter 6 Working with Links Adding Static Links Adding Static Links Prime Network Vision enables you to create static links that exist only on the VNE level. Static links are useful for visualization and network correlation because Prime Network Vision allows correlation flows to go through the links, as if they were real physical or logical links. Static link properties are not updated because the links do not really exist in the network. To create a static link, select a device or port and define it as the A side. Then define a second device or port as the Z side. Prime Network Vision validates the new link after the two ports are selected. Validation checks the consistency of the port types (for example, RJ45 on both sides), and Layer 2 technology type (for example, ATM OC-3 on both sides). You can also create static links between Ethernet Link Aggregation Groups (LAGs) by choosing a LAG and the desired port channel for the A or Z side as described in the following procedure. When you add a new link, the color of the link reflects its current state. For example, if the operation status of a port is down, the link is colored red. You can add links from either the Prime Network Vision window’s navigation and a map, or from the inventory window navigation pane. In addition, you can add a new link using Cisco Prime Network Administration. For more information, see the Cisco Prime Network 4.0 Administrator Guide. Adding a Link Using a Map and Its Navigation Pane Step 1 Right-click the required A Side device in the navigation pane or in a map, and choose Topology > Mark as A Side. Step 2 Right-click the required Z Side device or LAG in the navigation pane or properties pane to display the right-click menu and choose Topology > Mark as Z Side. The Create Static Link window is displayed as shown in Figure 6-7, so that you can select the ports to connect. Cisco Prime Network 4.0 User Guide OL-29343-01 6-15 Chapter 6 Working with Links Adding Static Links Figure 6-7 Create Static Link Window Step 3 Select the required port on both the A Side device and the Z Side device. Step 4 Click Create to validate the connection and create the new link. A success message is displayed. A warning message is displayed if any of the following apply: • A validation check fails. • The operation status of one port is Up and the other port is Down. • The selected ports are not of the same type. • The Layer 2 technology type is not the same. • One of the ports is part of another link. Adding a Link Using the Inventory Window Step 1 Open the inventory window for the required A Side device. Step 2 In the navigation pane, navigate to the required port or LAG. Step 3 Right-click the required port or LAG and choose Topology > Mark as A Side. Step 4 Repeat Step 1 and Step 2 for the Z Side port or LAG. Step 5 Right-click the required port or LAG and choose Topology > Mark as Z Side. A confirmation message is displayed. Cisco Prime Network 4.0 User Guide 6-16 OL-29343-01 Chapter 6 Working with Links Filtering Links Using the Collection Method Step 6 Click Yes. The ports are connected, and a link is created between the selected ports. A warning message is displayed if any of the following conditions exist: • One of the validation checks fails. • The operation status of one port is Up and the other port is Down. • The ports selected are not of the same type. • The Layer 2 technology type is not the same. • One of the ports is part of another link. For information about removing a static link, see the Cisco Prime Network 4.0 Administrator Guide. Filtering Links Using the Collection Method The links view table enables you to view links that are not displayed graphically in the Prime Network Vision window map pane. The links view table is dynamic and automatically refreshes itself so that you can view up-to-date network links in real time. The collection method enables you to filter the links displayed in the links view by selecting the collection method from the toolbar. Note • The deep collection method is applied by default in the links view. • The filter applies only to the links view; it has no effect elsewhere in Prime Network Vision. To filter links according to the collection method: Step 1 Click Show Links View in the Prime Network Vision main toolbar. Step 2 Select a map or aggregation in the navigation pane or links view. Step 3 In the links view toolbar, click one of the following buttons in the toolbar: • All Links • External Links • Flat Links • Deep Links The links are displayed in the links view according to the selected collection method. Cisco Prime Network 4.0 User Guide OL-29343-01 6-17 Chapter 6 Working with Links Selecting a Link Selecting a Link Prime Network Vision enables you to select a link listed in the links view and highlight the link in the map in the content pane. To select and highlight a link in a map: Step 1 In the Links view, right-click the required link and choose Select Link in Map. The link is displayed in blue in the map. Step 2 If two or more links are the same (for example, two VRF links), but they are in different contexts or aggregations, the Select Link Context dialog box is displayed. Select the required context from the drop-down list, then click OK. The link is displayed in blue in the map. Step 3 To remove the blue highlight from the selected link, click the map background. Cisco Prime Network 4.0 User Guide 6-18 OL-29343-01 CH A P T E R 7 Labeling NEs Using Business Tags A business tag is a string that is meaningful to the business, and which can be used to label a component of a network element for use in Prime Network screens and reports. Business tags are normally applied to a business element, which is a construction or organization of certain network elements and their properties into a logical entity. This provides users with the ability to track them in a way that makes sense from a business perspective. Examples of business elements include Layer 2 VPNs, Layer 3 VPNs, and virtual routers. The following topics describe how to manage and view Cisco Prime Network Vision business tags and business elements: • User Roles Required to Work with Business Tags and Business Elements, page 7-1 • Using Chinese Characters, page 7-2 • Attaching and Detaching Business Tags, page 7-3 • Searching for Business Tags and Viewing Their Properties, page 7-4 • Renaming a Business Element, page 7-7 • Deleting a Business Element, page 7-7 User Roles Required to Work with Business Tags and Business Elements This topic identifies the roles that are required to work with business tags and business elements. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the Cisco Prime Network 4.0 Administrator Guide. The following tables identify the tasks that you can perform: • Table 7-1 identifies the tasks that you can perform if a selected element is not in one of your assigned scopes. • Table 7-2 identifies the tasks that you can perform if a selected element is in one of your assigned scopes. Cisco Prime Network 4.0 User Guide OL-29343-01 7-1 Chapter 7 Labeling NEs Using Business Tags Using Chinese Characters By default, users with the Administrator role have access to all managed elements. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Table 7-1 Default Permission/Security Level Required for Working with Business Tags and Business Elements - Element Not in User’s Scope Task Viewer Attach a business tag Detach a business tag — — Operator — — OperatorPlus — — Configurator Administrator Partial 1 X Partial 1 X 1 X Search for a business tag — — — Partial View business tag properties — — — Partial1 X Rename a business element X X X X X Delete a business element X X X X X 1. Configurator user role default permission supports the action for business elements, which do not have scopes. The Configurator user role default permission supports the action for elements only if the elements are in the user’s scope. Table 7-2 Default Permission/Security Level Required for Working with Business Tags and Business Elements - Element in User’s Scope Task Attach a business tag Detach a business tag Viewer — — Operator — — OperatorPlus — — Configurator Administrator Partial 1 X Partial 1 X 1 X Search for a business tag — — — Partial View business tag properties — — — Partial1 X Rename a business element X X X X X Delete a business element X X X X X 1. Configurator user role default permission supports the action for business elements, which do not have scopes. The Configurator user role default permission supports the action for elements only if the elements are in the user’s scope. Using Chinese Characters Cisco Prime Network Vision supports Chinese characters in business tags, enabling you to perform the following activities using Chinese characters: • Create a business tag—Attaching and Detaching Business Tags, page 7-3. • Search for business tags and view business tag properties—Searching for Business Tags and Viewing Their Properties, page 7-4. Cisco Prime Network 4.0 User Guide 7-2 OL-29343-01 Chapter 7 Labeling NEs Using Business Tags Attaching and Detaching Business Tags • Generate a list of business tags. • Edit the details of a business tag. • Write business tag notes. • Remove business tags. • Create aggregations. • Export a business tag through a northbound interface. See the following documents for more information about these features: • Configuring your system to use Chinese characters— Cisco Prime Network 4.0 Installation Guide. • Integration over northbound interfaces—Cisco Prime Network 4.0 Integration Developer Guide. Attaching and Detaching Business Tags You can attach one business tag for each entity, such as a port or interface. A business tag might identify a new subscriber to a port, or other information that is relevant in your environment. To attach a business tag: Step 1 Right-click the required network object and choose Attach Business Tag. The Attach Business Tag dialog box is displayed, as shown in Figure 7-1. Figure 7-1 Step 2 Attach Business Tag Dialog Box Enter the information for the business tag: • Unique Key—Enter a unique identifier for the business tag. • Name—Enter a name for the business tag. Note Business tag names are case-sensitive. Cisco Prime Network 4.0 User Guide OL-29343-01 7-3 Chapter 7 Labeling NEs Using Business Tags Searching for Business Tags and Viewing Their Properties • Type—Choose the type of business tag: Subscriber, Provider Connection, or Label. Note • Step 3 If you select Label, the name of the network object changes to display the business tag name if the Replace name with Business Tag option is selected in the Options dialog box (Tools > Options). For more information about display options, see Adjusting the Prime Network Vision GUI Client Settings, page 2-40. Notes—(Optional) Enter a free-text message. Click Save. The business tag is attached to the network object and displayed in the Business Tag tab of the inventory window for the selected network object. The business tag name is also displayed throughout Cisco Prime Network Vision, such as in the navigation pane, maps, and Cisco PathTracer. You can search and edit business tag information attached to a network object using tools available from the appropriate Business Tag dialog box. To detach a business tag, right-click the network object and choose Detach Business Tag. Searching for Business Tags and Viewing Their Properties Cisco Prime Network Vision enables you to find a business tag by entering the full or partial business tag key, the full or partial business tag, or by specifying a specific type of business tag. In response, the business tags that meet the search criteria are listed. If you know the location of the business tag, you can view its properties by opening the Business Tag tab in the element’s inventory window. To search for a business tag: Step 1 Choose Edit > Find Business Tag from the main menu. Figure 7-2 shows an example of the Find Business Tag dialog box. Cisco Prime Network 4.0 User Guide 7-4 OL-29343-01 Chapter 7 Labeling NEs Using Business Tags Searching for Business Tags and Viewing Their Properties Figure 7-2 Find Business Tag Dialog Box Table 7-3 describes the fields in the Find Business Tag dialog box. Table 7-3 Icon Find Business Tag Dialog Box Fields Name Description Find Business Tag Finds the business tag according to a name, key, or type entered in the Find Business Tag dialog box. Clear Search Clears the search information entered in fields in the Find Business Tag dialog box. Edit Business Tag Opens the Edit Business Tag dialog box so you can edit the selected business tag. Cisco Prime Network 4.0 User Guide OL-29343-01 7-5 Chapter 7 Labeling NEs Using Business Tags Searching for Business Tags and Viewing Their Properties Table 7-3 Icon Find Business Tag Dialog Box Fields (continued) Name Description Detach Business Tag Removes the selected business tag from the element. Help Displays online help for Cisco Prime Network Vision and Cisco Prime Network Events. Input Fields Unique Key Enter the key you are searching for. Name Enter a full or partial entry of the name you are searching for. The search function is case-insensitive, so entering the string biz tag in the Name field results in business tags with names containing Biz Tag, Biz tag, and biz tag. Type From the drop-down list, select the type of business tag you are searching for: Label, Subscriber, Provider Connection, or All Types. Note Enter a full or partial entry of the note for the business tag you are searching for. Results Table Key Business tag key matching the search criteria. Name Business tag names matching the search criteria. Type Business tag type matching the search criteria. Entity Entity to which the business tag is attached, hyperlinked to entity properties. Step 2 Enter the search criteria using the information for the Input Fields in Table 7-3, keeping in mind that the search function is case-sensitive. Step 3 Click Find. The search results are displayed in the Results Table at the bottom of the Find Business Tag dialog box, as shown in Figure 7-2. Step 4 View additional details as required: • To view the business tag’s properties, double-click the business tag in the search results table. • To go to the business tag’s location, click the hyperlink provided in the search results table. Cisco Prime Network 4.0 User Guide 7-6 OL-29343-01 Chapter 7 Labeling NEs Using Business Tags Renaming a Business Element Renaming a Business Element The following caveats apply when renaming a business element: • Except for network VLANs, the original name of the business element is not saved, so you cannot revert to the original name. • Renaming a business element affects all users who have the business element loaded in their service view maps. To rename business elements in service view maps, right-click the business element and choose Rename. Deleting a Business Element You can delete business elements from the database. However, if you delete a business element from the database, it can no longer be viewed in Prime Network. We recommend that you delete a business element only when the physical element no longer exists. Caution Deleting business elements affects all users who have the business elements loaded in their service view map. Table 7-4 lists the requirements that must be met before you can delete a business element. Table 7-4 Business Element Deletion Requirements Business Element Requirements Layer 2 VPN The Layer 2 VPN has no Logical Circuit Peers (LCPs), or, if it does, the LCPs display the reconciliation icon. Layer 3 VPN The VPN has no virtual routers, or, if it does, the virtual routers and sites display the reconciliation icon. Site No sites or interfaces are connected or bound to the VRF, or, if they are connected, they display the reconciliation icon. Virtual router The virtual router contains no VRFs, sites, or interfaces, or, if it does, the VRFs, sites, and interfaces display the reconciliation icon. To delete a business element: Step 1 Verify that the business element meets all requirements specified in Table 7-4. You cannot delete the element if all requirements are not met. Step 2 In the Cisco Prime Network Vision navigation pane or a map, right-click the business element, and choose Delete. Step 3 In the confirmation message, click Yes to delete the currently selected element, or click Yes to All to delete multiple selected elements. The selected business element is deleted from the business configuration of all users. Cisco Prime Network 4.0 User Guide OL-29343-01 7-7 Chapter 7 Labeling NEs Using Business Tags Deleting a Business Element Cisco Prime Network 4.0 User Guide 7-8 OL-29343-01 CH A P T E R 8 Tracking Faults Using Prime Network Events The following topics describe how to use Cisco Prime Network Events (Prime Network Events) to view and manage faults: • User Roles Required to Work with Prime Network Events, page 8-1 • Launching Prime Network Events, page 8-1 • Setting Up Your Events View, page 8-2 • Viewing Events and Tickets in Cisco Prime Network Events, page 8-2 • Working with Cisco Prime Network Events, page 8-10 User Roles Required to Work with Prime Network Events This topic identifies the roles that are required to work with Prime Network Events. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. Only users with the Administrator role can log into Prime Network Events. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Launching Prime Network Events To launch Prime Network Events, choose Start > Programs > Cisco Prime Network > gateway IP address > Cisco Prime Network Events, and enter your username and password. If any client updates are available, Prime Network automatically installs them. Note If Prime Network is integrated with the suite, launch Prime Network Events from Prime Central. Choose Assure > Prime Network > Events in the menu bar. The Prime Network Events application is opened in a separate window. Cisco Prime Network 4.0 User Guide OL-29343-01 8-1 Chapter 8 Tracking Faults Using Prime Network Events Setting Up Your Events View Setting Up Your Events View The Prime Network Events Options dialog box enables you to change various aspects of the event display in Prime Network Events. To set up your events view, choose Tools > Options from the main menu. Table 8-1 lists the available options. Table 8-1 Options for Changing Prime Network Events GUI Client Option Description Save last filter Saves the filter criteria defined per event type in the Filter Events dialog box. The filter criteria are available the next time you log into Prime Network Events. Note Events are not filtered automatically when you next log into Prime Network Events unless the Open Events with saved filter option is also selected. Open Prime Network Events with saved filter When enabled, applies the previously defined filter to the events as soon as you log into Prime Network Events. The events are continuously filtered according to the defined settings, even after you close the application. Display n records per page Specifies the number of events to be displayed per page. Export n records in total Sets the maximum number of events to be exported to a file. Run auto refresh every n secs Automatically refreshes the Prime Network Events display after the specified number of seconds. Note This option uses rapid refresh from the database, which can affect the performance of other vital database options. Display data for the Displays past events from the specified number of hours. Values range from 1 to last n hours 336 hours (14 days), with a default of 2 hours. If you increase the number of hours, it can take longer for the events to be displayed. Find mode (No automatic data retrieval) Operates the Prime Network Events window in Find mode. In this mode, no events will be retrieved from the database when you open the application or switch between tabs. You can click the Find button in the toolbar to search for the events you need. When in Find mode, the status bar in the Prime Network Events window shows “Find Mode (no automatic data retrieval).” Viewing Events and Tickets in Cisco Prime Network Events Events are displayed according to event categories, which are represented by tabs in the Cisco Prime Network Events window. Each tab displays an events list log that provides event information for the specific event category. Events can be of system type or network type. The Ticket tab displays the tickets that have been generated for correlated events. Events and tickets are sorted by date, with the latest item displayed first and the oldest item displayed last. Cisco Prime Network 4.0 User Guide 8-2 OL-29343-01 Chapter 8 Tracking Faults Using Prime Network Events Viewing Events and Tickets in Cisco Prime Network Events Note Cisco Prime Network Events displays active events only. It does not display events that have been archived. To see archived events, use Prime Network’s reporting functionality. For more information, see the Cisco Prime Network Operations Reports User Guide. Prime Network Events displays events for the last two hours by default. To modify the default number of hours for which events are displayed, see Setting Up Your Events View, page 8-2. Increasing the number of hours can affect how long it takes for the events to be displayed. Figure 8-1 shows an example of the Prime Network Events window. Figure 8-1 Prime Network Events Window Event Severity Indicators The Severity column contains color-coded icons that reflect the severity of the event. An icon appears for each ticket or event in the Prime Network Events tabs (based on its severity) as shown in Table 8-2. Table 8-2 Icon Severity Indicators Color Severity Red Orange Icon Color Severity Critical Light Blue Warning Major Medium Blue Information Cisco Prime Network 4.0 User Guide OL-29343-01 8-3 Chapter 8 Tracking Faults Using Prime Network Events Viewing Events and Tickets in Cisco Prime Network Events Table 8-2 Icon Severity Indicators (continued) Color Severity Yellow Minor Green Cleared, Normal, or OK Icon Color Severity Dark blue Indeterminate Event Types and Categories Events are grouped in tabs according to type. Each tab displays basic information about the events, including severity, event ID, time, and description. In addition, most event tabs show the Location parameter, which indicates the entity that triggered the event and is a hyperlink that can be clicked to access the entity’s properties. Note Prime Network stores events in the database in Greenwich Mean Time (GMT) format. The Prime Network client converts events to the time zone that is configured on the client workstation. The times displayed in the Cisco Prime Network Events GUI reflect the time according to the client workstation. The following categories of events can be viewed in Prime Network Events: • Audit Events, page 8-4 • Provisioning Events, page 8-5 • Security Events, page 8-5 • System Events, page 8-6 • Service Events, page 8-6 • Syslogs, page 8-7 • V1 Traps, page 8-7 • V2 Traps, page 8-8 • V3 Traps, page 8-8 In addition to events, you can also view and manage tickets in Prime Network Events. See Tickets, page 8-9 for more information. Audit Events Events related to all login activity and audit of other activities of the system users. The Audit tab displays the following parameters that specifically relate to audit events: Cisco Prime Network 4.0 User Guide 8-4 OL-29343-01 Chapter 8 Tracking Faults Using Prime Network Events Viewing Events and Tickets in Cisco Prime Network Events Table 8-3 Audit Events Column Description Command Name Audit-specific command name, prefaced by, for example, Get, Update, or Find. Command Signature Actual command run by Prime Network, such as GetEventViewerProperties. Command Parameters Command parameters issued with the command identified in the Command Name column. Originating IP IP address of the client that issued the command. User Name Name of the user who initiated the command. Provisioning Events Events displayed in the Provisioning tab are events triggered during the configuration of a device, for example, execution of a configuration script. The Provisioning tab displays the following parameters that specifically relate to provisioning events: Table 8-4 Provisioning Events Column Description Prime Login Username Username of the logged in user. VNE Login Username Username that was used to access the device. This field shows “From VNE Login” except in cases where different device access credentials were specified when executing a configuration command. ‘From VNE Login’ means that the username specified when creating the VNE is being used. Status Status of the provisioning activity, such as Success or Fail. Security Events Security events are related to client login and user activity when managing the system and the environment. The Security tab displays the following parameters that specifically relate to security events: Table 8-5 Security Events Column Description Username Name of the logged in user. Originating IP IP address of the client where the event was triggered. For more information about the system security events displayed in this tab, see Cisco Prime Network Supported System and Security Events. Cisco Prime Network 4.0 User Guide OL-29343-01 8-5 Chapter 8 Tracking Faults Using Prime Network Events Viewing Events and Tickets in Cisco Prime Network Events System Events System events are related to the everyday working of the internal system and its components, such as alarm thresholds, disk space and AVMs. The System tab displays the following parameters Table 8-6 System Tab Column Description Severity Icon indicating the severity of the alarm on the event (the color and type of alarm are displayed in the Properties window Severity field). See Event Severity Indicators, page 8-3. Event ID Identifier of the event, assigned sequentially. Time Date and time when the event happened and was logged and recorded. Description Description of the event, such as “AVM 77 is shutting down. Unit = 11.22.33.444.” Location Entity that triggered the event. For more information about the system error and event messages displayed in this tab, see Cisco Prime Network 4.0 Supported System and Security Events. Service Events Service events are network events such as link down events, adaptive polling events, BGP neighbor loss events, and so on. The Service tab displays the following parameters that specifically relate to service events. Table 8-7 Service Tab Column Description Element Type The type of element that triggered the root event, e.g., Cisco 7606. Alarm ID Hyperlinked identifier of the alarm associated with the event. Click the link to view the Ticket Properties window. Ticket ID Hyperlinked identifier of the ticket associated with the event. Click the link to view the Ticket Properties window. Causing Event ID Identifier of the causing event. Duplication Count For network events, the duplication count is calculated by the VNE and pertains only to flapping events. The duplication count represents the number of noncleared events aggregated by the flapping event. Reduction Count For network events, the reduction count is calculated by the VNE and pertains only to flapping events. The reduction count represents the number of events that are aggregated by the flapping event. For more information about the service alarms that are displayed in this tab, see Cisco Prime Network 4.0 Supported Service Alarms. Cisco Prime Network 4.0 User Guide 8-6 OL-29343-01 Chapter 8 Tracking Faults Using Prime Network Events Viewing Events and Tickets in Cisco Prime Network Events Syslogs Syslogs are received from the devices by the VNEs, and syslog events are generated. The Syslog tab displays the following parameters that specifically relate to syslog events. Table 8-8 Syslog Tab Column Description Element Type The type of element that triggered the root event, e.g., Cisco 7606. Alarm ID Hyperlinked identifier of the alarm associated with the event. Click the link to view the Ticket Properties window. Ticket ID Hyperlinked identifier of the ticket associated with the event. Click the link to view the Ticket Properties window. Causing Event ID Identifier of the causing event. Duplication Count For network events, the duplication count is calculated by the VNE and pertains only to flapping events. The duplication count represents the number of noncleared events aggregated by the flapping event. Reduction Count For network events, the reduction count is calculated by the VNE and pertains only to flapping events. The reduction count represents the number of events that are aggregated by the flapping event. V1 Traps The V1 Trap tab displays the following parameters that relate specifically to V1 traps: Table 8-9 V1 Trap Tab Column Description Element Type The type of element that triggered the root event, e.g., Cisco 7606. Alarm ID Identifier of the alarm associated with the event, hyperlinked to the Alarm Properties window. Ticket ID Hyperlinked sequential identifier of the ticket. Click the link to view the Ticket Properties window. Causing Event ID Identifier of the causing event, hyperlinked to the Network Event Properties window. Duplication Count For network events, the duplication count is calculated by the VNE and pertains only to flapping events. The duplication count represents the number of noncleared events aggregated by the flapping event. Reduction Count For network events, the reduction count is calculated by the VNE and pertains only to flapping events. The reduction count represents the number of events that are aggregated by the flapping event. For more information about traps, see Cisco Prime Network Supported Traps. Cisco Prime Network 4.0 User Guide OL-29343-01 8-7 Chapter 8 Tracking Faults Using Prime Network Events Viewing Events and Tickets in Cisco Prime Network Events V2 Traps The V2 Trap tab displays the following parameters that relate specifically to V2 traps: Table 8-10 V2 Trap Tab Column Description Element Type The type of element that triggered the root event, e.g., Cisco 7606. Alarm ID Identifier of the alarm associated with the event, hyperlinked to the Alarm Properties window. Ticket ID Sequential identifier of the ticket, hyperlinked to the Ticket Properties window. Causing Event ID Identifier of the causing event, hyperlinked to the Network Event Properties window. Duplication Count For network events, the duplication count is calculated by the VNE and pertains only to flapping events. The duplication count represents the number of noncleared events aggregated by the flapping event. Reduction Count For network events, the reduction count is calculated by the VNE and pertains only to flapping events. The reduction count represents the number of events that are aggregated by the flapping event. For more information about the Cisco IOS and Cisco IOX traps displayed in this tab, see Cisco Prime Network Supported Traps. V3 Traps The V3 Trap tab displays the following parameters that relate specifically to V3 traps: Table 8-11 V3 Trap Tab Column Description Severity Icon indicating the severity of the alarm on the event (the color and type of alarm are displayed in the Properties window Severity field). See Event Severity Indicators, page 8-3. Event ID Calculated correlation identifier. Time Date and time when the event happened and was logged and recorded. Description Description of the event, such as “Enterprise generic trap.” Location Hyperlink to the entity that triggered the trap. Element Type The type of element that triggered the root event, e.g., Cisco 7606. Alarm ID Identifier of the alarm associated with the event, hyperlinked to the Alarm Properties window. Ticket ID Sequential identifier of the ticket, hyperlinked to the Ticket Properties window. Causing Event ID Identifier of the causing event, hyperlinked to the Network Event Properties window. Cisco Prime Network 4.0 User Guide 8-8 OL-29343-01 Chapter 8 Tracking Faults Using Prime Network Events Viewing Events and Tickets in Cisco Prime Network Events Table 8-11 V3 Trap Tab (continued) Column Description Duplication Count For network events, the duplication count is calculated by the VNE and pertains only to flapping events. The duplication count represents the number of noncleared events aggregated by the flapping event. Reduction Count For network events, the reduction count is calculated by the VNE and pertains only to flapping events. The reduction count represents the number of events that are aggregated by the flapping event. Trap Type OID Trap object identifier. Translated Enterprise Translation of the OID using the MIB. For example, an enterprise OID of .1.3.6.1.2.1.88.2 is displayed in this column as .iso.org.dod.internet.mgmt.mib-2.dismanEventMIB.dismanEventMIB NotificationPrefix. Enterprise Enterprise OID for the trap, representing the company or organization that is associated with the trap. For more information about the Cisco IOS and Cisco IOX traps displayed in this tab, see Cisco Prime Network 4.0 Supported Traps. Tickets The Ticket tab displays detailed information specific to tickets. For information about viewing and managing tickets in Prime Network Vision, see Working with Tickets in Prime Network Vision, page 9-1. Table 8-12 describes the information that is displayed in the Ticket tab. Table 8-12 Ticket Tab Column Description Severity Icon indicating the severity of the alarm on the ticket (the color and type of alarm are displayed in the Ticket Properties window Severity field). See Event Severity Indicators, page 8-3. Ticket ID Sequentially assigned identifier of the ticket, hyperlinked to the Ticket Properties window. Notes An icon in this column indicates that a note has been added for the ticket. Click on the icon to read the note and add your own note, if necessary. Last Modification Time Date and time (per the database) that the ticket was last updated. Updates can result from either manual or automatic operations. Root Event Time Date and time that the event that created the root cause alarm of the ticket was detected. Description Description of the event, such as “Layer 2 tunnel down.” Location Hyperlink to the entity that triggered the event. Element Type The type of element that triggered the root event, e.g., Cisco 7606. Cisco Prime Network 4.0 User Guide OL-29343-01 8-9 Chapter 8 Tracking Faults Using Prime Network Events Working with Cisco Prime Network Events Table 8-12 Ticket Tab (continued) Column Description Acknowledged Whether the ticket is acknowledged or has been modified: Yes, No, or Modified. If a ticket changes after it has been acknowledged, it is marked as Modified. If an acknowledged ticket is deacknowledged, the status changes from Yes to No in this column. Creation Time Date and time that the ticket was created. Event Count Number of events associated with the ticket. Affected Devices Count Number of devices affected by the ticket (the sources of the alarm and their subsequent alarms). Duplication Count For tickets, the duplication count is the sum of the duplication counts of all events that are associated with the root alarm. Reduction Count Ticket reduction count is the sum of reduction counts of all the events that are associated to the ticket. The History tab in the Ticket Properties window displays one reduction count for each event listed. For more information, see Chapter 9, “Working with Tickets in Prime Network Vision.” Alarm Count Total number of alarms associated with the ticket, including the root alarm. For information about viewing ticket properties, see Viewing Ticket Properties, page 8-14. Working with Cisco Prime Network Events The following topics describe how to view, filter, and display the properties of specific events and tickets, and how to refresh and export events: • Viewing Event Properties, page 8-10 • Viewing Ticket Properties, page 8-14 • Refreshing Cisco Prime Network Events Information, page 8-17 • Filtering Events, page 8-18 • Exporting Displayed Data, page 8-21 Viewing Event Properties Cisco Prime Network Events enables you to view the properties of a specific event type. The Event Properties window displays detailed information about the event; for example, the severity and the number of affected parties. Tip Clicking the Details tab on the Event Properties window displays the properties of the selected ticket or event in the Properties pane. Cisco Prime Network 4.0 User Guide 8-10 OL-29343-01 Chapter 8 Tracking Faults Using Prime Network Events Working with Cisco Prime Network Events To view event properties: Step 1 Select the required tab for the specific event type. Step 2 Select an event and choose View > Properties from the main menu. The event properties are displayed for the selected event, either in the lower portion of the Cisco Prime Network Events window or in a separate window as shown in Figure 8-2. The Details tab is displayed by default. Figure 8-2 Network Event Properties Window - Details Tab Table 8-13 describes the information that is displayed in the Details tab in the Event Properties window. Table 8-13 Details Tab for Events Field Description Event ID Unique identifier for the selected event. Severity Severity of the event, indicated by color and text label. Description Description of the event. Type Type of event, such as Security or Service. Location Entity that triggered the event, hyperlinked to its entry in inventory. Element Type The type of device that triggered the event, e.g., Cisco 7609 Ticket ID This field is displayed only for network events. Sequential identifier of the ticket, hyperlinked to the Ticket Properties window. Detection Time Date and time when the event happened and was logged and recorded. Cisco Prime Network 4.0 User Guide OL-29343-01 8-11 Chapter 8 Tracking Faults Using Prime Network Events Working with Cisco Prime Network Events Table 8-13 Details Tab for Events (continued) Field Description Device Time The time zone of the device. Note Category Nature Alarm ID This information is available only for Cisco ASR5000 devices. The category of the fault, which can be any one of the following: • Communications—Associated with procedures and/or processes required to convey information from one point to another. • Quality of Service—Associated with a degradation in the quality of service. • Processing error—Associated with a software or processing fault equipment. • Environmental—Associated with a condition relating to an enclosure in which the equipment resides. • Equipment—Associated with an equipment fault. • Undetermined—Not categorized. The nature of the fault, which can be one of the following: • ADAC (Automatically Detected Automatically Cleared)—When the clearing is automatically detected and cleared by Element Management System (EMS). For example, Link Down. • ADMC (Automatically Detected Manually Cleared)—When clearing requires manual intervention. For example, DWDM Fatal Error syslog. This field is displayed only for network events. Alarm identifier, hyperlinked to the Ticket Properties window or the Alarm Properties window. Causing Event This field is displayed only for network events. The identifier of the causing event. Details Detailed description of the event. Troubleshooting The probable cause of the event, action to be taken to rectify the problem, and the clearing condition. Note Step 3 This information is available only for service events and Cisco ASR5000 traps. You can view additional properties in the following tabs: • Advanced tab—See Table 8-14. • Affected Parties tab—See Table 9-7. • Audit tab—See Table 8-15. • Provisioning tab—See Table 8-16. • Security tab—See Table 8-17. • Trap tab—See Table 8-18. The tabs that are displayed depend on the type of event, such as a Service event or a Provisioning event. Cisco Prime Network 4.0 User Guide 8-12 OL-29343-01 Chapter 8 Tracking Faults Using Prime Network Events Working with Cisco Prime Network Events Table 8-14 Advanced Tab Field Description Duplication Count For network events, the duplication count is calculated by the VNE and pertains only to flapping events. The duplication count represents the number of noncleared events aggregated by the flapping event. Reduction Count For network events, the reduction count is calculated by the VNE and pertains only to flapping events. The reduction count represents the number of events that are aggregated by the flapping event. Affected Devices The number of devices affected by the ticket. Alarm Count The total number of alarms associated with the ticket, including the root alarm. Table 8-15 Audit Tab Field Description User Name Name of user who initiated the command. Result Command result, if available. Originating IP IP address of the client that issued the command. Command Signature Actual command run by Prime Network, such as GetEventViewerProperties. Command Parameters Parameters applied to the command. Table 8-16 Provisioning Tab Field Description User Name Name of the user who performed the provisioning operation. Status Status of the operation: Success or Fail. Table 8-17 Security Tab Field Description User Name Name of the user who triggered the event. Client Type Client that triggered the event: Cisco Prime Network Vision, Cisco Prime Network Administration, Cisco Prime Network Events, or Unknown. Originating IP IP address of the client where the event was triggered. Cisco Prime Network 4.0 User Guide OL-29343-01 8-13 Chapter 8 Tracking Faults Using Prime Network Events Working with Cisco Prime Network Events Table 8-18 Trap Tab Field Description Version SNMP version: version-1, version-2c, or version-3. Community String Community that the device sends in the Protocol Data Unit (PDU). Error Status Error status: No Error, Too Big, No Such Name, Bad Value, Read Only, and Gen Err. Values Table Translated OID String representation of the OID. For example, 1.3.6 is translated into iso.org.dod where: • 1 represents iso. • 3 represents org. • 6 represents dod. Translated Value String representation of the OID value. For example, 1.3 is translated to iso(1).org.10, or a specific value, such as “down” or “4 days, 20 hours, 32 minutes, 11 seconds.” OID OID that is not translated. It is a dot notation representation of the OID, such as 1.3.6.1.4.1.9. Value Value that is not translated. The properties of a selected ticket can be viewed in the Ticket Properties window. For a detailed description of the Ticket tab properties, see Viewing Ticket Properties, page 8-14. Viewing Ticket Properties You can view the properties of a selected ticket in Cisco Prime Network Events by displaying the Ticket Properties window. To view ticket properties in Cisco Prime Network Events: Step 1 In the Ticket tab in the Cisco Prime Network Events window, select the required ticket. Step 2 Choose View > Properties from the main menu. The properties are displayed for the selected ticket, either in the lower portion of the Cisco Prime Network Events window or in a separate window as shown in Figure 8-3. Cisco Prime Network 4.0 User Guide 8-14 OL-29343-01 Chapter 8 Tracking Faults Using Prime Network Events Working with Cisco Prime Network Events Figure 8-3 Ticket Properties Window - Details Tab Table 8-19 describes the information that is displayed in the Details tab in the Ticket Properties window. Table 8-19 Ticket Properties Window - Details Tab Field Description Buttons Acknowledge Acknowledges that the ticket is being handled. For more information, see Acknowledging/Deacknowledging a Ticket, page 9-15. If a ticket is acknowledged, and events are correlated to it after correlation, the ticket is considered to have not been acknowledged. This button is enabled only if the ticket is not acknowledged. DeAcknowledge A ticket that has been acknowledged can be deacknowledged, indicating that it still needs to be handled. Clear Requests the Prime Network system to remove the faulty network element from the Prime Network networking inventory. In addition, it sets the ticket to Cleared severity or status and automatically changes the acknowledged status of the ticket to Yes. For more information, see Clearing a Ticket, page 9-15. This button is enabled only if the severity of the alarm is higher than Cleared or Normal. Details Tab Ticket ID Sequentially assigned identifier of the ticket. Severity Severity of the ticket, indicated by color and text label. Cisco Prime Network 4.0 User Guide OL-29343-01 8-15 Chapter 8 Tracking Faults Using Prime Network Events Working with Cisco Prime Network Events Table 8-19 Ticket Properties Window - Details Tab (continued) Field Description Description Description of the ticket. Last Modification Time Date and time (per the database) that the ticket was last updated. Updates can result from either manual or automatic operations. Location Hyperlink to the entity that triggered the event. Note If the entity that triggered the event is outside your scope, a message is displayed that states you do not have permission to access the selected item. Open Alarms Number of open alarms out of all alarms, such as 3/4. Element Type The type of device that triggered the root event. Root Event Time Date and time that the event that created the root cause alarm of the ticket was detected. Acknowledged Whether or not the ticket has been acknowledged: Yes or No. Creation Time Date and time when the ticket was created. Device Time The time zone of the device. Note Category Nature This information is available only for Cisco ASR5000 devices. The category of the fault, which can be any one of the following: • Communications—Associated with procedures and/or processes required to convey information from one point to another. • Quality of Service—Associated with a degradation in the quality of service. • Processing error—Associated with a software or processing fault equipment. • Environmental—Associated with a condition relating to an enclosure in which the equipment resides. • Equipment—Associated with an equipment fault. • Undetermined—Not categorized. The nature of the fault, which can be one of the following: • ADAC (Automatically Detected Automatically Cleared)—When the clearing is automatically detected and cleared by Element Management System (EMS). For example, Link Down. • ADMC (Automatically Detected Manually Cleared)—When clearing requires manual intervention. For example, DWDM Fatal Error syslog. Details Detailed description of the ticket. Troubleshooting The probable cause of the last event in the root alarm, the action to be taken to rectify the problem and the clearing condition. Note This information is available only for service events and Cisco ASR5000 traps. Cisco Prime Network 4.0 User Guide 8-16 OL-29343-01 Chapter 8 Tracking Faults Using Prime Network Events Working with Cisco Prime Network Events Step 3 As required, review additional properties for the ticket. Table 8-20 identifies the additional tabs that are displayed in the Ticket Properties window and links to the relevant information. Table 8-20 Ticket Properties Window - Additional Tabs Tab Description History Contains the history of the ticket, including all the events. For more information, see History Tab, page 9-11. Affected Parties The services (affected pairs) that are potentially affected (potential impact analysis) by the ticket. For more information, see Affected Parties Tab, page 9-11. Correlation Displays all alarms that are correlated to the selected ticket. For more information, see Correlation Tab, page 9-13. Advanced The number of affected devices, correlations, duplications, and reductions for the selected ticket. In addition, it provides any other additional information available about the ticket. For more information, see Advanced Tab, page 9-13. Notes Enables you to add and save notes for the selected ticket. The Notes tab is not available for tickets that have been archived. For more information, see Notes Tab, page 9-14. User Audit Enables you to see which ticket-related actions were carried out by which users, and when the action took place. For more information, see User Audit Tab, page 9-14. Refreshing Cisco Prime Network Events Information Cisco Prime Network Events displays current information in lists in each tab. While you view a list, the information is not updated unless you manually refresh the list or activate autorefresh. The default autorefresh setting is 60 seconds and can be adjusted (see Adjusting the Prime Network Vision GUI Client Settings, page 2-40). Your filter settings remain intact. Cisco Prime Network 4.0 User Guide OL-29343-01 8-17 Chapter 8 Tracking Faults Using Prime Network Events Working with Cisco Prime Network Events Table 8-21 shows the refresh buttons. Table 8-21 Button Cisco Prime Network Events Refresh Buttons Name Function Refresh Now Manually refreshes the events list. Auto Refresh Automatically refreshes the events list. The Auto Refresh icon toggles to indicate whether auto refresh is on or off. This icon indicates auto refresh is on. To manually refresh a list, choose View > Refresh from the main menu. To automatically refresh a list, click Auto Refresh in the toolbar. Filtering Events The Filter Events dialog box allows you to filter events according to a number of criteria including severity, identifier, time stamp, description, location, and category-specific information. You may also use the filter to search for information in the database. The Filter icon toggles to indicate that a filter has been applied. The following settings in the Cisco Prime Network Events Options dialog box also affect your filters: • If you check the Keep Last Filter check box, the currently defined filter settings are saved in the registry and are displayed the next time you log in, but are not applied. • If you check the Open Using Filter check box, the events are continuously filtered according to the defined settings, even when you log out of and back into the application. For more information, see Adjusting the Prime Network Vision GUI Client Settings, page 2-40. See the following topics for more information about filtering events: • Defining Filters, page 8-19 • Removing Filters, page 8-20 For information about filtering tickets, see Filtering Tickets by Criteria, page 9-7. Cisco Prime Network 4.0 User Guide 8-18 OL-29343-01 Chapter 8 Tracking Faults Using Prime Network Events Working with Cisco Prime Network Events Defining Filters To define a filter: Step 1 Choose Edit > Filter from the main menu. The criteria that you can use for filtering differs for events and tickets. For example, Figure 8-4 shows the Filter Events dialog box for service events. For an example of the Ticket Filter dialog box, see Figure 9-2. Figure 8-4 Step 2 Filter Events Dialog Box - Service Events Specify the filter criteria by using the following steps and the information in Table 8-22: a. Check the check box for each criterion to use for filtering. b. As needed, choose the operator for the filter, such as Contains or Does Not Contain. c. Supply the specific information to apply to the filter, such as the time, a string, or one or more IP addresses. Table 8-22 Cisco Prime Network Events Filter Events Options Field Description Severity Severities to be included in the filter. General Event ID Event identifier to apply to the filter. Description String to include or exclude. Cisco Prime Network 4.0 User Guide OL-29343-01 8-19 Chapter 8 Tracking Faults Using Prime Network Events Working with Cisco Prime Network Events Table 8-22 Cisco Prime Network Events Filter Events Options (continued) Field Description Location Network elements to include. This field is not displayed for Audit events. Time Beginning and ending dates and times to apply to the filter. Network Events Advanced Options Alarm ID Alarm identifier to apply to the filter. Causing Event ID Identifier of the causing event to apply to the filter. Ticket ID Ticket identifier to apply to the filter. Duplication Count Duplication count value to use for filtering. Reduction Count Reduction count value to use for filtering. Element Type Filter by the type of element that triggered the event. Archived Archive status to use for filtering: True or False. System Events Advanced Options Step 3 Command Name String in the command name to use for filtering. Command Signature String in the command signature to use for filtering. Command Parameters String in a command parameter to use for filtering. Originating IP Originating IP address to include or exclude from filtering. Status Status to use for filtering: Configuring, Fail, Success, or Unknown. User Name String in the username to use for filtering. Click OK to save your filter settings and apply the filter. The filtered entries are displayed in the list according to the defined criteria. Removing Filters To remove a filter: Step 1 Click Filter in the main toolbar. Step 2 In the Filter Events dialog box, click Clear. The selected options in the Filter Events dialog box are cleared. Step 3 Click OK. All events are displayed in the list. Cisco Prime Network 4.0 User Guide 8-20 OL-29343-01 Chapter 8 Tracking Faults Using Prime Network Events Working with Cisco Prime Network Events Exporting Displayed Data Cisco Prime Network Events enables you to export the currently displayed data from the Cisco Prime Network Events table according to the criteria defined in the Cisco Prime Network Events Options dialog box. You can then import and view at a later time. To export a table to a file: Step 1 Choose File > Export. Step 2 In the Export Table to File dialog box, browse to the directory where you want to save the list. Step 3 In the File name field, enter a name for the list. Step 4 Click Save. The displayed events list or rows are saved in the selected directory. Cisco Prime Network 4.0 User Guide OL-29343-01 8-21 Chapter 8 Tracking Faults Using Prime Network Events Working with Cisco Prime Network Events Cisco Prime Network 4.0 User Guide 8-22 OL-29343-01 CH A P T E R 9 Working with Tickets in Prime Network Vision These topics describe how to work with tickets in Prime Network Vision: • What are Tickets?, page 9-1 • User Roles Required to Work with Tickets in Prime Network Vision, page 9-2 • Viewing Tickets and Network Events for Elements in a Map, page 9-3 • Viewing Ticket Properties, page 9-9 • Managing Tickets, page 9-15 • Impact Analysis in Prime Network, page 9-17 What are Tickets? A ticket represents the complete hierarchy of correlated alarms representing a single specific fault scenario. A ticket points to the root cause alarm that is the top-most alarm in the correlation hierarchy. Examples of alarms are Link Down, Device Unreachable, or Module Out. Some event types are capable of creating tickets. When an event is generated, it is correlated to an existing event, which is correlated to a ticket. If there is no existing ticket, a new ticket is created. Prime Network identifies the relationship between a root cause alarm and its consequent alarms. It automatically correlates the consequent alarms as children of the root alarm. The ticket pane displays the ticket (the root cause alarm), the aggregated severity of the ticket, and the severity of the root cause alarm. The root cause alarm severity is the top-most severity of its contained alarms. In addition, the ticket pane displays the time at which the original event was detected, the ticket creation time, and a description of the event that caused the ticket creation. Cisco Prime Network 4.0 User Guide OL-29343-01 9-1 Chapter 9 Working with Tickets in Prime Network Vision User Roles Required to Work with Tickets in Prime Network Vision User Roles Required to Work with Tickets in Prime Network Vision This topic identifies the roles that are required to work with tickets in Prime Network Vision. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. The following conditions apply when working with tickets in Prime Network Vision: • If an element that is outside of your scope is the root cause of a ticket that affects an element in your scope, you can view the ticket in Prime Network Vision, but you will not be able to: – View inventory by clicking the Location hyperlink. – Acknowledge, deacknowledge, clear, add note, or remove the ticket. • You can acknowledge, deacknowledge, clear, remove, or add notes for a ticket only if you have OperatorPlus or higher permission for the element that holds the root alarm for that ticket. • If the source or contained sources of the ticket are not in your scope, you cannot view the ticket in the ticket table, view ticket properties, or perform actions on the ticket. • If the ticket contains a source that is in your scope, but the source is not the root cause, you can view the ticket in the ticket table and view ticket properties, but you cannot perform actions on the ticket. • If the source of the ticket is in your scope, you can view the ticket in the ticket table, view ticket properties, filter tickets, and perform actions on the ticket. • By default, users with the Administrator role have access to all managed elements and can perform any action on tickets. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Table 9-1 identifies the roles required to perform the high level tasks: Table 9-1 Default Roles/Permissions Required for Working with Tickets in Prime Network Vision Task Viewer Operator OperatorPlus Configurator Administrator 1 X X Acknowledge/deackno wledge tickets — — X Add notes to a ticket — — X1 X X 1 X X Clear and remove tickets — — X Clear tickets — — X1 X X Filter tickets X X X X X Find affected elements X X X X X Remove tickets — — X1 X X Cisco Prime Network 4.0 User Guide 9-2 OL-29343-01 Chapter 9 Working with Tickets in Prime Network Vision Viewing Tickets and Network Events for Elements in a Map Table 9-1 Default Roles/Permissions Required for Working with Tickets in Prime Network Vision (continued) Task Viewer Operator OperatorPlus Configurator Administrator View ticket properties X X X X X View tickets X X X X X 1. In addition, the security level for the device scope must be OperatorPlus or higher for the device that holds the root alarm for a ticket. Viewing Tickets and Network Events for Elements in a Map The ticket pane, located below the navigation and content panes in the Prime Network Vision window, displays tickets and network events specific to the elements in the currently displayed map (see Figure 9-1). You can view or hide the ticket pane by clicking the arrows displayed below the navigation pane. The ticket pane contains two tabs: • Tickets tab—Lists all the tickets relevant to the elements in the map and allows you to manage them. See Managing Tickets in the Tickets Tab, page 9-4 for details of the information displayed and the actions available from the Tickets tab. • Latest Events tab: – Lists network events that were created for the elements in the map from the time the map was opened. – Shows network events that Prime Network recognizes and is able to process (actionable events). Some of these events might be correlated into tickets. – An hourglass in the Status column indicates that processing of the event is in progress. A check mark indicates that the event has been processed. – If an event has been correlated into a ticket, the ticket ID will appear in the table and you can click the link to access the ticket properties. – Events are removed from the Latest Events tab after 6 hours or when a maximum of 15000 events is reached, in which case the oldest events are removed first. Cisco Prime Network 4.0 User Guide OL-29343-01 9-3 Chapter 9 Working with Tickets in Prime Network Vision Viewing Tickets and Network Events for Elements in a Map Figure 9-1 Prime Network Vision Window 1 Menu bar 5 Status bar 2 Toolbar 6 Ticket pane 3 Inventory and map tabs 7 Hide/Display ticket pane 4 Content pane 8 Navigation pane Managing Tickets in the Tickets Tab Table 9-2 describes the functions that are available from the Tickets tab in the ticket pane. Table 9-2 Ticket Pane Available Functions Function Related Documentation Acknowledge a ticket. Acknowledging/Deacknowledging a Ticket, page 9-15 Clear a ticket. Clearing a Ticket, page 9-15 Clear and remove a ticket. Clearing and Removing Tickets, page 9-16 Filter and view all tickets that meet specific criteria. Filtering Tickets by Criteria, page 9-7 Cisco Prime Network 4.0 User Guide 9-4 OL-29343-01 Chapter 9 Working with Tickets in Prime Network Vision Viewing Tickets and Network Events for Elements in a Map Table 9-2 Ticket Pane Available Functions (continued) Function Related Documentation Locate the elements or links affected by the ticket Finding Affected Elements, page 9-15 in the map or links view. Remove a ticket. Removing a Ticket, page 9-16 View all tickets or only the filtered tickets of a selected element. Filtering Tickets by Network Element, page 9-6 View tickets. Viewing Tickets and Network Events for Elements in a Map, page 9-3 View ticket properties, including the history, correlated alarms, severity of the root cause alarm, and affected parties. Viewing Ticket Properties, page 9-9 Table 9-3 describes the information displayed in the ticket pane. Table 9-3 Ticket Information Displayed in the Ticket Pane Field Name Description Severity Severity of alarm, represented by an icon. The icon and its color indicate the alarm severity and thereby the impact of the alarm on the network. For more information about severity, see Map View, page 2-8. • Red—Critical • Orange—Major • Yellow—Minor • Light Blue—Warning • Green—Cleared • Medium Blue—Informational • Dark Blue—Indeterminate Ticket ID Ticket identifier, assigned sequentially. Click the hyperlinked entry to view ticket properties, and to acknowledge, clear, or refresh the ticket. For more information, see Chapter 9, “Working with Tickets in Prime Network Vision.” Notes An icon in this column indicates that a note has been added for the ticket. Click on the icon to read the note and add your own note, if necessary. Last Modification Time Date and time (per the database) that the ticket was last updated. Updates can result from either manual or automatic operations. Root Cause Severity of the root cause alarm, represented by a bell icon. The color indicates the severity of the root cause alarm, as described in the Severity field. Root Event Time Date and time that the event that created the root cause alarm of the ticket was detected. Description Description of the event that caused the ticket creation. Location Entity that triggered the ticket, as a hyperlink that displays the relevant location in the inventory. Element Type The type of element that triggered the root event, e.g., Cisco 7606. Cisco Prime Network 4.0 User Guide OL-29343-01 9-5 Chapter 9 Working with Tickets in Prime Network Vision Viewing Tickets and Network Events for Elements in a Map Table 9-3 Ticket Information Displayed in the Ticket Pane (continued) Field Name Description Acknowledged Whether the ticket is acknowledged or has been modified: Yes, No, or Modified. If the ticket is acknowledged, this field also displays the user who acknowledged the ticket; for example, Yes(root). Creation Time Date and time (per the database) that the ticket was created. Event Count Number of events associated with the ticket. Affected Devices Count Number of devices affected by the ticket, including the sources of the alarm and their subsequent alarms. Duplication Count For network events, the duplication count is calculated by the VNE and pertains only to flapping events. The duplication count represents the number of noncleared events aggregated by the flapping event. For tickets, the duplication count is the sum of the duplication counts of all events that are associated with the root alarm. Reduction Count For network events, the reduction count is calculated by the VNE and pertains only to flapping events. The reduction count represents the number of events that are aggregated by the flapping event. Ticket reduction count is the sum of reduction counts of all the events that are associated to the ticket. The History tab in the Windows Properties window displays one reduction count for each event listed. Alarm Count Total number of alarms associated with the ticket, including the root alarm. The ticket details in the ticket pane change automatically as new information arrives. For example, Port Down is updated to Port Up. By default, the tickets in the ticket pane are sorted according to the last modification time. The Find field enables you to search for information in the ticket pane table according to the selected column. For more information about the buttons displayed in Prime Network Vision tables and table functionality, see Filtering and Sorting Tabular Content, page 2-42. Filtering Tickets by Network Element Prime Network Vision enables you to filter the tickets that are shown in the ticket pane so that you see only the tickets that have the selected network element as the root cause. If the selected network element is alarmed due to an operation that occurred on a different VNE, element, or link, no tickets are displayed. To view tickets that have a specific network element as the root cause, do either of the following: • If the network element icon is at the largest size, click the Filter Tickets button. • Right-click the required network element in the navigation pane or a map and choose Filter Tickets. In response: • The ticket pane displays only the tickets that have the selected network element as the root cause. • The Filter button in the ticket pane toggles to indicate that a filter has been applied. Click Clear Filter in the ticket pane to view all tickets. Cisco Prime Network 4.0 User Guide 9-6 OL-29343-01 Chapter 9 Working with Tickets in Prime Network Vision Viewing Tickets and Network Events for Elements in a Map Filtering Tickets by Criteria Prime Network Vision enables you to define a filter for the tickets displayed in the ticket pane according to various criteria. For example, tickets can be filtered according to the number of affected parties or acknowledged tickets. To define a ticket filter: Step 1 Click Ticket Filter in the ticket pane toolbar. The Ticket Filter dialog box is displayed (Figure 9-2). Figure 9-2 Step 2 Ticket Filter Dialog Box Specify the filter criteria by using the following steps and the information in Table 9-4: a. Check the check box for each criterion to use for filtering. b. As needed, choose the operator for the filter, such as Contains or Does Not Contain. Cisco Prime Network 4.0 User Guide OL-29343-01 9-7 Chapter 9 Working with Tickets in Prime Network Vision Viewing Tickets and Network Events for Elements in a Map c. Supply the specific information to apply to the filter, such as the time, a string, or one or more IP addresses. Table 9-4 Prime Network Ticket Filter Options Field Description Severity Severity to be included in the filter. General Ticket ID Ticket identifier to be included or excluded when filtering. Description String in the ticket description to include or exclude. Location Network elements to include. Root Event Time Beginning and ending dates and times of the range for the root event time to apply to the filter. Last Modification Time Beginning and ending dates and times of the range for the ticket last modification time to apply to the filter. Creation Time Beginning and ending dates and times of the range for the ticket creation time to apply to the filter. Advanced Acknowledged Ticket acknowledgement status to include in the filter: Acknowledged, Not Acknowledged, or Modified. Event Count Event count value to use for filtering. Affected Devices Count Number of affected devices to use for filtering. Step 3 Element Type Filter by the type of device that triggered the root event. Duplication Count Duplication count value to use for filtering. Reduction Count Reduction count value to use for filtering. Alarm Count Alarm count value to use for filtering. Archived Archive status to use for filtering: True or False. Acknowledged By Username of the person who acknowledged the ticket. Cleared By Username of the person who cleared the ticket. Click OK. The tickets are displayed in the ticket pane according to the defined criteria. Note The Ticket Filter button in the ticket pane toggles to indicate that a filter has been applied. To remove a ticket filter: Step 1 Click Ticket Filter in the ticket pane toolbar. The Ticket Filter dialog box is displayed. Step 2 Click Clear. The selected options in the Ticket Filter dialog box are cleared. Step 3 Click OK. All the tickets are displayed in the ticket pane. Cisco Prime Network 4.0 User Guide 9-8 OL-29343-01 Chapter 9 Working with Tickets in Prime Network Vision Viewing Ticket Properties Viewing Ticket Properties In Prime Network Vision, open the Ticket Properties window in one of the following ways: • Open the required map and then double-click the required ticket identifier in the ticket pane. • Open the required map, right-click a ticket in the ticket pane, and choose Properties. Figure 9-3 shows the Ticket Properties window. Figure 9-3 Ticket Properties Window The information displayed in the Ticket Properties window corresponds with the information displayed in the Prime Network Vision ticket pane or the Prime Network Vision window. The ID number displayed in the header corresponds to the ID number of the ticket selected in the ticket pane. The Ticket Properties window contains the following components: • Details Tab, page 9-10 • Details Tab, page 9-10 • History Tab, page 9-11 • Affected Parties Tab, page 9-11 • Correlation Tab, page 9-13 • Advanced Tab, page 9-13 • Notes Tab, page 9-14 • User Audit Tab, page 9-14 Cisco Prime Network 4.0 User Guide OL-29343-01 9-9 Chapter 9 Working with Tickets in Prime Network Vision Viewing Ticket Properties Details Tab Table 9-5 describes the information that is displayed in the Details tab about the ticket. Table 9-5 Event Properties Window - Details Tab Field Description Ticket ID Ticket identifier. Severity Severity propagated from all the correlated alarms. Description Description of the ticket. Last Modification Time Date and time (per the database) that the ticket was last updated. Updates can result from either manual or automatic operations. Location Entity that triggered the root-cause alarm, as a hyperlink that opens the relevant location. Note If the entity that triggered the alarm is outside your scope, a message is displayed that states you do not have permission to access the selected item. Element Type The type of device on which the root event occurred, e.g., Cisco Nexus 5020 Switch Open Alarms Number of correlated alarms for the ticket that are open, such as 3/4. In this example, four indicates the total number of correlated alarms for the ticket, and three indicates the number of alarms that have not been cleared. Therefore, one alarm has been cleared. Root Event Time Date and time that the event that created the root cause alarm of the ticket was detected. Acknowledged Whether the ticket is acknowledged or has been modified: Yes, No, or Modified. If the ticket is acknowledged, this field also displays the user who acknowledged the alarm; for example, Yes(root). If a ticket changes after it has been acknowledged, it is marked as Modified. If an acknowledged ticket is deacknowledged, the status changes from Yes to No. Creation Time Date and time the ticket was created. Details Detailed description of the alarm. Troubleshooting Provides information about the probable cause of the last event in the root alarm and the action that should be taken to resolve the problem. In this release, troubleshooting information is provided for service events and for traps on ASR 5000 devices only. Cisco Prime Network 4.0 User Guide 9-10 OL-29343-01 Chapter 9 Working with Tickets in Prime Network Vision Viewing Ticket Properties History Tab The History tab enables you to display the history of the ticket, including all the events. Table 9-6 describes the information that is displayed in the History tab. Table 9-6 Ticket Properties Window - History Tab Field Description Severity Severity bell icon, colored according to the severity of the alarm. Event ID Event identifier of the specific alarm. Time Date and time the event was received by the Event Collector. Description Description of the event. Location Entity that triggered the alarm, as a hyperlink that opens the relevant location. Note If the entity that triggered the alarm is outside your scope, a message is displayed that states you do not have permission to access the selected item. Element Type The type of device on which the root event occurred, e.g., Cisco Nexus 5020 Switch Alarm ID Alarm identifier. Ticket ID Ticket identifier. This field appears in the History tab only in Prime Network Events. Causing Event ID Identifier of the causing event for the ticket. Duplication Count For network events, the duplication count is calculated by the VNE and pertains only to flapping events. The duplication count represents the number of noncleared events aggregated by the flapping event. Reduction Count For network events, the reduction count is calculated by the VNE and pertains only to flapping events. The reduction count represents the number of events that are aggregated by the flapping event. Detail panel Long description of the selected event. Affected Parties Tab The Affected Parties tab displays the service resources (pairs) that are affected by an event, an alarm, or a ticket. When a fault occurs, Prime Network automatically calculates the affected parties and embeds this information in the ticket along with all the correlated faults. You can view a list of all the endpoints that are affected. The Affected Parties tab displays the service resources (affected pairs) that are affected by the ticket. The Affected Parties tab contains two tables: Source and Destination. Table 9-7 describes the information that is displayed in the Affected Properties tab. Cisco Prime Network 4.0 User Guide OL-29343-01 9-11 Chapter 9 Working with Tickets in Prime Network Vision Viewing Ticket Properties Table 9-7 Ticket Properties Window - Affected Parties Tab Field Description Source Table Location Hyperlinked entry to the port with the affected parties. Key Unique value taken from the affected element’s business tag key, if it exists. Name Subinterface (site) name or business tag name of the affected element, if it exists. Type Business tag type. IP Address If the affected element is an IP interface, the IP address of the subinterface site. Affected Status (Agg) Status for the affected pair (destination). The same source can be part of multiple pairs, and therefore each pair can have a different affected status. The highest affected status reflects the highest among these. The affected status can be one of the following: • Potential • Real • Recovered • N/A—From the links view, this indicates Not Applicable. Destination Table Location Hyperlinked entry to the port with the affected parties. Key Unique value taken from the affected element’s business tag key, if it exists. Name Subinterface name or business tag name of the affected element, if it exists. Type Business tag type. IP Address If the affected element is an IP interface, the IP address of the subinterface site. Affected Status Status of the affected pair as calculated by the client according to the rules defined in Status Values for Affected Parties, page 9-17. Alarm Clear State For each pair, an indication of the clear state of the alarm: • Cleared—All related alarms for this pair have been cleared. • Not Cleared—One or more alarms for this pair have not been cleared. When an affected side is selected in the Source table, the Destination table lists all endpoints with services that have been affected between them and the entry selected in the Source table. Cisco Prime Network 4.0 User Guide 9-12 OL-29343-01 Chapter 9 Working with Tickets in Prime Network Vision Viewing Ticket Properties Note The Affected Parties dialog box occasionally displays entries that start with the word Misconfigured. Entries that start with Misconfigured indicate that the flow has stopped unexpectedly between the source and destination points. An unexpected termination point can be a routing entity, bridge, or VC switching entity. The significant aspects of Misconfigured entries are: • Because the link does not terminate as expected, the link is not actually impacted. • An error might exist in the configuration or status of the termination points. We recommend that you check the configuration and status of the affected termination points. Correlation Tab The Correlation tab displays all the alarms that are correlated to the selected ticket. Table 9-8 describes the information that is displayed in the Correlation tab. Table 9-8 Ticket Properties Window - Correlation Tab Field Description Alarm Correlation Alarms correlated with the ticket. Expand or collapse the branch to display or hide information as needed. The severity displayed is the severity of the root alarm. Short Description Description of the alarm. Location Hyperlinked entry that opens an window displaying the selected node along with the affected parties. Note If the entity that triggered the alarm is outside your scope, a message is displayed that states you do not have permission to access the selected item. Acknowledged Whether or not the root alarm has been acknowledged: Yes or No. Last Event Time Date and time the alarm was last modified. Detail Panel Long description of the selected entry. Advanced Tab The Advanced tab displays the following values for the selected ticket: • Duplication Count: – For network events, the duplication count is calculated by the VNE and pertains only to flapping events. The duplication count represents the number of noncleared events aggregated by the flapping event. – For tickets, the duplication count is the sum of the duplication counts of all events that are associated with the root alarm. Cisco Prime Network 4.0 User Guide OL-29343-01 9-13 Chapter 9 Working with Tickets in Prime Network Vision Viewing Ticket Properties • Reduction Count: – For network events, the reduction count is calculated by the VNE and pertains only to flapping events. The reduction count represents the number of events that are aggregated by the flapping event. – For tickets, reduction count is the sum of reduction counts of all the events that are associated to the ticket. The History tab in the Ticket Properties window displays one reduction count for each event listed. • Affected Devices—The number of devices affected by the ticket. • Alarm Count—The total number of alarms associated with the ticket, including the root alarm. Notes Tab The Notes tab enables you to add and save notes for the selected ticket. To add text, enter text in the Notes field and click Save Notes. The new text is added to any previously existing text. After you save a note, it appears in the Previous Notes section of the Notes tab, with the name of the user who added the note and the time it was added. If the user is an external user (for example, a Netcool user), the username will be displayed in the following format: “Added by prime-networkUserName (as externalUserName)” The following restrictions apply to the Notes tab: • You can add notes for a ticket only if both of the following conditions are true: – The default permission for your account is OperatorPlus or higher. – The security level for the device scope is OperatorPlus or higher for the device that holds the root alarm for that ticket. • The Notes tab is not available for archived tickets. • The Save Notes button is enabled only when text is entered in the Notes field. • The text cannot be edited or removed once you have saved the notes. User Audit Tab The User Audit tab enables you to see which ticket-related actions were carried out by which users, and when the action took place. If the user is an external user (for example, a Netcool user), the username will be displayed in the following format in the User Name column: “Added by prime-networkUserName (as externalUserName)” The following actions are reported in the User Audit tab: • Acknowledge ticket • Remove ticket (archive) • Clear ticket Cisco Prime Network 4.0 User Guide 9-14 OL-29343-01 Chapter 9 Working with Tickets in Prime Network Vision Managing Tickets Managing Tickets The following topics describe how to manage tickets: • Finding Affected Elements, page 9-15 • Acknowledging/Deacknowledging a Ticket, page 9-15 • Clearing a Ticket, page 9-15 • Removing a Ticket, page 9-16 • Clearing and Removing Tickets, page 9-16 You can acknowledge, clear, remove, or clear and remove a ticket only if both of the following conditions are true: Note • The default permission for your account is OperatorPlus or higher. • The security level for the device scope is OperatorPlus or higher for the device that holds the root alarm for that ticket. When Prime Network is in suite mode, the Acknowledge, Deacknowledge, Add Note, Clear, and Remove functions are disabled. Finding Affected Elements To locate elements affected by a ticket in Prime Network Vision, right-click the desired ticket in the ticket pane and then choose Find Affected Elements. Depending on the number of affected elements, the results are displayed in one of the following ways: • If only one element is affected, it is highlighted in the navigation pane and the content area. • If multiple elements are affected, they are displayed in the Affected Events window. Acknowledging/Deacknowledging a Ticket You can acknowledge a ticket to indicate that the ticket is being handled. The change is reported to the Prime Network gateway and all open Prime Network applications. You can acknowledge multiple tickets at the same time. If a new event is correlated to an acknowledged ticket, the ticket status becomes “Modified” and the ticket must be acknowledged again. Acknowledged tickets can be manually deacknowledged. To acknowledge/deacknowledge a ticket, right-click on the ticket and choose Acknowledge/Deacknowledge. Clearing a Ticket You can manually clear tickets when the issues they represent have been addressed. When an open ticket is cleared, the following operations are performed: • The ticket is acknowledged. • All non-cleared alarms associated with the ticket are cleared. • For tickets relating to physical network elements (e.g., link down, card out), the faulty network element is removed from the Prime Network inventory. Cisco Prime Network 4.0 User Guide OL-29343-01 9-15 Chapter 9 Working with Tickets in Prime Network Vision Managing Tickets After a ticket is cleared, it remains open for one hour (default) before it is archived. Incoming events can be correlated to the ticket during this time, effectively re-opening the ticket. An administrator can lock tickets so that they remain cleared and no new events can be correlated to them. For more information, see the section, “Changing Oracle Database Fault Settings: Clear, Archive, and Purge Fault Data”, in the Cisco Prime Network 4.0 Administrator Guide. To clear one or more tickets, do one of the following: • Select one or more tickets in the ticket pane, and then right-click and choose Clear. • Double-click a ticket in the ticket pane and click Clear in the Ticket Properties window. To clear and remove a ticket at the same time, select Clear and Remove from the right-click menu. If the system is set to automatically clear tickets, every minute the system scans for tickets that are not archived, not cleared, and that have not been modified in the last four minutes. If all the ticket’s events that are not defined as auto-clear are cleared, the system will automatically clear the ticket. Note If the root cause event is not cleared, the ticket will not be cleared. Removing a Ticket Prime Network Vision enables you to completely remove a ticket and all of its active alarms. The ticket is archived and removed from the ticket pane. The change is reported to the Prime Network gateway and all instances of Prime Network that are open. Only tickets with a status of Cleared or Information can be removed. Note This operation cannot be reversed. A ticket that has been removed can be viewed only by using Prime Network Events. When a ticket is removed: • New alarms that might be related to the ticket, and should therefore be correlated to it, are not correlated to the original ticket because the ticket has been removed from Prime Network Vision. • Flagging events that are ticketable open new tickets. The ticket’s events are shown immediately in the Latest Events tab. The new tickets will be visible in Prime Network Vision two minutes after the flagging event was created (or up to seven minutes in rare cases). To remove one or more tickets, select the required tickets in the ticket pane, and then right-click and choose Remove. For more information, see Filtering Tickets by Network Element, page 9-6. Clearing and Removing Tickets Clearing and removing a ticket: • Approves the reported faulty ticket. • Clears the faulty networking entity from Prime Network Vision. • Archives the ticket. You can clear and remove multiple tickets at the same time. This operation will attempt to modify any ticket which is not being used by other processes, such as a ticket that is being updated with new network events. In order to clear and remove a highly active ticket, you should select only that ticket. That way, the system will wait until it becomes available for an update before removing it. Cisco Prime Network 4.0 User Guide 9-16 OL-29343-01 Chapter 9 Working with Tickets in Prime Network Vision Impact Analysis in Prime Network To clear and remove one or more tickets, select the required tickets in the ticket pane, and then right-click and choose Clear and Remove. Note When Prime Network detects a large ticket (with more than 150 associated events), a system event is generated requesting the administrator to clear and remove the ticket. If this is not done within 15 minutes, the ticket will be automatically archived. A new ticket will be opened for any additional related incoming events. Impact Analysis in Prime Network Impact analysis enables you to identify the network elements and services that are impacted by a network fault or outage. These topics explain how to manage and interpret impact analysis: • Status Values for Affected Parties, page 9-17 • Accumulating Affected Parties, page 9-18 • Accumulating the Affected Parties in an Alarm, page 9-18 • Accumulating the Affected Parties in the Correlation Tree, page 9-19 • Updating Affected Severity over Time, page 9-19 Prime Network offers two modes of impact analysis: • Automatic impact analysis—When a fault occurs that has been identified as potentially service affecting, Prime Network automatically generates the list of potential and actual service resources that were affected by the fault, and embeds this information in the ticket along with all the correlated faults. Note • Note This applies only to specific alarms. Not every alarm initiates automatic impact analysis. Proactive impact analysis—Prime Network provides what-if scenarios for determining the possible effect of network failures. This enables on-demand calculation of affected service resources for every link in the network, thus enabling an immediate service availability check and analysis for potential impact and identification of critical network links. Upon execution of the what-if scenario, Prime Network initiates an end-to-end flow that determines all the potentially affected edges. Each fault that has been identified as potentially service affecting triggers an impact analysis calculation, even if the fault recurs in the network. Status Values for Affected Parties In automatic mode, the affected parties can be marked with one of the following status values: • Potential—The service might be affected but its actual state is not yet known. • Real—The service is affected. • Recovered—The service has recovered. This state applies only to entries that were marked previously as potentially affected. It indicates only the fact that there is an alternate route to the service, regardless of the service quality level. Cisco Prime Network 4.0 User Guide OL-29343-01 9-17 Chapter 9 Working with Tickets in Prime Network Vision Impact Analysis in Prime Network Initially, Prime Network might identify the services as either potentially or real affected. As time progresses and more information is accumulated from the network, Prime Network updates the information to indicate which of the potentially affected parties are real or recovered. The indications for these states are available through both the API and in the GUI. Note There is no clear state for the affected services when the alarm is cleared. Accumulating Affected Parties During automatic impact analysis, Prime Network automatically calculates the accumulation of affected parties. This information is embedded in the ticket along with all of the correlated faults. In the following example, these alarm types exist in the correlation tree: • Ticket root-cause alarm (Card Out). • An alarm which is correlated to the root cause and has other alarms correlated to it (Link A Down). • An alarm with no other alarms correlated to it (Link B Down and BGP Neighbor Loss). An event sequence is correlated to each of these alarms. Correlation Tree Example Card out | ----- Link A down | | | ------BGP neighbor loss | ----- Link B down 180110 Figure 9-4 Prime Network identifies the affected parties for each type of alarm and accumulates the following information: • The affected parties reported on all the events in the alarm event sequence, including flapping alarms. • The affected parties reported on the alarms that are correlated to it. The gathered information includes the accumulation of the affected report of all the events in its own correlation tree. For example, in Figure 9-4: • BGP neighbor loss includes the affected parties of all events in its own event sequence. • Link A Down includes the affected parties of its own event sequence and the accumulated information of the BGP Neighbor Loss event. Accumulating the Affected Parties in an Alarm If two events form part of the same event sequence in a specific alarm, the recurring affected pairs are displayed only once in the Affected Parties tab. If different affected severities are reported for the same pair, the pair is marked with the severity that was reported by the latest event, according to the time stamp. Cisco Prime Network 4.0 User Guide 9-18 OL-29343-01 Chapter 9 Working with Tickets in Prime Network Vision Impact Analysis in Prime Network Accumulating the Affected Parties in the Correlation Tree If two or more alarms that are part of the same correlation tree report on the same affected pair of edgepoints and have different affected severities, the recurring affected pairs are displayed only once in the Affected Parties tab. If different affected severities are reported for the same pair, the pair is marked with the highest severity. For example, assume that X and Y are the OIDs of edgepoints in the network, and a service is running between them. Both alarms, Link B Down and BGP Neighbor Loss, report on the pair X < > Y as affected: • Link B Down reports on X < > Y as potentially affected. • BGP Neighbor Loss reports on X < > Y as real affected. The affected severity priorities are: • Real—Priority 1 • Recovered—Priority 2 • Potential—Priority 3 Card Out reports on X < > Y as real, affected only once. Updating Affected Severity over Time In some cases, Prime Network updates the affected severity of the same alarm over time because the effect of the fault on the network cannot be determined until the network has converged. For example, a Link Down alarm creates a series of affected severity updates over time. These updates are added to the previous updates in the system database. In this case, the system provides the following reports: • The first report of a link down reports on X < > Y as potentially affected. • Over time, the VNE identifies that this service is real affected or recovered, and generates an updated report. • The Affected Parties tab of the Ticket Properties dialog box displays the latest severity as real affected. • The Affected Parties Destination Properties dialog box displays both reported severities. This functionality is available only in the link-down scenario in MPLS networks. Cisco Prime Network 4.0 User Guide OL-29343-01 9-19 Chapter 9 Working with Tickets in Prime Network Vision Impact Analysis in Prime Network Cisco Prime Network 4.0 User Guide 9-20 OL-29343-01 CH A P T E R 10 Working with Reports Cisco Prime Network (Prime Network) provides a Report Manager that enables you to schedule, generate, view, and export reports of the information managed by Prime Network. You can save the generated reports in any of the following formats: PDF, CSV, HTML, XLS, and XML. In addition to a variety of standard reports for events and inventory, you can define reports as required for your environment. The following topics discuss the Report Manager and reports in more detail: Note • User Roles Required to Manage Reports, page 10-1 • Using the Report Manager, page 10-4 • Report Categories, page 10-11 • Generating Reports, page 10-22 • Scheduling Reports, page 10-38 • Managing Reports, page 10-39 • Defining Report Types, page 10-45 • Managing Report Folders, page 10-45 Besides using the Standard Reports tool, you could also generate reports using the new Prime Network Operations Reports tool. For more information on Operations Reports, see Prime Network Operations Reports User Guide. User Roles Required to Manage Reports This topic identifies the roles that are required to manage reports. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the Cisco Prime Network 4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide OL-29343-01 10-1 Chapter 10 Working with Reports User Roles Required to Manage Reports The following tables identify the tasks that you can perform: • Table 10-1 identifies whether you can generate a report if a selected element is not in one of your assigned scopes. • Table 10-2 identifies whether you can generate a report if a selected element is in one of your assigned scopes. • Table 10-3 identifies the tasks you can perform on the reports that you generate. • Table 10-4 identifies the tasks you can perform on the reports that someone else generates. • Table 10-5 identifies the tasks you can perform on report folders. By default, users with the Administrator role have access to all managed elements. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Table 10-1 Default Permission/Security Level Required for Generating Reports - Element Not in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator — — — — X Generate Events Reports • Detailed Network Events Reports 1 • Detailed Non-Network Events Reports — — — Partial X • All other events reports — — — — X Generate Inventory Reports — — — — X Generate Network Service Reports — — — — X 1. A user with the Configurator role can generate Detailed Provisioning Events reports for elements that are in and outside their scope. Table 10-2 Default Permission/Security Level Required for Generating Reports - Element in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator X X X X X Generate Events Reports • Detailed Network Events Reports1 2 • Detailed Non-Network Events Reports — — — Partial X • All other events reports X X X X X Generate Inventory Reports X X X X X Generate Network Service Reports X X X X X 1. Detailed Ticket reports include only those tickets that have a root cause alarm associated with an element in the user’s scope. 2. A user with the Configurator role can generate Detailed Provisioning Events reports for elements that are in and outside their scope. Cisco Prime Network 4.0 User Guide 10-2 OL-29343-01 Chapter 10 Working with Reports User Roles Required to Manage Reports Table 10-3 Default Permission/Security Level Required for Working with Reports You Generate Task Viewer Operator OperatorPlus Configurator Administrator Schedule reports X X X X X Cancel reports X X X X X Delete reports X X X X X Export reports X X X X X Rename reports X X X X X Save reports X X X X X Report Tasks Set report preferences for purging and sharing — — — — X 1 1 1 1 X X X X Share/unshare reports X View report properties X X X X X View reports X X X X X 1. You can share or unshare reports only if sharing is enabled in Prime Network Administration. Table 10-4 Default Permission/Security Level Required for Working with Reports Another User Generates Task Viewer Operator OperatorPlus Configurator Administrator Schedule reports — — — — X Cancel reports — — — — X Delete reports — — — — X Export reports — — — — X Rename reports — — — — X Save reports — — — — X Set report preferences for purging and sharing — — — — X Share/unshare reports — — — — X View report properties — — — — X View reports — — — — X Report Tasks Table 10-5 Default Permission/Security Level Required for Working with Report Folders Task Viewer Operator OperatorPlus Configurator Administrator X X X X X X X X X X X X X X X X X X X X Report Folder Tasks Create folders Delete folders Move folders 1 1 Rename folders1 Cisco Prime Network 4.0 User Guide OL-29343-01 10-3 Chapter 10 Working with Reports Using the Report Manager Table 10-5 Default Permission/Security Level Required for Working with Report Folders (continued) Task Viewer Operator OperatorPlus Configurator Administrator View report folder properties X X X X X View report type properties X X X X X 1. You cannot perform this action on system-generated folders, such as the Events Reports folder. Using the Report Manager The Report Manager is available from Prime Network Vision, Prime Network Events, and Prime Network Administration by choosing Reports > Report Manager. The Report Manager (shown in Figure 10-1) enables you to run standard reports, such as the number of syslogs by device. The Report Manager also enables you to create reports and folders, view previously generated reports, define report types for your use, and organize reports in a manner suited to your environment and needs. Figure 10-1 Report Manager Window 1 Menu bar 3 Navigation tree with report types and folders 2 Toolbar 4 Content pane Cisco Prime Network 4.0 User Guide 10-4 OL-29343-01 Chapter 10 Working with Reports Using the Report Manager Figure 10-2 shows an example of a generated report with a pie chart. Figure 10-2 Sample Report Generated reports contain the following information in the report heading: • Report name • Date, time, and time zone in which the report was generated • Name of user who generated the report Depending on the type of report, the following additional information can appear in the report heading: • Source of the data, such as the fault or alarm database • Time period covered by the report • Number of items included in the report • Any filters or maps applied to the report A report might also include a pie chart. If you hover your mouse cursor over a section in the pie chart, a tooltip displays the information associated with that section, such as IP address, number of events, type of event, or percentage of total events. Note Not all reports include pie charts. In addition, reports that normally include a pie chart do not display a pie chart if the chart exceeds 25 slices. Cisco Prime Network 4.0 User Guide OL-29343-01 10-5 Chapter 10 Working with Reports Using the Report Manager Menu Options Table 10-6 describes the menu options available in the Report Manager window. Table 10-6 Report Manager Menu Options Option Description File Menu Exit Exits the Report Manager window. Tools Menu Change User Password Enables you to change the password used when logging into the Prime Network client application suite. The change takes effect the next time you log into the application. Note The administrator can also change a user password in Prime Network Administration. Help Menu Cisco Prime Network Report Manager Help Opens the online help for Prime Network Vision and Prime Network Events. Cisco.com Unavailable. About Cisco Report Manager Displays application information about Prime Network Vision and Prime Network Events. Report Manager Toolbar Table 10-7 identifies the buttons that appear in the Report Manager toolbar. Table 10-7 Icon Report Manager Toolbar Buttons Name Description Run Generates the selected report. Define Report of This Type Enables you to define a report of this type that is suited specifically to your environment. New Folder Creates a new folder. Move Moves one or more folders or reports that you created. Cisco Prime Network 4.0 User Guide 10-6 OL-29343-01 Chapter 10 Working with Reports Using the Report Manager Table 10-7 Icon Report Manager Toolbar Buttons (continued) Name Description Rename Renames a folder that you created. Delete Deletes one or more folders that you created. Delete Report Deletes one or more selected reports. View Displays the selected report in HTML format. Navigation Tree The navigation pane displays a tree-and-branch representation of report folders and types of reports. The highest level in the tree displays report folders. The following standard report folders are provided in Report Manager: • Events Reports • Inventory Reports • Network Service Reports Each folder contains the types of reports that are provided with Prime Network and any user-defined reports. For more information on the standard report types, see Table 10-12. When you select an item in the tree, the content pane displays the generated reports as follows: • If you select a folder, the content pane lists all reports that have been generated using any of the report types in that folder. • If you select a report type, the content pane lists all reports that have been generated of that report type. Content Pane The content pane lists all reports generated for the folder or report type selected in the navigation tree. You can double-click a report to view the report in HTML format. Figure 10-3 shows an example of the content pane. Cisco Prime Network 4.0 User Guide OL-29343-01 10-7 Chapter 10 Working with Reports Using the Report Manager Figure 10-3 Reports Manager Content Pane Table 10-8 describes the information displayed in the content pane for each report. Table 10-8 Reports Manager Content Pane Information Attribute Description Name Name of the report. Double-click the report to view the report in HTML format. Description Brief description of the report. Creation Time Date and time when the report was generated. Type Report type. State State of the report: Running, Done, Canceled, or Failed. For more information about the Failed state, see Generating Reports, page 10-22. Created By User who created the report. Running Time Amount of time it takes for the report to be complete. Size Report size. Cisco Prime Network 4.0 User Guide 10-8 OL-29343-01 Chapter 10 Working with Reports Using the Report Manager Table 10-8 Reports Manager Content Pane Information (continued) Attribute Description Public Availability of the report to other users: Data Source • True—The report is available to all users. • False—The report is available to only the user who generated the report and the administrator. Source of the report data. • Fault Database—Contains active network events (network events, alarms, and tickets) and non-network events (system, audit, security, provisioning, and so forth). As active network events age, they are moved to an archive partition in the database. Eventually network and non-network events are purged according to their age. • Event Archive—Contains all raw events that are sent from devices to Prime Network. By default, saving raw events to the Event Archive is enabled. • Network element—Information is retrieved from the NE. For more information on the Fault Database and Event Archive, see the see the Cisco Prime Network 4.0 Administrator Guide. Note Reports are purged from Prime Network after 90 days by default. This setting can be modified by changing the setting in Prime Network Administration. For more information, see the Cisco Prime Network 4.0 Administrator Guide. Reports Right-Click Options Right-click options are available for: • Navigation Pane Folders, page 10-9 • Navigation Pane Reports, page 10-10 • Content Pane Reports, page 10-10 Navigation Pane Folders Table 10-9 describes the options available when you right-click a folder in the navigation pane. Table 10-9 Report Manager Navigation Pane Folder Right-Click Options Option Description New Folder Creates a new folder. Delete Deletes a user-defined folder. Rename Renames a user-defined folder. Move Moves a user-defined folder. Properties Lists the folder contents. For more information on this ndow, see Viewing Folder and Report Type Properties, page 10-47. Cisco Prime Network 4.0 User Guide OL-29343-01 10-9 Chapter 10 Working with Reports Using the Report Manager Navigation Pane Reports Table 10-10 describes the options available when you right-click a report in the navigation pane. Table 10-10 Report Manager Navigation Pane Report Right-Click Options Option Description Run Displays the Run Report dialog box so you can run a report of this type specifically for your environment and adds the generated report to the table in the content pane. Define Report of This Type This option is available only for Cisco-supplied report types. Delete Deletes a user-defined report. Move Moves a user-defined report. Properties For a standard report type, displays the Reports Type Properties window which includes a brief description of the report and enables you to generate the report. For more information on the Reports Type Properties window, see Viewing Report Properties, page 10-44. Displays the Define Report dialog box so you can create a report of this type specifically for your environment, and adds the newly defined report to the navigation tree. For a user-defined report, displays the Edit report dialog box so that you can modify the currently defined settings and generate the report. Content Pane Reports Table 10-11 describes the options available when you right-click a report in the content pane. Table 10-11 Report Manager Content Pane Report Right-Click Options Option Description View As Displays the report in the selected format: • HTML • PDF • CSV • XLS • XML The default option, HTML, is displayed in bold font. For more information on viewing reports, see Viewing and Saving Reports, page 10-40. Rename Renames the selected report. Share or Unshare Shares the selected reports or limits them to your viewing only. The option toggles between Share and Unshare, as appropriate for the selected reports. By default, the Share and Unshare options are available only to users with administrator access. These options are available to other users only if an administrator has enabled sharing in Prime Network Administration. For more information, see the Cisco Prime Network 4.0 Administrator Guide. Delete Report Deletes the selected reports. Cisco Prime Network 4.0 User Guide 10-10 OL-29343-01 Chapter 10 Working with Reports Report Categories Table 10-11 Report Manager Content Pane Report Right-Click Options (continued) Option Description Cancel This option is displayed only while the selected report is being generated or queued. Cancels the report that is being generated or is queued. Show Only Selected Rows Displays only the rows that you select. Show All Rows Displays all table rows that meet the current filtering criteria. Properties Displays the Reports Type Properties window, which includes a brief description of the report and enables you to edit its name and description. Report Categories Prime Network Vision provides reports related to: • Events—See Events Reports, page 10-11. • Inventory—See Inventory Reports, page 10-18. • Network services—See Network Service Reports, page 10-20. Events Reports Prime Network Vision provides the following standard event report types: Table 10-12 • General report types, as described in Table 10-12. • Detailed network event reports, as described in Table 10-13. • Detailed non-network event reports, as described in Table 10-14. Standard Events Report Types Report Name Description Data Source Daily For each day of the specified time period, the peak number and average rate of syslogs and Average and traps for each of the following time periods: Peak • Second Fault Database • Ten seconds • Minute • Hour • Day Cisco Prime Network 4.0 User Guide OL-29343-01 10-11 Chapter 10 Working with Reports Report Categories Table 10-12 Standard Events Report Types (continued) Report Name Description Data Source Database Monitoring Fault Database For regular time intervals: • Number of active tickets • Number of active alarms • Number of active events • Number of unconnected events • Number of auto-archive candidates • Number of notifications • Biggest Ticket ID • Number of event count in the biggest ticket • Actionable Event rate per second • Number of dangling events handled by the integrity process • Number of tickets created by the integrity process Devices with For the specified number of devices with the most events, the following information for each Fault Database device for the specified time period: the Most Events (By • Severity of the events associated with the device, sorted by severity Severity) • Number of events for each severity A pie chart presents the information by device and percentage in a graphical format. Devices with For the specified number of devices with the most events, the following information for each Fault Database device for the specified time period: the Most Events (By • Type of events associated with the device Type) • Number of events received for each event type A pie chart presents the information by device and percentage in a graphical format. Devices with For the specified number of devices with the most syslogs, the number of syslog messages for User choice: the Most each device for the specified time period. • Fault Syslogs Database You can run this report on the Prime Network Fault Database or the Event Archive. A pie chart presents the information by device and percentage in a graphical format. • Event Archive Devices with For the specified number of devices with the most traps, the number of traps associated with User choice: the Most each device for the specified time period. • Fault Traps You can run this report on the Fault Database or the Event Archive. Database A pie chart presents the information by device and percentage in a graphical format. • Event Archive Cisco Prime Network 4.0 User Guide 10-12 OL-29343-01 Chapter 10 Working with Reports Report Categories Table 10-12 Standard Events Report Types (continued) Report Name Description Data Source Event Reduction Statistics Fault Database For the specified devices and time period: • Names of those tickets with: – The root cause in the device list – The ticket creation time within the specified period • For each ticket type identified: – Number of tickets of that type – Fewest number of correlated events – Highest number of correlated events – Average number of correlated events Events Provides the following information: Troubleshoo • State—The event condition. ting Info • Troubleshooting—The probable cause, action to be taken, and the clearing condition. Fault Database Fault DB vs. For each day in the specified time period, the number of each of the following items in the Fault Database and the Event Archive: Event Archive • Syslogs Statistics • Traps Fault Database and Event Archive Mean Time to Repair • Tickets • Correlated events • Uncorrelated events • Nonnetwork events • Network-originated events • Network-originated and service events For the specified devices and time period: • Fault Database Names of those tickets with: – The root cause in the device list – The ticket creation time within the specified period • For each ticket type identified: – Whether the tickets were cleared by the user or network – Number of tickets – Minimum time (in seconds) to repair – Maximum time (in seconds) to repair – Average time (in seconds) to repair Note The time to repair is based on the ticket creation time and the time the ticket was last modified. For example, if you acknowledge a ticket after it has been cleared. the acknowledgement time affects the time to repair for that ticket. Cisco Prime Network 4.0 User Guide OL-29343-01 10-13 Chapter 10 Working with Reports Report Categories Table 10-12 Standard Events Report Types (continued) Report Name Description Data Source Most For each day in the specified time period: Common • Specified number of most common tickets, service events, syslogs, and traps Daily Events • Number of each type of ticket, service event, syslog, and trap Fault Database • If selected, a pie chart presenting the events by percentage in a graphical format Most Common Syslogs Most common syslog messages and the number of each for the specified time period and devices. Syslog Count Number of syslog messages by type for the specified time period with the times of the first and last occurrences. Fault Database A pie chart presents the information by syslog message and percentage in a graphical format. Fault Database A pie chart presents the information by syslog message and percentage in a graphical format. Syslog Count (By Device) For each device, the type and number of each syslog message and the times of the first and last occurrences for each type. Syslog Trend (By Severity) For the specified devices, the trend of specified syslog messages in graph format: Fault Database A pie chart presents the information by device and percentage in a graphical format. • By priority • For the specified time period • At the specified intervals Fault Database Cisco Prime Network 4.0 User Guide 10-14 OL-29343-01 Chapter 10 Working with Reports Report Categories Table 10-13 Detailed Network Events Report Types Report Name Description Data Source Detailed Event Count (By Device) For each device, the following information for the specified time period: Fault Database • For syslogs: – Syslog severities – Number of syslogs per severity – Syslog type – Number of each syslog type • For traps: – Trap severities – Number of traps per severity – Trap type – Number of each trap type • For tickets: – Ticket severities – Number of tickets per severity – Ticket type – Number of each ticket type – You can select a maximum of 1000 devices for this report. Detailed Service Events Detailed Syslogs For each service event of the specified severities, time period, and devices: • Event severity • Event identifier • Timestamp • Brief and detailed descriptions • Device on which the event occurred • Alarm identifier • Ticket identifier • Causing event identifier • Duplication count • Reduction count Fault Database For each device that is selected, the following information from the Event Archive for User selection: the specified time period: Event Archive or Fault • IP address Database • Date and time of each syslog, in ascending order • Syslog raw data or description, depending on the data source The maximum number of syslogs retrieved for this report is 250,000. Cisco Prime Network 4.0 User Guide OL-29343-01 10-15 Chapter 10 Working with Reports Report Categories Table 10-13 Detailed Network Events Report Types (continued) Report Name Description Data Source Detailed Tickets For each ticket of the specified severities, time period, and device: Fault Database Detailed Traps • Ticket severity • Ticket identifier • Last modification time • Root event time • Description • Entity that caused the alarm • Whether or not the ticket is acknowledged • Ticket creation time • Event count • Affected devices count • Duplication count • Reduction count • Alarm count For each managed device that is selected, the following information for the specified User Selection: Event Archive time period: or Fault • IP address Database • Time of trap • SNMP version • Trap description • Generic or device-specific trap OID, if the source is the Event Archive • Long description, if the data source is the Fault Database The maximum number of traps retrieved for this report depends on whether the Long Description check box is selected. When checked, a maximum of 30,000 traps are retrieved. When this check box is not checked, a maximum of 100,000 traps are retrieved for this report. Cisco Prime Network 4.0 User Guide 10-16 OL-29343-01 Chapter 10 Working with Reports Report Categories Table 10-14 Detailed Non-Network Events Report Types Report Name Description Detailed Audit Events For each audit event included in the report for the specified time period, severities, Fault Database and search criteria: Detailed Provisioning Events Detailed Security Events • Event severity • Event identifier • Timestamp • Description • Command name • Command signature • Command parameters • Originating IP address • Username Data Source For each provisioning event included in the report for the specified time period, severities, and search criteria: • Event severity • Event identifier • Timestamp • Description • Location • Username • Device username • Status For each security event included in the report for the specified time period, severities, and search criteria: • Event severity • Event identifier • Timestamp • Description • Location • Username • Originating IP address Fault Database Fault Database Cisco Prime Network 4.0 User Guide OL-29343-01 10-17 Chapter 10 Working with Reports Report Categories Table 10-14 Detailed Non-Network Events Report Types (continued) Report Name Description Detailed System Events For each system event included in the report for the specified time period, severities, Fault Database and search criteria: • Event severity • Event identifier • Timestamp • Description • Location Data Source Inventory Reports Table 10-15 describes the standard inventory report types provided by Prime Network Vision and the data source. Table 10-15 Standard Inventory Report Types Report Name Description Data Source Hardware Detailed For each device included in the report: Network elements • IP address • Device series • Element type You can view other hardware information for each device by selecting the required items from the available list as given below: Hardware Summary • Chassis—chassis description, chassis serial number, shelf description, shelf serial number, and shelf status • Module—module name, sub module name, module status, hardware type, and hardware version • Port—port location, port type, porting sending alarm, port alias, port status, port managed, PID, and pluggable type serial number. For each device included in the report: • IP address • System name • Serial number • Element type • Device series • Vendor • Product • Chassis Network elements You can group the report contents by vendor, product, device series, element type, system name, or chassis and specify part or whole of the selected entity, if required. Cisco Prime Network 4.0 User Guide 10-18 OL-29343-01 Chapter 10 Working with Reports Report Categories Table 10-15 Report Name Standard Inventory Report Types (continued) Description Data Source IOS-XR Software For each device included in the report: Package • Device name Summary • Element type • IP address • Serial number • Cisco IOS XR software version • For each software package installed on the device: Network elements – Storage location – Software package name – Module name – Software package state: Active or Inactive Modules Summary (By Type) Network elements For each device filtered by module type: • IP address • Module serial number • Module hardware version • Module software version You can filter the report contents by specifying part or whole of the module type. Software Summary (By Device) Software Summary (By Version) For each device included in the report: • Device name • Element type • IP address • Serial number • Software version on the device • Name of image file For each software version included in the report: • Number of devices running the version • Device names • Element types • Device IP address • Device serial number • Name of image file Network elements Network elements Cisco Prime Network 4.0 User Guide OL-29343-01 10-19 Chapter 10 Working with Reports Report Categories Network Service Reports Table 10-16 describes the standard network service report types provided by Prime Network Vision and the data source. Table 10-16 Standard Network Service Report Types Report Name Description Data Source Ethernet Service Detailed For each Ethernet service in the report: Fault Database • Ethernet service or Layer 2 VPN name • Business tag assigned to the Ethernet service or Layer 2 VPN instance • EVC name • Business tag assigned to the EVC • Maps containing the Ethernet service or Layer 2 VPN • Edge EFPs associated with the EVC or Layer 2 VPN • EFD fragment names • EFD fragment type You can filter report content by specifying part or all of the: Ethernet Service Summary • Ethernet service name • EVC name • Ethernet service business tag • EVC business tag • Map name For each Ethernet service in the report: • Ethernet service or Layer 2 VPN name • Business tag assigned to the Ethernet service or Layer 2 VPN instance • EVC name • Business tag assigned to the EVC • Maps containing the Ethernet service or Layer 2 VPN Fault Database You can filter report content by specifying part or all of the: • Ethernet service name • EVC name • Ethernet service business tag • EVC business tag • Map name Cisco Prime Network 4.0 User Guide 10-20 OL-29343-01 Chapter 10 Working with Reports Report Categories Table 10-16 Standard Network Service Report Types (continued) Report Name Description Data Source Network Pseudowire Detailed For each network pseudowire in the report: Fault Database • Pseudowire name • Pseudowire type • Business tag assigned to the pseudowire • Maps containing the pseudowire • Pseudowire details • Type of pseudowire, such as pseudowire edge, Ethernet flow point, or switching entity You can filter report content by specifying part or all of the: Network Pseudowire Summary • Pseudowire name • Pseudowire type • Business tag • Map name For each network pseudowire in the report: • Pseudowire name • Pseudowire type • Business tag assigned to the pseudowire • Maps containing the pseudowire Fault Database You can filter the report content by specifying part or all of the: VPLS Detailed • Pseudowire name • Pseudowire type • Business tag • Map name For each VPLS or H-VPLS instance in the report: Fault Database • VPLS or H-VPLS name • Business tag associated with the VPLS or H-VPLS instance • Maps containing the VPLS or H-VPLS instance • VPLS details • Type of VPLS service, such as VPLS forward, access EFP, or core pseudowire You can filter report content by specifying part or all of the: • VPLS or H-VPLS name • Business tag • Map name Cisco Prime Network 4.0 User Guide OL-29343-01 10-21 Chapter 10 Working with Reports Generating Reports Table 10-16 Standard Network Service Report Types (continued) Report Name Description Data Source VPLS Summary For each VPLS or H-VPLS instance in the report: Fault Database • VPLS or H-VPLS name • Business tag assigned to the VPLS or H-VPLS instance • Maps containing the VPLS or H-VPLS instance You can filter report content by specifying part or all of the: • VPLS or H-VPLS name • Business tag • Map name Generating Reports You can generate reports in any of the following ways: • Generating Reports from Report Manager, page 10-23 • Generating Reports from the Reports Menu, page 10-37 • Generating Reports from Prime Network Vision, page 10-38 You can generate reports only for devices that are within your scope. Note Report Manager generates reports up to 150 MB in size. If you generate a report that exceeds this limit: • Report Manager window displays Failed in the State column. • An error message is entered in the log stating that the report failed because the resulting output is too large. To run the report successfully, enter more specific report criteria or limit the time period covered by the report. Database Load and Report Generation If you generate reports while Prime Network Vision is working under a database load, the reports move to a Load mode which is indicated by a system event. While Prime Network Vision is in Load mode, the reports currently running are cancelled and new reports are queued. After Prime Network Vision returns to normal operation and is no longer operating under a load, a new system event is generated and the queued reports start running. Report Generation Failure If a report fails to generate successfully, the State column contains the word Failed. Click Failed to view the reason for the failure. A window is displayed with the cause of the failure, such as The disk space allocated for report storage is full or AVM 84 was restarted while the report was running. Cisco Prime Network 4.0 User Guide 10-22 OL-29343-01 Chapter 10 Working with Reports Generating Reports Report Generation Canceled If a report is canceled before it completes, the State column contains the word Canceled. Click Canceled to view the reason for the cancellation. A window is displayed with the cause of the cancellation, such as The report was canceled by user or The report was canceled by the system to prevent system overload. Generating Reports from Report Manager Prime Network Vision provides three report categories as described in Report Categories, page 10-11. The information that you need to provide when generating a report depends on the report type. The following topics describe the information required to generate each report type: Note • Generating Events Reports, page 10-23 • Generating Inventory Reports, page 10-31 • Generating Network Service Reports, page 10-34 You can generate reports only for devices that are within your scope. Generating Events Reports To generate an events report using Report Manager: Step 1 In Prime Network Vision, Prime Network Events, or Prime Network Administration, choose Reports > Report Manager. Step 2 In the Report Manager window, choose Events Reports > report-type. For information on the reports available for events, see Table 10-12. Step 3 Generate the report by right-clicking the report type, then choosing Run. The Run Report dialog box is displayed. An example is shown in Figure 10-4. The fields displayed in the Run Report dialog box vary depending on the type of report. Cisco Prime Network 4.0 User Guide OL-29343-01 10-23 Chapter 10 Working with Reports Generating Reports Figure 10-4 Step 4 Events Report - Run Report Dialog Box In the Run Report dialog box, specify the report settings as follows: • For standard events reports, use the information in Table 10-17. • For detailed network reports, use the information in Table 10-18. • For detailed non-network reports, use the information in Table 10-19. Cisco Prime Network 4.0 User Guide 10-24 OL-29343-01 Chapter 10 Working with Reports Generating Reports Table 10-17 Events Report - Run Report Dialog Box Fields Option Description Report Settings Report Name Enter a unique name for the report, from 1 to 150 characters in length. Report names cannot include the following characters: ;?<>/:\"#*|. Description Enter a brief description of the report. Report Security This field is displayed only if report sharing is enabled in Prime Network Administration. Indicate the level of security for the report by clicking the appropriate option: • Private—The report can be viewed and used only by the report creator and the administrator. • Public—The report can be viewed and used by all other users, regardless of whether the devices are listed in the report are in the user’s scope. Note Display n You can share reports with others only if sharing is enabled in Prime Network Administration. For more information, see the Cisco Prime Network 4.0 Administrator Guide. This field does not appear for all reports. Enter the number of items to be displayed in the generated report. Data Source This field does not appear for all reports. Select the source of information to use for the report: Fault Database or Event Archive. Include pie charts in report output This field does not appear for all reports. Check the check box to view pie charts in the report with the standard numerical output. Date Selection Last Specify the length of time before the current date and time, and the unit of measure: seconds, minutes, hours, days, weeks, or months. From Date Specify the date range for the report: To Date 1. Click From Date. 2. In the From date field, enter the start date for the time period, or click the drop-down arrow to select the start date from a calendar. 3. Enter a time for the start date, using the format HH MM SS. 4. In the To Date field, enter the end date for the time period, or click the drop-down arrow to select the end date from a calendar. 5. Enter a time for the end date, using the format HH MM SS. Cisco Prime Network 4.0 User Guide OL-29343-01 10-25 Chapter 10 Working with Reports Generating Reports Table 10-17 Events Report - Run Report Dialog Box Fields (continued) Option Description Device Selection Select Devices Note • You can add only those devices that are within your scope. • A user with the Administrator role can select unmanaged devices (by IP address) for reports that run on the Event Archive. Select devices to include in the report: 1. Click Select Devices. 2. Click Add. 3. In the Add Network Element dialog box, select devices using either of the following methods: – To select devices that meet specific criteria, click Search and enter the required criteria. – To select from all network elements, click Show All. All Devices 4. In the list of displayed elements, select the network elements that you want to include in the report. You can select multiple network elements at a time. 5. Click OK. This field does not appear for all reports. Click All Devices to include all devices in your scope in the report. Syslog Trend (by Severity) Report—Additional Report Specifications Intervals In the Grouped by drop-down list, choose the unit of time to use for tracking the trend: Seconds, Minutes, Hours, or Days. Severity Check the check boxes of the syslog message severities to be included in the report: All, Critical, Major, Minor, Warning, Cleared, Information, and Indeterminate. Syslog Messages Specify the syslog messages to be included in the report: • To include selected syslog messages in the report, in the list of syslog messages on the left, select the required syslog messages, and then click Add Selected to move them to the list of syslog messages on the right. • To include all syslog messages in the report, click Add All. To find syslog messages that match a string, enter the string in the Find field. The list of syslog messages is automatically updated to include only those messages that contain the string you enter. Click the Sort Order button to sort the syslog messages in alphabetic or reverse alphabetic order. Cisco Prime Network 4.0 User Guide 10-26 OL-29343-01 Chapter 10 Working with Reports Generating Reports Table 10-18 Option Detailed Network Events Reports - Run Report Dialog Box Fields Description Report Settings Report Name Enter a unique name for the report, from 1 to 150 characters in length. Report names cannot include the following characters: ;?<>/:\"#*|. Description Enter a brief description of the report. Report Security This field is displayed only if report sharing is enabled in Prime Network Administration. Indicate the level of security for the report by clicking the appropriate option: • Private—The report can be viewed and used only by the report creator and the administrator. • Public—The report can be viewed and used by all other users, regardless of whether the devices are listed in the report are in the user’s scope. Note Data Source You can share reports with others only if sharing is enabled in Prime Network Administration. For more information, see the Cisco Prime Network 4.0 Administrator Guide. This field does not appear for all reports. Select the source of information to use for the report: Fault Database or Event Archive. Date Selection Last Specify the length of time before the current date and time, and the unit of measure: seconds, minutes, hours, days, weeks, or months. From Date Specify the date range for the report: To Date 1. Click From Date. 2. In the From date field, enter the start date for the time period, or click the drop-down arrow to select the start date from a calendar. 3. Enter a time for the start date, using the format HH MM SS. 4. In the To Date field, enter the end date for the time period, or click the drop-down arrow to select the end date from a calendar. 5. Enter a time for the end date, using the format HH MM SS. Cisco Prime Network 4.0 User Guide OL-29343-01 10-27 Chapter 10 Working with Reports Generating Reports Table 10-18 Detailed Network Events Reports - Run Report Dialog Box Fields (continued) Option Description Device Selection Select Devices Note • You can add only those devices that are within your scope. • A user with the Administrator role can select unmanaged devices (by IP address) for reports that run on the Event Archive. • The Detailed Event Count (by device) report accepts a maximum of 1000 devices. Select devices to include in the report: 1. Click Select Devices. 2. Click Add. 3. In the Add Network Element dialog box, select devices using either of the following methods: – To select devices that meet specific criteria, click Search and enter the required criteria. – To select from all network elements, click Show All. All Devices 4. In the list of displayed elements, select the network elements that you want to include in the report. You can select multiple network elements at a time. 5. Click OK. This field does not appear for all reports. Click All Devices to include all devices in your scope in the report. Severity Severity This field does not appear for all reports. Check the check boxes of the syslog message severities to be included in the report: All, Critical, Major, Minor, Warning, Cleared, Information, and Indeterminate. Detailed Service Events Report—Additional Report Specifications Description Contains Enter the string that the service event must contain to be included in the report. Detailed Syslogs Report—Additional Report Specifications Syslogs Description This field is displayed if you choose Fault DB for the data source. In the Description Contains field, enter the string that the syslog must contain to be included in the report. Syslogs Raw Data This field is displayed if you choose Event Archive for the data source. In the Raw Data Contains field, enter the string that the syslog raw data must contain to be included in the report. Cisco Prime Network 4.0 User Guide 10-28 OL-29343-01 Chapter 10 Working with Reports Generating Reports Table 10-18 Detailed Network Events Reports - Run Report Dialog Box Fields (continued) Option Description Detailed Traps Report—Additional Report Specifications Traps Detailed Description In the Description Contains field, enter the string that the trap must contain to be included in the report. Long Description This option is enabled if you choose Fault DB for the data source. 1. Check the Show Long Description check box to include the long description in the report. 2. In the Long Description Contains field, enter the string that the long description must contain to be included in the report. SNMP Version Specify the SNMP versions to include in the report: All, 1, 2, or 3. Generic This option is enabled if you choose Event Archive for the data source. Specify the generic traps to include in the report: 1. Select the generic traps to include in the report: – All—Include all generic traps – 0—coldStart – 1—warmStart – 2—linkDown – 3—linkUp – 4—authenticationFailure – 5—egpNeighborLoss – 6—enterpriseSpecific 2. If you select generic type 6, enter the OIDs (comma separated) in the Vendor Specific field. The Vendor Specific field accepts a maximum of 125 digits. Cisco Prime Network 4.0 User Guide OL-29343-01 10-29 Chapter 10 Working with Reports Generating Reports Table 10-19 Detailed Non-Network Events Reports - Run Report Dialog Box Fields Option Description Report Settings Report Name Enter a unique name for the report, from 1 to 150 characters in length. Report names cannot include the following characters: ;?<>/:\"#*|. Description Enter a brief description of the report. Report Security This field is displayed only if report sharing is enabled in Prime Network Administration. Indicate the level of security for the report by clicking the appropriate option: • Private—The report can be viewed and used only by the report creator and the administrator. • Public—The report can be viewed and used by all other users, regardless of whether the devices are listed in the report are in the user’s scope. Note You can share reports with others only if sharing is enabled in Prime Network Administration. For more information, see the Cisco Prime Network 4.0 Administrator Guide. Date Selection Last Specify the length of time before the current date and time, and the unit of measure: seconds, minutes, hours, days, weeks, or months. From Date Specify the date range for the report: To Date 1. Click From Date. 2. In the From date field, enter the start date for the time period, or click the drop-down arrow to select the start date from a calendar. 3. Enter a time for the start date, using the format HH MM SS. 4. In the To Date field, enter the end date for the time period, or click the drop-down arrow to select the end date from a calendar. 5. Enter a time for the end date, using the format HH MM SS. Severity Severity Check the check boxes of the syslog message severities to be included in the report: All, Critical, Major, Minor, Warning, Cleared, Information, and Indeterminate. Detailed Audit Events Report—Additional Report Specifications Description Contains Enter the string that the event must contain to be included in the report. Command Name Contains Enter the string that the command name must contain to be included in the report. Originator IP Contains Enter the string that the originating IP address must contain to be included in the report. User Name Contains Enter the string that the username must contain to be included in the report. Cisco Prime Network 4.0 User Guide 10-30 OL-29343-01 Chapter 10 Working with Reports Generating Reports Table 10-19 Detailed Non-Network Events Reports - Run Report Dialog Box Fields (continued) Option Description Detailed Provisioning Events Report—Additional Report Specifications Description Contains Enter the string that the trap must contain to be included in the report. User Name Contains Enter the string that the username must contain to be included in the report. Status Choose the statuses to be included in the report: All, Unknown, Configuring, Success, and Fail. Detailed Security Events Report—Additional Report Specifications Description Contains Enter the string that the event must contain to be included in the report. Originator IP Contains Enter the string that the originating IP address must contain to be included in the report. User Name Contains Enter the string that the username must contain to be included in the report. Detailed System Events Report—Additional Report Specifications Description Contains Enter the string that the event must contain to be included in the report. Step 5 To schedule a report to run immediately or at a later point in time, click the Scheduling tab. For more information, see Scheduling Reports, page 10-38. Step 6 Click OK. The report appears in the table in the content pane with a state of Running, if the report is scheduled to run immediately, or Scheduled, if the report is scheduled to run at a later point in time. When the report is complete, the state changes to Done. You can view the reports when the state is Done. Occasionally, some report formats require additional time for generation. If so, a progress bar is displayed, indicating that the report is being created and will be available soon. If the report exceeds 150 MB, the state changes to Failed and an error message is written to the log. We recommend running the report with more specific criteria or a shorter time period to avoid this situation. If no data is found for the report, the report states that no results were found. Generating Inventory Reports To generate an inventory report using Report Manager: Step 1 In Prime Network Vision, Prime Network Events, or Prime Network Administration, choose Reports > Report Manager. Step 2 In the Report Manager window, choose Inventory Reports > report-type. For information on the standard reports available for inventory, see Table 10-15. Step 3 Right-click the report type, then choose Run. The Run Report dialog box is displayed as shown in Figure 10-5. Cisco Prime Network 4.0 User Guide OL-29343-01 10-31 Chapter 10 Working with Reports Generating Reports Figure 10-5 Step 4 Inventory Report - Run Report Dialog Box Enter the required information in the Run Report dialog box as described in Table 10-20. Table 10-20 Inventory Report - Run Report Dialog Box Fields Field Description Report Settings Report Name Enter a unique name for the report, from 1 to 150 characters in length. Report names cannot include the following characters: ;?<>/:\"#*|. Description Enter a brief description of the report. Cisco Prime Network 4.0 User Guide 10-32 OL-29343-01 Chapter 10 Working with Reports Generating Reports Table 10-20 Inventory Report - Run Report Dialog Box Fields (continued) Field Description Report Security This field is displayed only if report sharing is enabled in Prime Network Administration. Indicate the level of security for the report by clicking the appropriate option: • Private—The report can be viewed and used only by the report creator and the administrator. • Public—The report can be viewed and used by all other users, regardless of whether the devices are listed in the report are in the user’s scope. Note You can share reports with others only if sharing is enabled in Prime Network Administration. For more information, see the Cisco Prime Network 4.0 Administrator Guide. Note You can add only those devices that are within your scope. Device Selection Select Devices Select devices to include in the report: 1. Click Select Devices. 2. Click Add. 3. In the Add Network Element dialog box, select devices using either of the following methods: – To select devices that meet specific criteria, click Search and enter the required criteria. – To select from all network elements, click Show All. All devices 4. In the list of displayed elements, select the network elements that you want to include in the report. You can select multiple network elements at a time. 5. Click OK. Click All Devices to include all devices in your scope in the report. Step 5 To schedule a report to run immediately or at a later point in time, click the Scheduling tab. For more information, see Scheduling Reports, page 10-38. Step 6 Click OK. The report appears in the table in the content pane with a state of Running, if the report is scheduled to run immediately, or Scheduled, if the report is scheduled to run at a later point in time. When the report is complete, the state changes to Done. You can view the reports when the state is Done. Occasionally, some report formats require additional time for generation. If so, a progress bar is displayed, indicating that the report is being created and will be available soon. If the report exceeds 150 MB, the state changes to Failed and an error message is written to the log. We recommend running the report with more specific criteria or a shorter time period to avoid this situation. If no data is found for the report, the report states that no results were found. Cisco Prime Network 4.0 User Guide OL-29343-01 10-33 Chapter 10 Working with Reports Generating Reports Generating Network Service Reports If you generate a detailed network service report on a large-scale setup, a message is displayed in the Run Report dialog box recommending that you apply a filter to limit the size of the report. To generate a network service report using Report Manager: Step 1 In Prime Network Vision, Prime Network Events, or Prime Network Administration, choose Reports > Report Manager. Step 2 In the Report Manager window, choose Network Service Reports > report-type. For information on the standard reports available for network services, see Table 10-16. Step 3 Right-click the report type, then choose Run. The Run Report dialog box is displayed as shown in Figure 10-6. Figure 10-6 Network Service Report - Run Report Dialog Box Cisco Prime Network 4.0 User Guide 10-34 OL-29343-01 Chapter 10 Working with Reports Generating Reports Step 4 Enter the required information the Run Report dialog box as described in Table 10-21. Table 10-21 Network Service Report - Run Report Dialog Box Fields Field Description Report Settings Report Name Enter a unique name for the report, from 1 to 150 characters in length. Report names cannot include the following characters: ;?<>/:\"#*|. Description Enter a brief description of the report. Report Security This field is displayed only if report sharing is enabled in Prime Network Administration. Indicate the level of security for the report by clicking the appropriate option: • Private—The report can be viewed and used only by the report creator and the administrator. • Public—The report can be viewed and used by all other users, regardless of whether the devices are listed in the report are in the user’s scope. Note You can share reports with others only if sharing is enabled in Prime Network Administration. For more information, see the Cisco Prime Network 4.0 Administrator Guide. Ethernet Service Reports—Report Contents Define Filter Check the Define Filter check box to enter criteria that must be matched for inclusion in the report. You can specify match criteria in any or all of the following fields. Ethernet Service Name Contains Enter a string that must appear in the Ethernet service name for the Ethernet service to be included in the report. EVC Name Contains Enter a string that must appear in the EVC name for the EVC to be included in the report. Ethernet Service Business Tag Contains Enter a string that must appear in the Ethernet service business tag for the Ethernet service to be included in the report. EVC Business Tag Contains Enter a string that must appear in the EVC business tag for the EVC to be included in the report. Maps Specify the maps to include in the report: • To include specific maps in the report, in the list of maps on the left, select the required maps, and then click Add Selected to move them to the list of maps on the right. • To include all maps in the report, click Add All. To find maps that match a string, enter the string in the Find field. The list of maps is automatically updated to include only those maps that contain the string you enter. Click the Sort Order button to sort the maps alphabetically or in reverse alphabetic order. Cisco Prime Network 4.0 User Guide OL-29343-01 10-35 Chapter 10 Working with Reports Generating Reports Table 10-21 Network Service Report - Run Report Dialog Box Fields (continued) Field Description Network Pseudowire Reports—Report Contents Define Filter Check the Define Filter check box to enter criteria that must be matched for inclusion in the report. You can specify match criteria in any or all of the following fields. Network Pseudowire Name Contains Enter a string that must appear in the network pseudowire name for the pseudowire to be included in the report. Network Pseudowire Type In the drop-down list, choose the type of network pseudowire to be included in the report. Network Pseudowire Business Tag Contains Enter a string that must appear in the network pseudowire business tag for the pseudowire to be included in the report. Maps Specify the maps to include in the report: • To include specific maps in the report, in the list of maps on the left, select the required maps, and then click Add Selected to move them to the list of maps on the right. • To include all maps in the report, click Add All. To find maps that match a string, enter the string in the Find field. The list of maps is automatically updated to include only those maps that contain the string you enter. Click the Sort Order button to sort the maps alphabetically or in reverse alphabetic order. VPLS Reports—Report Contents Define Filter Check the Define Filter check box to enter criteria that must be matched for inclusion in the report. You can specify match criteria in any or all of the following fields. VPLS Name Contains Enter a string that must appear in the VPLS name for the VPLS or H-VPLS to be included in the report. VPLS Business Tag Contains Enter a string that must appear in the VPLS business tag for the VPLS or H-VPLS to be included in the report. Maps Specify the maps to be included in the report: • To include specific maps in the report, in the list of maps on the left, select the required maps, and then click Add Selected to move them to the list of maps on the right. • To include all maps in the report, click Add All. To find maps that match a string, enter the string in the Find field. The list of maps is automatically updated to include only those maps that contain the string you enter. Click the Sort Order button to sort the maps alphabetically or in reverse alphabetic order. Step 5 To schedule a report to run immediately or at a later point in time, click the Scheduling tab. For more information, see Scheduling Reports, page 10-38. Cisco Prime Network 4.0 User Guide 10-36 OL-29343-01 Chapter 10 Working with Reports Generating Reports Step 6 Click OK. The report appears in the table in the content pane with a state of Running, if the report is scheduled to run immediately, or Scheduled, if the report is scheduled to run at a later point in time. When the report is complete, the state changes to Done. You can view the reports when the state is Done. Occasionally, some report formats require additional time for generation. If so, a progress bar is displayed, indicating that the report is being created and will be available soon. If the report exceeds 150 MB, the state changes to Failed and an error message is written to the log. We recommend running the report with more specific criteria or a shorter time period to avoid this situation. If no data is found for the report, the report states that no results were found. Generating Reports from the Reports Menu To generate reports quickly and without opening the Reports Manager window, choose Reports > Run Report > folder > report-type. The menus include all standard folders and reports, and any folders or reports that you have created. After entering the required information, you can view the report as soon as it is generated or at a later time. Note You can generate reports only for devices that are within your scope. To generate a report from the Reports menu: Step 1 Choose Reports > Run Report > folder > report-type where: • folder is the required folder. • report-type is the required type of report. Step 2 In the Run Report dialog box, enter the required information. For more information on the options in the Run Report dialog box, see Generating Reports, page 10-22. Step 3 To schedule a report to run immediately or at a later point in time, click the Scheduling tab. For more information, see Scheduling Reports, page 10-38. Step 4 Click OK. Step 5 In the Running Report dialog box, select the required viewing options: Step 6 a. Check the Open Report Manager to monitor status check box to open the Report Manager window so that you can view the report generation process. Uncheck the check box to proceed without opening the Report Manager window. b. Check the View report immediately upon completion check box to view the report as soon as it is generated. If you enable this option, the report is displayed in HTML format as soon as it is complete. Uncheck the check box to view the report at a later time by using Report Manager. Click OK. Depending on your selections in Step 5, the Report Manager window is displayed, the report is displayed, or the report is available for viewing at a later time. Cisco Prime Network 4.0 User Guide OL-29343-01 10-37 Chapter 10 Working with Reports Scheduling Reports Generating Reports from Prime Network Vision Prime Network Vision enables you to run reports on selected devices from the map and list views. Note You can generate reports only for devices that are within your scope. To generate a report from Prime Network Vision: Step 1 In Prime Network Vision, select the required devices in the map or list view. Step 2 In the navigation tree or content pane, right-click the selected devices, then choose Run Report > folder > report-type. Step 3 In the Run Report dialog box, enter the required information as described in Generating Reports, page 10-22. The devices that you select in the navigation pane or content pane are automatically included in the report. Step 4 To schedule a report to run immediately or at a later point in time, click the Scheduling tab. For more information, see Scheduling Reports, page 10-38. Step 5 Click OK. Step 6 In the Running Report dialog box, specify the desired viewing options: a. Check the Open Report Manager to monitor status check box to open the Report Manager window so that you can view the report generation process. Uncheck the check box to proceed without opening the Report Manager window. b. Check the View report immediately upon completion check box to view the report as soon as it is generated. If you enable this option, the report is displayed in HTML format as soon as it is complete. Uncheck the check box to view the report at a later time by using Report Manager. Depending on your selections in Step 6, the Report Manager window is displayed, the report is displayed, or the report is available for viewing at a later time. Scheduling Reports Prime Network allows you to schedule a report to run immediately or at a later point in time. To schedule a report: Step 1 In Prime Network Vision, Prime Network Events, or Prime Network Administration, choose Reports > Report Manager. Step 2 In the Report Manager window, choose report-category > report-type. For information on the various report categories and report types, see Report Categories, page 10-11. Step 3 Right-click the report type, then choose Run. The Run Report dialog box is displayed. Step 4 In the Settings tab, specify the required report criteria. For more information on the options in the Run Report dialog box, see Generating Reports, page 10-22. Cisco Prime Network 4.0 User Guide 10-38 OL-29343-01 Chapter 10 Working with Reports Managing Reports Step 5 Click the Scheduling tab. By default, the Run Now option is selected and the report is scheduled to run immediately. Step 6 To schedule the report for a later date/time: a. Select the Schedule Job radio button. The scheduling options Once and Recurring are enabled. b. To generate the report once, select the Once radio button and specify the date and time when you want the report to be generated. c. To generate the report on a recurring basis, select the Recurring radio button and specify the following: – The date and time range for the recurrence. – How often you want to generate the report within that time range - every X minutes, daily, weekly, or monthly. Step 7 Specify comments, if required and click Schedule. Prime Network creates a report job and executes it according to your scheduling specifications. Go to the Scheduled Jobs page (Tools > Scheduled Jobs), to check that your report job has been created. You can use the Scheduled Jobs page to monitor the job status and to reschedule a job if necessary. You can also clone a scheduled job and edit the report criteria, if required. Managing Reports Prime Network provides the following options for working with reports: • Managing the Maximum Number of Concurrent Reports, page 10-39 • Viewing and Saving Reports, page 10-40 • Renaming Reports, page 10-41 • Sharing Reports, page 10-42 • Moving Reports Between Folders, page 10-43 • Deleting Reports, page 10-43 • Viewing Report Properties, page 10-44 Managing the Maximum Number of Concurrent Reports Prime Network enables you to run multiple reports at the same time. When the maximum number of concurrent reports is running, new report requests are queued for generation and have the status Queued (n) where n is the number in the report queue. When a running report moves to a Completed, Failed, or Cancelled state, the first report in the queue starts running. The maximum number of concurrent reports is set at 5 by default. As the event rate approaches the maximum committed event rate, we recommend that you decrease the maximum number of concurrent reports. The maximum number of concurrent reports is defined in the registry, in reports.xml, under site/reports/reports-setting/reports-running-settings/maxRunningReports. Note Changes to the registry should only be carried out with the support of Cisco. For details, contact your Cisco account representative. Cisco Prime Network 4.0 User Guide OL-29343-01 10-39 Chapter 10 Working with Reports Managing Reports To change the maximum number of concurrent reports, use the runRegTool command (located in ANAHOME/Main) as follows: ./runRegTool.sh -gs 127.0.0.1 set 0.0.0.0 site/reports/reports-setting/reports-running-settings/maxRunningReports value where value is the new maximum number of concurrent reports. You do not need to restart any AVMs after entering this command. For more information on the runRegTool command, see the Cisco Prime Network 4.0 Administrator Guide. Viewing and Saving Reports You can view any reports that appear in the Report Manager content pane with the state Done. After viewing a report, you can save it in any of the available formats. Note Reports are purged from Prime Network after 90 days by default. This setting can be modified by changing the setting in Prime Network Administration. For more information, see the Cisco Prime Network 4.0 Administrator Guide. To view and save a report: Step 1 Choose Reports > Report Manager. Step 2 In the navigation pane, locate the required report. Step 3 In the content pane, right-click the report, then choose View As > format where format is one of the following: • HTML—Displays the report in a browser window. Clicking a column heading in the report sorts the report by that value; clicking the column heading again sorts the data in the reverse order. HTML is the default format. • PDF—Displays a PDF version of the report. • CSV—Creates a CSV version of the report that you can either save to a specific location or view using another application. The CSV version contains only the report data; it does not contain the header information, layout, or formatting information that is available in other formats. • XLS—Creates an XLS version of the report that you can either save to a specific location or view using another application, such as Microsoft Excel. • XML—Creates an XML version of the report that you can either save to a specific location or view using an XML editor or viewer. Figure 10-7 is an example of the Most Common Daily Events report in HTML format. The data is sorted by the Count column, in descending order. Cisco Prime Network 4.0 User Guide 10-40 OL-29343-01 Chapter 10 Working with Reports Managing Reports Figure 10-7 Step 4 Most Common Daily Events Report Example Save the report as required. Renaming Reports You can rename: • Any report type that you defined. • Any generated report that you have access to. You cannot rename any of the Prime Network standard report types. Renaming a User-Defined Report Type Note When you rename a report type, the new name applies to only those reports that you run after changing the name; it does not change the names of reports that were run prior to changing the name. To rename a user-defined report type: Step 1 In the navigation tree, select the user-defined report type. Step 2 Right-click the report type, then choose Properties. Cisco Prime Network 4.0 User Guide OL-29343-01 10-41 Chapter 10 Working with Reports Managing Reports Step 3 Step 4 In the Edit dialog box, enter a new name for the report type in the Report Name field, using the following conventions: • The name can contain 1 to 150 characters. • The name cannot include the following characters: ;?<>/:\"#*|. Click OK. The navigation pane is refreshed and the report type is displayed with the new name. Renaming a Generated Report To rename a report: Step 1 Choose Reports > Report Manager. Step 2 In the content pane, right-click the report that you want to rename, then choose Rename or Properties. Step 3 In the Name field, enter the new name for the report, using the following conventions: Step 4 • The name can contain 1 to 150 characters. • The name cannot include the following characters: ;?<>/:\"#*|. Click OK. The content pane is refreshed and the report is displayed with the new name. Sharing Reports Prime Network enables you to share reports that you generate with other users, or limit access to a report to only you and the administrator. Note You can share reports with others only if sharing is enabled in Prime Network Administration. For more information, see the Cisco Prime Network 4.0 Administrator Guide. Sharing a Report To share access to a report that you generated: Step 1 Choose Reports > Report Manager. Step 2 Locate the required report. Step 3 In the content pane, right-click the report that you want to share, then choose Share. The report is available to all system users for viewing and using. Cisco Prime Network 4.0 User Guide 10-42 OL-29343-01 Chapter 10 Working with Reports Managing Reports Limiting Access to a Report To limit access to a report that you generated and subsequently shared: Step 1 Choose Reports > Report Manager. Step 2 Locate the required report. Step 3 In the content pane, right-click the report that you want to limit access to, then choose Unshare. The report can be viewed and used by only you and the administrator. Moving Reports Between Folders You can move a report type that you have defined from the current folder to another folder in the navigation tree. Note You cannot move a standard report type from one folder to another. To move a report type to a new folder: Step 1 Choose Reports > Report Manager. Step 2 In the navigation tree, select the required report that you have defined. Step 3 Right-click the report, then choose Move. Step 4 In the Move To dialog box, select the folder to which you want to move the report. Step 5 Click OK. The Report Manager window is refreshed and the report appears in the specified folder. Deleting Reports You can delete reports to which you have access. To delete a report: Step 1 Choose Reports > Report Manager. Step 2 Locate the required report. Step 3 In the content pane, select the required report. Step 4 Right-click the report, then choose Delete Report. Step 5 In the Delete Report confirmation window, click Yes to confirm deletion. The Report Manager window is refreshed and the deleted report no longer appears. Cisco Prime Network 4.0 User Guide OL-29343-01 10-43 Chapter 10 Working with Reports Managing Reports Viewing Report Properties The Report Properties dialog box enables you to view the report settings and to modify some of them. To view report properties, and optionally change the name, description, or access: Step 1 Choose Reports > Report Manager. Step 2 Locate the required report. Step 3 In the content pane, right-click the selected report, then choose Properties. The Report Properties dialog box is displayed, as shown in Figure 10-8. Figure 10-8 Step 4 Step 5 Report Properties Dialog Box Change the information in the following fields as required: • Name • Description • Report Security Click OK. Cisco Prime Network 4.0 User Guide 10-44 OL-29343-01 Chapter 10 Working with Reports Defining Report Types Defining Report Types You can modify any of the report types provided by Prime Network so that it better suits your needs and environment. This is extremely beneficial if you generate a particular type of report for specific devices or events on a regular basis. To define a report type: Step 1 Choose Reports > Report Manager. Step 2 In the navigation pane, right-click the existing report type, then choose Define Report of This Type. Step 3 In the Define report of type dialog box, specify the options using the information in Generating Reports, page 10-22. Step 4 In the Location field, use the specified reports folder or click Browse to select a different folder. Step 5 Click OK. The newly defined report type appears in the navigation tree in the specified folder. Managing Report Folders Prime Network provides the following options for working with report folders: • Creating Folders, page 10-45 • Moving Folders, page 10-46 • Renaming Folders, page 10-46 • Deleting Folders, page 10-47 • Viewing Folder and Report Type Properties, page 10-47 Creating Folders Prime Network enables you to create additional report folders in Report Manager. To create a report folder: Step 1 Choose Reports > Report Manager. Step 2 Select a folder in which to place the new folder. Step 3 Right-click the folder, then choose New Folder. Step 4 In the New Folder dialog box, enter a name for the folder. Step 5 Click OK. The navigation pane is refreshed and the new folder is displayed. Cisco Prime Network 4.0 User Guide OL-29343-01 10-45 Chapter 10 Working with Reports Managing Report Folders Step 6 To move the new folder to another folder, or to the top level in the folder hierarchy: a. Right-click the folder, then choose Move. b. In the Move To dialog box, select the location where you want the folder to reside. c. Click OK. The folder is displayed in the new location. Moving Folders Prime Network enables you to move folders that you have created in Report Manager. You cannot move the Events Reports, Inventory Reports, or Network Service Reports folder. To move a report folder: Step 1 Choose Reports > Report Manager. Step 2 Right-click the folder, then choose Move. Step 3 In the Move To dialog box, select the location where you want the folder to reside. Step 4 Click OK. The navigation pane is refreshed and the folder is displayed in the new location. Renaming Folders Prime Network enables you to rename folders that you have created in Report Manager. You cannot: • Rename a folder that resides at the highest level in the hierarchy, such as the Events Reports, Inventory Reports, or Network Service Reports folder. • Use the same name for different folders that reside at the same level in the hierarchy. To rename a report folder: Step 1 Choose Reports > Report Manager. Step 2 Right-click the folder, then choose Rename. Step 3 In the Rename Folder dialog box, enter the new name for the folder. Step 4 Click OK. The navigation pane is refreshed and the folder is displayed with the new name. Cisco Prime Network 4.0 User Guide 10-46 OL-29343-01 Chapter 10 Working with Reports Managing Report Folders Deleting Folders You can delete folders that you have created in Report Manager if they are empty. You cannot delete the following folders: • Events Reports • Detailed Network Events • Detailed Non-Network Events • Inventory Reports • Network Service Reports • User-created folders that contain other folders or report types To delete a report folder: Step 1 Choose Reports > Report Manager. Step 2 Right-click the folder, then choose Delete. Step 3 In the Confirm Folder Delete dialog box, click Yes to confirm the deletion. The navigation pane is refreshed and the folder no longer appears. Viewing Folder and Report Type Properties Viewing Report Folder Properties The Report Properties window enables you to view report properties and to add folders. To view report properties: Step 1 Choose Reports > Report Manager. Step 2 In the navigation pane, right-click the required folder, then choose Properties. The Folder Properties window is displayed, as shown in Figure 10-9. Cisco Prime Network 4.0 User Guide OL-29343-01 10-47 Chapter 10 Working with Reports Managing Report Folders Figure 10-9 Folder Properties Table 10-22 describes the information that is displayed in each tab, depending on the folder’s contents. Table 10-22 Folder Properties Window Field Description Report Folders Tab Name Name of the folder included in the selected folder. Report Types Tab Name Name of the report type included in the selected folder. Description Description of the report type included in the selected folder. Defined Reports Tab Name Name of the user-defined report in the selected folder. Description Description of the user-defined report in the selected folder. Type Report type on which the user-defined report is based. Public Status of public access to the report: True or False. Cisco Prime Network 4.0 User Guide 10-48 OL-29343-01 Chapter 10 Working with Reports Managing Report Folders Viewing Report Type Properties To view report type properties: Step 1 In the navigation pane, right-click the required report type, then choose Properties. The information that is displayed depends on whether the report type is one that you defined or one provided by Prime Network: Step 2 • Prime Network-provided report type—The Report Type Properties window is displayed with the report name and description. Click Run to generate the report. • User-defined report type—The Edit dialog box is displayed with all settings specified for the report type. You can modify the settings or leave them as they are. Click Close or the upper right corner to close the window. Cisco Prime Network 4.0 User Guide OL-29343-01 10-49 Chapter 10 Working with Reports Managing Report Folders Cisco Prime Network 4.0 User Guide 10-50 OL-29343-01 CH A P T E R 11 Using Cisco PathTracer to Diagnose Problems Cisco PathTracer enables you to view a network path between two network objects. The following topics describe Cisco PathTracer and how to use it: • User Roles Required to Work with Cisco PathTracer, page 11-1 • Cisco PathTracer Overview, page 11-2 • Launching Path Tracer, page 11-3 • Viewing Path Traces in Cisco PathTracer, page 11-14 • Viewing Path Trace Details, page 11-20 • Saving and Opening Cisco PathTracer Map Files, page 11-26 • Saving Cisco PathTracer Counter Values, page 11-26 • Rerunning a Path and Comparing Results, page 11-27 • Viewing Q-in-Q Path Information, page 11-27 • Viewing L2TP Path Information, page 11-28 • Using Cisco PathTracer in MPLS Networks, page 11-29 User Roles Required to Work with Cisco PathTracer This topic identifies the roles that are required to work with Cisco PathTracer. Cisco Prime Network (Prime Network) determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the Cisco Prime Network 4.0 Administrator Guide. The following tables identify the tasks that you can perform: • Table 11-1 identifies the tasks that you can perform if a selected element is not in one of your assigned scopes. • Table 11-2 identifies the tasks that you can perform if a selected element is in one of your assigned scopes. Cisco Prime Network 4.0 User Guide OL-29343-01 11-1 Chapter 11 Using Cisco PathTracer to Diagnose Problems Cisco PathTracer Overview By default, users with the Administrator role have access to all managed elements. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Table 11-1 Default Permission/Security Level Required for Working with Cisco PathTracer Element Not in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator Launch a path trace — — — — X View path information — — — — X Save Cisco PathTracer map files — — — — X Save Cisco PathTracer counter values — — — — X Rerun a path and compare results — — — — X Table 11-2 Default Permission/Security Level Required for Working with Cisco PathTracer Element in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator Launch a path trace — X X X X View path information — X X X X Save Cisco PathTracer map files — X X X X Save Cisco PathTracer counter values — X X X X Rerun a path and compare results — X X X X Cisco PathTracer Overview Cisco PathTracer enables you to launch end-to-end route traces and view related performance information for Layer 1, Layer 2, and Layer 3 traffic. Upon receiving a path's start and endpoint, Cisco PathTracer visually traces the route through the network. For example, in an ATM network environment, Cisco PathTracer identifies all information regarding the connection of a subscriber to a provider, including all ATM PVCs, ATM switching tables, ATM class of service (CoS) definitions, IP-related information, and so on. You can also use Cisco PathTracer to: • Trace paths using IPv4, IPv6, or both IPv4 and IPv6 addresses for the source and destination. • Trace a hypothetical Ethernet frame from a VLAN interface to a specified MAC address. • Trace a hypothetical Ethernet frame from an Ethernet interface to a specified MAC address within a specific VLAN identifier. Cisco Prime Network 4.0 User Guide 11-2 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Launching Path Tracer In MPLS and Carrier Ethernet environments, Cisco PathTracer can trace paths across: • Carrier Supporting Carrier (CSC) configurations—A path trace along a CSC flow follows the path from the customer CE through the customer carrier VPN, across the customer backbone carrier VPN, back to the customer carrier VPN, and to the destination CE. • VLANs—A path trace across VLANs follows the path based on the forwarding table, which means that the trace follows ports in the Forwarding STP state. • Q-in-Q—A path trace across Q-in-Q creates a single path trace (if the MAC address is learned) or a multiple-path (multipath) trace if the MAC address is not in the forwarding table. If the VLAN bridge has not learned a given MAC address, the bridge floods the Ethernet frame to the confines of a given VLAN or switching entity and across those ports that allow the given VLAN identifier. A MAC/VLAN path trace can be conducted from a customer edge (CE) VLAN interface across a service provider (SP) VLAN; that is, across Q-in-Q configurations with the CE-VLAN identifier as the inner VLAN identifier and Cisco PathTracer detecting the outer SP-VLAN identifier that encapsulates the CE-VLAN. • Pseudowires (also known as EoMPLS)—A MAC/VLAN path trace can be conducted from a VLAN interface across a VLAN attachment to a pseudowire. • VLAN-VPLS-VLAN configurations—A multiple-point MAC/VLAN path trace can be conducted on CE-VLANs across a service provider VPLS transport from a VLAN interface that attaches to the VPLS. In addition, Cisco PathTracer can trace a path: • If the destination MAC address is not reachable—If Cisco PathTracer cannot complete a MAC/VLAN path trace to a specified destination MAC address across an MPLS core, VPLS, or H-VPLS, then Cisco PathTracer displays the portion of the path that Cisco PathTracer can trace toward the destination MAC address. • That contains a simulated Ethernet frame—Cisco PathTracer can trace a simulated Ethernet frame from a VLAN port, across a VLAN (VLAN-based flow domain fragment), VPLS (VPLS-based flow domain fragment), and VLAN, for an end-to-end MAC address trace. Prime Network derives the various paths on the network from its up-to-date knowledge of the network. After a user selects a source and destination, Cisco PathTracer finds and retrieves the path of a specified service, and displays the path in the Cisco PathTracer window. The retrieved information contains network elements in the path, including all properties at Layer 1, Layer 2, and Layer 3, plus alarm information, counters, and more, all of which is available via Cisco PathTracer. Launching Path Tracer Cisco PathTracer can be launched from a bridge, switching entity, Ethernet interface, Ethernet flow point, VLAN interface, ATM VC, DLCI, or IP interface entry point. Ethernet flow points can be starting points whether they are associated with an interface, bridge, or LAG. The virtual route is found according to the cross connect table of each ATM switch or Frame Relay device. The IP routing and path-finding process is enabled according to the VRF tables of each router, and the Ethernet-simulated path is found according to the various Layer 2 forwarding tables, such as bridges or VSIs. Cisco Prime Network 4.0 User Guide OL-29343-01 11-3 Chapter 11 Using Cisco PathTracer to Diagnose Problems Launching Path Tracer To view a specific path, you must specify an initial point and a destination, such as an IP or MAC address. If you specify VC or DLCI information, which ends in a router, Cisco PathTracer finds the next hop according to the destination IP address. If you do not specify a destination IP or MAC address, Cisco PathTracer uses the default gateway in the router. Any business tags that are associated with the physical or logical entities are also displayed. Note A path can also be launched if a business tag attached to an endpoint that can be used as the starting point. Path Traces and Blocked Ports The following conditions apply for blocked ports: • You can launch a path trace from a blocked port. This action is equivalent to launching a path trace from a bridge. • You can specify a blocked port as a destination. • If Cisco PathTracer encounters a blocked port in its path to the destination, the path trace stops. Path traces do not traverse blocked ports. Table 11-3 identifies the available path trace launching points and their locations within Cisco Prime Network Vision. Cisco PathTracer is available in each location as a right-click menu option. Cisco PathTracer Right-Click Menu Options Cisco PathTracer is launched by using right-click menu options. Table 11-3 identifies the launching points for the different types of elements. Table 11-3 Cisco PathTracer Right-Click Menu Options Element Affected Parties Location • Inventory window • Ticket Properties window (Affected Parties tab) Bridge Inventory window Business tag The path can be found using a business tag, which is attached to the VPI/VCI, or using an IP interface by entering its key. The path can then be opened from the Find Business Tag dialog box. Ethernet flow point IP interface • Map view or navigation pane • Inventory window • Inventory window • Affected entry Layer 2 MPLS tunnel Inventory window MPLS-TE tunnel Inventory window MPLS-TP tunnel endpoint Port • Map view or navigation pane • Inventory window Inventory window Cisco Prime Network 4.0 User Guide 11-4 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Launching Path Tracer Table 11-3 Cisco PathTracer Right-Click Menu Options (continued) Element Pseudowire endpoint Location • Map view or navigation pane • Inventory window Site Map view Switching entity Map view Virtual connection Inventory window: VLAN • Cross Connect window • VC Table window • Navigation pane • Map view Starting a Path Trace You can start a path trace in the following ways: • From the Map View, page 11-5 • From Logical or Physical Inventory, page 11-7 From the Map View To start a path trace from the map view: Step 1 In a Cisco Prime Network Vision map, start the path trace in one of the following ways: • For a VLAN: a. In the navigation pane or map pane, select the required network VLAN. b. Double-click the VLAN to view the VLAN entities. c. Right-click the required item and choose PathTracer > From Here to Destination or PathTracer > Start Here. • For a VPN: a. In the navigation pane or map pane, select the required network VPN. b. Double-click the VPN to view the VPN entities. c. Right-click the site and choose PathTracer > From Here to Destination or PathTracer > Start Here. • For an Ethernet flow point: a. Choose Network Inventory > Ethernet Flow Domains. b. In the Ethernet Flow Domain List Properties window, double-click the required domain. c. In the Ethernet Flow Domain Properties window, right-click the required element and choose PathTracer > From Here to Destination or PathTracer > Start Here. Cisco Prime Network 4.0 User Guide OL-29343-01 11-5 Chapter 11 Using Cisco PathTracer to Diagnose Problems Launching Path Tracer The next step depends on your choice in Step 1: • If you choose PathTracer > From Here to Destination, the Path Information dialog box is displayed (Figure 11-1). Continue with Step 2. • If you choose PathTracer > Start Here, continue with Step 3. Figure 11-1 Step 2 Path Information Dialog Box To specify a destination: a. In the Path Information dialog box, enter the required information, as described in Table 11-4. Depending on the launch point, the Path Information dialog box might not contain all of the fields in Table 11-4. Table 11-4 Field Description Destination IP Select this option to specify an IP address as the destination. Enter either an IPv4 or IPv6 address. Destination MAC Select this option to specify a MAC address as the destination. Enter the MAC address. VLAN ID Enter the required VLAN identifier. You must enter an IP address or a MAC address to use this option. Inner VLAN ID Enter the required inner VLAN identifier. Stop trace after Check this check box to limit the number of hops that Cisco PathTracer makes in its attempt to reach the destination. Enter the maximum number of hops that you want to allow in the hops field. b. Step 3 Cisco PathTracer Path Information Dialog Box Click OK. If you choose Start Here, navigate to the destination interface, port, or bridge, right-click it, and choose End Here. The Cisco PathTracer window is displayed showing the path or paths that were found. Step 4 To view additional details regarding the path traces, select one or more paths in the paths pane. Cisco Prime Network 4.0 User Guide 11-6 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Launching Path Tracer Step 5 In the toolbar, click Cisco PathTracer. • If you select one or more paths in the paths pane, each selected path is displayed in its own window with the Layer 1, Layer 2, Layer 3, and Business Tag tabs. • If you select nothing in the Paths pane, each path found is displayed in its own window with the Layer 1, Layer 2, Layer 3, and Business Tag tabs. For more information about the end-to-end path and networking layer details, see Viewing Path Trace Details, page 11-20. From Logical or Physical Inventory To start a path trace from logical or physical inventory: Step 1 Open the inventory window for the required device. Step 2 Select one of the following launch points in logical or physical inventory: Step 3 • IP interface • MPLS-TP tunnel endpoint • Port • Pseudowire endpoint • VLAN bridge Right-click the selected item and choose one of the following: • PathTracer > From Here to Destination—If you choose this option, continue with Step 2 in From the Map View, page 11-5. Note • If you select an IP interface as the launch point, the right-click menu displays IPv4 and IPv6 options. These options are enabled or dimmed, depending on whether the IP interface has an IPv4 IP address, an IPv6 address, or both IPv4 and IPv6 addresses. For an example, see Figure 11-3. PathTracer > Start Here—If you choose this option, continue with Step 3 in From the Map View, page 11-5. Examples of Launching Cisco PathTracer The following topics provide examples for launching Cisco PathTracer from different locations in Cisco Prime Network Vision: • Using an Ethernet Flow Point, page 11-8 • Using an IP Interface, page 11-9 • Using a VLAN Bridge, page 11-10 • Using an Ethernet Port, page 11-12 Cisco Prime Network 4.0 User Guide OL-29343-01 11-7 Chapter 11 Using Cisco PathTracer to Diagnose Problems Launching Path Tracer • Using a Pseudowire, page 11-12 • Using an MPLS-TP Tunnel Endpoint, page 11-13 Using an Ethernet Flow Point A network VLAN is required for you to start a path trace using an Ethernet flow point. To launch a path trace from an Ethernet flow point: Step 1 In the Cisco Prime Network Vision navigation pane or map pane, expand the required network VLAN. Step 2 In the VLAN, right-click the required Ethernet flow point and choose PathTracer > From Here to Destination. The Path Information dialog box is displayed as shown in Figure 11-2. Figure 11-2 Ethernet Flow Point Path Trace Launch Point Step 3 Specify the destination using the information in Table 11-4. Step 4 To limit the number of hops for the path trace, check the Stop trace after check box, and enter the maximum number of hops for the path trace. Step 5 Click OK. The Cisco PathTracer window is displayed with the resulting path trace. Cisco Prime Network 4.0 User Guide 11-8 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Launching Path Tracer Using an IP Interface Both IPv4 and IPv6 addresses are supported as valid path trace sources and destinations as illustrated in the following procedure. To launch a path trace from an IP interface: Step 1 In logical inventory, right-click the required IP interface (Logical Inventory > Routing Entities > Routing Entity > ip-interface). The right-click menu displays IPv4 and IPv6 options. These options are enabled or dimmed, depending on whether the IP interface has an IPv4 address, an IPv6 address, or both IPv4 and IPv6 addresses. See Figure 11-3. Figure 11-3 Step 2 IP Interface Path Trace Launch Point - Right-Click Menu Choose PathTracer > From Here to Destination. The Path Information dialog box is displayed as shown in Figure 11-4. Cisco Prime Network 4.0 User Guide OL-29343-01 11-9 Chapter 11 Using Cisco PathTracer to Diagnose Problems Launching Path Tracer Figure 11-4 IP Interface Path Trace Launch Point - Path Information Dialog Box Step 3 In the Destination IP field, enter the IPv4 or IPv6 address. Step 4 To limit the number of hops for the path trace, check the Stop trace after check box, and enter the maximum number of hops for the path trace. Step 5 Click OK. The Cisco PathTracer window appears, displaying the resulting path trace. Using a VLAN Bridge You can launch path traces from VLAN bridges. Additionally, MAC addresses in the VLAN bridge forwarding table can be path trace destinations. To launch a path trace from a VLAN bridge: Step 1 In logical inventory, right-click the required bridge (Logical Inventory > Bridges > bridge) and choose one of the following options as shown in Figure 11-5: • PathTracer > From Here to Destination • PathTracer > Start Here Cisco Prime Network 4.0 User Guide 11-10 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Launching Path Tracer Figure 11-5 VLAN Bridge Path Trace Launch Point Step 2 If you choose From Here to Destination in Step 1, the Path Information dialog box is displayed. Specify the required destination using the information in Table 11-4. Step 3 If you choose Start Here, navigate to the destination, right-click it, and choose End Here. Destination options include: • IP interface—Logical Inventory > Routing Entities > Routing Entity > IP-interface • Bridge—Logical Inventory > Bridges > bridge • MAC address—Logical Inventory > Bridges > bridge > Bridge Table > MAC-address • Ethernet port—Physical Inventory > chassis > slot > port When a destination is selected, the system extracts the relevant IP address from this point and uses it as the destination. The Cisco PathTracer window is displayed with the resulting path trace. Cisco Prime Network 4.0 User Guide OL-29343-01 11-11 Chapter 11 Using Cisco PathTracer to Diagnose Problems Launching Path Tracer Using an Ethernet Port To launch a path trace from an Ethernet port: Step 1 In physical inventory, right-click the required port (Physical Inventory > Chassis > slot > subslot > port) and choose one of the following options as shown in Figure 11-6: • PathTracer > From Here to Destination • PathTracer > Start Here Figure 11-6 Step 2 Ethernet Port Path Trace Launch Point Depending on your choice in Step 1, specify the required destination information or select the path trace endpoint. The Cisco PathTracer window appears, displaying the resulting path trace. Using a Pseudowire To launch a path trace from a network pseudowire endpoint: Step 1 In the navigation pane or map pane, expand the required network pseudowire. Step 2 Right-click the required pseudowire endpoint and choose PathTracer > From Here to Destination. The Path Information dialog box is displayed as shown in Figure 11-7. Cisco Prime Network 4.0 User Guide 11-12 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Launching Path Tracer Figure 11-7 Path Information Dialog Box for a Network Pseudowire Step 3 Specify the destination using the information in Table 11-4. Step 4 To limit the number of hops for the path trace, check the Stop trace after check box, and enter the maximum number of hops for the path trace. The Cisco PathTracer window appears, displaying the resulting path trace. Using an MPLS-TP Tunnel Endpoint To launch a path trace from an MPLS-TP tunnel endpoint: Step 1 In the navigation pane or map pane, expand the required MPLS-TP tunnel. Step 2 Right-click the required MPLS-TP tunnel endpoint and choose PathTracer > From Here to Destination. The Path Information dialog box is displayed as shown in Figure 11-8. Cisco Prime Network 4.0 User Guide OL-29343-01 11-13 Chapter 11 Using Cisco PathTracer to Diagnose Problems Viewing Path Traces in Cisco PathTracer Figure 11-8 MPLS-TP Tunnel Endpoint Path Trace Launch Step 3 Specify the destination using the information in Table 11-4. Step 4 To limit the number of hops for the path trace, check the Stop trace after check box, and enter the maximum number of hops for the path trace. The Cisco PathTracer window appears, displaying the resulting path trace. Viewing Path Traces in Cisco PathTracer The Cisco PathTracer window displays all discovered paths for the specified source and destination of the path trace, including the devices and physical links. In addition, the Cisco PathTracer window enables you to: • Zoom in and out on path traces by using your mouse scroll wheel. • Apply one of four icon sizes to icons. • View more or less information about the element by resizing the icon. • Access common functions from the icons, such as attaching business tags or viewing properties. You can also right-click elements in the Cisco PathTracer window and choose options from a right-click menu. The right-click menu is context sensitive depending on the view and the item selected. For more information about the right-click menu and the available options, see Right-Click Menu Options, page 11-19. Cisco Prime Network 4.0 User Guide 11-14 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Viewing Path Traces in Cisco PathTracer The Cisco PathTracer window enables you to: • View multiple paths for a selected source and destination either sequentially or simultaneously. • View individual paths with networking layer details. • Save a map with multiple paths to a file. • Run Cisco PathTracer again, using the same trace or with a different limit number of hops. Figure 11-9 shows an example of the Cisco PathTracer window with a multiple-path trace. Figure 11-9 Cisco PathTracer Window - Multiple-Path Trace 1 Menu bar 4 Paths pane 2 Toolbar 5 Status bar 3 Trace tabs 6 Path trace pane The Cisco PathTracer window contains the following components and options: • Menus, page 11-16 • Toolbar, page 11-17 • Trace Tabs, page 11-18 • Paths Pane, page 11-18 Cisco Prime Network 4.0 User Guide OL-29343-01 11-15 Chapter 11 Using Cisco PathTracer to Diagnose Problems Viewing Path Traces in Cisco PathTracer • Path Trace Pane, page 11-18 • Right-Click Menu Options, page 11-19 Menus Table 11-5 describes the options available in the Cisco PathTracer menus. Table 11-5 Cisco PathTracer Window Menu Options Option Description File Menu Run Again Offers the following options for running Cisco PathTracer again for the same source and destination: • Change Hop Count—Enables you to enter a new hop count. • Repeat Last Trace—Runs the previous trace with the same settings. • Run Full Path Trace—Runs the previous trace without a hop count limit. Save Opens the Save dialog box so that you can save the current path trace to your local system in XML format. Close Closes the Cisco PathTracer window. Edit Menu Select All Selects all paths in the selected path trace pane. View Menu Layout Specifies how the elements are arranged in the path trace pane: circular, hierarchical, orthogonal, or symmetric. Overview Opens a window displaying an overview of the path trace. Zoom In Zooms in on the current path trace. Zoom Out Zooms out on the current path trace. Fit in Window Fits the entire path trace in the path trace pane. Normal Select Activates the normal selection mode. Pan Activates the pan mode, which enables you to move around in the path trace by clicking and dragging. Zoom Selection Enables you to zoom in on a specific area in the path trace. Cisco Prime Network 4.0 User Guide 11-16 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Viewing Path Traces in Cisco PathTracer Toolbar Table 11-6 describes the options available in the Cisco PathTracer toolbar. Table 11-6 Button Cisco PathTracer Toolbar Options Function Displays the previous path in the path trace pane. Displays the next path in the path trace pane. Clears the path selection made in the path trace pane. Opens the Cisco PathTracer details window. A map is displayed for the selected path, including network element details, links, and property information. For more information, see Viewing Path Trace Details, page 11-20. Saves the current multiple-path trace to an XML file on your local system. For more information, see Saving and Opening Cisco PathTracer Map Files, page 11-26. Offers the following options for running Cisco PathTracer again for the same source and destination: • Change Hop Count—Enables you to enter a new hop count. • Repeat Last Trace—Runs the previous trace with the same settings. • Run Full Path Trace—Runs the previous trace without a hop count limit. The new path trace map is displayed in the path trace pane. A new tab with the up-to-date (or refreshed) path map is created for each run, with each tab representing a run and the tab label indicating the snapshot time. Opens a window displaying a high level view of the path trace currently displayed in the path trace pane. Specifies how the elements are arranged in the path trace pane: circular, hierarchical, orthogonal, or symmetric. Fits the entire path trace in the path trace pane. Activates the normal selection mode. The button toggles when selected or deselected. Activates the zoom selection mode, which enables you to select a specific area in the path to zoom in on by clicking and dragging. The button toggles when selected or deselected. Activates the pan mode, which enables you to move around in the path trace by clicking and dragging. The button toggles when selected or deselected. Cisco Prime Network 4.0 User Guide OL-29343-01 11-17 Chapter 11 Using Cisco PathTracer to Diagnose Problems Viewing Path Traces in Cisco PathTracer Trace Tabs The discovered path trace is initially displayed in the path trace pane with a tab that displays the date and time when Prime Network started the path tracing process (snapshot time). If you load a saved path from a file or run the displayed path trace again, the opened or refreshed path is displayed in a new tab with a refreshed path map for each run or file. When using a saved path from a file, the source and destination must be the same as the current display for it to appear in the same path trace window. Each tab represents a run or file, and its header displays the snapshot time. Paths Pane The paths pane lists all the paths discovered in the current path trace. A new path is created for each source and destination pair. The paths are identified by number, such as 1, 2, and 3. If you launch a path trace with a specific hop count, the paths pane displays First n Hops where n is the number of hops specified. Selecting a path in the paths pane highlights the selected path in the path trace pane. The paths that are not selected are dimmed in the map. To view a different path, do either of the following: • Choose a different path in the paths pane. • Click Select Previous Path or Select Next Path in the toolbar. To remove a path selection, click Clear Path Selection in the toolbar. Path Trace Pane The path trace pane displays the devices, links, and topological paths that are part of the path trace. All links and nodes in the path trace pane are labeled with their relevant path numbers, corresponding to the numbers in the paths pane. The starting point is labeled with a Starting Point callout. All other edge points are displayed as clouds. The same coloring conventions that are used for links in the Prime Network content pane are used to display links in the Cisco PathTracer path trace pane. Cisco PathTracer uses icons to display the network objects and their status. The status of a network object can be indicated on the topological map in the following ways: • Severity • Management state • New alarms For more information, see: • Prime Network Vision Status Indicators, page 2-17 • Chapter 2, “Working with the Prime Network Vision Client” • Map View, page 2-8 Cisco Prime Network 4.0 User Guide 11-18 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Viewing Path Traces in Cisco PathTracer Right-Click Menu Options You can right-click network elements in the path trace window and choose items from a right-click menu. The right-click menu is context sensitive depending on the view and the element selected. Table 11-7 describes the right-click menu options that are available for elements selected in the Cisco PathTracer window. Table 11-7 Cisco PathTracer Element Right-Click Menu Options Option Description Inventory Opens the inventory window for the selected element. Aggregate Groups the selected devices into an aggregation. Disaggregate Ungroups the devices in the selected aggregation. Note This option is available only when an aggregation is selected. Poll Now Polls the selected element. Attach Business Tag Attaches a business tag to the selected network element Config Mgmnt Displays the Configuration Management page for the selected device in Prime Network Change and Configuration Management. For more information, see Chapter 4, “Device Configurations and Software Images.” Image Mgmnt Displays the Configuration Management page for the selected device in Prime Network Change and Configuration Management. For more information, see Chapter 4, “Device Configurations and Software Images.” Resize Enables you to resize an object on the map by percentage or size. Open Relevant Maps Displays the Open Map dialog box so that you can view and open maps that contain the selected element. Run Report Enables you to run standard or user-defined events, inventory, and network service reports on demand. Show Callouts/ Hide Callouts Displays or hides callouts associated with the selected element. Tools Contains the following choices: • CPU Usage—Displays memory and CPU usage information for a device or network element. • Ping—Pings the device from the client station. • Telnet—Communicates with the device using the Telnet window from the client station. Note If you use a Windows 7 system, you must enable the Windows Telnet Client before you can use the Prime Network Vision Telnet option. - For Windows 7 32-bit systems, enable the Windows Telnet Client to use the Prime Network Vision Telnet option. - For Windows 7 64-bit systems, a solution is available on the Cisco Developer Network at http://developer.cisco.com/web/prime-network/ forums/-/message_boards/message/2780108. Cisco Prime Network 4.0 User Guide OL-29343-01 11-19 Chapter 11 Using Cisco PathTracer to Diagnose Problems Viewing Path Trace Details Table 11-7 Cisco PathTracer Element Right-Click Menu Options (continued) Option Description Topology Enables you to add: • A static link between two devices. • A static topology between a device and an unmanaged network. • A tunnel to a VPN. Launch external applications Starts an external application or tool that has been configured for access via the right-click menu. For more information, see the Cisco Prime Network 4.0 Customization Guide. Properties Displays the properties of the selected item, such as the IP address and system name. Commands Launches available activation and configuration scripts. This can include the commands documented in Setting Up Devices and Validating Device Information, page 1-4, and those you create using Command Builder. For more information, see the Cisco Prime Network 4.0 Customization Guide. Management Contains the following submenu options: VNE Tools • Command Builder—Defines commands and scripts using the Prime Network Command Builder tool (Configurator security level required). • Soft Properties Management—Extends VNEs by adding SNMP MIB or Telnet/SHH/TL-1 properties to the device’s collected information model using the Prime Network Soft Properties Manager (Administrator security level required). Contains the following submenu options: • Poll Now—Updates the VNE information. • Stop VNE—Stops the VNE. • Start VNE—Starts the VNE. Viewing Path Trace Details In addition to the information displayed in the Cisco PathTracer window, you can: • View the following information for each network element: – The relevant parameters for each interface on all layers along the path. – For each layer, an indication of a mismatch between the parameters of the interfaces on both sides of a link. – Traffic statistics along the path. • Monitor the status and traffic of all links along the path. • View In and Out port properties. To view this information, select the required path in the Cisco PathTracer window, and then click PathTracer in the toolbar. If you select multiple paths, a separate window is opened for each path. Figure 11-10 shows an example of the Cisco PathTracer details window. Cisco Prime Network 4.0 User Guide 11-20 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Viewing Path Trace Details Figure 11-10 Cisco PathTracer Details Window 1 Menu bar 5 Details pane 2 Toolbar 6 Layer and Business tabs 3 Path trace pane 7 Status bar 4 Hide/display path trace pane The Cisco PathTracer details window contains the following components: • Menus, page 11-22 • Cisco PathTracer Details Window Toolbar, page 11-22 • Path Trace Pane, page 11-23 • Details Pane, page 11-25 Cisco Prime Network 4.0 User Guide OL-29343-01 11-21 Chapter 11 Using Cisco PathTracer to Diagnose Problems Viewing Path Trace Details Menus Table 11-8 describes the Cisco PathTracer details window menu options. Table 11-8 Cisco PathTracer Details Window Menus Option Description File Menu Close Closes the Cisco PathTracer window. View Menu Show All Displays all the information in the tabs. Hide All Hides all the information in the tabs. Tools Menu Export to File Exports the currently displayed data to a CSV file. Start Saving to File Starts exporting the counter values of the path displayed in the Cisco PathTracer window to a CSV file. Stop Saving to File Stops exporting the counter values of the path displayed in the Cisco PathTracer window to a CSV file. Help Menu Help Contents Opens the online help for Cisco Prime Network Vision and Cisco Prime Network Events. Help About Displays the Cisco Prime Network Vision version and any additionally installed applications. Cisco PathTracer Details Window Toolbar Table 11-9 describes the tools that are available in the Cisco PathTracer details window toolbar. Table 11-9 Button Cisco PathTracer Details Window Toolbar Options Name Function Show All Displays all the information in the tabs. Hide All Hides all the information in the tabs. Export to File Exports the currently displayed data to a CSV file. Start Saving to File Starts exporting the counter values of the path displayed in the Cisco PathTracer window to a CSV file. Stop Saving to File Stops exporting the counter values of the path displayed in the Cisco PathTracer window to a CSV file. Cisco Prime Network 4.0 User Guide 11-22 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Viewing Path Trace Details Path Trace Pane The path trace pane in the Cisco PathTracer details window displays information related to the tab selected in the details pane. For example, if you choose the Layer 2 tab in the details pane, Layer 2 information is displayed in the path trace pane. Similarly, if you choose an element or link in the path trace pane, the related parameters are highlighted in the details pane. By default, the path trace pane includes: • Edge points • Elements included in the path trace, including badges • Links included in the path trace Hovering your mouse over an element displays a tooltip that contains the element name, device type, and IP address. Hovering your mouse over the link to the right or left of the element displays the associated incoming or outgoing interface for that element and link. Table 11-10 describes the right-click menu options that are available for elements in the path trace pane. Table 11-10 Cisco PathTracer Element Right-Click Menu Options Option Description Inventory Opens the inventory window for the selected element. Attach Business Tag Attaches a business tag to the selected network element Poll Now Polls the selected element. Config Mgmnt Displays the Configuration Management page for the selected device in Prime Network Change and Configuration Management. For more information, see Chapter 4, “Device Configurations and Software Images.” Image Mgmnt Displays the Configuration Management page for the selected device in Prime Network Change and Configuration Management. For more information, see Chapter 4, “Device Configurations and Software Images.” Run Report Enables you to run standard or user-defined events, inventory, and network service reports on demand. Cisco Prime Network 4.0 User Guide OL-29343-01 11-23 Chapter 11 Using Cisco PathTracer to Diagnose Problems Viewing Path Trace Details Table 11-10 Cisco PathTracer Element Right-Click Menu Options (continued) Option Description Tools Contains the following choices: • CPU Usage—Displays memory and CPU usage information for a device or network element. • Ping—Pings the device from the client station. • Telnet—Communicates with the device using the Telnet window from the client station. Note Topology If you use a Windows 7 system, you must enable the Windows Telnet Client before you can use the Prime Network Vision Telnet option. - For Windows 7 32-bit systems, enable the Windows Telnet Client to use the Prime Network Vision Telnet option. - For Windows 7 64-bit systems, a solution is available on the Cisco Developer Network at http://developer.cisco.com/web/prime-network/forums/-/m essage_boards/message/2780108. Enables you to add: • A static link between two devices. • A static topology between a device and an unmanaged network. • A tunnel to a VPN. Launch external applications Starts an external application or tool that has been configured for access via the right-click menu. For more information, see the Cisco Prime Network 4.0 Customization Guide. Properties Displays the properties of the selected item, such as the IP address and system name. Commands Launches available activation and configuration scripts. This can include the commands documented in Configure Basic Device Settings: Name, DNS, NTP, RADIUS, TACACs, ACLs, page 1-5, and those you create using Command Builder. For more information, see the Cisco Prime Network 4.0 Customization Guide. Cisco Prime Network 4.0 User Guide 11-24 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Viewing Path Trace Details Table 11-10 Cisco PathTracer Element Right-Click Menu Options (continued) Option Description Management Contains the following submenu options: VNE Tools • Command Builder—Defines commands and scripts using the Prime Network Command Builder tool (Configurator security level required). • Soft Properties Management—Extends VNEs by adding SNMP MIB or Telnet/SHH/TL-1 properties to the device's collected information model using the Prime Network Soft Properties Manager (Administrator security level required). Contains the following submenu options: • Poll Now—Updates the VNE information. • Stop VNE—Stops the VNE. • Start VNE—Starts the VNE. Details Pane Selecting a device or link in the path trace pane automatically highlights the related parameters in the details pane. The details pane, with its Layer and Business tabs, displays the supported parameters of the selected element in a table, with the ingress and egress ports along the top and the parameters on the left. Any inconsistencies between the two connected ports are colored to emphasize a discrepancy, such as different admin statuses. The information parameters are arranged as follows: • Layer n tabs—These tabs provide information about each network element, including ingress and egress port information. The information is either plain data that is extracted from the element or calculated data, such as rates or statistics. This information is displayed in the Layer 1, Layer 2, and Layer 3 tabs, as follows: – Layer 1—Displays the Layer 1 information in the selected path and enables you to view the link parameters. The name of each device is displayed, as well as the subslot, slot, and port details. – Layer 2—Displays the Layer 2 information in the selected path and enables you to view the link and connection parameters. For each device, the name and MAC address are displayed, as well as the VPI/VCI in an ATM link or the DLCI in a Frame Relay link. By default, the Cisco PathTracer details window is displayed with the Layer 2 tab active. – Layer 3—Displays the Layer 3 information in the selected path and enables you to view the link parameters. The name of each device is displayed. If a field has no value on any of the interfaces, the field is not displayed in the table. For example, if none of the interfaces is configured for MTU, the MTU row is not displayed in the table. If at least one of the interfaces is configured for MTU, the MTU row is displayed. • Business tab—This tab provides the name and key of business tags that are attached to the network entities displayed, including ports, devices (physical entities), VCIs, VPIs, DLCIs, contexts (logical entities), or MPLS. This information is displayed in the Business Tag area. Cisco Prime Network 4.0 User Guide OL-29343-01 11-25 Chapter 11 Using Cisco PathTracer to Diagnose Problems Saving and Opening Cisco PathTracer Map Files Saving and Opening Cisco PathTracer Map Files Prime Network enables you to export multiple-path trace maps that are displayed in the Cisco PathTracer window to an XML file. You can view the data later to assess whether anything has changed. Saving Cisco PathTracer Map Files To save Cisco PathTracer map files: Step 1 Open the Cisco PathTracer window as described in Launching Path Tracer, page 11-3. Step 2 Click Save MultiPath in the toolbar. Step 3 In the Save dialog box, navigate to the directory where you want to save the file and enter a name for the map file. Step 4 Click Save. The map file is saved in the selected directory. Opening Cisco PathTracer Map Files Prime Network enables you to open saved XML-formatted path-tracing maps. The following conditions apply when working with multiple-path trace files: • When you load a multiple-path trace file, Prime Network queries the file (not the network), and loads the persisted information. • If you load a multiple-path trace file that does not contain the same start and end points, the map is automatically opened in a new Cisco PathTracer window. To open Cisco PathTracer map files: Step 1 In Cisco Prime Network Vision, choose File > Load MultiPath from the main menu. The Open dialog box is displayed. Step 2 Navigate to the directory of the saved file and select the file. Step 3 Click Open. The previously saved map is displayed in the Cisco PathTracer window. Saving Cisco PathTracer Counter Values Prime Network enables you to export, over a period of time, the counter values of the path displayed in the Cisco PathTracer window to a CSV file. The data can then be viewed later, as required. Note This topic applies to the Cisco PathTracer details window only. To save Cisco PathTracer counter values that are generated over a period of time: Step 1 Open the Cisco PathTracer details window as described in Viewing Path Trace Details, page 11-20. Step 2 Click Start Saving to File in the toolbar. Cisco Prime Network 4.0 User Guide 11-26 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Rerunning a Path and Comparing Results Step 3 In the Export Table to File dialog box, navigate to the directory where you want to save the Cisco PathTracer counter values. Step 4 In the File name field, enter a name for the file in which to save the counter values. Step 5 Click Save. Cisco PathTracer starts saving the counter values to the specified file. Step 6 To stop exporting counter values to the file, click Stop Saving to File in the toolbar. Cisco PathTracer stops exporting the counter values to the file. Rerunning a Path and Comparing Results If you save a path to a file (see Saving and Opening Cisco PathTracer Map Files, page 11-26), you can use the file to rerun the same path automatically with the same source and destination. You can also compare the saved path to a newly run path to determine if the path has changed or to assess a problem. To rerun a saved path: Step 1 Load the required map file as described in Saving and Opening Cisco PathTracer Map Files, page 11-26. The Cisco PathTracer window is displayed with the previously saved map file. Step 2 Click Run Again in the toolbar. The path trace runs automatically using the same source and destination as the loaded map file, and a new tab is displayed in the Cisco PathTracer window with the updated map. The tab displays the date and time when the path was rerun. Step 3 Note Compare the previous map to the updated one by switching between the tabs in the Cisco PathTracer window. • If you load a Cisco PathTracer map file that does not contain the same source and destination information as the map that is currently displayed in the window, the map is automatically opened in a new Cisco PathTracer window. • If you load a Cisco PathTracer map file that contains the same source and destination information as a map that is currently displayed in the window, the map is loaded in a new tab in the same window. Viewing Q-in-Q Path Information The Q-in-Q (IEEE 802.1) tagging technology (also known as Dot1q tunneling) allows the nesting of another VLAN tag in a packet, in addition to an existing one. Either VLAN tag is considered an 802.1Q header. Cisco Prime Network 4.0 User Guide OL-29343-01 11-27 Chapter 11 Using Cisco PathTracer to Diagnose Problems Viewing L2TP Path Information Cisco PathTracer uses the VLAN tags of the Ethernet header and the port configuration to trace the path from one interface to another over the network. Among other things, you can: • View a Layer 2 path across a LAN domain with all the VLAN tag information. • For each network element, view the relevant parameters for each interface on all layers along the path. Q-in-Q and Dot1q information is displayed in the Cisco PathTracer window when a path is traced over Ethernet ports with Dot1q and a Q-in-Q configuration. As described in Launching Path Tracer, page 11-3, to view a specific path, you must specify an initial start point, such as an IP interface, and then an endpoint, such as a destination IP address. To trace a Q-in-Q path, you start the path from any: • Router or switch that is part of the Ethernet domain with Dot1q and Q-in-Q configurations. • IP destination that can be reached from that point of the network. After you select the endpoint, the Cisco PathTracer window is displayed. From this window, you can open the Cisco PathTracer details window, with the appropriate Q-in-Q information displayed in the Layer 2 tab. The Layer 2 tab can display the following information specific to Q-in-Q and VLAN port configurations: • VLAN Mode—The work mode for the interface: Unknown, Access, Trunk, or Dot1Q Tunnel. Trunk mode also refers to multiple tagging. • Native VLAN ID—The VLAN identifier that is used to tag untagged traffic received on a trunked interface: – If VLAN tagging is enabled, the default native VLAN identifier is 1. – If VLAN tagging is disabled, the native VLAN identifier is 0 (zero) or “no VLAN ID.” • CE VLAN ID—The customer edge device VLAN identifier. • SP VLAN ID—The service provider VLAN identifier. Viewing L2TP Path Information Cisco PathTracer uses VC ID encapsulation information to trace the path from one tunnel interface to another over the network. The Cisco PathTracer tool enables you to: • View a path for the defined Layer 2 Tunneling Protocol (L2TP) session across the network. • For each network element, view the relevant parameters for each interface on all layers along the path. The Layer 3 tab displays the peer name for L2TP tunnels. Table 11-11 describes the information that is displayed in the Layer 2 tab for L2TP tunnels. Table 11-11 Layer 2 Tab Information for L2TP Tunnels Field Description Encapsulation Type Encapsulation type, such as Point-to-Point Protocol over ATM (PPPoA). Binding Information Name of the subscriber. Binding Status Binding status: bound or unbound. Tunnel Session Count Number of current sessions. Cisco Prime Network 4.0 User Guide 11-28 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Using Cisco PathTracer in MPLS Networks Table 11-11 Layer 2 Tab Information for L2TP Tunnels (continued) Field Description Tunnel Remote ID Remote tunnel identifier. Tunnel ID Local tunnel identifier. Tunnel Name Name of the subscriber and the tunnel identifier. Session ID Session identifier. Traffic > L2TPSession Number of traffic packets passing through the L2TP tunnel. Counters Traffic < L2TPSessionCounters Number of traffic packets passing through the L2TP tunnel. Tunnel Ctl Errors Number of control errors. Tunnel State Tunnel state: unknown, idle, connecting, established, or disconnecting. Session Type Session type: unknown, LAC, or LNS. Peer Name Peer name. Tunnel Remote IP Remote IP address of the tunnel. Last Error Code Value of the last error code that caused the tunnel disconnection. Session State Session state: unknown, idle, connecting, established, or disconnecting. Remote Session ID Remote session identifier. Using Cisco PathTracer in MPLS Networks You can open and view Cisco PathTracer information between service endpoints, such as an IP interface that is attached to the VRF over an MPLS network. The LSP in the MPLS network is found according to the cross-connect table of each router. Note An LSP can be traced and displayed by Cisco PathTracer as part of an end-to-end tracing of a service; for example, when viewing a path between one CE device and another. Cisco PathTracer traces the path that goes over circuits or VLANs in the access networks. It also traces the LSPs between the VRFs going through all intermediate devices such as CE devices, aggregation switches, PE routers, and core routers. To view a specific path, you must specify an initial starting point, such as an IP interface; specifying a destination IP address is optional. If the traced path (for example, a VC or VLAN) ends in a router, Cisco PathTracer finds the next hop according to the destination IP address. If you select an endpoint, Cisco PathTracer extracts the relevant IP address from this point and uses it as the destination. The following topics provide more information on using Cisco PathTracer in MPLS networks: • Cisco PathTracer MPLS Start and Endpoints, page 11-30 • Using Cisco PathTracer for CSC Configurations, page 11-31 • Using Cisco PathTracer for Layer 3 VPNs, page 11-32 • Using Cisco PathTracer for Layer 2 VPNs, page 11-32 • Using Cisco PathTracer for MPLS TE Tunnels, page 11-33 Cisco Prime Network 4.0 User Guide OL-29343-01 11-29 Chapter 11 Using Cisco PathTracer to Diagnose Problems Using Cisco PathTracer in MPLS Networks Cisco PathTracer MPLS Start and Endpoints You can open Cisco PathTracer by right-clicking a starting point and entering the required destination IP address. Table 11-12 lists the Cisco PathTracer starting points. Table 11-12 Cisco PathTracer MPLS Starting Points Element Location IP interface MPLS-TP tunnel endpoint Site Start Options • Inventory window • From Here to Destination • Affected entity (enabled only if the affected entity has an IP interface) • Start Here • Navigation or map pane • From Here to Destination • Inventory window • Start Here • From Here to Destination • To Subnet Destination • Start Here Service view map Business tag attached to the VPI/VCI or IP interface The path can be found using a business tag, which is attached to the VPI/VCI or IP interface by entering its key. It can then be opened from the Find Business Tag window. From Here to Destination Layer 2 MPLS Tunnel Inventory window From Here to Destination If you choose the Start Here option, Table 11-13 lists the endpoints that can be selected as path destinations. Table 11-13 Cisco PathTracer MPLS Endpoints Element IP interface Location • Inventory window • Affected entity (enabled only if the affected entity has an IP interface) End Options End Here MPLS-TP tunnel endpoint Inventory window End Here Site Service view map End Here The Cisco PathTracer window is displayed. From this window you can open the Cisco PathTracer details window with the VPN information displayed in the Layer 2 and Layer 3 tabs. Note If multiple paths are selected in the paths pane, or if nothing is selected in the paths pane, all available paths are opened automatically, and each is displayed in a separate Cisco PathTracer window. Cisco Prime Network 4.0 User Guide 11-30 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Using Cisco PathTracer in MPLS Networks Using Cisco PathTracer for CSC Configurations Cisco PathTracer traces a CSC flow from the customer CE through the customer carrier VPN, across the customer backbone carrier VPN, back to the customer carrier VPN, and to the destination CE. To launch a path trace for a CSC configuration: Step 1 In a map, double-click the required CE device. Step 2 In the inventory window, choose Logical Inventory > Routing Entities > Routing Entity. Step 3 In the IP Interfaces table, right-click the required interface and choose PathTracer > Start Here > IPvn where IPvn represents IPv4 or IPv6. Step 4 Navigate to the destination CE device and double-click it. Step 5 In the inventory window, choose Logical Inventory > Routing Entities > Routing Entity. Step 6 In the IP Interfaces table, right-click the required interface and choose PathTracer > End Here. The path trace is displayed in the Cisco PathTracer window. Step 7 To view the detailed pane, click Cisco PathTracer in the toolbar. The Layer 2 tab displays a single outer label and two inner labels for each interface, reflecting the CSC configuration. (See Figure 11-11.) Figure 11-11 CSC Configuration Path Trace Cisco Prime Network 4.0 User Guide OL-29343-01 11-31 Chapter 11 Using Cisco PathTracer to Diagnose Problems Using Cisco PathTracer in MPLS Networks Using Cisco PathTracer for Layer 3 VPNs Cisco PathTracer uses VRF routing and label switching information to trace the path from one VRF interface to another. If you choose a launch point and destination from the right-click menu, you can open the Cisco PathTracer for Layer 3 VPNs. The Cisco PathTracer window shows the VPN topology map. From this window, you can open the Cisco PathTracer details window with the appropriate VPN information displayed in the Layer 2 and Layer 3 tabs. For Layer 3 path information, Prime Network uses VRF routing and label switching information to trace the path from one VRF interface to another. Layer 3 path trace information is displayed in the Cisco PathTracer window when the path goes over connections and ends in VRFs. If a VRF table includes more than one path toward a destination, Cisco PathTracer shows all paths. To view Layer 3 path information, choose the Layer 3 tab and choose Show All from the View menu. The path information is displayed in the active tab. The table displays the Layer 3 VPN information on the device that has a VRF. The following Layer 3 properties displayed in the Layer 3 tab relate specifically to VPNs: • Name—The name of the site. For example, ATM4/0.100(10.0.0.1) is a combination of the interface name and IP address used to reach the site. Each site belongs to a particular VPN, so the address must be unique within the VPN. • IP Address—The IP address of the interface. • Mask—The mask of the specific network. • State—The state of the interface (up or down). • VRF Name—The name of the VRF. Cisco PathTracer does not display or trace EXP bits for Layer 3 VPNs that use policy-based tunnel selection (PBTS). Using Cisco PathTracer for Layer 2 VPNs Cisco PathTracer uses VC ID and label switching information to trace the path from one tunnel interface to another over the MPLS network. Cisco PathTracer also covers end-to-end Layer 2 VPN service paths from one CE router to another. The path goes over circuits (such as a VC) or VLANs in access networks and over LSP between the Layer 2 tunnel edge. The Cisco PathTracer window shows the VPN topology map for the relevant devices and links. From this window, you can open the Cisco PathTracer details window with the appropriate VPN information displayed in the Layer 2 and Layer 3 tabs. For Layer 2 path information, Cisco PathTracer uses VC ID and label switching information to trace the path from one tunnel interface to another. Layer 2 path trace information is displayed in the Cisco PathTracer window when the path goes over pseudowire tunnels. To view Layer 2 path information, choose the Layer 2 tab and then View > Show All. The path information is displayed in the active tab. Cisco Prime Network 4.0 User Guide 11-32 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Using Cisco PathTracer in MPLS Networks Table 11-14 describes the Layer 2 properties that can be displayed in the Layer 2 tab specifically for VPNs. Table 11-14 Cisco PathTracer Layer 2 Properties for VPNs Field Description Top Label Details of the outer MPLS label. Label Stack Details of the inner MPLS label. MAC Address MAC address. Tunnel ID Tunnel identifier. The identifier and the router IP address of the two tunnel edges identify the pseudowire tunnel. Tunnel Type Tunnel type: Tunnel Status • 0—Unknown • 1—PWE3 • 2—TE Operational state of the tunnel: Up or Down. Tunnel Local VC Label MPLS label that is used by the router to identify or access the tunnel. It is inserted in the MPLS label stack by the local router. Tunnel Peer VC Label MPLS label that is used by the router to identify or access the tunnel. It is inserted in the MPLS label stack by the peer router. Tunnel Local Router IP IP address of the tunnel edge, which is used as the MPLS router identifier. Tunnel Peer Router IP IP address of the peer tunnel edge, which is used as the MPLS router identifier. Distribution Protocol Type Protocol used by MPLS to build the tunnel, such as LDP or TDP. Peer OID Tunnel identifier and device name. Using Cisco PathTracer for MPLS TE Tunnels Cisco PathTracer uses label switching information to trace the end-to-end path of a TE tunnel path from one PE router to another. Using MPLS TE technology, Cisco PathTracer enables you to: • View a path or list of devices. • View the following information for each network element: – The relevant parameters for each interface on all layers along the path. – The path for the defined MPLS TE-LSP across the network. The Cisco PathTracer window is displayed showing the MPLS TE tunnel topology map. From this window, you can open the Cisco PathTracer details window with the appropriate MPLS TE tunnel information displayed in the Layer 2 tab. Note Cisco PathTracer does not display or trace EXP bits for Layer 3 VPNs that use PBTS. Cisco Prime Network 4.0 User Guide OL-29343-01 11-33 Chapter 11 Using Cisco PathTracer to Diagnose Problems Using Cisco PathTracer in MPLS Networks Layer 2 and Layer 3 path trace information is displayed in the Cisco PathTracer details window when a path is traced over MPLS TE tunnels. To view Layer 2 path information, choose the Layer 2 tab and then View > Show All. The path information is displayed in the active tab. Table 11-15 describes the Layer 2 properties that can be displayed in the Layer 2 tab specifically for MPLS TE tunnels. Table 11-15 Cisco PathTracer Layer 2 Properties for MPLS TE Tunnels Field Description MPLS TE Properties MPLS TE data set in an MPLS interface, primarily bandwidth allocation levels and signaling protocol. Tunnel Oper Status Operational status of the tunnel: Up or Down. If this value is Up, the Tunnel Admin Status must also be Up. See Tunnel Admin Status properties for additional information. Tunnel Bandwidth Kbps Configured bandwidth (in Kb/s) for the tunnel. Tunnel Description Description of the tunnel. Tunnel Name Interface name. Tunnel Admin Status Administrative status of the tunnel (Up or Down) with the following caveats: Tunnel Lockdown • If the Tunnel Oper Status value is Up, the Tunnel Admin Status value must also be Up. • If the Tunnel Admin Status value is Down, the Tunnel Oper Status value must also be Down. Whether or not the tunnel can be rerouted: • Enabled—The tunnel cannot be rerouted. • Disabled—The tunnel can be rerouted. Tunnel LSP ID LSP identifier. Tunnel Auto Route Whether or not destinations behind the tunnel are routed through the tunnel: Enabled or disabled. Tunnel Hold Priority Tunnel priority after path setup. Tunnel Setup Priority Tunnel priority upon path setup. Tunnel Path Option Tunnel path option: • Dynamic—The tunnel is routed along the ordinary routing decisions after taking into account the tunnel constraints such as attributes, priority, and bandwidth. • Explicit—The route is explicitly mapped with the included and excluded links. Tunnel Out Label TE tunnel MPLS label distinguishing the LSP selection in the adjacent device. Tunnel Affinity Tunnel’s preferential bits for specific links. Tunnel Destination Address IP address of the device in which the tunnel ends. Tunnel Peak Rate Kbps Peak flow specification (in Kb/s) for this tunnel. Tunnel Out Interface Interface through which the tunnel exits the device. Cisco Prime Network 4.0 User Guide 11-34 OL-29343-01 Chapter 11 Using Cisco PathTracer to Diagnose Problems Using Cisco PathTracer in MPLS Networks Table 11-15 Cisco PathTracer Layer 2 Properties for MPLS TE Tunnels (continued) Field Description Tunnel Burst Kbps Burst flow specification (in Kb/s) for this tunnel. Tunnel Average Rate Kbps Tunnel average rate in Kb/s. Tunnel Affinity Mask Tunnel affinity bits that should be compared to the link attribute bits. Cisco Prime Network 4.0 User Guide OL-29343-01 11-35 Chapter 11 Using Cisco PathTracer to Diagnose Problems Using Cisco PathTracer in MPLS Networks Cisco Prime Network 4.0 User Guide 11-36 OL-29343-01 CH A P T E R 12 Monitoring Carrier Ethernet Services The following topics describe how you can use Cisco Prime Network Vision (Prime Network Vision) to monitor Carrier Ethernet services: • User Roles Required to Work with Carrier Ethernet Services, page 12-2 • Viewing CDP Properties, page 12-6 • Viewing Link Layer Discovery Protocol Properties, page 12-8 • Viewing Spanning Tree Protocol Properties, page 12-10 • Viewing Resilient Ethernet Protocol Properties (REP), page 12-14 • Viewing HSRP Properties, page 12-18 • Viewing Access Gateway Properties, page 12-19 • Working with Ethernet Link Aggregation Groups, page 12-23 • Viewing mLACP Properties, page 12-29 • Viewing Provider Backbone Bridge Properties, page 12-32 • Viewing EFP Properties, page 12-33 • Connecting a Network Element to an EFP, page 12-38 • Understanding EFP Severity and Ticket Badges, page 12-38 • Viewing EVC Service Properties, page 12-40 • Viewing and Renaming Ethernet Flow Domains, page 12-42 • Working with VLANs, page 12-45 • Understanding Unassociated Bridges, page 12-73 • Working with Ethernet Flow Point Cross-Connects, page 12-75 • Working with VPLS and H-VPLS Instances, page 12-78 • Working with Pseudowires, page 12-90 • Working with Ethernet Services, page 12-106 • Viewing IP SLA Responder Service Properties, page 12-112 • Viewing IS-IS Properties, page 12-114 • Viewing OSPF Properties, page 12-117 • Configuring REP and mLACP, page 12-119 • Using Pseudowire Ping and Show Commands, page 12-120 Cisco Prime Network 4.0 User Guide OL-29343-01 12-1 Chapter 12 Monitoring Carrier Ethernet Services User Roles Required to Work with Carrier Ethernet Services • Configuring IS-IS, page 12-121 User Roles Required to Work with Carrier Ethernet Services This topic identifies the roles that are required to work with to Carrier Ethernet services in Prime Network Vision. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the Cisco Prime Network 4.0 Administrator Guide. The following tables identify the tasks that you can perform: • Table 12-1 identifies the tasks that you can perform if a selected element is not in one of your assigned scopes. • Table 12-2 identifies the tasks that you can perform if a selected element is in one of your assigned scopes. By default, users with the Administrator role have access to all managed elements. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Table 12-1 Default Permission/Security Level Required for Working with Carrier Ethernet Services - Element Not in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator Adding Elements to Maps Add associated VLANs to a map — — X X X Add EFP cross-connects — — X X X Add Ethernet services to a map — — X X X Add pseudowires to a map — — X X X Add unassociated bridges — — X X X Add VLANs to a map — — X X X Add VPLS instances to a map — — X X X View access gateway properties — — — — X View associated network VLAN service links and VLAN mapping properties — — — — X View CDP properties — — — — X View EFD properties — Viewing Element Properties View EFP cross-connect properties View EFP properties — Partial 1 Partial 1 — Partial 1 Partial 1 — Partial 1 Partial 1 X Partial 1 X Partial 1 X Cisco Prime Network 4.0 User Guide 12-2 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services User Roles Required to Work with Carrier Ethernet Services Table 12-1 Default Permission/Security Level Required for Working with Carrier Ethernet Services - Element Not in User’s Scope (continued) Task Viewer Operator OperatorPlus Configurator Administrator View Ethernet flow domains X X X X X View Ethernet LAG properties — — — — X View Ethernet service properties X X X X X View EVC service properties — — — — X View IP SLA responder service properties — — — — X View IS-IS properties — — — — X View Link Layer Discovery Protocol (LLDP) properties — — — — X View mLACP properties — — — — X View OSPF properties — — — — X View Provider Backbone Bridge (PBB) properties — — — — X View pseudowire properties Partial1 Partial1 Partial1 Partial1 2 2 2 Partial 2 Partial Partial X View pseudowire redundancy service properties Partial Viewing the PW-HE configuration — — — — X View REP properties — — — — X View REP properties for VLAN service links — — — — X View STP properties — — — — X View STP properties for VLAN service links — — — — X View HSRP properties — — — — X View virtual service instance properties — — — — X View VLAN bridge properties — — — — X View VLAN links between VLAN elements and devices Partial3 Partial3 Partial3 Partial3 X View VLAN mappings — — — — X View VLAN service link properties — — — — X View VLAN trunk group properties — — — — X View VPLS access EFP properties — — — — X View VPLS core or access pseudowire — endpoint properties — — — X View VPLS instance properties X X X X X Cisco Prime Network 4.0 User Guide OL-29343-01 12-3 Chapter 12 Monitoring Carrier Ethernet Services User Roles Required to Work with Carrier Ethernet Services Table 12-1 Default Permission/Security Level Required for Working with Carrier Ethernet Services - Element Not in User’s Scope (continued) Task Viewer Operator OperatorPlus Configurator Administrator Working with Overlays Apply overlays X X X X X Display or hide overlays X X X X X Remove overlays X X X X X View pseudowire tunnel links in VPLS overlays — — — — X View REP information in VLAN domain views and VLAN overlays — — — — X View STP information in VLAN domain views and VLAN overlays — — — — X Display pseudowire information — — — — X Ping a pseudowire — — — — X Remove VLANs from a map — — X X X Rename Ethernet flow domains X X X X X Using REP and mLACP Show Commands — — — X X Using Pseudowire Ping and Show Commands — — — X X Other Tasks 1. The user can view properties available via Node > Properties but not those available via the right-click Properties option or in logical inventory. 2. The user can view the pseudowire redundancy icon in the navigation and map panes, but not the inventory or properties window. 3. The user can view links, but the links are dimmed and do not indicate their status. Table 12-2 Default Permission/Security Level Required for Working with Carrier Ethernet Services - Element in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator Adding Elements to a Map Add associated VLANs to a map — — X X X Add EFP cross-connects — — X X X Add Ethernet services to a map — — X X X Add pseudowires to a map — — X X X Add unassociated bridges — — X X X Add VLANs to a map — — X X X Add VPLS instances to a map — — X X X X X X X X Viewing Element Properties View access gateway properties Cisco Prime Network 4.0 User Guide 12-4 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services User Roles Required to Work with Carrier Ethernet Services Table 12-2 Default Permission/Security Level Required for Working with Carrier Ethernet Services - Element in User’s Scope (continued) Task Viewer Operator OperatorPlus Configurator Administrator View associated network VLAN service links and VLAN mapping properties X X X X X View CDP properties X X X X X View EFD properties X X X X X View EFP cross-connect properties X X X X X View EFP properties X X X X X View Ethernet flow domains X X X X X View Ethernet LAG properties X X X X X View Ethernet service properties X X X X X View EVC service properties X X X X X View IP SLA responder service properties X X X X X View IS-IS properties X X X X X View Link Layer Discovery Protocol (LLDP) properties X X X X X View mLACP properties X X X X X View OSPF properties X X X X X View Provider Backbone Bridge (PBB) properties X X X X X View pseudowire properties X X X X X View pseudowire redundancy service properties X X X X X Viewing the PW-HE configuration X X X X X View REP properties X X X X X View REP properties for VLAN service links X X X X X View HSRP properties X X X X X View STP properties X X X X X View STP properties for VLAN service links X X X X X View VLAN bridge properties X X X X X View VLAN links between VLAN elements and devices X X X X X View VLAN mappings X X X X X View VLAN service link properties X X X X X View VLAN trunk group properties X X X X X View VPLS access EFP properties X X X X X Cisco Prime Network 4.0 User Guide OL-29343-01 12-5 Chapter 12 Monitoring Carrier Ethernet Services Viewing CDP Properties Table 12-2 Default Permission/Security Level Required for Working with Carrier Ethernet Services - Element in User’s Scope (continued) Task Viewer Operator OperatorPlus Configurator Administrator View VPLS core or access pseudowire X endpoint properties X X X X View VPLS instance properties X X X X X View VSI properties X X X X X Apply overlays X X X X X Display or hide overlays X X X X X Remove overlays X X X X X View pseudowire tunnel links in VPLS overlays X X X X X View REP information in VLAN domain views and VLAN overlays X X X X X View STP information in VLAN domain views and VLAN overlays X X X X X Display pseudowire information — — — X X Ping a pseudowire — — — X X Remove VLANs from a map — — X X X Rename Ethernet flow domains X X X X X Using REP and mLACP Show Commands — — — X X Using Pseudowire Ping and Show Commands — — — X X Working with Overlays Other Tasks Viewing CDP Properties Cisco Discovery Protocol (CDP) is primarily used to obtain protocol addresses of neighboring devices and discover the platform of those devices. In Logical Inventory To view CDP properties: Step 1 In Prime Network Vision, double-click the device whose CDP properties you want to view. Step 2 In the inventory window, click Logical Inventory > Cisco Discovery Protocol. The CDP properties are displayed in logical inventory as shown in Figure 12-1. Cisco Prime Network 4.0 User Guide 12-6 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing CDP Properties Figure 12-1 CDP in Logical Inventory Table 12-3 describes the CDP instance properties that are displayed. Table 12-3 CDP Properties in Logical Inventory Field Description Process Process name; in this case, Cisco Discovery Protocol Process Status Process status: Running or Disabled. CDP Holdtime Specifies the amount of time a receiving device should hold the information sent by a device before discarding it. CDP Message Interval Interval between CDP advertisement transmissions. CDP Local Device ID Local device identifier. CDP Version CDP version: 1 or 2. CDP Neighbors Table Local Port Local port name. Local Port ID Local port identifier. Remote Device ID Remote device identifier. Remote Port ID Remote port identifier. Remote IP Address Remote IP address. Cisco Prime Network 4.0 User Guide OL-29343-01 12-7 Chapter 12 Monitoring Carrier Ethernet Services Viewing Link Layer Discovery Protocol Properties In Physical Inventory To view CDP on a Layer 2 port: Step 1 In Prime Network Vision, double-click the device with the Layer 2 port with the CDP information you want to view. Step 2 In the inventory window, select the required port under Physical Inventory. The CDP information is displayed in the Discovery Protocols area in the Prime Network Vision content pane: • Discovery Protocol Type—CDP • Info—Up or Down Viewing Link Layer Discovery Protocol Properties Link Layer Discovery Protocol (LLDP) stores and maintains the local device information, including a list of devices directly connected to the device. In Logical Inventory To view LLDP properties: Step 1 In Prime Network Vision, double-click the device with the LLDP information you want to view. Step 2 In the inventory window, choose Logical Inventory > Link Layer Discovery Protocol. The LLDP properties are displayed in logical inventory as shown in Figure 12-2. Cisco Prime Network 4.0 User Guide 12-8 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing Link Layer Discovery Protocol Properties Figure 12-2 LLDP in Logical Inventory Table 12-4 describes the properties that are displayed for LLDP. Table 12-4 Link Layer Discovery Protocol Properties Field Description Process Process; in this case, Link Layer Discovery Protocol Process Status Process status: Running or Disabled. LLDP Hold Time LLDP advertised hold time in seconds. LLDP Reinitialization Delay LLDP interface reinitialization delay in seconds LLDP Advertisements Interval LLDP advertisements interval in seconds. Local System Name Local system name. Local Chassis ID Local chassis identifier. Cisco Prime Network 4.0 User Guide OL-29343-01 12-9 Chapter 12 Monitoring Carrier Ethernet Services Viewing Spanning Tree Protocol Properties Table 12-4 Link Layer Discovery Protocol Properties (continued) Field Description LLDP Neighbors Table Local Port Local port. Local Port ID Local port identifier. Local Port Name Local port name. Remote System Name Remote system name. Remote Chassis ID Remote chassis identifier. Remote Port ID Remote port identifier. Remote Port Name Remote port name. Remote Management IP Remote management IP address. In Physical Inventory To view LLDP on a Layer 2 port: Step 1 In Prime Network Vision, double-click the device with the Layer 2 port with LLDP information you want to view. Step 2 In the inventory window, select the required port under Physical Inventory. The LLDP information is displayed in the Discovery Protocols area in the Prime Network Vision content pane: • Discovery Protocol Type—LLDP • Info—Tx (Enabled or Disabled), Rx (Enabled or Disabled). Viewing Spanning Tree Protocol Properties Spanning Tree Protocol (STP) is a link management protocol that provides path redundancy while preventing undesirable loops in the network. To view Spanning Tree properties: Step 1 In Prime Network Vision, double-click the element whose STP properties you want to view. Step 2 In the inventory window, choose Logical Inventory > Spanning Tree Protocol. Step 3 STP properties are displayed in logical inventory as shown in Figure 12-3. Cisco Prime Network 4.0 User Guide 12-10 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing Spanning Tree Protocol Properties Figure 12-3 STP in Logical Inventory Table 12-5 describes the properties that are displayed for STP. Table 12-5 STP Properties Field Description Process Process; in this case, Spanning Tree Protocol. Process Status Process status: Running or Disabled. Bridge Hello Time Hello message keepalive interval (in seconds) when the port is the root. Hello Time Current hello time (in seconds). Bridge Forward Delay When the port is the root and in listening or learning state, amount of time to wait (in seconds) before proceeding to the forwarding state. Forward Delay Current bridge forward delay (in seconds). Bridge Max Age When the port is the root, maximum age of learned Spanning Tree Protocol port information (in seconds). Max Age Current maximum age (in seconds). STP Protocol STP version: MST, RSTP, PVSTP, MSTP, or RPVST. UplinkFast PVSTP Uplink Fast function status: Up or Down. BackboneFast PVSTP BackboneFast function status: Up or Down. Cisco Prime Network 4.0 User Guide OL-29343-01 12-11 Chapter 12 Monitoring Carrier Ethernet Services Viewing Spanning Tree Protocol Properties Table 12-5 STP Properties (continued) Field Description STP Instance Info Table Step 4 STP Instance ID STP instance name. VLAN IDs VLAN identifiers. Bridge Priority Bridge priority. STP Root Port Hyperlinked entry to the STP port in logical or physical inventory. Root Cost Root cost value for this bridge. Designated Root MAC address of the designated root. Bridge ID Bridge identifier (MAC address). Bridge Hello Time Hello message keepalive interval (in seconds) when the port is the root. Hello Time Current hello time (in seconds). Bridge Forward Delay When the port is the root and in the listening or learning state, amount of time to wait (in seconds) before proceeding to the forwarding state. Forward Delay Current bridge forward delay (in seconds). Bridge Max Age When the port is the root, maximum age of learned Spanning Tree Protocol port information (in seconds). Max Age Current maximum age (in seconds). To view the properties of an STP instance, do one of the following: • Double-click the required instance. • Click the required entry in logical inventory under the Spanning Tree Protocol branch. Table 12-6 describes the information that is displayed in the STP Instance Information Properties window. Table 12-6 STP Instance Information Properties Field Description STP Instance ID STP instance identifier. VLAN ID VLAN identifier. Bridge Priority Bridge priority. Bridge ID Bridge identifier (MAC address). Root Cost Root cost value for this bridge. Designated Root MAC address of the designated root. Bridge Hello Time Hello message keepalive interval (in seconds) when the port is the root. Hello Time Current hello time (in seconds). Bridge Forward Delay When the port is the root and in listening or learning state, amount of time to wait (in seconds) before proceeding to the forwarding state. Forward Delay Current bridge forward delay (in seconds). Bridge Max Age When the port is the root, the maximum age of learned Spanning Tree Protocol port information (in seconds). Cisco Prime Network 4.0 User Guide 12-12 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing Spanning Tree Protocol Properties Table 12-6 STP Instance Information Properties (continued) Field Description Max Age Current maximum age (in seconds). STP Protocol Specification Specific STP protocol type or variant used for this instance, such as Rapid PvSTP. Is Root Whether or not the port is the root: True or False. Ports Info Table STP Port Hyperlinked entry to the STP port in physical inventory. Port State STP port state: Disabled, Blocking, Listening, Learning, or Forwarding, Port Role Port role: Unknown, Backup, Alternative, Designated, Root, or Boundary. Port Priority Default 802.1p priority assigned to untagged packets arriving at the port. Port Path Cost Port path cost, which represents the media speed for this port. Point To Point Port Whether or not the port is linked to a point-to-point link: True or False. Edge Port Whether or not the port is an edge port; that is, whether it is connected to a nonbridging device: True or False. MST Port Hello Time This field is displayed in the Ports Info Table only for MST. In seconds, the interval between hello BPDUs sent by root switch configuration messages. The range is 1 to 10 seconds. Step 5 Port Identifier STP port identifier. Portfast Whether or not STP PortFast is enabled on the port: Up or Down. Designated Port Identifier Designated STP port identifier. Designated Bridge STP designated bridge. BPDU Filter BPDU Filter status: Up or Down. BPDU Guard BPDU Guard status: Up or Down. To view MSTP properties, choose the required MSTP entry in logical inventory under Spanning Tree Protocol. Table 12-7 describes the information that is displayed for MSTP. Cisco Prime Network 4.0 User Guide OL-29343-01 12-13 Chapter 12 Monitoring Carrier Ethernet Services Viewing Resilient Ethernet Protocol Properties (REP) Table 12-7 MSTP Properties in Logical Inventory Field Description MST Force Version Force version used: MST, PVSTP, RSTP, STP, or Unknown. MST Cfg ID Rev Level Revision level used by the selected device and negotiated with other devices. MST Cfg ID Name MSTP instance name. MST Max Instances Maximum number of MSTP instances. MST Cfg ID Fmt Sel Configuration format used by this device and negotiated with other devices. MST External Root Cost External root cost of the MSTP instance. The following topics describe how to view STP properties related to: • VLAN domain views and overlays—See Viewing STP Information in VLAN Domain Views and VLAN Overlays, page 12-66. • VLAN service link properties—See Viewing STP Properties for VLAN Service Links, page 12-67. Viewing Resilient Ethernet Protocol Properties (REP) Cisco Resilient Ethernet Protocol (REP) technology is implemented on Cisco Carrier Ethernet switches and intelligent service edge routers. REP is a segment protocol, and a REP segment is a chain of ports connected to each other and configured with the same segment identifier. Each end of a segment terminates on an edge switch. The port where the segment terminates is called the edge port. Cisco Prime Network discovers and displays REP Segments (identified by a REP segment identifier that is locally configured on the network element) along with Global REP configuration details. You can also view the REP port roles (open, alternate, and failed) in the Cisco Prime Network Vision map. The REP port role is displayed as a tool-tip between the REP enabled trunk ports in the Ethernet links. Using the Cisco Prime Network Vision map, you can identify if the segment is open or closed. The map displays the forwarding direction (REP port roles) along the Physical links within VLAN overlays. It also displays the forwarding direction along the VLAN links among the switching elements within the VLAN logical domain topology. REP implementation supports the following faults: • A REP Port Role change to Failed service event will be generated when a REP port role is change from Alternate or Open to Failed. • A REP Port Role change to OK clearing service event will be generated when a REP port role is change from Failed to Alternate or Open. Correlation to these service events to physical layer events (for example Link down or Port down) is also performed. You can view REP properties in logical inventory. Step 1 In Prime Network Vision, double-click the device configured for REP. Cisco Prime Network 4.0 User Guide 12-14 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing Resilient Ethernet Protocol Properties (REP) Step 2 In the inventory window, choose Logical Inventory > Resilient Ethernet Protocol. Figure 12-4 shows an example of REP in logical inventory. Figure 12-4 REP in Logical Inventory Table 12-8 describes the information that is displayed for REP. Table 12-8 REP Properties Field Description Process Process name; in this case, Resilient Ethernet Protocol. Process Status State of the REP process, such as Running or Down. Administrative VLAN Administrative VLAN used by REP to transmit its hardware flooding layer messages. Values range from 1 to 4094. Notification Enabled Whether or not notification is enabled: True or False. REP Version Version of REP being used. REP Segments Table Step 3 Segment ID Segment identifier. Segment Complete Whether the segment is complete; that is, that no port in the segment is in a failed state: True or False. To view REP segment properties, double-click the required entry in the REP Segments table. Figure 12-5 shows an example of REP segment properties in logical inventory. Cisco Prime Network 4.0 User Guide OL-29343-01 12-15 Chapter 12 Monitoring Carrier Ethernet Services Viewing Resilient Ethernet Protocol Properties (REP) Figure 12-5 REP Segment Properties Table 12-9 describes the information that is displayed for REP segments. Cisco Prime Network 4.0 User Guide 12-16 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing Resilient Ethernet Protocol Properties (REP) Table 12-9 REP Segment Properties Field Description Segment ID Segment identifier. Segment Complete Whether the segment is complete; that is, that no port in the segment is in a failed state: True or False. Segment Ports Table Port Hyperlinked entry to the port in physical inventory. Port State Current operational link state of the REP port: None, Init Down, No Neighbor, One Way, Two Way, Flapping, Wait, or Unknown. Port Type Port type: Primary Edge, Secondary Edge, or Intermediate. Port Role Role or state of the REP port depending on its link status and whether it is forwarding or blocking traffic: Failed, Alternate, or Open. Remote Device Name Name of the neighbor device that this port is connected to on this segment. This value can be null. Remote Port Name Name of the neighbor port on the neighbor bridge that this port is connected to on this segment. This value can be null. Blocked VLANs VLANs that are blocked on this port. Configured Load Balancing Blocked VLANs List of VLANs configured to be blocked at this port for REP VLAN load balancing. Preemptive Timer Amount of time, in seconds, that REP waits before triggering preemption after the segment is complete. The entry can range from 0 to 300, or be Disabled. The value Disabled indicates that no time delay is configured, and that the preemption occurs manually. This property applies only to REP primary edge ports. LSL Ageout Timer Using the Link Status Layer (LSL) age-out timer, the amount of time, in milliseconds, that the REP interface remains up without receiving a hello from a neighbor. Remote Device MAC MAC address of the neighbor bridge that this port is connected to on this segment. This value can be null. The following topics describe how to view REP properties related to VLANs: • VLAN domain views and overlays—See Viewing REP Information in VLAN Domain Views and VLAN Overlays, page 12-63. • VLAN service link properties—See Viewing REP Properties for VLAN Service Links, page 12-64. Cisco Prime Network 4.0 User Guide OL-29343-01 12-17 Chapter 12 Monitoring Carrier Ethernet Services Viewing HSRP Properties Viewing HSRP Properties Hot Standby Router Protocol (HSRP) is a protocol that provides backup to a router in case of failure. Using HSRP, several routers are connected to the same Ethernet network segment and work together to present the appearance of a single virtual router. The routers share the same IP and MAC addresses; therefore in the event of failure of one router, the hosts on the LAN will be able to continue forwarding packets to a consistent IP and MAC address. HSRP groups are configured on IP interfaces. An IP interface is modeled by the VNE through the IPInterface DC. The IPInterface DC maintains the HSRP related information by the use of HSRP group entries. Ethernet DCs, which are used to model Ethernet ports, maintain MAC addresses of the HSRP groups. To view HSRP properties: Step 1 Double-click the required element in Prime Network Vision. Step 2 In logical inventory, choose Logical Inventory > Routing Entities > Routing Entity. Step 3 In the IP Interfaces tab, double-click the required interface to view the IP interface properties. If HSRP is configured on the IP interface, the HSRP Group tab is displayed as shown in Figure 12-6. Figure 12-6 HSRP Group Information Table 12-10 describes the information in the HSRP Group tab. Cisco Prime Network 4.0 User Guide 12-18 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing Access Gateway Properties Table 12-10 HSRP Group Properties Field Description Group Number Number of the HSRP group associated with the interface. Version Version of the HSRP group. Port Name Port on which the HSRP is configured. Priority Value that determines the role each HSRP router plays. Values are 1 through 254, with higher numbers having priority over lower numbers. Coupled Router The partnet router. State State of the HSRP group: Active or Standby. Virtual IP Address Virtual IP address assigned to the active router. Virtual MAC Address Virtual MAC address assigned to the active router. Viewing Access Gateway Properties In an access network, an access gateway configuration ensures loop-free connectivity in the event of various failures by sending statically configured bridge protocol data units (BPDUs) toward the access network. Using statically configured BPDUs enables the gateway device to act appropriately when notified of the following topology changes: • Failure of a link in the access network. • Failure of a link between the access network and the gateway device. • Failure of an access device. • Failure of a gateway device. To view access gateway properties: Step 1 Double-click the element configured for access gateway. Step 2 In the inventory window, choose Logical Inventory > Access Gateway > access-gateway. The group name is appended by either MSTAG or REPAG, indicating the group type Multiple Spanning Tree Access Gateway or Resilient Ethernet Protocol Access Gateway. Figure 12-7 shows an example of an access gateway entry in logical inventory. Cisco Prime Network 4.0 User Guide OL-29343-01 12-19 Chapter 12 Monitoring Carrier Ethernet Services Viewing Access Gateway Properties Figure 12-7 Access Gateway in Logical Inventory Cisco Prime Network 4.0 User Guide 12-20 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing Access Gateway Properties Table 12-11 describes the information that is displayed for an access gateway. Table 12-11 Access Gateway Properties in Logical Inventory Field Description Group Name Access gateway group name. Group Type Group type: MSTAG or REPAG. Interface Properties Interface Hyperlink to the interface in physical inventory on which access gateway is configured. Config Name Name of the MSTP region. The default value is the MAC address of the switch, formatted as a text string using the hexadecimal representation specified in IEEE Standard 802. Max Age In seconds, the maximum age for the bridge. Values range from 6 to 40 seconds. Provider Bridge Whether the current instance of the protocol is in 802.1ad mode: True or False. Bridge Address Bridge identifier for the interface. Port Identifier Port identifier for the interface. External Cost External path cost on the current port. Values range from 1 to 200000000. Step 3 Config Revision Number of the configuration revision. Hello Time Current hello time (in seconds) Port Active Whether or not the port is active: True or False. BPDUs Sent Number of BPDUs sent. Reversion Control Enabled Whether reversion control is enabled: True or False. Choose an access gateway instance to view instance properties. Figure 12-8 shows an example of the information displayed for an access gateway instance. Cisco Prime Network 4.0 User Guide OL-29343-01 12-21 Chapter 12 Monitoring Carrier Ethernet Services Viewing Access Gateway Properties Figure 12-8 Access Gateway Instance in Logical Inventory Table 12-12 describes the information that is displayed for an access gateway instance. Table 12-12 Access Gateway Instance Properties Field Description Interface Key Hyperlink to the interface in physical inventory on which access gateway is configured. Config Name Name of the MSTP region. The default value is the MAC address of the switch, formatted as a text string using the hexadecimal representation specified in IEEE Standard 802. Config Revision Number of the configuration revision. Max Age In seconds, the maximum age for the bridge. Values range from 6 to 40 seconds. Provider Bridge Whether the current instance of the protocol is in 802.1ad mode: True or False. Bridge Address Bridge identifier for the current switch. BPDUs Sent Number of BPDUs sent. Port Identifier Port identifier for the interface. Reversion Control Enabled Whether reversion control is enabled: True or False. External Cost External path cost on the current port. Values range from 1 to 200000000. Cisco Prime Network 4.0 User Guide 12-22 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Link Aggregation Groups Table 12-12 Access Gateway Instance Properties (continued) Field Description Hello Time Current hello time (in seconds) Port Active Whether or not the port is active: True or False. Instances Table Instance ID Access gateway instance identifier. VLAN IDs VLAN identifiers. Cost Path cost for this instance. Bridge Priority Priority associated with current bridge. Root Bridge Priority Priority associated with the root bridge. Root Bridge Address Address of the root bridge. Port Priority Priority of the interface for this instance. Topology Changes Number of times the topology has changed for this instance. Access GW External Cost External root cost of this instance. Working with Ethernet Link Aggregation Groups Ethernet link aggregation groups (LAGs) provide the ability to treat multiple switch ports as one switch port. The port groups act as a single logical port for high-bandwidth connections between two network elements. A single link aggregation group balances the traffic load across the links in the channel. LAG links are discovered automatically for devices that support LAG technology and use VNEs that model Link Aggregation Control Protocol (LACP) attributes. You can create static links between Ethernet LAGs by choosing a LAG and the desired port channel for the A or Z side as described in Adding Static Links, page 6-15. If a physical link within the link aggregation group fails, the following actions occur: • Traffic that was previously carried over the failed link is moved to the remaining links. Most protocols operate over single ports or aggregated switch ports and do not recognize the physical ports within the port group. • An aggregation service alarm is generated. The aggregation service alarm indicates the percentage of links within the aggregation that have failed. For example, if an Ethernet link aggregation group contains four Ethernet links and one fails, the aggregation service alarm indicates that 25% of the links are down. Viewing Ethernet LAG Properties Note Cisco CRS devices must be configured to receive SNMP traps in order to view Ethernet LAG properties. For more information on required SNMP settings, see the Cisco Prime Network4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide OL-29343-01 12-23 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Link Aggregation Groups To view properties for Ethernet link aggregation groups: Step 1 In Prime Network Vision, double-click the device with the link aggregation group you want to view. Step 2 In the inventory window, choose Logical Inventory > Ethernet Link Aggregation. The link aggregation properties are displayed as shown in Figure 12-9. Figure 12-9 Ethernet Link Aggregation in Logical Inventory Table 12-13 describes the aggregation group properties that are displayed in the Data Link Aggregations table. Table 12-13 Data Link Aggregations Table Field Description ID Aggregation identifier. Double-click the entry to view the properties for that aggregation. Type Aggregation group type: Ethernet Channel or IEEE 8023 AD LAG. Group Number Aggregation group number. Bandwidth Aggregation bandwidth. Aggregation Control Protocol Aggregation control protocol: Manual, Link Aggregation Control Protocol (LACP), or Port Aggregation Protocol (PagP). Status Aggregation status: Up or Down. MAC Address Aggregation MAC address. Cisco Prime Network 4.0 User Guide 12-24 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Link Aggregation Groups Step 3 To view properties for a specific aggregation, double-click the group identifier. The information that is displayed depends on the type of aggregation: Table 12-14 • For Ethernet Channel aggregations, see Table 12-14. • For IEEE 802.3 AD aggregations, see Table 12-15. LAG Ethernet Channel Properties Field Description Group Number Aggregation group number. Bandwidth Aggregation bandwidth in b/s. Control Protocol Aggregation control protocol: Manual, Link Aggregation Control Protocol (LACP), or Port Aggregation Protocol (PagP). MAC Address Aggregation MAC address. Administrative State Aggregation administrative status: Up or Down. Operational State Aggregation operational status: Up or Down. Adjacent Adjacent group, hyperlinked to the group in logical inventory. mLACP Properties mLACP properties are displayed if the aggregation group is associated with an ICCP redundancy group. ICCP Redundancy Group ICCP redundancy group associated with this aggregation group, hyperlinked to the relevant entry in logical inventory. mLACP Role Role of the LAG in the redundancy group: Active or Standby. mLACP Operational System MAC MAC address used in a dual-homed environment that is selected by ICCP from one of the configured system MAC addresses for one of the points of attachment (PoAs). mLACP Operational System Priority Priority used in a dual-homed environment that is selected by ICCP from the configured system priority on one of the PoAs. mLACP Failover Option Configured mLACP failover mode: Revertive or Nonrevertive. mLACP Max Bundle Maximum number of links allowed per bundle. Aggregated Ports Table ID Aggregated port identifier, hyperlinked to the interface in physical inventory. Type Aggregation type, such as Layer 2 VLAN. Mode VLAN mode, such as Trunk. Native VLAN ID VLAN identifier (VID) associated with this VLAN. The range of VLANs is 1 to 4067. VLAN Encapsulation Type Type of encapsulation configured on the VLAN, such as IEEE 802.1Q. Allowed VLANs List of VLANs allowed on this interface. VLAN Encapsulation Admin Type VLAN administration encapsulation type, such as IEEE 802.1Q. Subinterfaces Table Address IP address of the subinterface. Mask Subnet mask applied to the IP address. VLAN Type Type of VLAN, such as Bridge or IEEE 802.1Q. Cisco Prime Network 4.0 User Guide OL-29343-01 12-25 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Link Aggregation Groups Table 12-14 LAG Ethernet Channel Properties (continued) Field Description Operational State Operational state of the subinterface: Up or Down. VLAN ID VLAN identifier. Inner VLAN CE-VLAN identifier. IP Interface IP interface configured as part of the subinterface, hyperlinked to the routing entity or VRF in logical inventory. VRF Name VRF associated with the subinterface. Is MPLS Whether the subinterface is enabled for MPLS: True or False. This column is displayed when at least one interface is MPLS-enabled. Tunnel Edge Whether this is a tunnel edge: True or False. VC Virtual circuit identifier, hyperlinked to the VC Table when the subinterface is configured for ATM VC. Binding Hyperlinked entry to the specific bridge in logical inventory. EFPs Table EFP ID EFP identifier. Operational State EFP operational state: Up or Down. VLAN VLAN associated with this EFP. Inner VLAN CE-VLAN identifier. Translated VLAN Translated, or mapped, VLAN identifier. Translated Inner VLAN Translated, or mapped, inner VLAN identifier. Binding Hyperlinked entry to the specific bridge in logical inventory. Description Description for the EFP. Cisco Prime Network 4.0 User Guide 12-26 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Link Aggregation Groups Table 12-15 LAG IEEE 802.3 AD Properties Field Description Group Number Aggregation group number. Bandwidth Aggregation bandwidth. Control Protocol Aggregation control protocol: Manual, Link Aggregation Control Protocol (LACP), or Port Aggregation Protocol (PagP). MAC Address Aggregation MAC address. Administrative State Aggregation administrative status: Up or Down. Operational State Aggregation operational status: Up or Down. Dot3ad Agg Partner System Priority Priority of the partner system. Dot3ad Agg MAC Address Aggregation MAC address. Dot3ad Agg Actor Admin Key Actor administrative key. Dot3ad Agg Actor System Priority Actor system priority. Dot3ad Agg Partner Oper Key Partner operational key. Dot3ad Agg Actor Oper Key Actor operational key. Dot3ad Agg Collector Max Delay Maximum delay (in microseconds) for either delivering or discarding a received frame by the frame collector. Dot3ad Agg Actor System ID Actor system identifier, in the form of a MAC address. Dot3ad Agg Partner System ID Partner system identifier, in the form of a MAC address. mLACP Properties mLACP properties are displayed if the aggregation group is associated with an ICCP redundancy group. ICCP Redundancy Group ICCP redundancy group associated with this aggregation group, hyperlinked to the relevant entry in logical inventory. mLACP Role Role of the LAG in the redundancy group: Active or Standby. mLACP Operational System MAC MAC address used in a dual-homed environment that is selected by ICCP from one of the configured system MAC addresses for one of the points of attachment (PoAs). mLACP Operational System Priority Priority used in a dual-homed environment that is selected by ICCP from the configured system priority on one of the PoAs. mLACP Failover Option Configured mLACP failover mode: Revertive or Nonrevertive. mLACP Max Bundle Maximum number of links allowed per bundle. Aggregated Ports Table ID Port identifier, hyperlinked to the interface in physical inventory. Type Type of VLAN, such as Layer 2 VLAN. Discovery Protocols Discovery protocols used on this port. Cisco Prime Network 4.0 User Guide OL-29343-01 12-27 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Link Aggregation Groups Table 12-15 LAG IEEE 802.3 AD Properties (continued) Field Description Subinterfaces Table Address IP address of the subinterface. Mask Subnet mask applied to the IP address. VLAN Type Type of VLAN, such as Bridge or IEEE 802.1Q. Operational State Operational state of the subinterface: Up or Down. VLAN ID VLAN identifier. Inner VLAN CE-VLAN identifier. IP Interface IP interface configured as part of the subinterface, hyperlinked to the routing entity or VRF in logical inventory. VRF Name VRF associated with the subinterface. VC Virtual circuit identifier, hyperlinked to the VC Table when the subinterface is configured for ATM VC. Binding Hyperlinked entry to the specific bridge in logical inventory. EFPs Table EFP ID EFP identifier. Operational State EFP operational state: Up or Down. VLAN VLAN associated with this EFP. Inner VLAN CE-VLAN identifier. Translated VLAN Translated, or mapped, VLAN identifier. Translated Inner VLAN Translated, or mapped, inner VLAN identifier. Binding Hyperlinked entry to the specific bridge in logical inventory. Description Description for the EFP. LACP Port Entries Aggregated Port Port on which the aggregation is configured, hyperlinked to the entry in physical inventory. Dot3ad Agg Port Partner Admin Port Priority Administrative port priority for the partner. Dot3ad Agg Port Partner Admin Key Administrative key for the partner port. Dot3ad Agg Port Partner Oper Port Priority Priority assigned to the aggregation port by the partner. Dot3ad Agg Port Actor Oper State Local operational state for the port. Dot3ad Agg Port Actor Admin State Local administrative state as transmitted by the local system in LACP data units (LACPDUs). Dot3ad Agg Port Selected Agg ID Selected identifier for the aggregation port. Dot3ad Agg Port Partner Oper Key Operational key for the partner port. Dot3ad Agg Port Partner Admin State Partner administrative state. Dot3ad Agg Port Actor Port Priority Priority assigned to the local aggregation port. Dot3ad Agg Port Partner Oper State Partner administrative state as transmitted by the partner in the most recently transmitted LAPCDU. Dot3ad Agg Port Attached Agg ID Identifier of the aggregator that the port is attached to. Cisco Prime Network 4.0 User Guide 12-28 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing mLACP Properties Table 12-15 LAG IEEE 802.3 AD Properties (continued) Field Description Dot3ad Agg Port Actor Admin Key Administrative key for the local port. Dot3ad Agg Port Actor Port Number assigned to the local aggregation port. Dot3ad Agg Port Partner Oper Port Number assigned to the aggregation port by the partner. Dot3ad Agg Port Actor Oper Key Operational for the local port. Dot3ad Agg Port Partner Admin Port Administrative value of the port for the partner. Viewing mLACP Properties Prime Network Vision supports the discovery of Multichassis LACP (mLACP) configurations on devices configured for them, and displays mLACP configuration information, such as redundancy groups and properties, in inventory. To view mLACP properties: Step 1 In Prime Network Vision, double-click the element configured for mLACP. Step 2 In the inventory window, choose Logical Inventory > ICCP Redundancy. In response, Prime Network Vision lists the Inter-Chassis Communication Protocol (ICCP) redundancy groups configured on the device as shown in Figure 12-10. Figure 12-10 ICCP Redundancy in Logical Inventory Cisco Prime Network 4.0 User Guide OL-29343-01 12-29 Chapter 12 Monitoring Carrier Ethernet Services Viewing mLACP Properties Table 12-16 describes the information displayed in the ICCP Redundancy Groups table. Table 12-16 ICCP Redundancy Groups in Logical Inventory Field Description Group Number ICCP group identifier. Peer Monitoring Option Method used to monitor the peer: BFD or IP Reachability Monitoring. Member IP Address IP address of the neighbor PoA device. Member Device Name Name of the neighbor PoA device. mLACP Node ID Identifier used by this member of the mLACP redundancy group. mLACP Configured System System MAC address of the redundancy group advertised to other MAC members of the mLACP redundancy group and used for arbitration. mLACP Configured System System priority advertised to other mLACP members of the Priority redundancy group. Step 3 To view additional information about an ICCP redundancy group, do either of the following: • In the logical inventory window navigation pane, choose Logical Inventory ICCP Redundancy > ICCP-group. • In the logical inventory content pane, right-click the required group in the ICCP Redundancy Groups table and choose Properties. The ICCP Redundancy Group Properties window is displayed with the Backbone Interfaces and Data Link Aggregations tabs as shown in Figure 12-11. Figure 12-11 ICCP Redundancy Group Properties Window Cisco Prime Network 4.0 User Guide 12-30 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing mLACP Properties Table 12-17 describes the information available in the ICCP Redundancy Group Properties window. Table 12-17 ICCP Redundancy Group Properties Window Field Description Group Number ICCP group identifier. Peer Monitoring Option Method used to monitor the peer: BFD or IP Reachability Monitoring. Member IP Address IP address of the neighbor PoA device. Member device name Name of the neighbor PoA device. mLACP Node ID Identifier used by this member of the mLACP redundancy group. mLACP Configured System System MAC address of the redundancy group advertised to other MAC members of the mLACP redundancy group and used for arbitration. mLACP Configured System System priority advertised to other mLACP members of the Priority redundancy group. Backbone Interfaces Tab ID Backbone interface defined for the redundancy group, hyperlinked to the relevant entry in logical inventory. Status Status of the backbone interface: Up, Down, or Unknown. Data Link Aggregations Tab Step 4 ID Link aggregation group associated with the redundancy group, hyperlinked to the relevant entry in logical inventory. Type Aggregation group type: Ethernet Channel or IEEE 8023 AD LAG. Group Number Aggregation group number. Bandwidth Aggregation bandwidth. Aggregation Control Protocol Aggregation control protocol: Manual, LACP, or PAgP. Status Aggregation status: Up or Down. MAC Address Aggregation MAC address. To view additional mLACP properties, double-click the entry for the required link aggregation group in the Data Link Aggregations tab. mLACP information is displayed in the Link Aggregation Group Properties window, as described in the following tables: • Table 12-14—LAG Ethernet Channel Properties • Table 12-15—LAG IEEE 802.3 AD Properties Cisco Prime Network 4.0 User Guide OL-29343-01 12-31 Chapter 12 Monitoring Carrier Ethernet Services Viewing Provider Backbone Bridge Properties Viewing Provider Backbone Bridge Properties Provider backbone bridges (PBBs), specified by IEEE 802.1ah-2008, provide a way to increase the number of service provider supported Layer 2 service instances beyond the number supported by QinQ and VPLS. PBB adds a backbone VLAN tag and backbone destination and source MAC addresses to encapsulate customer Ethernet frames and create a MAC tunnel across core switches. Prime Network supports PBB inventory discovery and modeling for the following devices: • Cisco 7600-series devices running Cisco IOS version 12.2(33)SRE1 • Cisco ASR 9000-series devices running Cisco IOS XR version 3.9.1 Prime Network models the IB type of Backbone edge bridges which includes both I-type and B-type components. To view PBB properties: Step 1 In Prime Network Vision, double-click the element configured for PBB. Step 2 In the inventory window, choose Logical Inventory > BridgeILans > PBB-bridge. Figure 12-12 shows an example of PBB properties in logical inventory. Figure 12-12 PBB Properties in Logical Inventory Cisco Prime Network 4.0 User Guide 12-32 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing EFP Properties Table 12-18 describes the information displayed for PBB. Table 12-18 PBB Properties in Logical Inventory Field Description Name Identifier of the bridge as follows: • For Cisco 7600 devices, the identifier of the MAC tunnel created. • For Cisco ASR 9000-series devices, the identifier is a combination of the bridge group and the bridge domain on the B-Bridge component. IB Bridge Mapping Table ISID 24-bit entry representing the Backbone service instance. I-Bridge XID of the I-Bridge component, hyperlinked to the relevant bridge in logical inventory. B-Bridge XID of the B-Bridge component, hyperlinked to the relevant bridge in logical inventory. Viewing EFP Properties Prime Network Vision provides information about EFPs in a number of ways. For example: • EFP names displayed in Prime Network Vision maps add EFP and the managed element name to the interface name, such as GigabitEthernet4/0/1 EFP: 123@c4-npe5-67. • If you select an EFP in the navigation pane in Prime Network Vision and then click Show List View, an Ethernet Flow Points table lists the network element, port, and network VLAN associated with the EFP. To view additional EFP properties: Step 1 In the Prime Network Vision map view, select the required EFP in the navigation pane or in the map pane and then do either of the following: • Right-click the EFP and choose Properties. • Choose Node > Properties. Cisco Prime Network 4.0 User Guide OL-29343-01 12-33 Chapter 12 Monitoring Carrier Ethernet Services Viewing EFP Properties Figure 12-13 shows an example of the EFP Properties window. Figure 12-13 EFP Properties Window Table 12-19 describes the information displayed in the EFP Properties window. Table 12-19 EFP Properties Window Field Description EFP ID Identifier for the EFP. VLAN Match Criteria Match criteria configured on the EFP for forwarding decisions. Split Horizon Group Split horizon group to which the EFP is associated. If no split horizon group is defined, the value is null. If only one split horizon group exists and it is enabled for the EFP, the value is the default group 0. Operational State Operational status of the EFP: Up or Down. Administrative State Administrative status of the EFP: Up or Down. Binding Hyperlinked entry to the relevant item in logical inventory, such as a pseudowire or bridge. Rewrite Definition Rewrite command configured on the EFP: pop, push, or translate. Cisco Prime Network 4.0 User Guide 12-34 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing EFP Properties Step 2 Click the hyperlink entry in the Binding field to view the related properties in logical inventory. In this example, clicking the hyperlink displays the relevant bridge in logical inventory, as shown in Figure 12-14. Figure 12-14 Bridge Associated with EFP in Logical Inventory Table 12-20 describes the information displayed for an EFP associated with a bridge. Table 12-20 EFP Associated with a Bridge in Logical Inventory Field Description Name VLAN bridge name. Type VLAN bridge type. MAC Address VLAN bridge MAC address. VLAN ID VLAN bridge VLAN identifier. STP Instance STP instance information, hyperlinked to the STP entry in logical inventory. VSI VSI information, hyperlinked to the VSI entry in logical inventory. Cisco Prime Network 4.0 User Guide OL-29343-01 12-35 Chapter 12 Monitoring Carrier Ethernet Services Viewing EFP Properties Table 12-20 EFP Associated with a Bridge in Logical Inventory (continued) Field Description EFPs Table Step 3 EFP ID EFP identifier. Operational State EFP operational state: Up or Down. VLAN VLAN associated with this EFP. Inner VLAN CE-VLAN identifier. Translated VLAN Translated, or mapped, VLAN identifier. Translated Inner VLAN Translated, or mapped, inner VLAN identifier. Binding Hyperlinked entry to the specific interface and EFP entry in physical inventory. Description Description for the EFP. To view EFP properties in physical inventory, navigate to the required interface in one of the following ways: • In the bridge entry in logical inventory, click the hyperlinked entry in the Binding field. • Use the procedure described in Viewing and Renaming Ethernet Flow Domains, page 12-42 to navigate to the individual interface. • In physical inventory, navigate to and then select the required interface. The EFPs tab is displayed in the content pane next to the Subinterfaces tab as shown in Figure 12-15. Cisco Prime Network 4.0 User Guide 12-36 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing EFP Properties Figure 12-15 EFPs Tab in Physical Inventory Table 12-21 describes the information displayed in the EFPs tab. Table 12-21 EFPs Tab Field Description EFP ID EFP identifier. Operational State EFP operational state. VLAN VLAN identifier. Inner VLAN CE-VLAN identifier. Translated VLAN Translated VLAN identifier. Translated Inner VLAN Translated CE-VLAN identifier. Binding Hyperlinked entry to the specific bridge or pseudowire in logical inventory. Description Configured description for the EFP. Cisco Prime Network 4.0 User Guide OL-29343-01 12-37 Chapter 12 Monitoring Carrier Ethernet Services Connecting a Network Element to an EFP Connecting a Network Element to an EFP You can add and connect network elements to an EFP under an existing aggregation for VLAN, VPLS, Pseudowire, and Ethernet Service. To connect network elements to an EFP: Step 1 Select an EFP node under the VLAN/VPLS/Pseudowire/Ethernet Service aggregation node and choose File > Add to Map > Network Element. Step 2 In the Add Network Element dialog box, search for the desired network elements and choose the network element that you want to add. The selected network element appears under the aggregation node in the navigation pane. Step 3 Right-click the EFP node and choose Topology > Connect CE Device. Step 4 Right-click the network element that you added and choose Topology > Connect to EFP. The map view displays a link between the EFP and the added network element. If required, you can remove the link, by right-clicking the link and choosing Remove Link. Step 5 To hide or show the connected network elements, right-click the EFP node and choose Hide Connected Devices or Show CE device. Understanding EFP Severity and Ticket Badges Severity and ticket badges are displayed on EFP icons as follows: • If the VLAN EFP element represents a configuration, such as a service instance on a Cisco 7600 device or an enhanced port on a Cisco ASR 9000 device, and is associated directly with a network VLAN or a bridge domain switching entity, the severity and ticket badges are based on the underlying service instance or enhanced port configuration. Figure 12-16 shows an example of a ticket badge based on a service instance. Cisco Prime Network 4.0 User Guide 12-38 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Understanding EFP Severity and Ticket Badges Figure 12-16 • EFP Severity and Ticket Badges Based on Underlying Service Instance If the Ethernet flow point element represents a VLAN interface for a regular switch port, the severity and ticket badges are based on the corresponding port, as shown in Figure 12-17. Figure 12-17 EFP Severity and Ticket Badges Based on Corresponding Port Cisco Prime Network 4.0 User Guide OL-29343-01 12-39 Chapter 12 Monitoring Carrier Ethernet Services Viewing EVC Service Properties Viewing EVC Service Properties Certain EVC service properties are configured as port attributes. These attributes determine the degree of service transparency and protect the service provider’s network from protocol control traffic. Prime Network Vision discovers these key EVC service properties and displays this information in physical inventory for the following devices: • Cisco ME3400- and Cisco ME3400E-series devices running Cisco IOS versions 12.2(52)SE to 12.2(54)SE. • Cisco 3750 Metro devices running Cisco IOS versions 12.2(52)SE to 12.2(54)SE. Shared Switching Entities and EVC Service View Some switching entities that Prime Network Vision discovers are concurrently part of a network VLAN and VPLS/EoMPLS instance. These switching entities are referred to as shared switching entities. Prime Network Vision displays the switching entity information for shared switching entities only under the VPLS instances in the EVC service view. To view EVC port-related properties for the supported devices and software versions: Step 1 In Prime Network Vision, double-click the required device. Step 2 In the inventory window, choose Physical Inventory > Chassis > module > port. Figure 12-18 shows an example of a port in physical inventory configured with these EVC properties. Cisco Prime Network 4.0 User Guide 12-40 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing EVC Service Properties Figure 12-18 EVC Port Properties in Physical Inventory Table 12-22 describes the information displayed for these properties. Table 12-22 EVC Port Properties in Physical Inventory Field Description Storm Control and Monitoring Properties Area Storm Control Status of storm control on the port: Enabled or Disabled. Port Monitoring Status Status of port monitoring: • Enabled—The switch sends keepalive messages on user network interfaces (UNIs) and enhanced network interfaces (ENIs) and does not send keep alive messages on network node interfaces (NNIs). • Disabled—The switch does not send keepalive messages. Port Monitoring Interval Keepalive interval in seconds. The default value is ten seconds. Storm Control Level Representing a percentage of the total available bandwidth of the port, the threshold at which additional traffic of the specified type is suppressed until the incoming traffic falls below the threshold. Storm Control Type Type of storm the port is configured for protection from: Broadcast, Multicast, or Unicast. Cisco Prime Network 4.0 User Guide OL-29343-01 12-41 Chapter 12 Monitoring Carrier Ethernet Services Viewing and Renaming Ethernet Flow Domains Table 12-22 EVC Port Properties in Physical Inventory (continued) Field Description Security Properties Areas Port Security Status of security on the port: Enabled or Disabled. MAC Address Limit Maximum number of MAC addresses allowed on the interface. Aging Type Type of aging used for automatically learned addresses on a secure port: • Absolute—Times out the MAC address after the specified age-time has been exceeded, regardless of the traffic pattern. This is the default for any secured port, and the age-time value is set to 0. • Inactivity—Times out the MAC address only after the specified age-time of inactivity from the corresponding host has been exceeded. Aging Time Length of time, in minutes, that a MAC address can remain on the port security table. Violation Mode Action that occurs when a new device connects to a port or when a new device connects to a port after the maximum number of devices are connected: • Protect—Drops packets with unknown source addresses until a sufficient number of secure MAC addresses are removed to drop below the maximum value • Restrict—Drops packets with unknown source addresses until a sufficient number of secure MAC addresses are removed to drop below the maximum value and causes the Security Violation counter to increment. • Shutdown—Puts the interface into the error-disabled state immediately and sends an SNMP trap notification. Viewing and Renaming Ethernet Flow Domains An Ethernet flow domain represents an Ethernet access domain. The Ethernet flow domain holds all network elements between the CE (inclusive, if managed by the SP), up to the SP core (exclusive). This includes CE, access, aggregation, and distribution network elements. An Ethernet flow domain can have no N-PEs (flat VLAN) or one or more N-PEs (N-PE redundancy configuration). The Ethernet flow domain is defined using physical connectivity at the port level, and not at the network element level. STP is used to mark the root bridge, root or blocked ports, and blocked VLAN links. Cisco Prime Network 4.0 User Guide 12-42 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing and Renaming Ethernet Flow Domains To view Ethernet flow domains: Step 1 In Prime Network Vision, choose Network Inventory > Ethernet Flow Domains. The Ethernet Flow Domain List window is displayed with the domain name, the system-defined domain name, and a brief description for each Ethernet flow domain as shown in Figure 12-19. Figure 12-19 Step 2 Ethernet Flow Domain List Properties Window To rename an Ethernet flow domain: a. Right-click the required domain, then choose Rename. b. In the Rename Node dialog box, enter a new name for the domain. c. Click OK. The window is refreshed, and the new name is displayed. Step 3 To view Ethernet flow domain properties, do either of the following: • Right-click the required domain, then choose Properties. • Double-click the required domain. The Ethernet Flow Domain Properties window is displayed as shown in Figure 12-20. Cisco Prime Network 4.0 User Guide OL-29343-01 12-43 Chapter 12 Monitoring Carrier Ethernet Services Viewing and Renaming Ethernet Flow Domains Figure 12-20 Ethernet Flow Domain Properties Window Table 12-23 describes the information displayed in the Ethernet Flow Domain Properties window. Note Not all fields are available in all tables. The table contents depend on the domain type, such as FastEthernet. Table 12-23 Ethernet Flow Domain Properties Window Field Description Domain Name Name of the selected domain. System Defined Name Domain name as identified by the most dominant device and its lowest port name lexicographically. Elements Table Step 4 ID Interface identifier, hyperlinked to the interface in physical inventory. Type Aggregation group type: Ethernet Channel (EtherChannel), or IEEE 8023 AD LAG (IEEE 802.3 link aggregation group). Discovery Protocols Discovery protocols used on the interface. Is ELMI Enabled Whether or not Ethernet LMI is enabled on the interface: True or False. To navigate to the individual interface or link aggregation group, click an interface identifier or group. The interface or link aggregation group properties are displayed in the inventory window. Cisco Prime Network 4.0 User Guide 12-44 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Working with VLANs The following topics provide information and procedures for working with VLANs. The Vision GUI client supports a VLAN overlay which, when applied, highlights the network elements and links that a VLAN (and its associated VLANs) traverse. The overlay displays STP and REP link and port information. Using overlays is described in Displaying VLANs By Applying VLAN Overlays to a Map45, page 12-61. • Understanding VLAN and EFD Discovery, page 12-45 • Understanding VLAN Elements, page 12-46 • Switching Entities Containing Termination Points, page 12-50 • Adding and Removing VLANs from a Map, page 12-50 • Viewing VLAN Mappings, page 12-53 • Working with Associated VLANs, page 12-55 • Viewing VLAN Links Between VLAN Elements and Devices, page 12-58 • Displaying VLANs By Applying VLAN Overlays to a Map45, page 12-61 • Viewing VLAN Service Link Properties, page 12-63 • Viewing REP Information in VLAN Domain Views and VLAN Overlays, page 12-63 • Viewing REP Properties for VLAN Service Links, page 12-64 • Viewing STP Information in VLAN Domain Views and VLAN Overlays, page 12-66 • Viewing STP Properties for VLAN Service Links, page 12-67 • Viewing VLAN Trunk Group Properties, page 12-68 • Viewing VLAN Bridge Properties, page 12-70 • Using Commands to Work With VLANs, page 12-72 Understanding VLAN and EFD Discovery When you start the Prime Network gateway the first time, Prime Network Vision waits for two topology cycles to complete before discovering new VLANs, VLAN associations, and EFDs. The default configured time for two topology cycles to complete is one hour, but might be configured for longer periods of time on large setups. This delay allows the system to stabilize, and provides the time needed to model devices and discover links. During this delay, Prime Network Vision does not add VNEs or apply updates to existing VLANs or EFDs. After the initial delay has passed, Prime Network Vision discovers new VLANs, VLAN associations, and EFDs, applies updates to existing VLANs, VLAN associations, and EFDs, and updates the database accordingly. When you restart the gateway, Prime Network Vision uses the persisted topology information instead of waiting two topology cycles, thus improving the discovery time for new VLANs, VLAN associations, and EFDs. Cisco Prime Network 4.0 User Guide OL-29343-01 12-45 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Understanding VLAN Elements The following concepts are important to understand when working with the representation of edge EFPs inside VLANs: • VLAN Elements in Prime Network Vision, page 12-46 • VLANs, page 12-46 • Switching Entities, page 12-46 • Ethernet Flow Points, page 12-47 VLAN Elements in Prime Network Vision Table 12-24 describes the icons that Prime Network Vision uses to represent VLAN elements. Table 12-24 VLAN Elements and Icons in Prime Network Vision Element Associated Network Element Network VLAN None Switching entity Bridge Ethernet Flow Point (EFP) Ethernet port Icon VLANs Prime Network Vision discovers and allows you to display maps with a network-level view of VLANs. In Prime Network, a VLAN entity consists of one or more switching entities and the corresponding EFP elements. A network VLAN represents the virtual LAN. The network VLAN holds its contained switching entities and can be associated to a customer. The network VLAN also holds the Ethernet flow points that are part of the network VLAN but not part of any switching entity. For example, a port that tags ingress flows after which the flow moves to a different VLAN. Switching Entities A switching entity represents a device-level Layer 2 forwarding entity (such as a VLAN or bridge domain) that participates in a network VLAN. A switching entity is associated to a network VLAN according to its relationship to the same Ethernet Flow Domain (EFD) and the VLAN identifier. If you right-click a switching entity in Prime Network Vision and then choose Inventory, the inventory window is displayed with the corresponding bridge selected in Logical Inventory. A switching entity typically contains EFP elements. Cisco Prime Network 4.0 User Guide 12-46 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Ethernet Flow Points An Ethernet flow point (EFP) can represent a port that is configured for participation in a specific VLAN. If you right-click an EFP in Prime Network Vision and then choose Inventory, the inventory window is displayed with the corresponding port selected in Physical Inventory. EFPs that are located in a switching entity represent Ethernet ports that are configured as switch ports (in either Access, Trunk, or Dot1Q tunnel mode). Figure 12-21 shows an example of EFPs configured as switch ports in Prime Network Vision. Figure 12-21 EFPs Configured as Switch Ports EFPs that are located directly inside a VLAN represent one of the following: • Termination point EFPs—Ethernet ports that are at the edge of a Layer 2 domain flow, such as a VLAN, on which traffic enters a Layer 3 domain or a different Layer 2 domain, such as EoMPLS. These ports are found on such devices as the Cisco 7600 series, Cisco GSR, and Cisco ASR 9000 series devices. These EFPs are typically connected to a switching entity inside the VLAN by a VLAN link, as shown in Figure 12-22. Cisco Prime Network 4.0 User Guide OL-29343-01 12-47 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Figure 12-22 • Termination Point EFP Inside a VLAN Edge EFPs—A subset of EFPs that exist inside a switching entity but that are not connected to other EFPs and that represent edge EFPs in the context of the VLAN. In Prime Network Vision, edge EFPs are displayed directly under the VLAN at the same level as their switching entities and are connected to their corresponding switching entities by a dotted link, as shown in Figure 12-23. Cisco Prime Network 4.0 User Guide 12-48 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Figure 12-23 Edge EFP Inside a VLAN An edge EFP can be displayed both inside and outside of its switching entity, as shown (highlighted with a red outline) in Figure 12-24: Cisco Prime Network 4.0 User Guide OL-29343-01 12-49 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Figure 12-24 Edge EFPs Displayed Inside and Outside of Switching Entities You can delete EFPs and switching entities that have a reconciliation icon by right-clicking them and choosing Delete. After all switching entities and EFPs are deleted from a network VLAN, the empty network VLAN is automatically deleted from Prime Network Vision after a few minutes. Switching Entities Containing Termination Points For some devices, such as Cisco 7600 series, Cisco GSR, and Cisco ASR 9000 series devices, the related switching entities can contain Ethernet flow point elements that serve as termination points on different network VLANs. If a single map contains both the switching entities and the network VLANs, a link is displayed between them. Adding and Removing VLANs from a Map Adding VLANs to a Map You can add VLANs to a map if the VLANs were previously discovered by Prime Network Vision and are not currently displayed in the map. Note Adding VLANs affects other users if they are working with the same map. To add VLANs to a map: Step 1 In Prime Network Vision, display the map to which you want to add the VLANs. Cisco Prime Network 4.0 User Guide 12-50 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Step 2 Choose File > Add to Map > VLAN. The Add VLAN to map dialog box is displayed as shown in Figure 12-25. Figure 12-25 Step 3 Add VLAN Dialog Box In the Add VLAN dialog box, do either of the following: • Choose a search category, enter a search string, then click Go to narrow the VLAN display to a range of VLANs or a specific VLAN. The search condition is “contains.” Search strings are case-insensitive. For example, if you choose the Name category and enter “net,” Prime Network Vision displays VLANs that have “net” anywhere in their names. The string “net” can be at the beginning, the middle, or end of the name, such as Ethernet. • Step 4 Select the VLANs that you want to add to the map. Tip Step 5 Choose Show All to display all the VLANs. Press Shift or Ctrl to choose multiple adjoining or nonconsecutive VLANs. Click OK. The VLANs are displayed in the Prime Network Vision content pane as shown in Figure 12-26. Any tickets that apply to the VLANs are displayed in the ticket pane. Cisco Prime Network 4.0 User Guide OL-29343-01 12-51 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Figure 12-26 VLANs in Map View After you add a VLAN to a map, you can use Prime Network Vision to view its switching entities and Ethernet flow points. For more information, see: • Viewing and Renaming Ethernet Flow Domains, page 12-42 • Viewing EFP Properties, page 12-33 You can view additional information about REP and STP in logical inventory, VLAN domain views, and VLAN overlays. For REP, see: • Viewing Resilient Ethernet Protocol Properties (REP), page 12-14 • Viewing REP Information in VLAN Domain Views and VLAN Overlays, page 12-63 • Viewing REP Properties for VLAN Service Links, page 12-64 For STP, see: • Viewing Spanning Tree Protocol Properties, page 12-10 • Viewing STP Information in VLAN Domain Views and VLAN Overlays, page 12-66 • Viewing STP Properties for VLAN Service Links, page 12-67 Removing VLANs From a Map You can remove one or more VLANs from the current map. This change does not affect other maps. Removing a VLAN from a map does not remove it from the Prime Network database. You can add the VLAN to the map at any time. Cisco Prime Network 4.0 User Guide 12-52 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs When removing VLANs from maps, keep the following in mind: • Removing a VLAN affects other users who are working with the same map view. • This option does not change the business configuration or database. • You cannot remove virtual routers or sites from the map without removing the VLAN. To remove a VLAN, in the Prime Network Vision navigation pane or map view, right-click the VLAN and choose Remove from Map. The VLAN is removed from the navigation pane and map view along with all VLAN elements such as connected CE devices. Remote VLANs (extranets) are not removed. Viewing VLAN Mappings VLAN mapping, or VLAN ID translation, is used to map customer VLANs to service provider VLANs. VLAN mapping is configured on the ports that are connected to the service provider network. VLAN mapping acts as a filter on these ports without affecting the internal operation of the switch or the customer VLANs. If a customer wants to use a VLAN number in a reserved range, VLAN mapping can be used to overlap customer VLANs by encapsulating the customer traffic in IEEE 802.1Q tunnels. To view VLAN mappings: Step 1 In Prime Network Vision, double-click the device with VLAN mappings configured. Step 2 In the inventory window, choose Physical Inventory > Chassis > slot > port. Step 3 Click VLAN Mappings next to the Subinterfaces tab in the lower portion of the content pane. The VLAN Mappings tab is displayed as shown in Figure 12-27. Cisco Prime Network 4.0 User Guide OL-29343-01 12-53 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Figure 12-27 VLAN Mappings Tab in Physical Inventory Table 12-25 describes the information that is displayed in the VLAN Mappings table. Table 12-25 VLAN Mappings Table Field Description Direction Whether the VLAN mapping is defined in the incoming or outgoing direction: In or Out. VLAN Customer-side VLAN identifier. Inner VLAN Used for two-to-one mappings, the customer-side inner VLAN identifier. Translated VLAN Translated, or mapped, service-provider side VLAN identifier. Translated Inner VLAN Translated, or mapped, service-provider side inner VLAN identifier. Action Action taken if the VLAN traffic meets the specified mapping: Translate or Drop. Cisco Prime Network 4.0 User Guide 12-54 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Working with Associated VLANs Prime Network Vision discovers associations between network VLANs and displays the information in Prime Network Vision. Network VLAN associations are represented by VLAN service links, and can be any of the tag manipulation types described in Table 12-26. Table 12-26 Types of Tag Manipulations in VLAN Associations VLAN Tag Manipulation Description Example One-to-one One VLAN tag is translated to another VLAN tag. VLAN tag 100 > VLAN tag 200 Two-to-two One-to-two • Two VLAN tags exist and both are translated to other tags. • Inner tag 100, Outer tag 101 > Inner tag 200, Outer tag 201 • Two VLAN tags exist, but tag manipulation is applied only to the outer tag. • Inner tag 100, Outer tag 101 > Inner tag 100, Outer tag 201 One VLAN tag exists and an additional tag is inserted into the packet. VLAN tag 100 > Inner tag 100, Outer tag 101 When working with VLANs, you can: • Add an associated VLAN—See Adding an Associated VLAN, page 12-55. • View properties for associated VLANs—See Viewing Associated Network VLAN Service Links and VLAN Mapping Properties, page 12-57. Adding an Associated VLAN To add an associated VLAN to an existing VLAN in a map: Step 1 In Prime Network Vision, select the required VLAN in the map view. Step 2 Right-click the VLAN and choose Add Associated VLAN. The Add Associated VLAN table is displayed as shown in Figure 12-28. Cisco Prime Network 4.0 User Guide OL-29343-01 12-55 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Figure 12-28 Add Associated VLAN Window In this example, the selected network VLAN has one associated VLAN: VLAN-1742. Table 12-27 describes the information displayed in the Add Associated VLAN table. Table 12-27 Step 3 Add Associated VLAN Table Field Description Name Name of the VLAN. ID VLAN identifier. EFD Name Name of the Ethernet flow domain. EFD System Name Name that Prime Network assigns to the EFD. System Name Name that Prime Network assigns to the VLAN. Description Brief description of the VLAN. Select the required VLAN in the Add Associated VLAN table, then click OK. The associated network VLAN is added to the map in Prime Network Vision. Cisco Prime Network 4.0 User Guide 12-56 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Viewing Associated Network VLAN Service Links and VLAN Mapping Properties After you add an associated network VLAN, you can: • View the associated network VLAN service links in Prime Network Vision in the thumbnail view. • View VLAN mapping properties in the Link Properties window. To view associated network VLAN service links and VLAN mapping properties: Step 1 Select the required network VLAN in the map view. Step 2 Right-click the VLAN, then choose Show Thumbnail. Figure 12-29 shows an example of a network VLAN in a thumbnail. The VLAN service links are displayed as lines between the associated network VLANs. The links represent the connections between the Ethernet flow points that are part of each network VLAN. Figure 12-29 Step 3 VLAN Service Links Between Associated Network VLANs To view additional information, right-click a link, and choose Properties. The Link Properties window is displayed as shown in Figure 12-30. Cisco Prime Network 4.0 User Guide OL-29343-01 12-57 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs If VLAN tag manipulation is configured on the link, the VLAN Mapping Properties area in the Link Properties window displays the relevant information. For example, in Figure 12-30, the VLAN Mapping Properties area shows that a one-to-one VLAN mapping for VLAN tag 1709 to VLAN tag 709 is configured on GigabitEthernet1/1/1 on c7-sw8 on the egress direction. Figure 12-30 VLAN Mapping Properties in Link Properties Window For additional information about viewing network VLAN service link properties, see: • Viewing REP Properties for VLAN Service Links, page 12-64 • Viewing STP Properties for VLAN Service Links, page 12-67 Viewing VLAN Links Between VLAN Elements and Devices If a Prime Network Vision map contains a VLAN and the network element on which the VLAN is configured, along with EFPs, switching entities, or network VLANs, you might see what appear to be multiple associations between the logical and physical entities. Actually, however, you are seeing other views of the original VLAN link. For example, assume that you have the following situation, as shown in Figure 12-31 and described in the following paragraphs. Cisco Prime Network 4.0 User Guide 12-58 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Figure 12-31 VLAN Elements and Devices in Prime Network Vision The elements are configured as follows: • Port GigabitEthernet1/1/2 on element c7-sw10 is connected to port GigabitEthernet1/1/2 on element c7-sw8 by an Ethernet topology link. • Port GigabitEthernet1/1/2 on element c7-sw10 is a trunk port associated with VLAN-1704 which is configured on element c7-sw10. • Port GigabitEthernet1/1/2 on element c7-sw8 is a trunk port associated with VLAN-704 which is configured on element c7-sw8. • Port GigabitEthernet1/1/2 on element c7-sw8 has a VLAN mapping to tunnel VLAN-1704 (C-VLAN) in VLAN-704 (SP-VLAN). In this example, VLAN discovery identified two network VLANs: VLAN-1704 and VLAN-704. Each of these network VLANs contains a switching entity and an EFP that represent the connected ports, GigabitEthernet1/1/2@c7-sw10 and GigabitEthernet1/1/2@c7-sw8, respectively. The four links in the map are identified in Figure 12-32 and described in the following table. Cisco Prime Network 4.0 User Guide OL-29343-01 12-59 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Figure 12-32 Links Between VLAN Elements and Devices 1 The Ethernet topological link between port GigabitEthernet1/1/2 on VNE c7-sw10 and GigabitEthernet1/1/2 on VNE c7-sw8. 2 The VLAN link between GigabitEthernet1/1/2@c7-sw10 EFP and GigabitEthernet1/1/2@c7-sw8 EFP. 3 Another view of the VLAN link (link 2), shown as a link between GigabitEthernet1/1/2@c7-sw10 EFP and GigabitEthernet1/1/2@c7-sw8 EFP. 4 Another view of the VLAN link (link 2), shown as a link between GigabitEthernet1/1/2@c7-sw10 EFP and GigabitEthernet1/1/2@c7-sw8 EFP. The key point is that a link between a VNE and EFP, switching entity, or network VLAN does not represent an association between the VNE and the logical element. Such a link is simply another view of the VLAN link. If the thumbnail view is closed, instead of a link between the VNE and EFP, you will see a link between the VNE and the switching entity or network VLAN. Cisco Prime Network 4.0 User Guide 12-60 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Displaying VLANs By Applying VLAN Overlays to a Map45 You can create an overlay of a specific VLAN on top of the physical network elements displayed in a map view. The overlay highlights the network elements and links that the selected VLAN and its associated VLANs traverse. Network elements and links that are not part of the VLAN are dimmed in the map view. The VLAN overlay is a snapshot of the network to help you visualize the network elements and links connected to a VLAN. The overlay displays STP and REP link and port information. If you select a network VLAN that is associated with other VLANs, the associated VLANs are included in the overlay. The VLAN service overlay allows you to isolate the parts of a network that are being used by a particular service. This information can then be used for troubleshooting. For example, the overlay can highlight configuration or design problems when bottlenecks occur and all site interconnections use the same link. Adding a VLAN Overlay To add a VLAN overlay: Step 1 Display the network map for which you want to create an overlay in Prime Network Vision. Step 2 In the toolbar, choose Choose Overlay Type > VLAN. Step 3 In the Select VLAN Overlay dialog box, do either of the following: • Choose a search category, enter a search string, then click Go to narrow the selection to a set of overlays or a specific overlay. The search condition is “contains.” Search strings are case-insensitive. For example, if you choose the Name category and enter “net,” Prime Network Vision displays overlays that have “net” in their names. The string “net” can be at the beginning, middle, or end of the name, such as Ethernet. • Step 4 Choose Show All to view all overlays. Select an overlay, then click OK. The network elements and physical links used by the selected VLAN overlay are highlighted in the network map. All other network elements and links are dimmed. The VLAN name is displayed in the title of the window. See Figure 12-33. Cisco Prime Network 4.0 User Guide OL-29343-01 12-61 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Figure 12-33 Note VLAN Overlay Example The overlay is a snapshot taken at a specific point in time. As a result, the information in the overlay might become stale. To update the overlay, click Refresh the Last Selected Overlay in the toolbar. The VLAN overlay service also supports multi-chassis devices. If a network element in the overlay is dimmed, then all the hosts of the network element along with the Inter Rack Links (IRL) and the Inter Chassis Links (ICL) used for transportation will also be dimmed. Apart from these, the chassis that holds the configured port will also be dimmed. Displaying or Hiding VLAN Overlays After you create a VLAN overlay, you can hide it by clicking Hide Overlay in the toolbar. All previously dimmed network elements and links are displayed. To display the overlay, click Show Overlay. Note The Overlay icon toggles between Show Overlay and Hide Overlay. When selected, the VLAN overlay is displayed and the Hide Overlay tool is active. When deselected, the VLAN overlay is hidden and the Show Overlay tool is active. Removing a VLAN Overlay To remove a VLAN overlay from a map, choose Choose Overlay Type > None in the toolbar. The overlay is removed from the map, and the Show Overlay/Hide Overlay icon is dimmed. Cisco Prime Network 4.0 User Guide 12-62 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Viewing VLAN Service Link Properties See the following topics for information on viewing VLAN service link properties: • Viewing REP Properties for VLAN Service Links, page 12-64 • Viewing STP Properties for VLAN Service Links, page 12-67 • Viewing Associated Network VLAN Service Links and VLAN Mapping Properties, page 12-57 Viewing REP Information in VLAN Domain Views and VLAN Overlays You can view REP segment and port information in Prime Network Vision in the map view. The icons displayed depend on whether you view the REP information in the VLAN domain view or in a VLAN overlay. Table 12-28 describes the icons and badges used to represent REP segment and port information. Table 12-28 Item REP Icons and Badges in VLAN Domain Views and Overlays Description REP identifier—Uses the format REP-id where id represents the REP segment identifier. VLAN Domain View VLAN Overlay The REP identifier is displayed in the domain view if the visual link represents only one link. The REP identifier is displayed in a VLAN overlay view if all the links represented by the visual link are from the same source to the same destination. f the visual link represents more than one link, no REP identifier is displayed. REP No Neighbor segment— Indicates that the specified segment has no neighbor. REP identifier for incorrect configuration—Indicates that the two sides of the link are configured differently or incorrectly. Cisco Prime Network 4.0 User Guide OL-29343-01 12-63 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Table 12-28 Item REP Icons and Badges in VLAN Domain Views and Overlays (continued) Description VLAN Domain View VLAN Overlay Multiple links with badges icon—Indicates that one or more link is represented by the visual link and at least The multiple links icon is displayed The multiple links icon is displayed one of the links contains a in the domain view if more than one in a VLAN overlay view if either of badge. link is represented by the visual link the following is true: and at least one of the links contains • More than one link is a badge. represented by the visual link and the links have different sources or destinations. • A badge or REP identifier exists on a sublink. REP primary badge—Indicates a REP primary port. Blocking badge—Indicates a REP alternate port. Primary and blocking badge—Indicates a REP primary port that is also blocking. Viewing REP Properties for VLAN Service Links To view REP properties for a VLAN service link, open the Link Properties window in either of the following ways: • Double-click the VLAN service link. • Right-click the VLAN service link, and choose Properties. Figure 12-34 shows an example of the Link Properties window with REP information. Cisco Prime Network 4.0 User Guide 12-64 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Figure 12-34 VLAN Service Link Properties Window with REP Information Table 12-29 describes the information that is displayed for REP for each end of the link. Table 12-29 REP Properties in VLAN Service Link Properties Window Field Description Segment ID REP segment identifier. Port Type Port type: Primary Edge, Secondary Edge, or Intermediate. Port Role Role or state of the REP port depending on its link status and whether it is forwarding or blocking traffic: Failed, Alternate, or Open. Port Status Operational link state of the REP port: None, Init Down, No Neighbor, One Way, Two Way, Flapping, Wait, or Unknown. Cisco Prime Network 4.0 User Guide OL-29343-01 12-65 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Viewing STP Information in VLAN Domain Views and VLAN Overlays You can view STP segment and port information in Prime Network Vision in the map view. The icons displayed depend on whether you view the STP information in the VLAN domain view or in a VLAN overlay. Table 12-30 describes the icons and badges used to represent STP link and port information. Table 12-30 Item STP Information in VLAN Domain Views and Overlays Description VLAN Domain View VLAN Overlay The STP root bridge, or root of the STP tree, is indicated by an uppercase R. An STP root port is the port at the root of the STP tree. Each switching entity in the network VLAN should have a port designated as the root port. The STP root port is indicated by an uppercase R on the Ethernet flow point that is designated the root port. STP blocks some VLAN ports to ensure a loop-free topology. The blocked port is marked with a red deny badge on the side on which traffic is denied. To view additional STP information in a VLAN overlay, right-click an STP link and choose Show Callouts. The following STP port information is displayed as shown in Figure 12-35: • Port name • Port role • Port state Figure 12-35 STP Link Information in a VLAN Overlay Cisco Prime Network 4.0 User Guide 12-66 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Viewing STP Properties for VLAN Service Links To view STP properties for a VLAN service link, open the Link Properties window in one of the following ways: • Double-click the VLAN service link. • Right-click the VLAN service link, and choose Properties. Figure 12-36 shows an example of the Link Properties window with STP information. Figure 12-36 STP Properties in VLAN Service Link Properties Window Table 12-31 describes the information that is displayed for STP for the VLAN service link. Table 12-31 STP Properties in VLAN Service Link Properties Window Field Description Port State STP port state: Disabled, Blocking, Listening, Learning, or Forwarding, Port Role STP port role: Unknown, Backup, Alternative, Designated, Root, or Boundary. Cisco Prime Network 4.0 User Guide OL-29343-01 12-67 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Viewing VLAN Trunk Group Properties VTP is a Layer 2 multicast messaging protocol that manages the addition, deletion, and renaming of VLANs on a switched network-wide basis. Prime Network Vision displays VTP information in the logical inventory. VTP information is shown only for Cisco devices that support VTP, and support is provided only for VTP Version 1 and 2. Support for Version 3 is limited to the additional attributes that are supported by the version, such as primary and secondary server. No support is provided for the display of VTP information at the port (trunk) level. Prime Network Vision shows all VTP modes: Server, Client, Transparent, and Off. For each mode, Prime Network Vision displays the relevant mode information such as VTP domain, VTP mode, VTP version, VLAN trunks, and the trunk encapsulation. Prime Network Vision also displays VTP domain information in a view that includes a list of all switches that are related to these domains, their roles (server, client, and so on), and their VTP properties. To view VTP properties: Step 1 In Prime Network Vision, choose Network Inventory > VTP Domains. Step 2 Double-click the VTP domain you want to view. The VTP Domain Properties window is displayed as shown in Figure 12-37. Figure 12-37 VTP Domain Properties Window in Logical Inventory Cisco Prime Network 4.0 User Guide 12-68 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Table 12-32 describes the information that is displayed in the VTP Domain Properties window. Table 12-32 VTP Domain Properties Window Field Description Managed Element Managed element name, hyperlinked to VTP in logical inventory. Operating Mode VTP operating mode: • Server—Allows VLAN creation, modification, and deletion, and specification of other configuration parameters for the entire VTP domain. Server is the default mode. • Client—Same behavior as VTP server, except VLANs cannot be created, changed, or deleted. • Transparent—The device does not participate in the VTP. The device does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. However, the device forwards received VTP advertisements out of their trunk ports in VTP Version 2. • Process Status Off—The device does not participate in VTP and does not forward VTP advertisements. Status of the VTP process: Running or Disabled. Authentication Enabled Whether or not VTP authentication is enabled: True or False. Authentication ensures authentication and integrity of switch-to-switch VTP messages. VTP Version 3 introduces an additional mechanism to authenticate the primary VTP server as the only device allowed to change the VLAN configuration on a network-wide basis. Configuration Revision 32-bit number that indicates the level of revision for a VTP packet. Each VTP device tracks the VTP configuration revision number that is assigned to it. Most VTP packets contain the VTP configuration revision number of the sender. Version Step 3 VTP version: 1, 2, or 3. To view the VTP properties at the device, double-click the VTP domain. Table 12-33 describes the VTP information that is displayed in the inventory window content pane. Table 12-33 VTP Properties in Inventory Field Description Operating Mode VTP operating mode: Server, Client, Transparent, or Off. Domain Name VTP domain name. Version VTP version: 1, 2, or 3. Pruning Whether or not VTP pruning is enabled: True or False. VTP pruning increases available bandwidth by restricting flooded traffic to those trunk links that the traffic must use to access the appropriate network devices. Cisco Prime Network 4.0 User Guide OL-29343-01 12-69 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Table 12-33 Step 4 VTP Properties in Inventory (continued) Field Description Configuration Revision 32-bit number that indicates the level of revision for a VTP packet. Authentication Whether or not VTP authentication is enabled: True or False. When finished, press Ctrl + F4 to close each VTP properties window. Viewing VLAN Bridge Properties You can view VLAN bridges provisioned on a device by displaying the device in the Prime Network Vision inventory window and choosing Bridges in logical inventory. To view VLAN bridge properties: Step 1 In Prime Network Vision, double-click the device containing the VLAN bridges you want to view. Step 2 In the inventory window, choose Logical Inventory > Bridges > bridge. VLAN bridge properties are displayed as shown in Figure 12-38. Figure 12-38 VLAN Bridge Properties in Logical Inventory Cisco Prime Network 4.0 User Guide 12-70 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Table 12-34 describes the information that is displayed. Depending on the bridge configuration, any of the tabs might be displayed for the selected bridge. Table 12-34 VLAN Bridge Properties Field Description Name VLAN bridge name. Type VLAN bridge type. MAC Address VLAN bridge MAC address. VLAN ID VLAN bridge VLAN identifier. STP Instance STP instance information, hyperlinked to the STP entry in logical inventory. Bridge Table Tab MAC Address Bridge MAC address. Port Port associated with the bridge, hyperlinked to the interface in physical inventory. Interfaces Tab ID VLAN interface identifier, hyperlinked to the interface in physical inventory. Type VLAN interface type, such as Layer 2 VLAN. Mode VLAN interface configuration mode: • Unknown—The interface is not VLAN aware. • Access—Puts the interface into permanent nontrunking mode and negotiates to convert the link into a nontrunk link. The interface becomes nontrunking. • Dynamic Auto—The interface can convert the link to a trunk link. The interface becomes a trunk if the neighbor interface is set to Trunk or Dynamic Desirable mode. • Dynamic Desirable—The interface actively attempts to convert the link to a trunk link. The interface becomes a trunk if the neighboring interface is set to Trunk, Dynamic Desirable, or Dynamic Auto mode. Dynamic Desirable is the default mode for all Ethernet interfaces. • Trunk—Puts the interface into permanent trunking mode and negotiates to convert the link into a trunk link. The interface becomes a trunk interface even if the neighbor interface is not a trunk interface. • Dot1Q Tunnel—Configures the interface as a tunnel (nontrunking) port to be connected in an asymmetric link with an 802.1Q trunk port. 802.1Q tunneling is used to maintain customer VLAN integrity across a service provider network. Native VLAN ID VLAN Identifier (VID) associated with this VLAN. The range of the VLAN ID is 1 to 4067. VLAN Encapsulation Type Type of encapsulation configured on the VLAN, such as IEEE 802.1Q. Cisco Prime Network 4.0 User Guide OL-29343-01 12-71 Chapter 12 Monitoring Carrier Ethernet Services Working with VLANs Table 12-34 VLAN Bridge Properties (continued) Field Description Allowed VLANs List of the VLANs allowed on this VLAN interface. VLAN Encapsulation Admin Type VLAN administration encapsulation type, such as IEEE 802.1Q. EFPs Tab EFP ID EFP identifier. Operational State EFP operational state. VLAN VLAN identifier. Inner VLAN CE-VLAN identifier. Translated VLAN Translated VLAN identifier. Translated Inner VLAN Translated CE-VLAN identifier. Binding Port Hyperlinked entry to the port in physical inventory. Description Brief description of the EFP. Pseudowires Tab ID Pseudowire identifier, hyperlinked to the VLAN entry in Bridges in logical inventory. Peer Identifier of the pseudowire peer, hyperlinked to the entry in the Pseudowire Tunnel Edges table in logical inventory. Tunnel ID Tunnel identifier. Tunnel Status Status of the tunnel: Up or Down. Peer Router IP IP address of the peer router for this pseudowire. Sub Interfaces Tab Step 3 BER VLAN bit error rate. Interface Name Interface on which the VLAN is configured. VLAN Type Type of VLAN, such as Bridge or IEEE 802.1Q. Operational State Subinterface operational state. VLAN ID VLAN identifier. Inner VLAN CE-VLAN identifier. When finished, press Ctrl + F4 to close each VLAN Bridge properties window. Using Commands to Work With VLANs The following commands can be launched from the physical inventory by right-clicking an Ethernet slot and choosing Commands > Configuration. Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands. To find out if a device supports these commands, see the Cisco Prime Network 4.0 Supported Cisco VNEs. Cisco Prime Network 4.0 User Guide 12-72 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Understanding Unassociated Bridges These commands are applicable only for Cisco ASR 5000 series network elements. Note You might be prompted to enter your device access credentials while executing a command. Once you have entered them, these credentials will be used for every subsequent execution of a command in the same GUI client session. If you want to change the credentials, click Edit Credentials. The Edit Credentials button will not be available for SNMP commands or if the command is scheduled for a later time. Table 12-35 VLAN Commands Command Inputs Required and Notes Create VLAN VLAN ID, VLAN Context Name, Bind Interface Name, Status Modify VLAN VLAN ID, Delete Bind Interface, Context Name, Bind Interface Name, Status Delete VLAN VLAN ID Understanding Unassociated Bridges Some switching entities might not belong to a flow domain, such as a network VLAN, a VPLS instance, or a network pseudowire. These switching entities are referred to as unassociated bridges. In addition, a switching entity that belongs to a network VLAN is considered an unassociated bridge if it meets both of the following criteria: • The network VLAN contains a null Ethernet flow domain (EFD). • The switching entity contains no switch ports. Unassociated bridge switching entities can hold Ethernet flow points that serve as termination points on different network VLANs. If these switching entities are added to a map with the relevant VLANs, the links are displayed in the Prime Network Vision map. Adding Unassociated Bridges Prime Network Vision enables you to add unassociated bridges to maps and to view their properties. To add an unassociated bridge to a map: Step 1 In Prime Network Vision, select the required map or domain. Step 2 Open the Add Unassociated Bridge dialog box in one of the following ways: • Choose File Add to Map > Unassociated Bridge. • In the toolbar, click Add to Map and choose Unassociated Bridge. Figure 12-39 shows an example of the Add Unassociated Bridge dialog box. Cisco Prime Network 4.0 User Guide OL-29343-01 12-73 Chapter 12 Monitoring Carrier Ethernet Services Understanding Unassociated Bridges Figure 12-39 Step 3 Add Unassociated Bridge Dialog Box In the Add Unassigned Bridge to domain dialog box, select the required bridge and click OK. The map is refreshed and displays the newly added bridge as shown in Figure 12-40. Cisco Prime Network 4.0 User Guide 12-74 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Flow Point Cross-Connects Figure 12-40 Unassociated Bridge in Prime Network Vision Working with Ethernet Flow Point Cross-Connects Prime Network Vision automatically discovers Ethernet flow point (EFP) cross-connects, also known as locally switched EFPs. Prime Network Vision also identifies changes in already identified EFP cross-connects, such as cross-connect deletions or changes. Cross-connect changes can occur when one side of the cross-connect is removed or replaced. Prime Network Vision also associates the VLANs that contain the EFPs that are part of the cross-connects. If the cross-connect contains a range EFP, which represents a range of VLANs, and you add the related VLANs to a map, Prime Network Vision displays the links between them and the cross-connect as well. Prime Network Vision enables you to add EFP cross-connects to maps and to view their properties in inventory, as described in the following topics: • Adding EFP Cross-Connects, page 12-76 • Viewing EFP Cross-Connect Properties, page 12-76 Cisco Prime Network 4.0 User Guide OL-29343-01 12-75 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Flow Point Cross-Connects Adding EFP Cross-Connects To add an EFP cross-connect to a map: Step 1 In Prime Network Vision, select the map to which you wish to add the cross-connect. Step 2 Open the Add EFP Cross-Connect dialog box in one of the following ways: Step 3 • Choose File Add to Map > Cross Connect. • In the toolbar, click Add to Map and choose Cross Connect. In the Add EFP Cross Connect to domain dialog box, select the required EFP cross-connect and click OK. The map is refreshed and displays the newly added EFP cross-connect. Viewing EFP Cross-Connect Properties To view EFP cross-connect properties in Prime Network Vision, do either of the following: • Select the EFP cross-connect with the properties you want to view, and choose Node > Properties. • Double-click the device configured with an EFP cross-connect and, in the inventory window, choose Logical Inventory > Local Switching > Local Switching Entity. The information that is displayed for EFP cross-connects is the same in both the Local Switching Entry Properties window and in the Local Switching Table in logical inventory (as shown in Figure 12-41). Cisco Prime Network 4.0 User Guide 12-76 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Flow Point Cross-Connects Figure 12-41 Local Switching Table in Logical Inventory Table 12-36 describes the information displayed for the EFP cross-connects in the Local Switching Table. Table 12-36 EFP Cross-Connect Properties in Local Switching Table Field Description Key Entry key for the cross-connect group. Entry Status Status of the cross-connect: Down, Unresolved, or Up. Segment 1 Identifier of the first cross-connect segment, hyperlinked to the relevant entry in physical inventory. Segment 1 Port Name Identifier of the first cross-connect segment port. Segment 1 Status Status of the first cross-connect segment, such as Admin Up, Admin Down, Oper Down, or Up. Segment 2 Identifier of the second cross-connect segment, hyperlinked to the relevant entry in physical inventory. Segment 2 Port Name Identifier of the second cross-connect segment port. Segment 2 Status Status of the second cross-connect segment, such as Admin Up, Admin Down, Oper Down, or Up. Cisco Prime Network 4.0 User Guide OL-29343-01 12-77 Chapter 12 Monitoring Carrier Ethernet Services Working with VPLS and H-VPLS Instances Working with VPLS and H-VPLS Instances Virtual Private LAN Service (VPLS) is a Layer 2 VPN technology that provides Ethernet-based multipoint-to-multipoint communication over MPLS networks. VPLS allows geographically dispersed sites to share an Ethernet broadcast domain by connecting sites through pseudowires. The network emulates a LAN switch or bridge by connecting customer LAN segments to create a single bridged Ethernet LAN. Hierarchical VPLS (H-VPLS) partitions the network into several edge domains that are interconnected using an MPLS core. The edge devices learn only of their local N-PE devices and therefore do not need large routing table support. The H-VPLS architecture provides a flexible architectural model that enables Ethernet multipoint and point-to-point Layer 2 VPN services, as well as Ethernet access to Layer 3 VPN services, enabling service providers to offer multiple services across a single high-speed architecture. Prime Network Vision discovers the following VPLS-related information from the network and constructs VPLS instances: • VSIs • Pseudowires • EFPs • Switching entities Prime Network Vision enables you to: • Add VPLS instances to a map—See Adding VPLS Instances to a Map, page 12-79. • Apply VPLS overlays—See Applying VPLS Instance Overlays, page 12-80. • View link details in VPLS overlays—See Viewing Pseudowire Tunnel Links in VPLS Overlays, page 12-82. • View VPLS-related properties—See the following topics: – Viewing VPLS Instance Properties, page 12-84 – Viewing Virtual Switching Instance Properties, page 12-85 – Viewing VPLS Core or Access Pseudowire Endpoint Properties, page 12-87 – Viewing VPLS Access Ethernet Flow Point Properties, page 12-89 You can delete a VPLS forward from Prime Network Vision if it is displayed with the reconciliation icon. Cisco Prime Network 4.0 User Guide 12-78 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VPLS and H-VPLS Instances Adding VPLS Instances to a Map You can add the VPLS instances that Prime Network Vision discovers to maps as required. To add a VPLS instance to a map: Step 1 In Prime Network Vision, select the required map or domain. Step 2 Open the Add VPLS Instance to map dialog box in either of the following ways: Step 3 • In the toolbar, choose Add to Map > VPLS. • In the menu bar, choose File > Add to Map > VPLS. In the Add VPLS Instance dialog box, do either of the following: • To search for specific elements: a. Choose Search. b. To narrow the display to a range of VPLS instances or a group of VPLS instances, enter a search string in the search field. c. Click Go. For example, if you enter VPLS1, the VPLS instances that have names containing the string VPLS1 are displayed. • To view all available VPLS instances, choose Show All and click Go. The VPLS instances that meet the specified search criteria are displayed in the Add VPLS Instance dialog box in table format. The dialog box also displays the date and time at which the list was generated. To update the list, click Refresh. Note If an element is not included in your scope, it is displayed with the locked device icon. For information about sorting and filtering the table contents, see Filtering and Sorting Tabular Content, page 2-42. Step 4 In the Add VPLS Instance dialog box, select the instances that you want to add. You can select and add multiple instances by pressing Ctrl while selecting individual instances or by pressing Ctrl +Shift to select a group of instances. Step 5 Click OK. The VPLS instance is displayed in the navigation pane and in the content area. In addition, any associated tickets are displayed in the ticket pane. See Figure 12-42. Cisco Prime Network 4.0 User Guide OL-29343-01 12-79 Chapter 12 Monitoring Carrier Ethernet Services Working with VPLS and H-VPLS Instances Figure 12-42 VPLS Instance in Prime Network Vision Map The VPLS instance information is saved with the map in the Prime Network database. Applying VPLS Instance Overlays An VPLS instance overlay allows you to isolate the parts of a network that are being used by a specific VPLS instance. To apply a VPLS instance overlay: Step 1 In Prime Network Vision, choose the map in which you want to apply an overlay. Step 2 From the toolbar, choose Choose Overlay Type > VPLS. Figure 12-43 shows an example of the Select VPLS Instance Overlay for map dialog box. Cisco Prime Network 4.0 User Guide 12-80 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VPLS and H-VPLS Instances Figure 12-43 Select VPLS Instance Overlay Dialog Box Step 3 Select the required VPLS instance for the overlay. Step 4 Click OK. The elements being used by the selected VPLS instance are highlighted in the map while the other elements are dimmed, as shown in Figure 12-44. Cisco Prime Network 4.0 User Guide OL-29343-01 12-81 Chapter 12 Monitoring Carrier Ethernet Services Working with VPLS and H-VPLS Instances Figure 12-44 VPLS Instance Overlay in Prime Network Vision Step 5 To hide and view the overlay, click Hide Overlay/Show Overlay in the toolbar. The button toggles depending on whether the overlay is currently displayed or hidden. Step 6 To remove the overlay, choose Choose Overlay Type > None. Viewing Pseudowire Tunnel Links in VPLS Overlays When a VPLS overlay is applied to a map in Prime Network Vision, you can view the details of the pseudowires that are interconnected through selected links. To view unidirectional or bidirectional pseudowire traffic links when a VPLS overlay is applied to a map: Step 1 Right-click the required link in the overlay, and choose Show Callouts. The link must be visible (not dimmed) in the map. Link information is displayed as shown in Figure 12-45. Figure 12-45 Link Callout Window for a VPLS Overlay Cisco Prime Network 4.0 User Guide 12-82 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VPLS and H-VPLS Instances The callout window displays the following information for each link represented by the selected link: Step 2 • Link details and direction. • Details of the sites using the link and the interlinks. To view the pseudowire link details, double-click the yellow callout window. The details about the link are displayed in the Link Details window as shown in Figure 12-46. Figure 12-46 Link Details Window for a VPLS Overlay The Link Details window provides the following information: 1 Link details and direction. In this example, the link is from p1 to p2. 3 Link details and direction. In this example, the link is from p2 to p1. 2 and 4 Details of the pseudowire tunnel traversing this link. Step 3 Click OK to close the Link Details window. Step 4 To close the link callout window, right-click the selected link, then choose Hide Callouts. Viewing VPLS-Related Properties Prime Network Vision enables you to view the properties of the following VPLS-related elements: • VPLS instances—See Viewing VPLS Instance Properties, page 12-84. • Virtual Switching Instances—Viewing Virtual Switching Instance Properties, page 12-85 • Tunnels—See Viewing VPLS Core or Access Pseudowire Endpoint Properties, page 12-87. • Port connectors—See Viewing VPLS Access Ethernet Flow Point Properties, page 12-89. Cisco Prime Network 4.0 User Guide OL-29343-01 12-83 Chapter 12 Monitoring Carrier Ethernet Services Working with VPLS and H-VPLS Instances Viewing VPLS Instance Properties To view the properties of a VPLS instance in Prime Network Vision, open the VPLS Instance Properties window in either of the following ways: • In the navigation pane or the map pane, right-click the VPLS instance and choose Properties. • In the navigation pane or the map pane, select the VPLS instance and choose Node > Properties. Figure 12-47 shows an example of the VPLS Instance Properties window. Figure 12-47 VPLS Instance Properties Window Table 12-37 describes the information that is displayed for VPLS instance properties. The tabs that appear in the window depend on the VPLS instance and its configuration. Table 12-37 VPLS Instance Properties Field Description System Name Name that Prime Network Vision assigns to the VPLS instance. Name User-defined name of the VPLS instance. When the VPLS instance is created, the system name and this name are the same. If you change the name of the VPLS instance (right-click, then choose Rename), the changed name appears in this field whereas the system name retains the original name. VPN ID VPN identifier used in an MPLS network to distinguish between different VPLS traffic. VPLS Forwards Tab Name User-defined name of the VPLS forward. System Name Name that Prime Network Vision assigns to the VPLS forward. Bridge Bridge that the VSI is configured to use, hyperlinked to the bridge table in logical inventory. VSI VSI hyperlinked to the relevant entry in logical inventory. Cisco Prime Network 4.0 User Guide 12-84 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VPLS and H-VPLS Instances Table 12-37 VPLS Instance Properties (continued) Field Description VPN ID VPN identifier for the VSI. Access Pseudowires Tab Name Pseudowire name. Port VSI on which the pseudowire is configured, hyperlinked to the entry in logical inventory. Local Router IP Local router IP address on which the pseudowire is configured. Tunnel ID Virtual circuit identifier of the pseudowire. PTP Tunnel Hyperlinked entry to the pseudowire properties in logical inventory. Peer Router IP Peer router IP address on which the pseudowire is configured. Peer OID Hyperlinked entry to the pseudowire properties of the peer. Pseudowire Type Type of pseudowire, such as Ethernet, Ethernet Tagged, CESoPSN Basic, PPP, or SAToP. Pseudowire Edge Binding Type Pseudowire endpoint association: • 0—Unknown • 1—Connection termination point • 2—Ethernet flow point • 3—Switching entity • 4—Pseudowire switching entity • 5—VPLS forward Access Flow Points Tab Name Access flow point name. Double-click to view port connector properties. Port Interface configured as a flow point, hyperlinked to the interface in physical inventory. Viewing Virtual Switching Instance Properties To view VSI properties in Prime Network Vision, open the VSI properties window in either of the following ways: • Double-click the required device and, in the inventory window, choose Logical Inventory > VSIs > vsi. • In the navigation pane, expand the VPLS instance, right-click the required VPLS forward, and choose Inventory or Properties. (See Figure 12-48.) Cisco Prime Network 4.0 User Guide OL-29343-01 12-85 Chapter 12 Monitoring Carrier Ethernet Services Working with VPLS and H-VPLS Instances Figure 12-48 VPLS Forward in Prime Network Vision Navigation Pane If you right-click the VPLS forward and choose Inventory, the inventory window is displayed. If you right-click the VPLS forward and choose Properties, the VSI Properties window is displayed. The information displayed is the same for both options. VSI properties are displayed as shown in Figure 12-49. Figure 12-49 VSI Properties in Logical Inventory Cisco Prime Network 4.0 User Guide 12-86 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VPLS and H-VPLS Instances Table 12-38 describes the information that is displayed for the selected VSI. Table 12-38 VSI Properties in Logical Inventory Field Description VSI Name VSI name. VPN ID VPN identifier used in an MPLS network to distinguish between different VPLS traffic. VSI Mode VSI mode: Point-to-Point (default) or Multipoint. Discovery Mode VSI discovery mode: Manual, BGP, LDP, RADIUS, DNS, MSS/OSS, or Unknown. Operational State VSI operational status: Up or Down. Administrative State VSI administrative status: Up or Down. Local Bridge Local bridge, hyperlinked to the bridge in logical inventory. Pseudowires Table Pseudowire ID Pseudowire identifier, hyperlinked to the Tunnel Edges table under Pseudowires in logical inventory. Autodiscovery Whether the pseudowire was automatically discovered: True or False. Split Horizon SSH pseudowire policy that indicates whether or not packets are forwarded to the MPLS core: True or False. Pseudowire Peer IP IP address of the pseudowire peer. Pseudowire VC ID Pseudowire virtual circuit identifier. Viewing VPLS Core or Access Pseudowire Endpoint Properties Pseudowire endpoints are displayed under VPLS Instance (Access) or VPLS Forward (Core) in the Prime Network Vision navigation pane. To view pseudowire endpoint properties for a VPLS instance, right-click the required pseudowire endpoint in the navigation pane, and choose Properties. (See Figure 12-50.) Figure 12-50 VPLS Pseudowire in Prime Network Vision Navigation Pane Figure 12-51 shows an example of the Tunnel Properties window that is displayed. Cisco Prime Network 4.0 User Guide OL-29343-01 12-87 Chapter 12 Monitoring Carrier Ethernet Services Working with VPLS and H-VPLS Instances Figure 12-51 VPLS Tunnel Properties Window Table 12-39 describes the information that is displayed for pseudowire endpoint properties. Table 12-39 Tunnel Properties Window Field Description Port VSI on which the pseudowire is configured, hyperlinked to the VSI in logical inventory. Peer Hyperlinked entry to the pseudowire endpoint peer pseudowires in logical inventory. Peer VC Label MPLS label that is used by this router to identify or access the tunnel. It is inserted into the MPLS label stack by the peer router. Tunnel Status Operational state of the tunnel: Up or Down. Local VC Label MPLS label that is used to identify or access the tunnel. It is inserted into the MPLS label stack by the local router. Local Router IP IP address of this tunnel edge, which is used as the MPLS router identifier. Tunnel ID Identifier that, along with the router IP addresses of the two pseudowire endpoints, identifies the PWE3 tunnel. Peer Router IP IP address of the peer tunnel edge, which is used as the MPLS router identifier. Local MTU Size, in bytes, of the MTU on the local interface. Remote MTU Size, in bytes, of the MTU on the remote interface. Signaling Protocol Protocol used by MPLS to build the tunnel, such as LDP or TDP. Pseudowire Type Type of pseudowire, such as Ethernet, Ethernet Tagged, CESoPSN Basic, PPP, or SAToP. Cisco Prime Network 4.0 User Guide 12-88 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with VPLS and H-VPLS Instances Viewing VPLS Access Ethernet Flow Point Properties The ports that represent the attachment circuits to VPLS instances are displayed under VPLS instances in the Prime Network Vision navigation pane. To view the properties for the Access Ethernet Flow Points configured for a VPLS instance, right-click the required interface in the navigation pane, and choose Inventory. (See Figure 12-52.) Figure 12-52 VPLS Interface in Prime Network Vision Navigation Pane Figure 12-53 shows an example of the information displayed for the interface in physical inventory. Figure 12-53 EFP Properties in Physical Inventory The information displayed in this window is the same as that displayed when the interface is selected in physical inventory. The following information is displayed, depending on the interface and its configuration: • Location and interface details. • Technology-related information, such as Ethernet CSMA/CD or ATM IMA properties. • VLAN configuration details. Cisco Prime Network 4.0 User Guide OL-29343-01 12-89 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires • List of the configured subinterfaces on the port. For more information on the Subinterfaces table, see Viewing a Port Configuration, page 3-25. • List of the configured EFPs on the port. For more information on the EFPs table, see Viewing EFP Properties, page 12-33. • List of VLAN mappings configured on the port. For more information about the VLAN Mappings table, see Viewing VLAN Mappings, page 12-53. Working with Pseudowires Prime Network supports the discovery and modeling of Any Transport over MPLS (AToM) and Ethernet over MPLS (EoMPLS) domains that span multisegment pseudowires. After discovery is complete, you can add any of the pseudowires to a map, view their properties in logical inventory, or view their redundancy status. You can run the psuedowire commands on all Cisco IOS and Cisco IOS XR devices that support pseudowire technology, such as • Cisco 7200 series routers • Cisco 7600 series routers • Cisco ASR 9000 series aggregation services routers • Cisco XR 12000 series routers • Cisco ME 3600X and Cisco ME 3800X Carrier Ethernet Switches • Cisco Carrier Packet Transport (CPT) System For details on the software versions Prime Network supports for these network elements, see the Cisco Prime Network 4.0 Supported Cisco VNEs. To run the pseudowire commands, the software on the network element must support the pseudowire technology. The following topics describe the options available to you for working with pseudowires in Prime Network: • Adding Pseudowires to a Map, page 12-90 • Viewing Pseudowire Properties, page 12-93 • Displaying Pseudowire Information, page 12-95 • Viewing Pseudowire Redundancy Service Properties, page 12-96 • Applying Pseudowire Overlays, page 12-98 • Monitoring the Pseudowire Headend, page 12-100 Adding Pseudowires to a Map You can add a pseudowire that Prime Network discovers to maps as required. To add a pseudowire to a map: Step 1 In Prime Network Vision, select the required map or domain. Step 2 Open the Add Pseudowire to map dialog box in either of the following ways: • In the toolbar, choose Add to Map > Pseudowire. Cisco Prime Network 4.0 User Guide 12-90 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires • In the menu bar, choose File > Add to Map > Pseudowire. Figure 12-54 shows an example of the Add Pseudowire dialog box. Figure 12-54 Step 3 Add Pseudowire Dialog Box In the Add Pseudowire dialog box, do either of the following: • To search for specific elements: a. Choose Search. b. To narrow the display to a range of pseudowire or a group of pseudowires, enter a search string in the search field. c. Click Go. For example, if you enter pseudo1, the pseudowires that have names containing the string “pseudo1” are displayed. • To view all available pseudowires, choose Show All and click Go. The pseudowires that meet the specified search criteria are displayed in the Add Pseudowire dialog box in table format. The dialog box also displays the date and time at which the list was generated. To update the list, click Refresh. Note If an element is not included in your scope, it is displayed with the locked device icon. For information about sorting and filtering the table contents, see Filtering and Sorting Tabular Content, page 2-42. Cisco Prime Network 4.0 User Guide OL-29343-01 12-91 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Step 4 In the Add Pseudowire dialog box, select the pseudowires that you want to add. You can select and add multiple pseudowires by pressing Ctrl while selecting individual pseudowires or by pressing Ctrl +Shift to select a group of pseudowires. Step 5 Click OK. The pseudowire is displayed in the navigation pane and in the content area. In addition, any associated tickets are displayed in the ticket pane. See Figure 12-55. Figure 12-55 Step 6 Pseudowire in Prime Network Vision Map Click the pseudowire in the navigation pane or double-click the pseudowire in the map pane to view the pseudowire components, such as pseudowire endpoints, pseudowire switching entities, and terminating interfaces. Figure 12-56 shows an example of an expanded pseudowire in Prime Network Vision. Cisco Prime Network 4.0 User Guide 12-92 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Figure 12-56 Pseudowire Components in Prime Network Vision Maps The pseudowire information is saved with the map in the Prime Network database. Viewing Pseudowire Properties To view pseudowire properties: Step 1 In Prime Network Vision, select the required map or domain. Step 2 To view pseudowire endpoint properties configured on an element: a. In the navigation or map pane, right-click the required element and then choose Inventory. b. In the inventory window, choose Logical Inventory > Pseudowires. The Tunnel Edges table is displayed, listing the pseudowire endpoints configured on the selected element. For a description of the information contained in the Pseudowires Tunnel Edges table, see Table 18-27. Step 3 To view the properties of a pseudowire that you added to a map, do either of the following: • If the pseudowire icon is of the largest size, click the Properties button. • Right-click the element, and then choose Properties. The Pseudowire Properties window is displayed as shown in Figure 12-57. Cisco Prime Network 4.0 User Guide OL-29343-01 12-93 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Figure 12-57 Pseudowire Properties Window Table 12-40 describes the information presented in the Pseudowire Properties window. Table 12-40 Step 4 Pseudowire Properties Window Field Description Name Name of the pseudowire. Multisegment Pseudowire Whether or not the pseudowire is multisegment: True or False. System Name Internal or system-generated name of the pseudowire. Pseudowire Type Type of pseudowire, such as Ethernet, Ethernet Tagged, CESoPSN Basic, PPP, or SAToP. To view the properties of a pseudowire endpoint associated with a pseudowire, right-click the required pseudowire endpoint, and then choose Properties. The Tunnel Properties window containing the pseudowire endpoint properties is displayed as shown in Figure 12-51 and described in Table 12-39. Step 5 To view the properties of a pseudowire switching entity associated with the pseudowire, select the switching entity, and then choose Node > Inventory. The Local Switching table is displayed as shown in Figure 12-41. Table 12-36 describes the information displayed in the Local Switching table. Step 6 To view the properties of the pseudowire endpoint that terminates on the subinterface, right-click the required interface, and then choose Properties. Note The selected port must be an Ethernet subinterface for the Contained Current CTPs table to be displayed. Table 12-41 describes the information displayed in the Contained Current CTPs table. Cisco Prime Network 4.0 User Guide 12-94 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Table 12-41 Step 7 Contained Current CTPs Table Field Description Local Interface The name of the subinterface or port, hyperlinked to the interface in physical inventory. ID The tunnel identifier, hyperlinked to Pseudowires Tunnel Edges table in logical inventory. Peer The peer tunnel identifier, hyperlinked to the peer pseudowire tunnel in logical inventory. Tunnel ID The identifier that, along with the router IP addresses of the two tunnel edges, identifies the tunnel. Tunnel Status The operational state of the tunnel: Up or Down. Local Router IP The IP address of this tunnel edge, which is used as the router identifier. Peer Router IP The IP address of the peer tunnel edge, which is used as the router identifier. Pseudowire Type Type of pseudowire, such as Ethernet, Ethernet Tagged, CESoPSN Basic, PPP, or SAToP. Local MTU The size, in bytes, of the MTU on the local interface. Remote MTU The size, in bytes, of the MTU on the remote interface. Local VC Label The MPLS label that is used by this router to identify or access the tunnel. It is inserted in the MPLS label stack by the local router. Peer VC Label The MPLS label that is used by this router to identify or access the tunnel. It is inserted in the MPLS label stack by the peer router. Signaling Protocol The protocol used to build the tunnel, such as LDP or TDP. Preferred Path Tunnel The path to be used for pseudowire traffic. To view the properties of an Ethernet flow point associated with the pseudowire, right-click the EFP and then choose Properties. See Viewing EFP Properties, page 12-33 for the information that is displayed for EFPs. Displaying Pseudowire Information Note You might be prompted to enter your device access credentials while exectuing the command. Once you have entered them, these credentials will be used for every subsequent execution of a command in the same GUI client session. If you want to change the credentials, click Edit Credentials. The Edit Credentials button will not be available for SNMP commands or if the command is scheduled for a later time. To To view Virtual Circuit Connectivity Verification (VCCV) and Control Channel (CC) information for a pseudowire endpoint: Cisco Prime Network 4.0 User Guide OL-29343-01 12-95 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Step 1 In the require map, double-click the required device configured for pseudowire. Step 2 In the inventory window, choose Logical Inventory > Pseudowire. Step 3 In the Tunnel Edges table, right-click the required interface and choose Commands > Show > Display Pseudowire. Step 4 In the Display Pseudowire dialog box, do either of the following: • To view the command before running it, click Preview. • To run the command, click Execute. When you click Execute, the results are displayed in the dialog box. Step 5 The following information is displayed: • The element name. • The command issued. • The results, including: – VCCV: CC Type—The types of CC processing that are supported. The number indicates the position of the bit that was set in the received octet. The available values are: - CW [1]—Control Word - RA [2]—Router Alert - TTL [3]—Time to Live - Unkn [x]—Unknown – Elapsed time—The elapsed time, in seconds. Step 6 Click Close to close the Display Pseudowire dialog box. Viewing Pseudowire Redundancy Service Properties If a pseudowire is configured for redundancy service, a redundancy service badge is applied to the secondary (backup) pseudowire in the navigation and map panes in the Prime Network Vision window. Additional redundancy service details are provided in the inventory window for the device on which the pseudowire is configured. To view redundancy service properties for pseudowires: Step 1 To determine if a pseudowire is configured for redundancy service, expand the required pseudowire in the navigation or map pane. If the pseudowire is configured for redundancy service, the redundancy service badge appears in the navigation and map panes as shown in Figure 12-58. Cisco Prime Network 4.0 User Guide 12-96 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Figure 12-58 Step 2 Pseudowire Redundancy Service Badge in a Map To view additional details, in the map, double-click the element with the redundancy service badge. The PTP Layer 2 MPLS Tunnel Properties window is displayed as shown in Figure 12-59 and shows that the selected pseudowire has a Secondary role in a redundancy service. Figure 12-59 Step 3 Layer 2 MPLS Tunnel Properties for Pseudowire Redundancy Service In the PTP Layer 2 MPLS Tunnel Properties window, click the VC ID hyperlink. The Tunnel Edges table in logical inventory is displayed, with the local interface selected in the table. (See Figure 12-60.) Cisco Prime Network 4.0 User Guide OL-29343-01 12-97 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Figure 12-60 Pseudowire Redundancy Service in Logical Inventory The entries indicate that the selected tunnel edge has a Secondary role in the first VC and a Primary role in the second VC. For more information about the Pseudowires Tunnel Edges table, see Table 18-27. Applying Pseudowire Overlays A pseudowire overlay allows you to isolate the parts of a network that are used by a specific pseudowire. To apply a pseudowire overlay: Step 1 In Prime Network Vision, choose the map in which you want to apply an overlay. Step 2 From the toolbar, choose Choose Overlay Type > Pseudowire. Figure 12-61 shows an example of the Select Pseudowire Overlay for map dialog box. Cisco Prime Network 4.0 User Guide 12-98 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Figure 12-61 Select Pseudowire Overlay Dialog Box Step 3 Select the required pseudowire for the overlay. Step 4 Click OK. The elements being used by the selected pseudowire are highlighted in the map while the other elements are dimmed, as shown in Figure 12-62. Cisco Prime Network 4.0 User Guide OL-29343-01 12-99 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Figure 12-62 Pseudowire Overlay in Prime Network Vision Step 5 To hide and view the overlay, click Hide Overlay/Show Overlay in the toolbar. The button toggles depending on whether the overlay is currently displayed or hidden. Step 6 To remove the overlay, choose Choose Overlay Type > None. Monitoring the Pseudowire Headend A pseudowire (PW) is an emulation of a point-to-point connection over a packet-switching network (PSN). It operates over a uniform packet-based access/aggregation network. The composite L2 AC and the PW segment together form a point-to-point virtual CE-PE link that functions like a traditional CE-PE link technology. Figure 12-63 displays a typical pseudowrie deployment over core network and Figure 12-64 displays a pseduowire deployment over access network. Cisco Prime Network 4.0 User Guide 12-100 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Figure 12-63 Pseudowire Deployment Over Core Network PW CE1 CE1 PE1 PE2 PE2 CE2 CE2 Figure 12-64 CE L2 PE 243510 PE1 Pseudowire Deployment Over Access Network P1 L2 PE PE S-PE CE-2 Global IP/MPLS Cor Network Access Network PW AC 320494 AC A pseudowire headend (PW-HE) virtual interface originates as a PW on an access node and terminates on a Layer 3 service instance on the service provider router. For example, a PWHE can originate on the Layer 2 PW feeder node and terminate on a VRF instance on the Cisco CRS Router. You can configure all ingress and egress QoS function on the PW-HE interface, including policing, shaping, queuing, and hierarchical policies. In other words, the PW-HE is a technology that allows termination of access or aggregation pseduowires into an L2 or L3 domain. It allows us to replace a 2-node solution with a 1-node solution. Without a PW-HE, a L2 PE node must terminate a PW and then handoff the data to a S-PE via an Access Circuit. The following figure displays the PW-HE interface: Cisco Prime Network 4.0 User Guide OL-29343-01 12-101 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Figure 12-65 PW-HE Interface Layer3 Peering CE L2 A-PE P1 S-PE Global IP/MPLS Cor Network AC 320493 MPLS Access Network PW The PW-HE interface is treated like any existing L3 interface and operates on one of the following nodes: • Bridged interworking (VC type 5 or 4) node—PW will carry customer Ethernet frames with IP payload. The S-PE device must perform ARP resolution for customer IP addresses learnt over PW-HE, which acts as a broadcast interface. • IP interworking node (VC type 11)—The PW-HE acts as a point-to-point interface. Hence, there will be two types of PW-HE interface-PW-Ether and PW-IW. These PW’s can terminate into a VRF or the IP global table on SP-E. Viewing the PW-HE configuration To view the PW-HE configuration: Step 1 Right-click the required device in Prime Network Vision and choose Inventory. Step 2 In the logical inventory window, choose Logical Inventory > PW-HE. The list of PW-HE interfaces configured in Prime Network are displayed in the content pane. Step 3 From the PW-HE node, choose a PW-HE interface. The PW-HE interface details are displayed in the content pane as shown in Figure 12-66. Cisco Prime Network 4.0 User Guide 12-102 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Figure 12-66 PW-HE Configuration Details Table 12-42 displays the PW-HE interface details. Cisco Prime Network 4.0 User Guide OL-29343-01 12-103 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Table 12-42 PW-HE Interface Details Field Description Interface Name The unique name to identify the PW-HE interface. Admin State The administrative state of the PW-HE, which can be any one of the following: Oper State • Up • Down The operational state of the PW-HE, which can be any one of the following: • Up • Down IP Interface The IP interface for the PW-HE, which when clicked will take you either to the associated VRF interface site under the VRF node or the associated IP Interface under the Routing Entity node. Pseudowire The pseudowire to which the PW-HE is associated with, which when clicked will take you to the Pseudowire node. Generic Interface List The generic interface list linked to the PW-HE, which when clicked will take you to the relevant node under the PW-HE Generic Interfaces Lists node. MTU The maximum number of transmission units (in bytes) for the PW-HE interface. Bandwidth The bandwidth (in kbits) for the PW-HE interface. MAC Address The MAC address specified for the PW-HE interface, which is generally in the xxx.xxx.xxx format. Label The MPLS label for the PW-HE interface. L2 Overhead The layer 2 overhead (in bytes) configured on the PW-HE interface, which can be any value between 0 and 64. This field defaults to 0. You can also view the following configuration details for a PW-HE interface: • Viewing PW-HE Configured as a Local Interface under Pseudowire, page 12-104 • Viewing PW-HE Generic Interface List, page 12-105 • Viewing PW-HE as an Associated Entity for a Routing Entity, page 12-105 • Viewing PW-HE as an Associated Entity for a VRF, page 12-105 Viewing PW-HE Configured as a Local Interface under Pseudowire To view the local interface details: Step 1 Right-click the required device in Prime Network Vision and choose Inventory. Step 2 In the logical inventory window, choose Logical Inventory > Pseudowire. The list of Pseudowire interfaces configured in Prime Network are displayed in the content pane. For more information on Pseudowire properties, see Viewing Pseudowire Properties, page 12-93. Cisco Prime Network 4.0 User Guide 12-104 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Pseudowires Viewing PW-HE Generic Interface List To view the PW-HE generic interface list: Step 1 Right-click the required device in Prime Network Vision and choose Inventory. Step 2 In the logical inventory window, choose Logical Inventory > PW-HE Generic Interface List. The list of generic interfaces configured in Prime Network are displayed in the content pane. Step 3 From the PW-HE Generic Interface List node, choose a generic interface list. The interface details are displayed in the content pane. Table 12-43 displays the PW-HE Generic Interface List details. Table 12-43 PW-HE Generic Interface List Details Field Description Generic Interface Interfaces tab The name of the generic interface list. Interface The Ethernet Link Aggregation Group (LAG) for the PW-HE service, which when clicked will take you to the LAG node. Viewing PW-HE as an Associated Entity for a Routing Entity To view the routing entity details for a PW-HE: Step 1 Right-click the required device in Prime Network Vision and choose Inventory. Step 2 In the logical inventory window, choose Logical Inventory > Routing Entities > Routing Entity. The routing entity details for the PW-HE is displayed in the content pane. For more information on Routing entity details, see Viewing Routing Entities, page 18-31. Viewing PW-HE as an Associated Entity for a VRF To view the VRF details for a PW-HE: Step 1 Right-click the required device in Prime Network Vision and choose Inventory. Step 2 In the logical inventory window, choose Logical Inventory > VRF > PW-HE node. The VRF details for the PW-HE is displayed in the content pane. For more information on VRF details, see Viewing VRF Properties, page 18-27. Cisco Prime Network 4.0 User Guide OL-29343-01 12-105 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Services Working with Ethernet Services Ethernet services are created when the following business elements are linked to one another: • Network VLAN and bridge domain are linked through a shared EFP. • Network VLAN and VPLS instance are linked through either of the following: – A shared, standalone EFP. – A shared switching entity. • Network VLAN and network pseudowire (single or multi-segment) are linked through either of the following: – A shared, standalone EFP. – A shared switching entity. • VPLS-EoMPLS connected via a shared access pseudowire endpoint. • Network VLAN and cross-connect are connected by a shared EFP. • Network VLAN and service link are connected by a shared EFP. If a VPLS, network pseudowire, cross-connect, or network VLAN object is not connected to another business element, it resides alone in an Ethernet service. In releases prior to Prime Network Vision 3.8, EVC multiplex was discovered by means of Ethernet flow point associations. Beginning with Prime Network Vision 3.8, multiplex capabilities were enhanced to distinguish multiplexed services based on the Customer VLAN ID; that is, Prime Network Vision 3.9 is Inner Tag-aware. As a result, in environments in which service providers have customers with multiplexed services, an EVC can distinguish each service and create its own EVC representation. Prime Network Vision discovers Ethernet services and enables you to add them to maps, apply overlays, and view their properties. See the following topics for more information: • Adding Ethernet Services to a Map, page 12-106 • Applying Ethernet Service Overlays, page 12-108 • Viewing Ethernet Service Properties, page 12-109 Adding Ethernet Services to a Map You can add the Ethernet services that Prime Network Vision discovers to maps as required. To add an Ethernet service to a map: Step 1 In Prime Network Vision, select the required map or domain. Step 2 Open the Add Ethernet Service to map dialog box in either of the following ways: Step 3 • In the toolbar, choose Add to Map > Ethernet Service. • In the menu bar, choose File > Add to Map > Ethernet Service. In the Add Ethernet Service dialog box, do either of the following: • To search for specific elements: a. Choose Search, and then choose a search category: EVC Terminating EFPs, Name, or System Name. Cisco Prime Network 4.0 User Guide 12-106 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Services b. To narrow the display to a range of Ethernet services or a group of Ethernet services, enter a search string in the search field. c. Click Go. For example, if you choose Name and enter EFP1, the network elements that have names beginning with EFP1 are displayed. • To view all available Ethernet services, choose Show All and click Go. The available elements that meet the specified search criteria are displayed in the Add Ethernet Service dialog box in table format. The dialog box also displays the date and time at which the list was generated. To update the list, click Refresh. Note If an element is not included in your scope, it is displayed with the locked device icon. For information about sorting and filtering the table contents, see Filtering and Sorting Tabular Content, page 2-42. Step 4 In the Add Ethernet Service dialog box, select the elements that you want to add. You can select and add multiple elements by pressing Ctrl while selecting individual elements or by pressing Ctrl +Shift to select a group of elements. Step 5 Click OK. The Ethernet service is displayed in the navigation pane and in the content area. In addition, any associated tickets are displayed in the ticket pane. See Figure 12-67. Figure 12-67 Ethernet Service in Prime Network Vision Cisco Prime Network 4.0 User Guide OL-29343-01 12-107 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Services The Ethernet service information is saved with the map in the Prime Network database. Applying Ethernet Service Overlays An Ethernet service overlay allows you to isolate the parts of a network that are being used by a specific Ethernet service. To apply an Ethernet service overlay: Step 1 In Prime Network Vision, choose the map in which you want to apply an overlay. Step 2 From the toolbar, choose Choose Overlay Type > Ethernet Service. Figure 12-68 shows an example of the Select Ethernet Service Overlay for map dialog box. Figure 12-68 Select Ethernet Service Overlay Dialog Box Step 3 Select the required Ethernet Service for the overlay. Step 4 Click OK. The elements being used by the selected Ethernet service are highlighted in the map while the other elements are dimmed, as shown in Figure 12-69. Cisco Prime Network 4.0 User Guide 12-108 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Services Figure 12-69 Ethernet Service Overlay in Prime Network Vision Step 5 To hide and view the overlay, click Hide Overlay/Show Overlay in the toolbar. The button toggles depending on whether the overlay is currently displayed or hidden. Step 6 To remove the overlay, choose Choose Overlay Type > None. Viewing Ethernet Service Properties To view Ethernet service properties: Step 1 In Prime Network Vision, select the map containing the required Ethernet service. Step 2 In the navigation or map pane, right-click the Ethernet service and choose Properties. Figure 12-70 shows an example of an Ethernet Service Properties window with the EVC Terminating table. Depending on the types of service in the EVC, tabs might be displayed. For example, if the EVC contains two network VLANs and a VPLS, tabs are displayed for the following: • EVC Terminating table • Network VLANs • VPLS Cisco Prime Network 4.0 User Guide OL-29343-01 12-109 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Services Figure 12-70 Ethernet Service Properties Window Table 12-44 describes the information that is displayed for an Ethernet service. Table 12-44 Ethernet Service Properties Window Field Description Name Ethernet service name. System Name Name that Prime Network Vision assigns to the Ethernet service. EVC Name of the EVC associated with the Ethernet service, hyperlinked to the EVC Properties window. EVC Terminating Table Step 3 Name EVC name, represented by the interface name, EFP, and the EFP name. Network Element Hyperlinked entry to the specific interface and EFP in physical inventory. Port Hyperlinked entry to the specific interface in physical inventory. To view the EVC Properties window, click the hyperlink in the EVC field. Figure 12-71 shows an example of the EVC Properties window. Cisco Prime Network 4.0 User Guide 12-110 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Working with Ethernet Services Figure 12-71 EVC Properties Window Table 12-45 describes the information that is displayed in the EVC Properties window. The tabs that are displayed depend on the services included in the EVC. For example, if the EVC contains two network VLANs and a VPLS, tabs are displayed for the following: • EVC Terminating table • Network VLANs • VPLS Table 12-45 EVC Properties Window Field Description System Name Name of the system on which the EVC is configured. Name EVC name. Cross-Connects Table Name Cross-connect name. Segment 1 Identifier of the first cross-connect endpoint. Segment 2 Identifier of the second cross-connect endpoint. System Name Cross-connect system name. Cisco Prime Network 4.0 User Guide OL-29343-01 12-111 Chapter 12 Monitoring Carrier Ethernet Services Viewing IP SLA Responder Service Properties Table 12-45 EVC Properties Window (continued) Field Description Network VLANs Tab Name VLAN name. ID VLAN identifier. EFD Name Name of the Ethernet flow domain. EFD System Name Name that Prime Network Vision assigns to the EFD. System Name VLAN system name. Description Brief description of the VLAN. Network Pseudowires Tab Name Pseudowire name. System Name System on which the pseudowire is configured. Description Brief description of the pseudowire. Pseudowire Type Type of pseudowire. Is Multisegment Pseudowire Whether or not the pseudowire is multisegment: True or False. VPLS Instances Tab Name VPLS instance name. System Defined Name Name that Prime Network Vision assigns to the VPLS instance. VPN ID Identifier of associated VPN. Viewing IP SLA Responder Service Properties Cisco IOS Service Level Agreements (SLAs) software allows you to analyze IP service levels for IP applications and services by using active traffic monitoring to measure network performance. The IP SLA responder is a component embedded in the destination Cisco device that allows the system to anticipate and respond to IP SLAs request packets. The responder provides accurate measurements without requiring dedicated probes. The responder uses the Cisco IOS IP SLAs Control Protocol to provide a mechanism through which it can be notified on which port it should listen and respond. Two-Way Active Measurement Protocol (TWAMP) defines a standard for measuring round-trip network performance between any two devices that support the protocol. Prime Network Vision supports IP SLA Responder service on the following devices: • Cisco 3400ME and 3750ME devices running Cisco IOS 12.2(52)SE. • Cisco MWR2941 devices running Cisco CSR 3.2. To view IP SLA Responder service properties: Step 1 In Prime Network Vision, double-click the device configured for IP SLA Responder service. Step 2 In the inventory window, choose Logical Inventory > IP SLA Responder. IP SLA Responder properties are displayed as shown in Figure 12-72. Cisco Prime Network 4.0 User Guide 12-112 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing IP SLA Responder Service Properties Figure 12-72 IP SLA Responder in Logical Inventory Table 12-46 describes the properties displayed for IP SLA Responder service. Table 12-46 IP SLA Responder Properties in Logical Inventory Field Description IP SLA Responder Status Status of the IP SLA Responder: Up or Down. IP SLA TWAMP Responder Status of the IP SLA TWAMP responder: Up or Down. Status UDP Echo Tab IP Address Destination IP address used for the UDP echo operation. Port Number Destination port number used for the UDP echo operation. TCP Connect Tab IP Address Destination IP address used for the TCP connect operation. Port Number Destination port number used for the TCP connect operation. Cisco Prime Network 4.0 User Guide OL-29343-01 12-113 Chapter 12 Monitoring Carrier Ethernet Services Viewing IS-IS Properties Viewing IS-IS Properties Intermediate System-to-Intermediate System (IS-IS) protocol is a routing protocol developed by the ISO. It is a link-state protocol where IS routers exchange routing information based on a single metric to determine network topology. It behaves in a manner similar to OSPF in the TCP/IP network. IS-IS networks contain end systems, intermediate systems, areas, and domains. End systems are user devices. Intermediate systems are routers. Routers are organized into local groups called areas, and areas are grouped into a domain. For configuring IS-IS, see Configuring IS-IS, page 12-121. To view IS-IS properties: Step 1 In Prime Network Vision, double-click the device configured for IS-IS. Step 2 In the inventory window, choose Logical Inventory > IS-IS > System. Figure 12-73 shows an example of the IS-IS window with the Process table in logical inventory. Figure 12-73 IS-IS Window in Logical Inventory Cisco Prime Network 4.0 User Guide 12-114 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing IS-IS Properties Table 12-47 describes the information that is displayed in this window and the Processes table. Table 12-47 IS-IS Properties in Logical Inventory - Processes Table Field Description Version Version of IS-IS that is implemented. Processes Table Step 3 Process ID Identifier for the IS-IS process. System ID Identifier for this Intermediate System. IS Type Level at which the Intermediate System is running: Level 1, Level 2, or Level 1-2. Manual Area Address Address assigned to the area. To view IS-IS process information, choose Logical Inventory > IS-IS > Process nnn. Figure 12-74 shows an example of the information that is displayed for the IS-IS process. Figure 12-74 IS-IS Process Properties in Logical Inventory Cisco Prime Network 4.0 User Guide OL-29343-01 12-115 Chapter 12 Monitoring Carrier Ethernet Services Viewing IS-IS Properties Table 12-48 describes the information that is displayed for the selected IS-IS process. Table 12-48 IS-IS Process Properties in Logical Inventory Field Description Process Unique identifier for the IS-IS process. System ID Identifier for this Intermediate System. IS Type Level at which the Intermediate System process is running: Level 1, Level 2, or Level 1-2. Manual Area Address Address assigned to the area. Metrics Tab IS Type Level at which the Intermediate System is running: Level 1, Level 2, or Level 1-2. Metric Style Metric style used: Narrow, Transient, or Wide. Metric Value Metric value assigned to the link. This value is used to calculate the path cost via the links to destinations. This value is available for Level 1 or Level 2 routing only. If the metric style is Wide, the value can range from 1 to 16777214. If the metric style is Narrow, the value can range from 1 to 63. The default value for active IS-IS interfaces is 10, and the default value for inactive IS-IS interfaces is 0. Address Family IP address type used: IPv4 or IPv6. Interfaces Tab Interface Name Interface name. Neighbors Tab System ID Identifier for the neighbor system. Interface Neighbor interface name. IP Address Neighbor IP address. Type IS type for the neighbor: Level 1, Level 2, or Level 1-2. SNPA Subnetwork point of attachment (SNPA) for the neighbor. Hold Time Holding time, in seconds, for this adjacency. The value is based on received IS-to-IS Hello (IIH) PDUs and the elapsed time since receipt. State Administrative status of the neighbor system: Up or Down. Address Family IP address type used by the neighbor: IPv4 or IPv6. Cisco Prime Network 4.0 User Guide 12-116 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Viewing OSPF Properties Viewing OSPF Properties Prime Network Vision supports the following versions of OSPF: • OSPFv1 • OSPFv2 • OSPFv3 Using Prime Network Vision you can view OSPF properties for: • OSPF processes, including the process identifier and OSPF version. • OSPF network interfaces, such as the area identifier, network type, and status. • OSPF neighbors, including the neighbor identifier, neighbor interface address, and status. To view OSPF properties: Step 1 In Prime Network Vision, double-click the device configured for OSPF. Step 2 To view OSPF processes, choose Logical Inventory > OSPF Processes > OSPF Process (vn) ID where vn represents the OSPF version and ID is the OSPF process identifier. For example, in Figure 12-75, the entry in the navigation tree is OSPF Process (v2) 10. Figure 12-75 OSPF Processes in Logical Inventory Table 12-49 describes the information that is displayed for OSPF processes. Cisco Prime Network 4.0 User Guide OL-29343-01 12-117 Chapter 12 Monitoring Carrier Ethernet Services Viewing OSPF Properties Table 12-49 OSPF Processes in Logical Inventory Field Description OSPF Process Details Process ID Unique process identifier. Router ID Router IP address. OSPF Version OSPF version: v1, v2, or v3. SPF Timers Schedule Delay Number of milliseconds to wait after a change before calculating the shortest path first (SPF). Min Hold Time Minimum number of milliseconds to wait between two consecutive SPF calculations. Max Wait Time Maximum number of milliseconds to wait between two consecutive SPF calculations. OSPF Neighbors Table Neighbor ID OSPF neighbor IP address. Area OSPF area identifier. Interface Address IP address of the interface on the neighbor configured for OSPF. State State of the communication with the neighbor: Down, Attempt, Init, 2-Way, Exstart, Exchange, Loading, and Full. OSPF Interface Hyperlinked entry to the OSPF Interface Properties window. The OSPF Interfaces window displays the same information as the OSPF Interfaces Table below. OSPF Interfaces Table IP Interface OSPF interface, hyperlinked to the relevant entry in the routing entity IP Interfaces table in logical inventory. For more information about the IP Interfaces table, see Table 18-12. Internet Address OSPF interface IP address. Area ID OSPF area identifier. Priority Eight-bit unsigned integer that specifies the priority of the interface. Values range from 0 to 255. Of two routers, the one with the higher priority takes precedence. Cost Specified cost of sending a packet on the interface, expressed as a metric. Values range from 1 to 65535. Status State of the interface: Up or Down. State OSPF state: BDR, DR, DR-Other, Waiting, Point-to-Point, or Point-to-Multipoint. Network Type Type of OSPF network: Broadcast, Nonbroadcast Multiple Access (NBMA), Point-to-Multipoint, Point-to-Point, or Loopback. DR Address Designated router IP address. BDR Address Backup designated router IP address. Cisco Prime Network 4.0 User Guide 12-118 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Configuring REP and mLACP Configuring REP and mLACP The following commands can be launched from the inventory by right-clicking the appropriate node and selecting Commands. Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands. For details on the software versions Prime Network supports for these network elements, see the Cisco Prime Network 4.0 Supported Cisco VNEs. To run the REP and mLACP commands, the software on the network element must support these technology. Additional commands may be available for your devices. New commands are often provided in Prime Network Device Packages, which can be downloaded from the Prime Network software download site. For more information on how to download and install DPs and enable new commands, see the information on “Adding Additional Device (VNE) support” in the Cisco Prime Network 4.0 Administrator Guide. Note You might be prompted to enter your device access credentials while executing a command. Once you have entered them, these credentials will be used for every subsequent execution of a command in the same GUI client session. If you want to change the credentials, click Edit Credentials. The Edit Credentials button will not be available for SNMP commands or if the command is scheduled for a later time. Command Navigation Description Commands > Show This action performed at the command the launch point. Commands > Show These actions are performed at the command the launch point. REP Command Show REP Segment Information mLACP Commands Show Group Show MPLS LDP Show Channel Show LACP Internal Cisco Prime Network 4.0 User Guide OL-29343-01 12-119 Chapter 12 Monitoring Carrier Ethernet Services Using Pseudowire Ping and Show Commands Using Pseudowire Ping and Show Commands The Ping Pseudowire and Display Pseudowire commands can be launched from the inventory by right-clicking the appropriate node and selecting Commands. Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands. Additional commands may be available for your devices. New commands are often provided in Prime Network Device Packages, which can be downloaded from the Prime Network software download site. For more information on how to download and install DPs and enable new commands, see the information on “Adding Additional Device (VNE) support” in the Cisco Prime Network 4.0 Administrator Guide. Note You might be prompted to enter your device access credentials while executing a command. Once you have entered them, these credentials will be used for every subsequent execution of a command in the same GUI client session. If you want to change the credentials, click Edit Credentials. The Edit Credentials button will not be available for SNMP commands or if the command is scheduled for a later time. Command Navigation Ping Pseudowire Logical Inventory > Pseudowires > right-click the interface > Commands > Configure > Description Use the Ping Pseudowire command to ping the peer router with a tunnel ID from a single or multisegment pseudowire. This command can be used to verify connectivity between any set of PE routers in the pseudowire path. For a multisegment pseudowire this command can be used to verify that all the segments of the multisegment pseudowire are operating. You can use this command to verify connectivity at the following pseudowire points: • From one end of the pseudowire to the other • From one of the pseudowires to a specific segment • The segment between two adjacent PE routers You can choose to ping the peer router by default or provide the IP of the required destination router to ping. Display Pseudowire Logical Inventory > Pseudowire > right-click the required interface > Commands > Show > Display Pseudowire Use the Display Pseudowire command to show the MPLS Layer 2 (L2) transport binding using tunnel identifier. MPLS L2 transport binding allows you to identify the VC label binding information. This command can be used to display information about the pseudowire switching point. Cisco Prime Network 4.0 User Guide 12-120 OL-29343-01 Chapter 12 Monitoring Carrier Ethernet Services Configuring IS-IS Configuring IS-IS In order to enable IS-IS for IP on a Cisco router and have it exchange routing information with other IS-IS enabled routers, you must perform these two tasks: • Enable the IS-IS process and assign area • Enable IS-IS for IP routing on an interface You can configure the router to act as a Level 1 (intra-area) router, as Level 1-2 (both a Level 1 router and a Level 2 router), or as Level 2 (an inter-area router only). The IS-IS commands helps you to configure the IS-IS on a Cisco router. These commands can be launched from the logical inventory. Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands. The table below lists the IS-IS configuration commands. To run the ISIS commands, the software on the network element must support ISIS technology. For details on the software versions Prime Network supports for the ISIS supported network elements, see the Cisco Prime Network 4.0 Supported Cisco VNEs. Additional commands may be available for your devices. New commands are often provided in Prime Network Device Packages, which can be downloaded from the Prime Network software download site. For more information on how to download and install DPs and enable new commands, see the information on “Adding Additional Device (VNE) support” in the Cisco Prime Network 4.0 Administrator Guide. Note You might be prompted to enter your device access credentials while executing a command. Once you have entered them, these credentials will be used for every subsequent execution of a command in the same GUI client session. If you want to change the credentials, click Edit Credentials. The Edit Credentials button will not be available for SNMP commands or if the command is scheduled for a later time. Command Navigation Description Create ISIS Router ISIS > right-click System > Commands > Configuration Use this command to create an IS-IS routing process and specify the area for each instance of the IS-IS routing process. An appropriate Network Entity Title (NET) must be configured to specify the area address for the IS-IS area and system ID of the router. Multiple IS-IS processes can be configured. Up to eight processes are configurable. A maximum of five IS-IS instances on a system are supported. Modify ISIS Router Delete ISIS Router ISIS > System > right-click Process ID in content pane > Commands > Configuration > Use this command to modify or delete an exisiting IS-IS routing configuration for the specified routing process. Cisco Prime Network 4.0 User Guide OL-29343-01 12-121 Chapter 12 Monitoring Carrier Ethernet Services Configuring IS-IS Command Navigation Description Create ISIS Interface ISIS > System > right-click Process ID in content pane > Commands > Configuration > Modify ISIS Interface ISIS > expand System > select a Process > select Interfaces tab> right-click on a Interface Name > Commands > Configuration > Use these command to create or modify an IS-IS routing process and assign it to a specific interface, rather than to a network. Delete ISIS Interface Create ISIS Address ISIS > System > right-click Process ID in content pane > Family Commands > Configuration Modify ISIS Address Family Configure or modify IS-IS routing to use standard IP Version 4 (IPv4) and IP Version 6 (IPv6) address prefixes. Delete ISIS Address Family Create ISIS Interface Address Family Modify ISIS Interface Address Family ISIS > expand System > select a Process > select Interfaces tab> right-click on a Interface Name > Commands > Configuration > Configure IS-IS routing to use standard IP Version 4 (IPv4) and IP Version 6 (IPv6) address prefixes on an interface. ISIS > right-click System > Commands > Show The show isis command displays general information about an IS-IS instance and protocol operation. Delete ISIS Interface Address Family Show ISIS Configuration Cisco Prime Network 4.0 User Guide 12-122 OL-29343-01 CH A P T E R 13 Monitoring Carrier Grade NAT Properties Carrier Grade NAT is a large-scale Network Address Translation (NAT) that provides translation of millions of private IPv4 addresses to public IPv4 addresses. These translations support subscribers and content providers with a bandwidth throughput of at least 10 Gbps full-duplex. Carrier Grade NAT addresses the IPv4 address completion problem. It employs Network Address and Port Translation (NAPT) to aggregate many private IPv4 addresses into fewer public IPv4 addresses. For example, a single public IPv4 address with a pool of 32,000 port numbers supports 320 individual private IP subscribers, assuming that each subscriber requires 100 ports. Carrier Grade NAT also offers a way to implement a graceful transition to IPv6 addresses. Carrier Grade NAT attributes and instances are configured as a CRS-ADVSVC-PLIM card on Cisco CRS-1 routers. To route internal public addresses to external public addresses, a VPN Routing and Forwarding (VRF) instance is created. Interfaces are created for the VRF at the subscriber-side (private) and the Internet-side (public). The VRF enables static or dynamic routing of protocols on the interfaces. Cisco Prime Network supports the following instances for Carrier Grade NAT: • Stateful Address Translation- NAT44 Stateful • Stateless Address Translation- NAT 64 Stateless (X-LAT) • IPv6 rapid deployment (6rd) Each Carrier Grade NAT instance has several attributes listed under them, such as preferred location, address pools, associated interfaces, and statistics. The attributes are grouped under related categories. The categories and attributes are listed below: Note IPv4 Network Address Translation (NAT44) is not supported for devices running Cisco IOS XR software version 4.0. The following topics describe how to use Prime Network Vision to view Carrier Grade NAT properties: • User Roles Required to View Carrier Grade NAT Properties, page 13-2 • Viewing Carrier Grade NAT Properties in Logical Inventory, page 13-2 • Viewing Carrier Grade NAT Properties in Physical Inventory, page 13-5 • Configuring CG NAT Service, page 13-6 Cisco Prime Network 4.0 User Guide OL-29343-01 13-1 Chapter 13 Monitoring Carrier Grade NAT Properties User Roles Required to View Carrier Grade NAT Properties User Roles Required to View Carrier Grade NAT Properties This topic identifies the roles that are required to view Carrier Grade NAT properties in Prime Network Vision. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the Cisco Prime Network 4.0 Administrator Guide. The following tables identify the tasks that you can perform: • Table 13-1 identifies the tasks that you can perform if a selected element is not in one of your assigned scopes. • Table 13-2 identifies the tasks that you can perform if a selected element is in one of your assigned scopes. By default, users with the Administrator role have access to all managed elements. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Table 13-1 Default Permission/Security Level Required for Viewing Carrier Grade NAT Properties - Element Not in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator View Carrier Grade NAT properties — — — — X Using CG NAT Configure, Delete, and Show Commands — — — X X Table 13-2 Default Permission/Security Level Required for Viewing Carrier Grade NAT Properties - Element in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator View Carrier Grade NAT properties X X X X X Using CG NAT Configure, Delete, and Show Commands — — — X X Viewing Carrier Grade NAT Properties in Logical Inventory To view Carrier Grade NAT properties in logical inventory: Step 1 In Prime Network Vision, double-click the Cisco CRS device configured for Carrier Grade NAT. Step 2 In the inventory window, click Logical Inventory > Carrier Grade NAT. Cisco Prime Network 4.0 User Guide 13-2 OL-29343-01 Chapter 13 Monitoring Carrier Grade NAT Properties Viewing Carrier Grade NAT Properties in Logical Inventory The Carrier Grade NAT properties are displayed in logical inventory as shown in Figure 13-1. Figure 13-1 Carrier Grade NAT in Logical Inventory Table 13-3 describes the Carrier Grade NAT properties that are displayed. Table 13-3 Carrier Grade NAT Properties in Logical Inventory Field Description CGN Name Name of the Carrier Grade NAT service. Preferred Location Tab Preferred Location Hyperlinked entry to the card in physical inventory. Preferred Location (alias) Location of module in clear text. Location Type Configured type of location: Active or Standby. Redundancy Status Redundancy state: Online or Offline. If the field is empty, it means the data was not collected from the device. Service Infra Interface Hyperlinked entry to the routing entity in logical inventory. For more information about routing entities in logical inventory, see Viewing Routing Entities, page 18-31. Cisco Prime Network 4.0 User Guide OL-29343-01 13-3 Chapter 13 Monitoring Carrier Grade NAT Properties Viewing Carrier Grade NAT Properties in Logical Inventory Table 13-3 Carrier Grade NAT Properties in Logical Inventory (continued) Field Description Address Pools Tab Inside VRF Hyperlinked entry to the inside VRF in logical inventory. For more information about VRF properties in logical inventory, see Viewing VRF Properties, page 18-27. Address Family Type of IP address in this pool: IPv4 or IPv6. Outside VRF Hyperlinked entry to the outside VRF in logical inventory. For more information about VRF properties in logical inventory, see Viewing VRF Properties, page 18-27. Address Pool Range of IP addresses that can be used for the service instance. If an end address is not specified, the entire range of 255 addresses is used for the address pool. Associated Interfaces Tab Interface Hyperlinked entry to the associated entry in logical inventory: • For SVI service interfaces, hyperlinked entry to the routing entity in logical inventory. • For SVI service applications, hyperlinked entry to the VRF entity in logical inventory. Service Types Tab Service Type Name Name of the Carrier Grade NAT service. Service Type Type of Carrier Grade NAT service: 6RD, XLAT, or NAT44. Statistics Tab Statistics Name Name of the statistic. For statistic names and descriptions, see Table 13-4. Statistics Value Value of the statistic. Cisco Prime Network 4.0 User Guide 13-4 OL-29343-01 Chapter 13 Monitoring Carrier Grade NAT Properties Viewing Carrier Grade NAT Properties in Physical Inventory You can also display pool utilization by right-clicking a VNE and choosing Commands > Show > Pool Utilization. Table 13-4 Carrier Grade NAT Statistics in Logical Inventory Statistic Name Description Inside to outside drops port limit Number of packets dropped because the port limit has been exceeded exceeded. The value is calculated from the time Carrier Grade NAT was configured and running on the card. Inside to outside drops resource depletion Number of packets that are dropped because no ports are available. The value is calculated from the time Carrier Grade NAT was configured and running on the card. Inside to outside drops limit system reached Number of packets that are dropped because the system limit has been exceeded. The value is calculated from the time Carrier Grade NAT was configured and running on the card. Inside to outside forward rate Number of packets forwarded from the inside to the outside in the last one second. Outside to inside forward rate Number of packets forwarded from the outside to the inside in the last one second. Translations create rate Number of translation entries created in the last one second. Translations delete rate Number of translation entries deleted in the last one second. Viewing Carrier Grade NAT Properties in Physical Inventory To view Carrier Grade NAT properties in physical inventory: Step 1 In Prime Network Vision, double-click the Cisco CRS device configured for Carrier Grade NAT. Step 2 To view Carrier Grade NAT properties configured on a specific interface, click Physical Inventory > chassis > shelf > slot > card > interface. See Table 3-11 for a description of the information displayed in the Subinterfaces table. Step 3 To view Carrier Grade NAT properties configured on a Cisco CRS-CGSE-PLIM card, click Physical Inventory > chassis > shelf > slot > PLIM-card. Figure 13-2 shows an example of Carrier Grade NAT properties in physical inventory. Cisco Prime Network 4.0 User Guide OL-29343-01 13-5 Chapter 13 Monitoring Carrier Grade NAT Properties Configuring CG NAT Service Figure 13-2 Carrier Grade NAT Properties in Physical Inventory The field CGN Service is displayed, and the entry is hyperlinked to the associated Carrier Grade NAT service in logical inventory. Configuring CG NAT Service The following commands can be launched from the inventory by right-clicking the appropriate node and selecting Commands. The table below lists the configuration commands and the supported network elements. Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands. For details on the software versions Prime Network supports for thes supported network elements, see the Cisco Prime Network 4.0 Supported Cisco VNEs. To run the Carrier Grade NAT commands, the software on the network element must support the Carrier Grade NAT technology. Additional commands may be available for your devices. New commands are often provided in Prime Network Device Packages, which can be downloaded from the Prime Network software download site. For more information on how to download and install DPs and enable new commands, see the information on “Adding Additional Device (VNE) support” in the Cisco Prime Network 4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide 13-6 OL-29343-01 Chapter 13 Monitoring Carrier Grade NAT Properties Configuring CG NAT Service Note You might be prompted to enter your device access credentials while executing a command. Once you have entered them, these credentials will be used for every subsequent execution of a command in the same GUI client session. If you want to change the credentials, click Edit Credentials. The Edit Credentials button will not be available for SNMP commands or if the command is scheduled for a later time. Command Navigation Description Add Static Port Forwarding Configure > To configure CG NAT service instance for static port forwarding. Add NAT 64 Forwarding Configure > To configure CG NAT service instance for NAT 64. Add 6rd Forwarding Configure > To configure CG NAT service instance for 6rd. Static Port Forwarding Delete > Click Execute Now to remove CG NAT instance. Pool Utilization Show > Display the CGN instance name, inside VRF name, start and end address Cisco Prime Network 4.0 User Guide OL-29343-01 13-7 Chapter 13 Monitoring Carrier Grade NAT Properties Configuring CG NAT Service Cisco Prime Network 4.0 User Guide 13-8 OL-29343-01 CH A P T E R 14 Monitoring DWDM Properties The Cisco IP over dense wavelength division multiplexing (IPoDWDM) solution enables the convergence of the IP and DWDM core networks of the service providers. It increases service flexibility, operational efficiency and reliability while lowering operating expenses (OpEx) and capital expenditures (CapEx). Cisco Prime Network discovers and displays the following DWDM attributes in the Physical Inventory tree of the Cisco Prime Network Vision: • DWDM controllers. The controller location is same as the DWDM interface. • Loopback information for the DWDM controller. • DWDM controller status. • DWDM port properties—Wavelength, Laser Status, Tx Power, and Rx Power. • DWDM controller card status (G.709 status). Prime Network also provides commands that support DWDM and Synchronous Optical Network (SONET) controllers. These commands help in configuring the device and in displaying device details. The commands are described in Configuring and Viewing DWDM, page 14-15. (For information on the SONET commands, see Configuring Clock, page 20-55.) The following topics describe how you can view and monitor IP over dense wavelength division multiplexing (DWDM) properties configured on network elements by using Cisco Prime Network Vision (Prime Network Vision): • User Roles Required to View DWDM Properties, page 14-1 • Viewing DWDM in Physical Inventory, page 14-3 • Viewing G.709 Properties, page 14-5 • Viewing Performance Monitoring Configuration, page 14-11 • Configuring and Viewing DWDM, page 14-15 User Roles Required to View DWDM Properties This topic identifies the roles that are required to view DWDM properties using Prime Network Vision. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. Cisco Prime Network 4.0 User Guide OL-29343-01 14-1 Chapter 14 Monitoring DWDM Properties User Roles Required to View DWDM Properties • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the Cisco Prime Network 4.0 Administrator Guide. The following tables identify the tasks that you can perform: • Table 14-1 identifies the tasks that you can perform if a selected element is not in one of your assigned scopes. • Table 14-2 identifies the tasks that you can perform if a selected element is in one of your assigned scopes. By default, users with the Administrator role have access to all managed elements. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Table 14-1 Default Permission/Security Level Required for Viewing DWDM Properties - Element Not in User’s Scope Task Operator OperatorPlus Configurator Administrator View DWDM properties — — — — X View G.709 properties — — — — X View performance monitoring configuration information — — — — X Using IPoDWDM — Configuration and Show Commands — — X X Table 14-2 Viewer Default Permission/Security Level Required for Viewing DWDM Properties - Element in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator View DWDM properties X X X X X View G.709 properties X X X X X View performance monitoring configuration information X X X X X Using IPoDWDM — Configuration and Show Commands — — X X Cisco Prime Network 4.0 User Guide 14-2 OL-29343-01 Chapter 14 Monitoring DWDM Properties Viewing DWDM in Physical Inventory Viewing DWDM in Physical Inventory Prime Network Vision enables you to monitor a variety of DWDM properties in physical inventory, including forward error correction (FEC), G.709 status, and performance monitoring parameters. To view DWDM properties in physical inventory: Step 1 In a Prime Network Vision map, double-click the device on which DWDM is configured. Step 2 In the inventory window, choose Physical Inventory > Chassis and navigate to the interface configured for DWDM. DWDM details are displayed in the DWDM area in the content pane as shown in Figure 14-1. Figure 14-1 DWDM Properties in Physical Inventory Cisco Prime Network 4.0 User Guide OL-29343-01 14-3 Chapter 14 Monitoring DWDM Properties Viewing DWDM in Physical Inventory Table 14-3 describes the information displayed for DWDM. Table 14-3 DWDM Properties in Physical Inventory Field Description Location Physical interface using the format rack/slot/module/port where: • rack is the chassis number of the rack. • slot is the physical slot number of the line card. • module is the module number. A physical layer interface module (PLIM) is always 0. Shared port adapters (SPAs) are referenced by their subslot number. • port is the physical port number of the interface. Controller Status Status of the controller: Up or Down. Loopback Whether or not the DWDM controller is configured for loopback mode. Frequency Frequency of the channel in terahertz. Port Type The port type. In this case, DWDM. MSA ITU Channel Multi Source Agreement (MSA) ITU channel number. Rx Power Actual optical power at the receiving port. Tx Power Value of the transmit power level. Rx LOS Threshold Number of optical channel transport unit (OTU) loss of signal (LOS) alarms. If the receive optical power is less than or equal to this defined threshold, the optical LOS alarm is raised. Wavelength Wavelength corresponding to the channel number in nanometers. Wavelength Band Indicates the wavelength band: C-band or L-band. Optics Type Indicates the optics type: GE or DWDM. G709 Properties G709 Status Whether the G.709 wrapper is enabled or disabled: Up or Down. OTU Detected Alarms OTU overhead alarms. ODU Detected Alarms Optical channel data unit (ODU) alarms. OTU Detected Alerts OTU alerts. ODU Detected Alerts ODU alerts. FEC Info Indicates the: G709 Details • FEC mode of the controller: Disabled, Enhanced, Standard, or Unknown. • FEC mode on the remote device: Disabled, Enhanced, Standard, or Unknown. • Number of sync word mismatches found during the tracking phase. Click to view G709 properties. For more information, see Viewing G.709 Properties, page 14-5. Cisco Prime Network 4.0 User Guide 14-4 OL-29343-01 Chapter 14 Monitoring DWDM Properties Viewing G.709 Properties Table 14-3 DWDM Properties in Physical Inventory (continued) Field Description PM 15-min Settings Click to view 15-minute performance monitoring properties. For more information, see Viewing Performance Monitoring Configuration, page 14-11. PM 24-hour Settings Click to view 24-hour performance monitoring properties. For more information, see Viewing Performance Monitoring Configuration, page 14-11. Viewing G.709 Properties The Telecommunication Standardization Sector (ITU-T) Recommendation G.709 provides a standardized method for transparently transporting services over optical wavelengths end to end. A significant component of G.709 is the FEC code that improves performance and extends the distance that optical signals can span. To view G.709 properties: Step 1 In Prime Network Vision, double-click the device on which DWDM is configured. Step 2 In the inventory window, choose Physical Inventory > Chassis and navigate to the interface configured for DWDM. Step 3 In the content pane, click G709 Details. The G709 Info Properties window is displayed as shown in Figure 14-2 for all Cisco devices except the Cisco 7600 series devices. Cisco Prime Network 4.0 User Guide OL-29343-01 14-5 Chapter 14 Monitoring DWDM Properties Viewing G.709 Properties Figure 14-2 DWDM G709 Properties Window Figure 14-3 shows the tabs that are displayed in the G709 Info Properties window for Cisco 7600 series devices. For Cisco 7600 series devices: • The ODU Alert Counters tab is displayed. • The ODU TTI and OTU TTI tabs are not displayed. Cisco Prime Network 4.0 User Guide 14-6 OL-29343-01 Chapter 14 Monitoring DWDM Properties Viewing G.709 Properties Figure 14-3 DWDM G709 Properties Window for Cisco 7600 Series Devices Table 14-4 describes the fields that are displayed above the tabs in the G709 Info Properties window. Table 14-4 DWDM G709 Properties Window Field Description Location Physical interface using the format rack/slot/module/port where: • rack is the chassis number of the rack. • slot is the physical slot number of the line card. • module is the module number. A physical layer interface module (PLIM) is always 0. Shared port adapters (SPAs) are referenced by their subslot number. • port is the physical port number of the interface. Cisco Prime Network 4.0 User Guide OL-29343-01 14-7 Chapter 14 Monitoring DWDM Properties Viewing G.709 Properties Table 14-4 DWDM G709 Properties Window (continued) Field Description OTU Alarms OTU Alarm Reporting Enabled for The types of alarms enabled for reporting: • AIS—Alarm indication signal (AIS) alarms. • BDI—Backward defect indication (BDI) alarms. • BEI—Backward error indication (BEI) alarms. • BIP—Bit interleaved parity (BIP) alarms. • FECMISMATCH—FEC mismatch alarms. • IAE—Incoming alignment error (IAE) alarms. • LOF—Loss of frame (LOF) alarms. • LOM—Loss of multiple frames (LOM) alarms. • LOS—Loss of signal (LOS) alarms. • TIM—Type identifier mismatch (TIM) alarms. OTU Asserted Alarms OTU alarms indicated to be reported by the user. OTU Detected Alarms OTU alarms detected by the hardware. ODU Alarms ODU Alarm Reporting Enabled for The types of ODU alarms enabled for reporting: • AIS—Incoming SONET AIS error status. • BDI—Path termination BDI error status. • BEI—Backward error indication (BEI) error status. • BIP—Bit interleaved parity (BIP) error status. • LCK—Upstream connection locked (LCK) error status. • OCI—Open connection indication (OCI) error status. • PTIM—Payload TIM error status. • TIM—Data stream TIM error status. ODU Asserted Alarms ODU alarms indicated to be reported by the user. ODU Detected Alarms ODU alarms detected by the hardware. Cisco Prime Network 4.0 User Guide 14-8 OL-29343-01 Chapter 14 Monitoring DWDM Properties Viewing G.709 Properties Table 14-4 DWDM G709 Properties Window (continued) Field Description OTU Alerts OTU Alert Reporting Enabled for The types of alerts enabled for reporting: • SD-BER—Section Monitoring (SM) bit error rate (BER) is in excess of the signal degradation (SD) BER threshold. • SF-BER—SM BER is in excess of the signal failure (SF) BER threshold. • PM-TCA—Performance monitoring (PM) threshold crossing alert (TCA). • SM-TCA—SM threshold crossing alert. OTU Asserted Alerts OTU alerts indicated to be reported by the user. OTU Detected Alerts OTU alerts detected by the hardware. ODU Alerts ODU Alert Reporting Enabled for The types of ODU alerts enabled for reporting: • SD-BER—SM BER is in excess of the SD BER threshold. • SF-BER—SM BER is in excess of the SF BER threshold. • PM-TCA—PM threshold crossing alert. • SM-TCA—SM threshold crossing alert. ODU Asserted Alerts ODU alerts indicated to be reported by the user. ODU Detected Alerts ODU alerts detected by the hardware. Other FEC Info FEC properties: Status Step 4 • FEC mode for the controller—Disable, Enhanced, Standard, or Unknown. • Remote FEC mode—FEC mode on the remote device: Disabled, Enhanced, Standard, or Unknown. • FEC mismatch counter—Number of sync word mismatches found during the tracking phase. G.709 wrapper administrative status: Up or Down. To view additional G.709 properties, click the required tab. Table 14-5 describes the information displayed in each tab. The information that is displayed depends on the selected network element. Table 14-5 G709 Properties Window Tabs Field Description OTU Alarm Counters Tab Type Type of OTU alarm, such as BDI or BEI. Counter Number of alarms reported for each alarm type. Cisco Prime Network 4.0 User Guide OL-29343-01 14-9 Chapter 14 Monitoring DWDM Properties Viewing G.709 Properties Table 14-5 G709 Properties Window Tabs (continued) Field Description OTU Alert Counters Tab Type Type of OTU alert, such as SD-BER or SF-BER. Threshold Threshold set for the type of alert. Counter Number of alerts reported for each alert type. A value of -1 indicates that no value has been set up. ODU Alarm Counters Tab Type Type of ODU alarm, such as AIS or BDI. Counter Number of alarms reported for each alarm type. OTU TTI Tab This tab is not displayed for Cisco 7600 series devices. Type String Type TTI String Type of OTU Trail Trace Identifier (TTI) configured: • Expected • Received • Sent For each TTI type, the type of string: • ASCII • Hexadecimal For each TTI type, the specific TTI string configured. ODU TTI Tab This tab is not displayed for Cisco 7600 series devices. Type String Type TTI String Type of ODU TTI configured: • Expected • Received • Sent For each TTI type, the type of string: • ASCII • Hexadecimal For each TTI type, the specific TTI string configured. Cisco Prime Network 4.0 User Guide 14-10 OL-29343-01 Chapter 14 Monitoring DWDM Properties Viewing Performance Monitoring Configuration Table 14-5 G709 Properties Window Tabs (continued) Field Description ODU Alert Counters Tab This tab is displayed only for Cisco 7600 series devices. Step 5 Type Type of OTU alert, such as SD-BER or SF-BER. Threshold Threshold set for the type of alert. Counter Number of alerts reported for each alert type. A value of -1 indicates that no value has been set up. To close the G709 Info Properties window, click the upper right corner. Viewing Performance Monitoring Configuration Performance monitoring parameters are used to gather, store, set thresholds for, and report performance data for early detection of problems. Thresholds are used to set error levels for each performance monitoring parameter. During the accumulation cycle, if the current value of a performance monitoring parameter reaches or exceeds its corresponding threshold value, a threshold crossing alert (TCA) can be generated. The TCAs provide early detection of performance degradation. Prime Network Vision enables you to view the configuration settings for performance monitoring. Performance monitoring statistics are accumulated on a 15-minute basis, synchronized to the start of each quarter-hour. They are also accumulated on a daily basis starting at midnight. Historical counts are maintained for thirty-three 15-minute intervals and two daily intervals. To view performance monitoring configuration settings: Step 1 In Prime Network Vision, double-click the device on which DWDM is configured. Step 2 In the inventory window, choose Physical Inventory > Chassis and navigate to the interface configured for DWDM. Step 3 In the content pane, select the performance monitoring configuration settings you want to view: • To view the performance monitoring 15-minute configuration settings, click PM 15-min Settings. • To view the performance monitoring 24-hour configuration settings, click PM 24-hour Settings. The Client DWDM PM Settings Properties window is displayed as shown in Figure 14-4. Cisco Prime Network 4.0 User Guide OL-29343-01 14-11 Chapter 14 Monitoring DWDM Properties Viewing Performance Monitoring Configuration Figure 14-4 Client DWDM PM Settings Properties Window Table 14-6 describes the information displayed above the tabs in the Client DWDM PM Settings Properties window and in each of the tabs. Table 14-6 Client DWDM PM Settings Properties Window and Tabs Field Description Interval Type The performance monitoring interval, either 15 minutes or 24 hours. Location Physical interface using the format rack/slot/module/port where: • rack is the chassis number of the rack. • slot is the physical slot number of the line card. • module is the module number. A physical layer interface module (PLIM) is always 0. Shared port adapters (SPAs) are referenced by their subslot number. • port is the physical port number of the interface. FEC PM Settings Tab Type FEC performance monitoring parameter being tracked: • EC-BITS—The number of bit errors corrected (EC-BITS) in the DWDM trunk line during the performance monitoring time interval. • UC-WORDS—The number of uncorrectable words (UC-WORDS) detected in the DWDM trunk line during the performance monitoring time interval. Threshold Threshold for the performance monitoring parameter. TCA Whether TCA generation for the specified parameter on the DWDM controller is enabled or disabled. Cisco Prime Network 4.0 User Guide 14-12 OL-29343-01 Chapter 14 Monitoring DWDM Properties Viewing Performance Monitoring Configuration Table 14-6 Client DWDM PM Settings Properties Window and Tabs (continued) Field Description Optics PM Settings Tab Type Optics performance monitoring parameter being tracked: • LBC—Laser bias current. • OPR—Optical power on the unidirectional port. • OPT—Transmit optical power in dBm. Max Threshold Maximum threshold configured for the parameter. Max TCA If enabled, indicates a TCA is generated if the value of the parameter exceeds the maximum threshold during the performance monitoring period. If disabled, TCAs are not generated if the maximum threshold is exceeded. Min Threshold Minimum threshold configured for the parameter. Min TCA If enabled, indicates a TCA is generated if the value of the parameter drops below the minimum threshold during the performance monitoring period. If disabled, TCAs are not generated if the value drops below the minimum threshold. Cisco Prime Network 4.0 User Guide OL-29343-01 14-13 Chapter 14 Monitoring DWDM Properties Viewing Performance Monitoring Configuration Table 14-6 Client DWDM PM Settings Properties Window and Tabs (continued) Field Description OTN PM Settings Tab Type OTN performance monitoring parameter being tracked: • bbe-pm-fe—Far-end path monitoring background block errors (BBE-PM). Indicates the number of background block errors recorded in the optical transport network (OTN) path during the performance monitoring time interval. • bbe-pm-ne—Near-end path monitoring background block errors (BBE-PM). • bbe-sm-fe—Far-end section monitoring background block errors (BBE-SM). Indicates the number of background block errors recorded in the OTN section during the performance monitoring time interval. • bbe-sm-ne—Near-end section monitoring background block errors (BBE-SM). • bber-pm-fe—Far-end path monitoring background block errors ratio (BBER-PM). Indicates the background block errors ratio recorded in the OTN path during the performance monitoring time interval. • bber-pm-ne—Near-end path monitoring background block errors ratio (BBER-PM). • bber-sm-fe—Far-end section monitoring background block errors ratio (BBER-SM). Indicates the background block errors ratio recorded in the OTN section during the performance monitoring time interval. • bber-sm-ne—Near-end section monitoring background block errors ratio (BBER-SM) • es-pm-fe—Far-end path monitoring errored seconds (ES-PM). Indicates the errored seconds recorded in the OTN path during the performance monitoring time interval. • es-pm-ne—Near-end path monitoring errored seconds (ES-PM). • es-sm-fe—Far-end section monitoring errored seconds (ES-SM). Indicates the errored seconds recorded in the OTN section during the performance monitoring time interval. • es-sm-ne—Near-end section monitoring errored seconds (ES-SM). • esr-pm-fe—Far-end path monitoring errored seconds ratio (ESR-PM). Indicates the errored seconds ratio recorded in the OTN path during the performance monitoring time interval. • esr-pm-ne—Near-end path monitoring errored seconds ratio (ESR-PM). • esr-sm-fe—Far-end section monitoring errored seconds ratio (ESR-SM). Indicates the errored seconds ratio recorded in the OTN section during the performance monitoring time interval. • esr-sm-ne—Near-end section monitoring errored seconds ratio (ESR-SM). • fc-pm-fe—Far-end path monitoring failure counts (FC-PM). Indicates the failure counts recorded in the OTN path during the performance monitoring time interval. • fc-pm-ne—Near-end path monitoring failure counts (FC-PM). • fc-sm-fe—Far-end section monitoring failure counts (FC-SM). Indicates the failure counts recorded in the OTN section during the performance monitoring time interval. • fc-sm-ne—Near-end section monitoring failure counts (FC-SM). Cisco Prime Network 4.0 User Guide 14-14 OL-29343-01 Chapter 14 Monitoring DWDM Properties Configuring and Viewing DWDM Table 14-6 Field Type (cont.) Client DWDM PM Settings Properties Window and Tabs (continued) Description • ses-pm-fe—Far-end path monitoring severely errored seconds (SES-PM). Indicates the severely errored seconds recorded in the OTN path during the performance monitoring time interval. • ses-pm-ne—Far-end path monitoring severely errored seconds (SES-PM). • ses-sm-fe—Far-end section monitoring severely errored seconds (SES-SM). Indicates the severely errored seconds recorded in the OTN section during the performance monitoring time interval. • ses-sm-ne—Near-end section monitoring severely errored seconds (SES-SM). • sesr-pm-fe—Far-end path monitoring severely errored seconds ratio (SESR-PM). Indicates the severely errored seconds ratio recorded in the OTN path during the performance monitoring time interval. • sesr-pm-ne—Near-end path monitoring severely errored seconds ratio (SESR-PM). • sesr-sm-fe—Far-end section monitoring severely errored seconds ratio (SESR-SM). Indicates the severely errored seconds ratio recorded in the OTN section during the performance monitoring time interval. • sesr-sm-ne—Near-end section monitoring severely errored seconds ratio (SESR-SM). • uas-pm-fe—Far-end path monitoring unavailable seconds (UAS-PM). Indicates the unavailable seconds recorded in the OTN path during the performance monitoring time interval. • uas-pm-ne—Near-end path monitoring unavailable seconds (UAS-PM). • uas-sm-fe—Far-end section monitoring unavailable seconds (UAS-SM). Indicates the unavailable seconds recorded in the OTN section during the performance monitoring time interval. • uas-sm-ne—Near-end section monitoring unavailable seconds (UAS-SM). Threshold Threshold configured for the parameter. TCA If enabled, indicates a TCA is generated if the value of the parameter crosses the threshold during the performance monitoring period. If disabled, TCAs are not generated if the value crosses the threshold. Configuring and Viewing DWDM The following commands can be launched from the inventory by right-clicking the appropriate node and selecting Commands. Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands. The table below lists the configuration commands and the supported network elements. Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands. For details on the software versions Prime Network supports for thes supported network elements, see the Cisco Prime Network 4.0 Supported Cisco VNEs. To run the Carrier Grade NAT commands, the software on the network element must support the Carrier Grade NAT technology. Cisco Prime Network 4.0 User Guide OL-29343-01 14-15 Chapter 14 Monitoring DWDM Properties Configuring and Viewing DWDM Additional commands may be available for your devices. New commands are often provided in Prime Network Device Packages, which can be downloaded from the Prime Network software download site. For more information on how to download and install DPs and enable new commands, see the information on “Adding Additional Device (VNE) support” in the Cisco Prime Network 4.0 Administrator Guide. Note You might be prompted to enter your device access credentials while executing a command. Once you have entered them, these credentials will be used for every subsequent execution of a command in the same GUI client session. If you want to change the credentials, click Edit Credentials. The Edit Credentials button will not be available for SNMP commands or if the command is scheduled for a later time. Command Navigation Input Required and Notes Controller Data Show > N/A; performed from command launch point PM History Data PM interval type: 15-min or 24-hour Interval number RTPM Counters PM interval type: 15-min or 24-hour RTPM Threshold PM interval type: 15-min or 24-hour Wavelength Map N/A; performed from command launch point IM Trace Details Card location (for example, 0/5/CPU0) Device Log N/A; performed from command launch point Counters Clear > N/A; performed from command launch point Channel Configure > Channel number Option: Set or reset channel FEC Mode G.709 FEC mode: Disabled, enhanced, or standard G.709 ODU ODU alarm type: ais, bdi, lck, oci, ptim, or tim Option: Enable or disable alarm type G.709 OTU OTU alarm type: bdi, fecmismatch, iae, lof, lom, los, sd-ber, sf-ber, or tim Option: Enable or disable alarm type Cisco Prime Network 4.0 User Guide 14-16 OL-29343-01 Chapter 14 Monitoring DWDM Properties Configuring and Viewing DWDM Command Navigation Input Required and Notes G.709 TTI Configure > Optical channel unit type: ODU or OTU TTI type: Expected or sent TTI string type: ASCII or hex TTI string Option: Set or reset TTI string G.709 Wrapper Option: Disable or enable G.709 wrapper Laser State Laser state: Switch off or on Loopback Loopback value: Internal or line Option: Set or remove PM FEC Data PM interval type FEC alarm type: • Ec-bits—Bit errors corrected (BIEC); the number of bit errors corrected in the DWDM trunk line during the performance monitoring time interval • Uc-words—Uncorrectable words; the number of uncorrectable words detected in the DWDM trunk line during the performance monitoring time interval TCA options: Enable or disable TCA generation Threshold option. Set configures the value on the device; reset is the default. If you select blank, the threshold value is not used. Threshold value Cisco Prime Network 4.0 User Guide OL-29343-01 14-17 Chapter 14 Monitoring DWDM Properties Configuring and Viewing DWDM Command Navigation Input Required and Notes PM Optics Data Configure > PM interval: 15-min or 24-hour Optics alarm type: • lbc—Laser bias current • opr—Optical power on the unidirectional port • opt—Transmit optical power in dBm Maximum TCA option: Enable or disable Maximum threshold option: Choosing Set configures the value on the device; Reset is the default. If you select blank, the threshold value is not used. Maximum threshold Minimum TCA option: enable or disable Minimum threshold option: Choosing Set configures the value on the device; Reset is the default. If you select blank, the threshold value is not used. Minimum threshold PM OTN Data PM interval: 15-min or 24-hour OTN alarm type. For a list of types and their descriptions, see the OTN PN Settings Tab information in Table 14-6 on page 14-12. TCA option: Enable or disable Threshold option: Choosing Set configures the value on the device; Reset is the default. If you select blank, the threshold value is not used. Threshold value Transmit Power Transmit power in dBm Option: Set or reset transponder Tx threshold Rx LOS Threshold Rx LOS threshold value Option: Set or reset transponder Rx threshold Cisco Prime Network 4.0 User Guide 14-18 OL-29343-01 CH A P T E R 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties The following topics describe how you can use Cisco Prime Network Vision (Prime Network Vision) to monitor Ethernet operations, administration, and maintenance (OAM) tools: • User Roles Required to View Ethernet OAM Tool Properties, page 15-1 • Ethernet OAM Overview, page 15-2 • Viewing Connectivity Fault Management Properties, page 15-3 • Viewing Ethernet LMI Properties, page 15-10 • Viewing Link OAM Properties, page 15-14 • Configuring CFM, page 15-18 • Configuring E-LMI, page 15-20 • Configuring L-OAM, page 15-21 User Roles Required to View Ethernet OAM Tool Properties This topic identifies the roles that are required to view Ethernet OAM tool properties. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the Cisco Prime Network 4.0 Administrator Guide. The following tables identify the tasks that you can perform: • Table 15-1 identifies the tasks that you can perform if a selected element is not in one of your assigned scopes. • Table 15-2 identifies the tasks that you can perform if a selected element is in one of your assigned scopes. By default, users with the Administrator role have access to all managed elements. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide OL-29343-01 15-1 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Ethernet OAM Overview Table 15-1 Default Permission/Security Level Required for Viewing Ethernet OAM Tool Properties - Element Not in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator View CFM properties — — — — X View Ethernet LMI properties — — — — X View Link OAM properties — — — — X Using CFM Configure and Enable Commands — — — X X Using E-LMI Configure — and Enable Commands — — X X — — — X X Using L-OAM Configuration, Assign, Enable, and Show Commands Table 15-2 Default Permission/Security Level Required for Viewing Ethernet OAM Tool Properties - Element in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator View CFM properties X X X X X View Ethernet LMI properties X X X X X Using CFM Configure and Enable Commands — — — X X Using E-LMI Configure — and Enable Commands — — X X — — — X X Using L-OAM Configuration, Assign, Enable, and Show Commands Ethernet OAM Overview Prime Network Vision supports three, interrelated OAM components, including: • Connectivity Fault Management—Connectivity Fault Management (CFM) is an end-to-end per-service-instance (per VLAN) Ethernet layer OAM protocol that includes connectivity monitoring, fault verification, and fault isolation. CFM allows you to manage individual customer service instances. Ethernet Virtual Connections (EVCs) are the services that are sold to customers and are designated by service VLAN tags. CFM operates on a per-service-VLAN (or per-EVC) basis. It lets you know when an EVC fails and provides tools to isolate the failure. See Viewing Connectivity Fault Management Properties, page 15-3 and Configuring CFM, page 15-18. Cisco Prime Network 4.0 User Guide 15-2 OL-29343-01 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Connectivity Fault Management Properties • Ethernet Local Management Interface—Ethernet Local Management Interface (Ethernet LMI) operates between the customer edge (CE) and the user-facing provider edge (U-PE) devices. Ethernet LMI allows you to automatically provision CEs based on EVCs and bandwidth profiles. See Viewing Ethernet LMI Properties, page 15-10 and Configuring E-LMI, page 15-20. • Link OAM—Link OAM allows you to monitor and troubleshoot a single Ethernet link. It is an optional sublayer implemented in the Data Link Layer between the Logical Link Control (LLC) and MAC sublayers of the Open Systems Interconnect (OSI) model. You can monitor a link for critical events and, if needed, put a remote device into loopback mode for link testing. Link OAM also discovers unidirectional links, which are created when one transmission direction fails. See Viewing Link OAM Properties, page 15-14 and Configuring L-OAM, page 15-21. Viewing Connectivity Fault Management Properties CFM allows you to discover and verify end-to-end, Carrier Ethernet PE-to-PE or CE-to-CE paths through bridges and LANs. CFM consists of maintenance domains. Maintenance domains are administrative regions used to manage and administer specific network segments. Maintenance domains are organized in a hierarchy. The administrator assigns a maintenance level to the domain from 0 (lowest level) to 7 (highest level); the maintenance level determines the domain’s position within the CFM hierarchy. CFM maintenance domain boundaries are indicated by maintenance points. A maintenance point is an interface point that participates within a CFM maintenance domain. Maintenance point types include: Note • Maintenance Endpoints—Maintenance endpoints (MEPs) are active CFM elements residing at the edge of a domain. MEPs can be inward or outward facing. They periodically transmit continuity check messages and expect to periodically receive similar messages from other MEPs within a domain. If requested, MEPs can also transmit traceroute and loopback messages. MEPs are responsible for keeping CFM messages within the boundaries of a maintenance domain. • Maintenance Intermediate Points—Maintenance intermediate points (MIPs) are passive elements that catalog information received from MEPs and other MIPs. MIPs only respond to specific CFM messages such as traceroute and loopback, and they forward those messages within the maintenance domain. Prime Network Vision does not display information for CFM maintenance endpoints or maintenance intermediate points for Cisco Viking devices if errors exist in their configurations. An error in the configuration is indicated by an exclamation point (!) in the CLI output. For example, if you enter the command show ethernet cfm local maintenance-points, a configuration error is indicated as follows: cfm_d100/2 cfm_s100 Te0/2/0/3.110 Up MEP 2100 eb:7a:53! CFM uses standard Ethernet frames. CFM frames are distinguishable by EtherType and for multicast messages, by MAC address. CFM frames are sourced, terminated, processed, and relayed by bridges. Routers support only limited CFM functions. Bridges that cannot interpret CFM messages forward them as normal data frames. All CFM messages are confined to a maintenance domain and to an S-VLAN (PE-VLAN or Provider-VLAN). CFM supports three types of messages: Cisco Prime Network 4.0 User Guide OL-29343-01 15-3 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Connectivity Fault Management Properties • Continuity check—Multicast heartbeat messages exchanged periodically among MEPs. They allow MEPs to discover other MEPs within a domain and allow maintenance intermediate points (MIPs) to discover MEPs. Continuity check messages (CCMs) are confined to a domain and S-VLAN. • Loopback—Unicast frames that a MEP transmits, at the request of an administrator, to verify connectivity to a particular maintenance point. A reply to a loopback message indicates whether a destination is reachable but does not allow hop-by-hop discovery of the path. A loopback message is similar in concept to an Internet Control Message Protocol (ICMP) Echo (ping) message. • Traceroute—Multicast frames that a MEP transmits, at the request of an administrator, to track the path (hop-by-hop) to a destination MEP. They allow the transmitting node to discover vital connectivity data about the path, and allow the discovery of all MIPs along the path that belong to the same maintenance domain. For each visible MIP, traceroute messages indicate ingress action, relay action, and egress action. Traceroute messages are similar in concept to User Datagram Protocol (UDP) traceroute messages. From the Logical Inventory tree, you can troubleshoot MEPs using CFM ping, traceroute, MEP status, and MEP cross-check status. These commands, and all CFM commands, are described in Configuring CFM, page 15-18. Prime Network associates alarms with the corresponding MEP or global CFM logical inventory objects. Prime Network correlates MEP down, MEP up, MEP missing, ETH-AIS, and ETH-RDI events with root cause alarms and corresponding tickets that exist along the path between the MEP on the reporting network element and the network element hosting the remote MEP. To view CFM properties: Step 1 In Prime Network Vision, double-click the required device for CFM. Step 2 In the inventory window, choose Logical Inventory > CFM. Figure 15-1 shows an example of CFM in logical inventory. Cisco Prime Network 4.0 User Guide 15-4 OL-29343-01 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Connectivity Fault Management Properties Figure 15-1 CFM in Logical Inventory Table 15-3 describes the information displayed for CFM. Table 15-3 CFM Properties Field Description Cache Size CFM traceroute cache size in number of lines. Hold Time Configured hold time (in minutes) that is used to indicate to the receiver the validity of traceroute and loopback messages transmitted by the device. The default value is 2.5 times the transmit interval. Maximum Cache Size Maximum CFM traceroute cache size in number of lines. CFM Version CFM version, such as IEEE D8.1. Maintenance Domains Table Step 3 Name Domain name. Level Unique level the domain is managed on. Values range from 0 to 7. ID Optional domain identifier. Click the Maintenance Intermediate Points tab to view MIP information. See Figure 15-2. Cisco Prime Network 4.0 User Guide OL-29343-01 15-5 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Connectivity Fault Management Properties Figure 15-2 CFM Maintenance Intermediate Points Tab Table 15-4 describes the information that is displayed in the Maintenance Intermediate Points table. Table 15-4 Step 4 CFM Maintenance Intermediate Point Properties Field Description Interface Interface configured as a MIP, hyperlinked to its entry in physical inventory. MAC Address MAC address of the interface. Inner VLANs Inner VLAN identifiers. VLANs VLANs associated with the interface. Auto Created Whether or not the MIP was automatically created: True or False. Level Unique level the domain is managed on. Values range from 0 to 7. To view the details of a specific maintenance domain, do one of the following: • Choose Logical Inventory > CFM > domain. • Double-click the required entry in the Maintenance Domains table. Figure 15-3 shows an example of the information displayed for the maintenance domain. Cisco Prime Network 4.0 User Guide 15-6 OL-29343-01 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Connectivity Fault Management Properties Figure 15-3 CFM Maintenance Domain Properties Table 15-5 describes the information that is displayed for CFM maintenance domains. Table 15-5 CFM Maintenance Domain Properties Field Description Maintenance Domain Name Name of the domain. Level Level at which the domain is managed: 0-7. ID Optional maintenance domain identifier. Maintenance Associations Table Step 5 Name Name of the maintenance association. Association Type Maintenance association type. Direction Direction of the maintenance association: Up or Down. Continuity Check Whether or not the continuity check is enabled: True or False. Continuity Check Interval Interval (in seconds) for checking continuity. Associated Entity Bridge, port, or pseudowire that the maintenance association uses for CFM. Click the hyperlinked entry to view the item in inventory. Cross Check Whether or not cross checking is enabled: True or False. Maximum MEPs Maximum number of maintenance endpoints (MEPs) that can be configured on the maintenance association. Inner VLAN Inner VLAN identifier. To view the properties for a maintenance association’s endpoints, do one of the following: • Choose Logical Inventory > CFM > domain > association. • In the Maintenance Associations table, double-click the required association. Cisco Prime Network 4.0 User Guide OL-29343-01 15-7 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Connectivity Fault Management Properties Figure 15-4 shows the information displayed for the maintenance association endpoints. Figure 15-4 CFM Maintenance Association - Endpoint Properties Table 15-6 describes the information that is displayed for CFM maintenance associations and MIPs. Table 15-6 CFM Maintenance Association Properties Field Description Maintenance Association Name Name of the maintenance association. Association Type Maintenance association type, such as Bridge Domain. Direction Direction of the maintenance association: Up or Down. Continuity Check Whether or not the continuity check is enabled: True or False. Continuity Check Interval Interval (in seconds) for checking continuity. Cross Check Whether or not cross checking is enabled: True or False. Associated Entity Bridge that the maintenance association uses for CFM. Click the hyperlinked entry to view the bridge in logical inventory. Maximum MEPs Maximum number of MEPs that can be configured on the maintenance association. Inner VLANs Inner VLAN identifiers. Maintenance End Points Table ID Local identifier for the MEP. MAC Address MAC address that identifies the MEP. Cisco Prime Network 4.0 User Guide 15-8 OL-29343-01 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Connectivity Fault Management Properties Table 15-6 Step 6 CFM Maintenance Association Properties (continued) Field Description Interface Interface on which the MEP is configured, hyperlinked to the respective EFP, VSI or interface in inventory. Continuity Check Status CFM continuity check status: MEP Active, MEP Inactive, MEP Enabled, MEP Disabled, or Unknown. Direction Direction of traffic on which the MEP is defined: Up, Down, or Unknown. Click the Remote Maintenance End Points tab to view the information displayed for remote MEPs. See Figure 15-5. Figure 15-5 Remote Maintenance End Points Table Cisco Prime Network 4.0 User Guide OL-29343-01 15-9 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Ethernet LMI Properties Table 15-7 describes the information presented for remote MEPs. Table 15-7 CFM Remote Maintenance End Points Table Field Description MEP ID Remote MEP identifier. Level Level at which the remote MEP is managed: 0-7. Status Status of the remote MEP, such as MEP Active. MAC Address MAC address of the remote MEP. Local MEP ID Numeric identifier assigned to the local MEP. Values range from 1 to 8191. Note If the remote MEP is in Up mode, the remote MEP is not associated to the local MEP. As a result, the Local MEP ID column is empty. Viewing Ethernet LMI Properties Ethernet Local Management Interface (E-LMI) is a protocol that operates between the customer edge (CE) network element and the provider edge (PE) network element. Ethernet LMI is a protocol between the CE network element and the provider edge (PE) network element. It runs only on the PE-CE UNI link and notifies the CE of connectivity status and configuration parameters of Ethernet services available on the CE port. Ethernet LMI interoperates with an OAM protocol, such as CFM, that runs within the provider network to collect OAM status. CFM runs at the provider maintenance level. Ethernet LMI relies on the OAM Ethernet Infrastructure (EI) to work with CFM for end-to-end status of EVCs across CFM domains. E-LMI commands are described in Configuring E-LMI, page 15-20. The IOS OAM manager streamlines interaction between OAM protocols, and handles the interaction between CFM and E-LMI. Ethernet LMI interaction with the OAM manager is unidirectional, running only from the OAM manager to E-LMI on the U-PE side of the switch. Information is exchanged either as a result of a request from E- LMI or triggered by the OAM manager when it receives notification of a change from the OAM protocol. Information that is relayed includes the EVC name and availability status, remote UNI name and status, and remote UNI counts. To view Ethernet LMI properties: Step 1 In Prime Network Vision, double-click the device configured for Ethernet LMI. Step 2 In the inventory window, choose Logical Inventory > Ethernet LMI. Figure 15-6 shows an example of Ethernet LMI properties in logical inventory. Cisco Prime Network 4.0 User Guide 15-10 OL-29343-01 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Ethernet LMI Properties Figure 15-6 Ethernet LMI in Logical Inventory Table 15-8 describes the information displayed for Ethernet LMI. Table 15-8 Ethernet LMI Properties in Logical Inventory Field Description Globally Enabled Whether or not Ethernet LMI is enabled globally: True or False. Mode Ethernet LMI mode: CE or PE. Device EVCs Tab EVC Name Name of the EVC. EVC Type Type of EVC: Point-to-point or Multipoint. EVC Status EVC status: Active, Inactive, Not Defined, or Partially Active. Maintenance Association Hyperlinked entry to the maintenance association in CFM in logical inventory. For more information about maintenance associations, see Table 15-6. Active Remote UNI Count Number of active remote UNIs. Configured Remote UNI Count Number of configured remote UNIs. Cisco Prime Network 4.0 User Guide OL-29343-01 15-11 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Ethernet LMI Properties Table 15-8 Ethernet LMI Properties in Logical Inventory (continued) Field Description ELMI Interfaces Tab Step 3 Interface Name Hyperlinked entry to the interface in physical inventory. For more information, see Step 4 in this procedure. T391 Frequency at which the customer equipment sends status inquiries. The range is 5-30 seconds, with a default of 10 seconds. T392 Frequency at which the metro Ethernet network verifies that status enquiries have been received. The range is 5-30 seconds, with a default of 15 seconds. A value of 0 (zero) indicates the timer is disabled. N391 Frequency at which the customer equipment polls the status of the UNI and all EVCs. The range is 1-65000 seconds, with a default of 360 seconds. N393 Error count for the metro Ethernet network. The range is 1-10, with a default of 4. To view device EVC properties, double-click an EVC name in the Device EVCs tab. The Device EVC Properties window is displayed as shown in Figure 15-7. Figure 15-7 Device EVC Properties Window Table 15-9 describes the information displayed in the Device EVC Properties window. Cisco Prime Network 4.0 User Guide 15-12 OL-29343-01 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Ethernet LMI Properties Table 15-9 Device EVC Properties in Logical Inventory Field Description EVC Name Name of the EVC. EVC Type Type of EVC: Point-to-point or Multipoint. EVC Status EVC status: Active, Inactive, Not Defined, or Partially Active. Maintenance Association Hyperlinked entry to the maintenance association in CFM in logical inventory. For more information about maintenance associations, see Table 15-6. Active Remote UNI Count Number of active remote UNIs. Configured Remote UNI Count Number of configured remote UNIs. UNI Interfaces Table Step 4 UNI Id UNI identifier. UNI Status Status of the UNI: Up or Down. LMI Link Status Status of the LMI link: Up or Down. Interface Name Interface on which UNI is configured. Is UNI Local Whether or not UNI is local: True or False. Local Interface Hyperlinked entry to the interface in physical inventory. VLAN List Name of the VLAN associated with the UNI interface. To view properties for an Ethernet LMI interface in physical interface, click the required interface name in the ELMI Interfaces table. Table 15-10 describes the information displayed in the UNI Properties area in physical inventory. Table 15-10 Ethernet LMI UNI Properties in Physical Inventory Field Description Service Multiplexing Enabled Whether or not the interface is configured for UNI multiplexing: True or False. Bundling Enabled Whether or not the interface is configured for UNI bundling: True or False. UNI Id UNI identifier. Bundling Type Type of bundling applied: All-to-One or None. This field appears only when a bundling type is set. Cisco Prime Network 4.0 User Guide OL-29343-01 15-13 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Link OAM Properties Viewing Link OAM Properties Link OAM is an optional sublayer implemented in the OSI Data Link Layer between the Logical Link Control and MAC sublayers. Link (802.3AH) OAM (L-OAM) can be implemented on any full-duplex point-to-point or emulated point-to-point Ethernet link. The frames (OAM Protocol Data Units [OAMPDUs]) cannot propagate beyond a single hop within an Ethernet network and have modest bandwidth requirements (frame transmission rate is limited to a maximum of 10 frames per second). Link OAM processes include: • Discovery—Discovery is the first Link OAM process. During discovery, Link OAM identifies the devices at each end of the link and learns their OAM capabilities. • Link monitoring—Link OAM link monitoring includes: – Monitoring links and issuing notifications when error thresholds are exceeded or faults occur. – Collecting statistics on the number of frame errors (or percent of frames that have errors) and the number of coding symbol errors. • Remote MIB Variable Retrieval—Provides 802.3ah MIB polling and response (but not writing). • Remote Failure indication—Informs peers when a received path goes down. Because link connectivity faults caused by slowly deteriorating quality are difficult to detect, Link OAM communicates such failure conditions to its peer using OAMPDU flags. The failure conditions that can be communicated are a loss of signal in one direction on the link, an unrecoverable error (such as a power failure), or some other critical event. • Remote Loopback—Puts the peer device in (near-end) intrusive loopback mode using the OAMPDU loopback control. Statistics can be collected during the link testing. In loopback mode, every frame received is transmitted back unchanged on the same port (except for OAMPDUs, which are needed to maintain the OAM session). Loopback mode helps ensure the quality of links during installation or troubleshooting. Loopback mode can be configured so that the service provider device can put the customer device into loopback mode, but the customer device cannot put the service provider device in loopback mode. Prime Network Vision supports topology discovery based on Link OAM information and enables you to view Link OAM properties. You can also configure L-OAM using the commands described in Configuring L-OAM, page 15-21. For information on CFM and Ethernet LMI, see Viewing Connectivity Fault Management Properties, page 15-3 and Viewing Ethernet LMI Properties, page 15-10. To view Link OAM properties: Step 1 In Prime Network Vision, double-click the device configured for Link OAM. Step 2 In the inventory window, choose Logical Inventory > OAM. Cisco Prime Network 4.0 User Guide 15-14 OL-29343-01 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Link OAM Properties Figure 15-8 shows an example of Link OAM properties in logical inventory. Figure 15-8 Link OAM Properties in Logical Inventory Table 15-11 describes the information displayed for Link OAM. Table 15-11 Link OAM Properties in Logical Inventory Field Description Table Types Type of table. In this case, it is OAM. OAM Table Local Port Name of the OAM-supported interface, hyperlinked to the location in physical inventory. Local Port ID Local port identifier, such as FastEthernet1/0/9. Admin Status Administrative status of the interface. Port Status Status of the port. Remote MAC Address Remote client MAC address. Cisco Prime Network 4.0 User Guide OL-29343-01 15-15 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Link OAM Properties Step 3 To view detailed information about an entry in the table, double-click the required entry. The Link OAM Data Properties window is displayed as shown in Figure 15-9. Figure 15-9 Link OAM Data Properties Window Table 15-12 describes the information that is displayed in the Link OAM Data Properties window. Table 15-12 Link OAM Data Properties Window Field Description Local Interface Local Port Name of the OAM-supported interface, hyperlinked to the location in physical inventory. Local Port ID Local port identifier. Admin Status Administrative status of the interface: Up or Down. Port Status Status of the port, such as Operational. PDU Max Rate (Frames/sec) Maximum transmission rate measured by the number of OAM PDUs per second; for example, 10 packets per second. PDU Min Rate (Seconds/frame) Minimum transmission rated measured by the number of seconds required for one OAM PDU; for example, 1 packet per 2 seconds. Link Timeout Number of seconds of inactivity on a link before the link is dropped. High Threshold Action Action that occurs when the high threshold for an error is exceeded. Link Fault Action Action that occurs when the signal is lost. Cisco Prime Network 4.0 User Guide 15-16 OL-29343-01 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Viewing Link OAM Properties Table 15-12 Link OAM Data Properties Window (continued) Field Description Dying Gasp Action Action that occurs when an unrecoverable condition is encountered. Critical Event Action Action that occurs when an unspecified vendor-specific critical event occurs. Mode Mode of the interface: Active or Passive. Unidirection Status of unidirectional Ethernet on the local interface: Supported or Not supported. Link Monitor Status of link monitoring on the local interface: Supported or Not supported. Remote Loopback Status of remote loopback on the local interface: Supported or Not supported. Loopback Status Status of loopback on the local interface: Supported or No loopback. Remote Client Step 4 MAC Address MAC address for the remote client. Vendor Vendor of the remote client. Mode Mode of the remote client: Active or Passive. Unidirection Status of unidirectional Ethernet on the remote client interface: Supported or Not supported. Link Monitor Status of link monitoring on the remote client interface: Supported or Not supported. Remote Loopback Status of loopback on the remote client interface: Supported or Not supported. To view Link OAM status in physical inventory, choose Physical Inventory > chassis > slot > interface. The Link OAM administrative status is displayed as shown in Figure 15-10. Cisco Prime Network 4.0 User Guide OL-29343-01 15-17 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Configuring CFM Figure 15-10 Link OAM Administrative Status in Physical Inventory Configuring CFM CFM provides capabilities for detecting, verifying, and isolating connectivity failures in networks with bridges operated by multiple independent organizations, each with restricted management access to each other's equipment. The CFM commands can be launched from the inventory by right-clicking a CFM node and selecting Commands. Unless otherwise noted, all of the following commands are launched by right-clicking the device and choosing Commands > Configure > Cisco. You can navigate from the MEP logical inventory to the interface or port channel on which the MEP is configured. To run the these commands, the software on the network element must support the technology. Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands. For details on the software versions Prime Network supports for the listed supported network elements, see Cisco Prime Network 4.0 Supported Cisco VNEs. Additional commands may be available for your devices. New commands are often provided in Prime Network Device Packages, which can be downloaded from the Prime Network software download site. For more information on how to download and install DPs and enable new commands, see the information on “Adding Additional Device (VNE) support” in the Cisco Prime Network 4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide 15-18 OL-29343-01 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Configuring CFM Note You might be prompted to enter your device access credentials while executing a command. Once you have entered them, these credentials will be used for every subsequent execution of a command in the same GUI client session. If you want to change the credentials, click Edit Credentials. The Edit Credentials button will not be available for SNMP commands or if the command is scheduled for a later time. Command Description Maintenance Domain > Configure CFM Maintenance Domain A maintenance domain is a management space for the purpose of managing and administering a network. A single entity owns and operates a domain and is defined by the set of ports internal to it and at its boundary. Each maintenance domain can contain any number of maintenance associations. Each maintenance association identifies a service that can be uniquely identified within the maintenance domain. The CFM protocol runs within a particular maintenance association. Using this command, assign a unique maintenance level to each domain and a maintenance endpoint archived hold time. Maintenace level defines the hierarchical relationship among domains and MEP Archive Hold time acts as a demarcation point on an interface that participates in CFM. Global Parameters > Configure CFM Global Parameters Enable CFM globally for a network element. Using this command you can configure the device to transmit traceroute and loopback messages with a hold-time value that indicates the validity of the messages. Enable > Cisco >Continuity Check > Configure CFM Continuity Check Enable continuity check parameters on the specified domain, service1, bridge group, and bridge domain names. Enable > Cisco >Continuity Check > Enable CFM Continuity Check MIP > Configure CFM MIP The Configure CFM MIP command configures an operator-level maintenance intermediate point (MIP) for the domain-level ID. If the port on which a MIP is configured is blocked by Spanning-Tree Protocol (STP), the MIP cannot receive CFM messages or relay them toward the relay function side. The MIP can, however, receive and respond to CFM messages from the wire. A MIP has only one level associated with it, and the command-line interface (CLI) does not allow you to configure a MIP for a domain that does not exist. Note Service ID > Configure CFM Service ID This command is not supported on the Cisco Carrier Packet Transport (CPT) System. Use the Configure CFM Service ID command to configure the CFM service ID. Cisco Prime Network 4.0 User Guide OL-29343-01 15-19 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Configuring E-LMI Command Description MEP > Configure CFM MEP Use this command to configure maintenance endpoints (MEPs), which have the following characteristics: • Per-maintenance domain (level) and service (S-VLAN or EVC) • At the edge of a domain, define the boundary • Within the bounds of a maintenance domain, confine CFM messages • When configured to do so, proactively transmit CFM continuity check messages (CCMs) • At the request of an administrator, transmit traceroute and loopback messages Note Enable > Cisco > SNMP Server Traps > Enable CFM SNMP Server Traps This command is not supported on the Cisco Carrier Packet Transport (CPT) System. Enables Ethernet CFM continuity check traps and Ethernet CFM cross-check traps 1. Applicable for Cisco ASR 9000 series that run on Cisco IOS XR software. Configuring E-LMI E-LMI notifies the CE of connectivity status and configuration parameters of Ethernet services available on the CE port. The following commands can be launched from the inventory by right-clicking an E-LMI node and selecting Commands. Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands. The table below lists the Ethernet LMI commands and the supported network elements. Additional commands may be available for your devices. New commands are often provided in Prime Network Device Packages, which can be downloaded from the Prime Network software download site. For more information on how to download and install DPs and enable new commands, see the information on “Adding Additional Device (VNE) support” in the Cisco Prime Network 4.0 Administrator Guide. To run the these commands, the software on the network element must support the technology. Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands. For details on the software versions Prime Network supports for the listed supported network elements, see Cisco Prime Network 4.0 Supported Cisco VNEs. Note You might be prompted to enter your device access credentials while executing a command. Once you have entered them, these credentials will be used for every subsequent execution of a command in the same GUI client session. If you want to change the credentials, click Edit Credentials. The Edit Credentials button will not be available for SNMP commands or if the command is scheduled for a later time. Cisco Prime Network 4.0 User Guide 15-20 OL-29343-01 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Configuring L-OAM Command Description Enable > Global E-LMI Enable Ethernet LMI globally. Note Not supported on Cisco IOS XR. Enable On Interface If E-LMI is disabled globally, you can use this command to enable E-LMI on specific interfaces. Configure MultiPoint To MultiPoint or Point To Point EVC UNI count indicates the range of the Unified network interface(UNI) is 2 to 1024; the default is 2. If you enter a value of 2, you have the option to select point-to-multipoint service. If you configure a value of 3 or greater, the service is point-to-multipoint. Configure UNI in an Interface Configure Service Instance Vlan Id on Interface Specify the service interface ID (Per-interface Ethernet service instance identifier that does not map to a VLAN). Configuring L-OAM L-OAM commands monitors and troubleshoots a single Ethernet link. The following commands can be launched from the inventory by right-clicking a L-OAM node and selecting Commands. Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands. The table below lists the L-OAM commands. To run the these commands, the software on the network element must support the technology. Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands. For details on the software versions Prime Network supports for the listed supported network elements, see Cisco Prime Network 4.0 Supported Cisco VNEs. Additional commands may be available for your devices. New commands are often provided in Prime Network Device Packages, which can be downloaded from the Prime Network software download site. For more information on how to download and install DPs and enable new commands, see the information on “Adding Additional Device (VNE) support” in the Cisco Prime Network 4.0 Administrator Guide. Note You might be prompted to enter your device access credentials while executing a command. Once you have entered them, these credentials will be used for every subsequent execution of a command in the same GUI client session. If you want to change the credentials, click Edit Credentials. The Edit Credentials button will not be available for SNMP commands or if the command is scheduled for a later time. Command Description Assign Template on Interface Assign template name Configure MultiPoint To MultiPoint or Point To Point EVC Configure OAM (L-OAM) on any full-duplex point-to-point or emulated point-to-point Ethernet link. Enable OAM on Interface Enable or disable OAM on the specified interface. Disable OAM on Interface Cisco Prime Network 4.0 User Guide OL-29343-01 15-21 Chapter 15 Monitoring Ethernet Operations, Administration, and Maintenance Tool Properties Configuring L-OAM Command Description Enable E-LMI On Interface Interface name (if E-LMI is disabled globally, you can use this command to enable E-LMI on specific interfaces) Configure OAM Parameter on Interface Configure OAM parameters, like maximum and minimum transmission rate of OAM PDU , OAM client mode and remote loopback ability on an interface. Start Remote Loopback Specify the local interface name on which the remote loopback should be started and stopped. Stop Remote Loopback Cisco Prime Network 4.0 User Guide 15-22 OL-29343-01 CH A P T E R 16 Monitoring Y.1731 IPSLA Configuration The following topics provide an overview of the Y.1731 technology and describe how to view and monitor Y.1731 configurations in Prime Network Vision: • Y.1731 Technology: Overview, page 16-1 • User Roles Required to Work with Y.1731 Probes, page 16-2 • Working with Y.1731 IPSLA Configurations, page 16-2 Y.1731 Technology: Overview Y.1731 is an ITU-T recommendation that provides mechanisms for service-level Operation, Administration, and Maintenance (OAM) functionality in Ethernet networks. It covers mechanisms for Fault and Performance Management. Performance Management is the most sought-after functionality in this standard. In Prime Network, devices that are configured using Y.1731 are detected, scanned for configurations, and monitored. A device configured using Y.1731 has probes, which are root objects or containers that hold single or multiple instances of Service Level Agreement (SLA) probes configured by the user. In Prime Network, the Y.1731 technology is supported on the Cisco Aggregation Service Router (ASR) 9000 and Cisco Carrier Packet Transport (CPT) network elements. Y.1731 Performance Management Mechanisms The OAM functions for performance monitoring according to Y.1731 allow measurement of the following performance parameters. • Frame Loss Ratio—Expressed as a percentage. This ratio is defined as the number of frames not delivered divided by the total number of frames during a time interval. • Frame Delay—A one-way delay for a frame, where one-way frame delay is defined as the time elapsed since the start of transmission of the first bit of the frame by a source node until the reception of the last bit of the same frame by the destination node. • Frame Delay Variation—The measure of the variations in the frame delay between a pair of service frames. The service frames belong to the same CoS (Class of Service) instance on a point-to-point Ethernet (ETH) connection or multipoint ETH connectivity. • Throughput—The average rate of successful traffic delivery over a communication channel. Typically used under test conditions, such as out-of service tests, when there is no traffic for the tested Ethernet connection. Cisco Prime Network 4.0 User Guide OL-29343-01 16-1 Chapter 16 Monitoring Y.1731 IPSLA Configuration User Roles Required to Work with Y.1731 Probes User Roles Required to Work with Y.1731 Probes This topic identifies the roles that are required to work with Y.1731 probes. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Table 16-1 Default Permission/Security Level Required for Y.1731 Probes Task Viewer Operator OperatorPlus Configurator Administrator View the Y.1731 probe properties X X X X X Configure Y.1731 probes — — — X X Working with Y.1731 IPSLA Configurations This topic contains the following sections: • Viewing Y.1731 Probe Properties, page 16-2 • Configuring Y.1731 Probes, page 16-4 Viewing Y.1731 Probe Properties To view Y.1731 probes and their properties for a device: Step 1 Right-click on the device and choose Inventory. Step 2 In the Inventory window, choose Logical Inventory > Probes > Y1731 Probes. A list of Y.1731 probes is displayed in the Y.1731 Probes content pane as shown in Figure 16-1. Cisco Prime Network 4.0 User Guide 16-2 OL-29343-01 Chapter 16 Monitoring Y.1731 IPSLA Configuration Working with Y.1731 IPSLA Configurations Figure 16-1 Y.1731 Probes Content Pane Table 16-2 describes the fields that are displayed in the content pane. Table 16-2 Y.1731 Content Pane Field Name Description Profile Name The name of the profile created for performance monitoring of the SLA configuration. Source MEP The maintenance endpoint (MEP) interface ID where the probe is getting initiated. Source MAC Address The source interface MAC address where the probe is getting initiated. Destination The interface ID or MAC address, which will help the probe to reach its destination. OAM Domain The name of the OAM domain. Measurement Type The type of performance operation, which could be cfm-delay-measurement or cfm-loopback. Ethernet Virtual Connection The name or identifier of the ethernet virtual connection, which connects two User-Network Interfaces (UNI). This is applicable only for the Cisco CPT devices. Packet Size The size of the service packet. This includes padding size when required. Packets Per Burst The number of packets transmitted per burst. Burst Period The time taken to send the packets from the source to their destination. This period is usually specified in terms of seconds or milliseconds. Cisco Prime Network 4.0 User Guide OL-29343-01 16-3 Chapter 16 Monitoring Y.1731 IPSLA Configuration Working with Y.1731 IPSLA Configurations Step 3 Right-click on a probe and choose Properties to view its properties. Additionally, the following information is displayed in the Probe Properties window for a Cisco CPT device. Table 16-3 describes the additional fields that are displayed for a Cisco CPT device in the Probe Properties window. Table 16-3 Probe Properties Window Field Name Description Measurements Statistics Type The statistics type, which is Round Trip Delay or Round Trip Jitter. Aggregate Bin Count The aggregate count of bins to store the counter values of the result of each performance parameter. Note The counter value refers to the counter of number of results that fall within a particular range specified for each performance attribute. Aggregate Bin Boundaries The bin boundary for the bins. For Cisco CPT devices, bin boundary is specified as comma separated intervals; whereas for ASR9K devices, it is an integer. Bin boundaries are specified in terms of milliseconds. Bucket Size The number of buckets required to store the performance attribute results gathered during a specified period. By default, a separate bucket is created for each probe, which will contain the results relating to measurements made by the probe. Configuring Y.1731 Probes You can configure Y.1731 probes using a certain set of commands. The following commands can be launched from the inventory by right-clicking the appropriate node and selecting Commands. Before executing any commands, you can preview them and view the results. If desired, you can also schedule the commands. To find out if a device supports these commands, see the Cisco Prime Network 4.0 Supported Cisco VNEs. Additional commands may be available for your devices. New commands are often provided in Prime Network Device Packages, which can be downloaded from the Prime Network software download site. For more information on how to download and install DPs and enable new commands, see the information on “Adding Additional Device (VNE) support” in the Cisco Prime Network 4.0 Administrator Guide. Cisco Prime Network 4.0 User Guide 16-4 OL-29343-01 Chapter 16 Monitoring Y.1731 IPSLA Configuration Working with Y.1731 IPSLA Configurations Command Navigation Description Configure Probe EndPoint Association Right-click Y1731 Probes Use this command to configure endpoint node > Commands > Confi association for a probe. guration Configure Profile Use this command to configure a new profile for the probe. Create On Demand Probe Configuration Use this command to create an on demand probe configuration. Deassociate Profile Use this command to deassociate a profile from a probe. Delete Profile Use this command to delete a profile. Right-click Y1731 Probes node > Commands > Confi guration Show SLA Right-click Y1731 Probes Operations detail node > Commands > Diag nostics When service providers sell connectivity services to a subscriber, a Service Level Agreement (SLA) is reached between the buyer and seller of the service. The SLA defines the attributes offered by a provider and serves as a legal obligation on the service provider. As the level of performance required by subscribers increases, service providers need to monitor the performance parameters being offered. Use this command to view the SLA operation details. Show SLA Profiles Use this command to view a list of the SLA profiles. Configure IP SLA Right-click Y1731 Probes Use this command to configure an IP SLA parameters node > Commands > Confi parameter for the probe. guration Delete IP SLA Use this command to delete the IP SLA parameters parameters for a probe. Show IP SLA Right-click Y1731 Probes node > Commands > Diag nostics Use this command to view the IP SLA schedule details. Cisco Prime Network 4.0 User Guide OL-29343-01 16-5 Chapter 16 Monitoring Y.1731 IPSLA Configuration Working with Y.1731 IPSLA Configurations Cisco Prime Network 4.0 User Guide 16-6 OL-29343-01 CH A P T E R 17 IPv6 and IPv6 VPN over MPLS Cisco Prime Network (Prime Network) supports IPv6 for: • Gateways, clients, and units using IPv6. • Communications between VNEs and devices in IPv6 environments, whether the device management IP address is IPv4 or IPv6. • Polling and notification using the following protocols over IPv6: – SNMP v1, SNMPv2c, and SNMPv3 – Telnet – SSHv2 – ICMP – XML (for Cisco IOS XR devices) – HTTP (for Cisco UCS and VMware vCenter devices) • All reports with devices that use IPv6 addresses. • Fault management, including event processing and service alarm generation. Prime Network supports correlation and path tracing for: • 6PE and native IPv6 networks. • IPv6 BGP address families. • IPv6 GRE tunnels. IPv6 VPN over MPLS, also known as 6VPE, uses the existing MPLS IPv4 core infrastructure for IPv6 transport to enable IPv6 sites to communicate over an MPLS IPv4 core network using MPLS label switch paths (LSPs). 6VPE relies on MP-BGP extensions in the IPv4 network configuration on the PE router to exchange IPv6 reachability information. Edge routers are configured to be dual-stacks running both IPv4 and IPv6, and use the IPv4-mapped IPv6 address for IPv6 prefix reachability exchange. In 6VPE environments, Prime Network supports: • Modeling of OSPFv3 routes between PE and CE devices. • IPv6 addresses for BGP neighbors for MP-BGP. • Correlation and path tracing. This chapter contains the following topics: • User Roles Required to Work with IPv6 and 6VPE, page 17-2 • Viewing IPv6 Information, page 17-2 Cisco Prime Network 4.0 User Guide OL-29343-01 17-1 Chapter 17 IPv6 and IPv6 VPN over MPLS User Roles Required to Work with IPv6 and 6VPE User Roles Required to Work with IPv6 and 6VPE This topic identifies the roles that are required to work with IPv6 and 6VPE in Prime Network Vision. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. For more information on user authorization, see the Cisco Prime Network 4.0 Administrator Guide. The following tables identify the tasks that you can perform: • Table 17-1 identifies the tasks that you can perform if a selected element is not in one of your assigned scopes. • Table 17-2 identifies the tasks that you can perform if a selected element is in one of your assigned scopes. By default, users with the Administrator role have access to all managed elements. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Table 17-1 Default Permission/Security Level Required for Viewing IPv6 Properties - Element Not in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator View IPv6 properties — — — — X Table 17-2 Default Permission/Security Level Required for Viewing IPv6 Properties - Element in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator View IPv6 properties X X X X X Viewing IPv6 Information Prime Network Vision displays IPv6 addresses when they are configured on PE and CE routers in the IP interface table. IPv6 addresses are: • Displayed in the Prime Network Vision map pane for IPv6 links. • Displayed in logical and physical inventory for routing and interface information, including IP, PPP, and High-Level Data Link Control (HDLC). • Used in Cisco PathTracer to trace paths and present path trace results. Cisco Prime Network 4.0 User Guide 17-2 OL-29343-01 Chapter 17 IPv6 and IPv6 VPN over MPLS Viewing IPv6 Information Table 17-3 describes where IPv6 information appears in logical and physical inventory. Table 17-3 IPv6 Information in Inventory Inventory Location Description Logical Inventory 6rd Tunnels The Tunnel Edges table displays IPv6 addresses and the IPv6 prefixes that are used to translate IPv4 addresses to IPv6 addresses. For more information, see Viewing 6rd Tunnel Properties, page 18-46. Access Lists Carrier Grade NAT • The Type field displays IPv6 for IPv6 access lists. • If an IPv6 access list is configured, the Access List Properties window displays IPv6 addresses in the Source, Destination, Source Wildcard, and Destination Wildcard fields. Carrier Grade NAT service types include 6rd and XLAT. For more information, see Viewing Carrier Grade NAT Properties in Logical Inventory, page 13-2. GRE Tunnels The IP Address field supports IPv6 addresses. For more information, see Viewing MPLS Pseudowire over GRE Properties, page 20-31. IS-IS IS-IS properties support: • IPv6 address families in the Metrics tab. • IPv6 addresses in the Neighbors tab and the IS-IS Neighbor Properties window. For more information, see Viewing IS-IS Properties, page 12-114. MPBGPs • IP address family identifiers indicate the BGP peer address family: IPv4, IPv6, Layer 2 VPN, VPNv4, or VPNv6. • MP-BGP BGP neighbor entries display IPv6 addresses. For information, see Viewing MP-BGP Information, page 18-45. OSPFv3 IPv6 addresses are displayed for OSPF neighbor interface addresses, OSPF interface internet addresses, OSPF neighbor properties window, and OSPF interface properties window. For more information, see Viewing OSPF Properties, page 12-117. Routing Entities • IPv6 addresses appear in the IP Interfaces tab, the IPv6 Routing tab, and the interface properties window. • IPv6 addresses are displayed in the NDP Table tab and the ARP Entry Properties window. • VRRP groups using IPv6 display IPv6 addresses in the IP Interfaces Properties window in the VRRP group tab. For more information, see Viewing Routing Entities, page 18-31. VRFs IPv6 addresses appear in the IPv6 tab, Sites tab, VRF Properties window, and IP Interface Properties window. For more information, see Viewing VRF Properties, page 18-27. Cisco Prime Network 4.0 User Guide OL-29343-01 17-3 Chapter 17 IPv6 and IPv6 VPN over MPLS Viewing IPv6 Information Table 17-3 IPv6 Information in Inventory (continued) Inventory Location Description Physical Inventory Port IPv6 addresses appear in the Subinterfaces tab and interface properties popup window. The IP addresses that appear depend on whether the interface has only IPv4 addresses, only IPv6 addresses, or both IPv4 and IPv6 addresses, as shown in Table 17-4. Table 17-4 IP Addresses Displayed in the Interface Table and Properties Window Addresses Interface Table Properties Window IPv4 only Primary IPv4 address The primary IPv4 address and any secondary IPv4 addresses. IPv6 only Lowest IPv6 address All IPv6 addresses. IPv6 and IPv4 Primary IPv4 address All IPv4 and IPv6 addresses. Note the following when working with IPv6 addresses: • MPLS label switching entries and Label Switching Entities (LSEs) do not display IPv6 addresses. However, the Neighbor Discovery Protocol (NDP) table does display IPv6 addresses. • Prime Network supports all the textual presentations of address prefixes. However, Prime Network Vision displays both the IP address and the subnet prefix, for example: 12AB::CD30:123:4567:89AB:CDEF, 12AB:0:0:CD30::/60 Note Interfaces or subinterfaces that do not have IP addresses are not discovered and therefore are not shown in Prime Network Vision. Figure 17-1 shows a port inventory view of a port with IPv4 and IPv6 addresses. In this example, one IPv4 address and multiple IPv6 addresses are provisioned on the interface. • The primary IPv4 address appears in the interface table and properties window. If secondary IPv4 addresses were provisioned on the interface, they would appear in the properties window. • IPv6 addresses provisioned on the interface appear in the properties window and Sub Interfaces tab. Cisco Prime Network 4.0 User Guide 17-4 OL-29343-01 Chapter 17 IPv6 and IPv6 VPN over MPLS Viewing IPv6 Information Figure 17-1 Port with IPv4 and IPv6 Addresses Figure 17-2 shows a port with only IPv6 addresses provisioned. In this example, the lowest IPv6 address is shown in the subinterface table, and all IPv6 addresses are shown in the interface properties window. Cisco Prime Network 4.0 User Guide OL-29343-01 17-5 Chapter 17 IPv6 and IPv6 VPN over MPLS Viewing IPv6 Information Figure 17-2 Port with IPv6 Addresses Cisco Prime Network 4.0 User Guide 17-6 OL-29343-01 CH A P T E R 18 Monitoring MPLS Services The following topics describe how to view and manage aspects of Multiprotocol Label Switching (MPLS) services using Cisco Prime Network Vision (Prime Network Vision), including the MPLS service view, business configuration, and maps. The topics also describe the device inventory specific to MPLS VPNs, including routing entities, label switched entities (LSEs), BGP neighbors, Multiprotocol BGP (MP-BGP), VRF instances, pseudowires, and TE tunnels. Topics include: • User Roles Required to Work with MPLS Networks, page 18-1 • Working with MPLS-TP Tunnels, page 18-4 • Viewing VPNs, page 18-18 • Managing VPNs, page 18-21 • Working with VPN Overlays, page 18-24 • Monitoring MPLS Services, page 18-26 • Configuring VRF, page 18-53 • Configuring IP Interface, page 18-54 • Configuring MPLS-TP, page 18-54 • Configuring MPLS-TE, page 18-57 • Configuring MPLS, page 18-57 • Configuring RSVP, page 18-58 • Configuring BGP, page 18-59 • Configuring VRRP, page 18-60 • Configuring Bundle Ethernet, page 18-61 User Roles Required to Work with MPLS Networks This topic identifies the roles that are required to work with MPLS networks. Prime Network determines whether you are authorized to perform a task as follows: • For GUI-based tasks (tasks that do not affect elements), authorization is based on the default permission that is assigned to your user account. • For element-based tasks (tasks that do affect elements), authorization is based on the default permission that is assigned to your account. That is, whether the element is in one of your assigned scopes and whether you meet the minimum security level for that scope. Cisco Prime Network 4.0 User Guide OL-29343-01 18-1 Chapter 18 Monitoring MPLS Services User Roles Required to Work with MPLS Networks For more information on user authorization, see the Cisco Prime Network 4.0 Administrator Guide. The following tables identify the tasks that you can perform: • Table 18-1 identifies the tasks that you can perform if a selected element is not in one of your assigned scopes. • Table 18-2 identifies the tasks that you can perform if a selected element is in one of your assigned scopes. By default, users with the Administrator role have access to all managed elements. To change the Administrator user scope, see the topic on device scopes in the Cisco Prime Network 4.0 Administrator Guide. Table 18-1 Default Permission/Security Level Required for Working with MPLS Networks Element Not in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator Working with Elements Add tunnels to VPNs — X X X X Add VPNs to a map — — X X X Create VPNs — — X X X Move virtual routers between VPNs — X X X X Remove tunnels from VPNs X X X X X Remove VPNs from a map — — X X X View 6RD properties — — — — X View BFD properties — — — — X View cross-VRF routing entries — — — — X View LSE properties — — — — X View MP-BGP information — — — — X View MPLS TE tunnel information — — — — X View MPLS-TP information — — — — X View port configurations — — — — X View pseudowire end-to-end emulation tunnels — — — — X View rate limit information — — — — X View the ARP table — — — — X View the NDP table — — — — X View VPN properties X X X X X View VPNs X X X X X View VRF egress and ingress adjacents — — — — X View VRF properties — — — — X X X X X X Viewing Element Properties Working with Overlays Add VPN overlays Cisco Prime Network 4.0 User Guide 18-2 OL-29343-01 Chapter 18 Monitoring MPLS Services User Roles Required to Work with MPLS Networks Table 18-1 Default Permission/Security Level Required for Working with MPLS Networks Element Not in User’s Scope (continued) Task Viewer Operator OperatorPlus Configurator Administrator Display or hide VPN overlays X X X X X Remove VPN overlays X X X X X Table 18-2 Default Permission/Security Level Required for Working with MPLS Networks Element in User’s Scope Task Viewer Operator OperatorPlus Configurator Administrator VPNs and VRFs Add tunnels to VPNs — X X X X Add VPNs to a map — — X X X Create VPNs — — X X X Display VRF egress and ingress adjacents — — — — X Move virtual routers between VPNs — X X X X Remove tunnels from VPNs X X X X X Remove VPNs from a map — — X X X View VPN properties X X X X X View VPNs X X X X X View VRF properties — — — — X Add VPN overlays X X X X X Display or hide VPN overlays X X X X X Remove VPN overlays X X X X X View the ARP table X X X X X View the NDP table X X X X X View rate limit information X X X X X View 6RD properties X X X X X View BFD properties X X X X X View cross-VRF routing entries X X X X X View LSE properties X X X X X View MP-BGP information X X X X X View MPLS TE tunnel information X X X X X View MPLS-TP information X X X X X VPN Overlays Routing Entities Other Cisco Prime Network 4.0 User Guide OL-29343-01 18-3 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels Table 18-2 Default Permission/Security Level Required for Working with MPLS Networks Element in User’s Scope (continued) Task Viewer Operator OperatorPlus Configurator Administrator View port configurations X X X X X View pseudowire end-to-end emulation tunnels X X X X X Working with MPLS-TP Tunnels MPLS-Transport Profile (MPLS-TP) is considered to be the next generation transport for those using SONET/SDH TDM technologies as they migrate to packet-switching technology. Although still under definition by the IETF, MPLS-TP provides: • Predetermined and long-lived connections. • Emphasis on manageability and deterministic behavior. • Fast fault detection and recovery. • Inband OAM. MPLS-TP features include: • Manually provisioned MPLS-TP LSPs. • Reserved bandwidth for static MPLS-TP LSPs. • One-to-one path protection for MPLS-TP LSPs. • Working/Protected LSP switchover. • Continuity Check (CC), Proactive Continuity Verification (CV), and Remote Defect Indication (RDI) based on BFD. • New fault OAM functions resulting from the MPLS-TP standardization effort. Prime Network automatically discovers network MPLS-TP tunnels from end to end, including LSPs, tunnel endpoints, and bandwidth. Network LSPs contain LSP endpoints and midpoints and are identified as working or protected. Prime Network links the MPLS-TP tunnel components appropriately, provides a visual representation in Prime Network Vision maps, and displays the properties in logical inventory. Prime Network employs warm start technology when rebooting. That is, when rebooting, Prime Network compares existing MPLS-TP tunnel information to topology changes that occur while Prime Network is down and updates MPLS-TP tunnel accordingly when Prime Network returns to operation. The following options are available for working with MPLS-TP tunnels in Prime Network Vision: • Adding an MPLS-TP Tunnel, page 18-5 • Viewing MPLS-TP Tunnel Properties, page 18-7 • Viewing LSPs Configured on an Ethernet Link, page 18-11 • Viewing LSP Endpoint Redundancy Service Properties, page 18-14 • Applying an MPLS-TP Tunnel Overlay, page 18-16 • Viewing MPLS-TP BFD session properties—See Viewing BFD Session Properties, page 18-47. Cisco Prime Network 4.0 User Guide 18-4 OL-29343-01 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels Adding an MPLS-TP Tunnel Prime Network Vision automatically discovers MPLS-TP tunnels, endpoints, and midpoints and enables you to add MPLP-TP tunnels to maps. To add an MPLS-TP tunnel to a map: Step 1 In Prime Network Vision, display the map to which you want to add the MPLS-TP tunnel. Step 2 Do either of the following: • From the File menu, choose Add to Map > MPLS-TP Tunnel. • In the main toolbar, click Add to Map, then choose Add to Map > MPLS-TP Tunnel. The Add MPLS-TP Tunnel dialog box is displayed. Step 3 Do either of the following: • Choose a search category, enter a search string, then click Go to narrow search results to a range of MPLS-TP tunnels or a specific MPLS-TP tunnel. Search categories include: – Description – Name – System Name • Choose Show All to display all the MPLS-TP tunnels. Step 4 Select the MPLS-TP tunnel that you want to add to the map. Step 5 Click OK. The MPLS-TP tunnel is added to the map and to the navigation pane. In Figure 18-1: • The devices are on the left side of the map, and the MPLS-TP tunnel is displayed in a thumbnail on the right. • The devices are connected to each other and to the MPLS-TP tunnel via tunnels. • Physical links connect the devices to the Working and Protected LSPs. • A redundancy service badge is displayed next to the Protected LSP in the navigation and map panes. • In the thumbnail: – The tunnel endpoints are connected to each other via a tunnel. – A physical link connects the Working and Protected LSPs. – Business links connect the Working and Protected LSPs to each endpoint. Cisco Prime Network 4.0 User Guide OL-29343-01 18-5 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels Figure 18-1 MPLS-TP Tunnel in Prime Network Vision Map If an LSP is in lockout state, it is displayed with the lock badge ( ). By expanding all aggregations in the MPLS-TP tunnel (see Figure 18-2), you can see components and links in the MPLS-TP tunnel, including: • MPLS-TP tunnel endpoints • LSP endpoints • LSP midpoints Figure 18-2 MPLS-TP Tunnel Expanded If an LSP is configured for redundancy service, a redundancy service badge is applied to the secondary (backup) LSP in the navigation and map panes in the navigation and map panes. Cisco Prime Network 4.0 User Guide 18-6 OL-29343-01 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels For more information about LSP redundancy service, see Viewing LSP Endpoint Redundancy Service Properties, page 18-14. Viewing MPLS-TP Tunnel Properties Prime Network Vision discovers and displays MPLS-TP attributes in the MPLS-TP branch in logical inventory as described in this topic. Additional information about MPLS-TP tunnel properties are available in the following branches: • Routing Entities—See Viewing Routing Entities, page 18-31. • LSEs—See Viewing Label Switched Entity Properties, page 18-39. • Pseudowires— See Viewing Pseudowire End-to-End Emulation Tunnels, page 18-50. To view MPLS-TP tunnel properties: Step 1 Right-click the required device in Prime Network Vision and choose Inventory. Step 2 In the logical inventory window, choose Logical Inventory > MPLS-TP > MPLS-TP Global. The routing information is displayed as shown in Figure 18-3. Figure 18-3 MPLS-TP Tunnel Properties in Logical Inventory Table 18-3 describes the information that is available for MPLS-TP tunnels. The information that is displayed depends on the configuration. Cisco Prime Network 4.0 User Guide OL-29343-01 18-7 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels Table 18-3 MPLS-TP Tunnel Properties in Logical Inventory Field Description Global ID Globally unique Attachment Interface Identifier (AII) for MPLS-TP derived from the Autonomous System Number (ASN) of the system hosting the PEs. Router ID MPLS-TP source node identifier for this element in the form of an IPv4 address. Protection Mode Whether the transmitting endpoint is in revertive or nonrevertive mode: Redundancy Mode • Revertive—If the protection mode is revertive and a failed path is restored, the traffic automatically returns, or reverts, to the original path. • Nonrevertive—If the protection mode is nonrevertive and a failed path is restored, the traffic does not return to the original path. That is, the traffic does not revert to the original path. Level of redundancy for the MPLS-TP tunnel: 1:1, 1+1, or 1:N. MPLS-TP Tunnel Endpoints Tab ID Tunnel endpoint identifier as a Tunnel-tp interface on the selected network element. Tunnel ID Unique tunnel identifier. Admin Status Administrative status of the tunnel: Up or Down. Oper Status Operational status of the tunnel: Up or Down. Bandwidth (kbps) Configured bandwidth (in Kb/s) for the tunnel. Description Tunnel description. TP Enabled Links Tab Link ID Identifier assigned to the MPLS-TP interface. Interface Hyperlink to the interface in physical inventory. Next Hop IP address of the next hop in the path. LSP End Points Tab LSP ID LSP identifier, derived from both endpoint identifiers and using the format src-node-ID::src-tunnel-number::dest-node-ID::dest-tunnel-number where: • src-node-ID represents the identifier of the node originating the signal exchange. • src-tunnel-number represents source tunnel identifier. • dest-node-ID represents the identifier of the target node. • dest-tunnel-number represents the destination tunnel identifier. LSP Type Indicates whether the LSP is active (Working) or backup (Protect). In Label Incoming label identifier. Out Label Outgoing label identifier. Out Interface Outgoing interface hyperlinked to the relevant entry in physical inventory. Bandwidth (kbps) Bandwidth specification in Kb/s. Role (Oper Status) Role of the LSP endpoint (Active or Standby) with the operational status (UP or DOWN). Cisco Prime Network 4.0 User Guide 18-8 OL-29343-01 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels Table 18-3 MPLS-TP Tunnel Properties in Logical Inventory (continued) Field Description LSP Mid Points Tab LSP ID Step 3 LSP identifier, derived from both endpoint identifiers and using the format src-node-ID::src-tunnel-number::dest-node-ID::dest-tunnel-number where: • src-node-ID represents the identifier of the node originating the signal exchange. • src-tunnel-number represents source tunnel identifier. • dest-node-ID represents the identifier of the target node. • dest-tunnel-number represents the destination tunnel identifier. LSP Type Indicates whether the LSP is active (Working) or backup (Protect). Forward In Label Incoming label identifier in the forward direction (source to destination). Forward Out Label Label selected by the next hop device in the forward direction. Reverse In Label Incoming label identifier in the reverse direction (destination to source). Reverse Out Label Label selected by the next hop device in the reverse direction. Forward Out Interface Outgoing interface in the forward direction, hyperlinked to its entry in physical inventory. Forward Bandwidth (kbps) Bandwidth specification in Kb/s for the forward direction. Reverse Out Link ID Link identifier assigned to the outgoing interface in the reverse direction. Reverse Out Interface Outgoing interface in the reverse direction, hyperlinked to its entry in physical inventory. Reverse Bandwidth Bandwidth specification in Kb/s for the reverse direction. Internal ID Identifier associated with the parent entity of the link. Using an internal identifier ensures that individual LSP links do not participate in multiple network LSPs. To view additional MPLS-TP tunnel endpoint properties, double-click the required entry in the MPLS-TP Tunnel Endpoints table. The MPLS-TP Tunnel Properties window is displayed as shown in Figure 18-4. Cisco Prime Network 4.0 User Guide OL-29343-01 18-9 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels Figure 18-4 MPLS-TP Tunnel Properties Window Table 18-4 describes the information available in the top portion of the MPLS-TP Tunnel Properties window. For information about the tabs that are displayed, see Table 18-3. Table 18-4 MPLS-TP Tunnel Properties Window Field Description Tunnel ID Unique tunnel identifier. Peer Tunnel ID Unique identifier of peer tunnel. Bandwidth (kbps) Configured bandwidth (in Kb/s) for the tunnel. Admin Status Administrative status of the tunnel: Up or Down. Oper Status Operational status of the tunnel: Up or Down. Local Info MPLS-TP source node identifier for this element in the form of an IPv4 address. Peer Info MPLS-TP peer node identifier in the form of an IPv4 address. Global ID Globally unique Attachment Interface Identifier (AII) for MPLS-TP derived from the Autonomous System Number (ASN) of the system hosting the PEs. Peer Global ID Globally unique AII for the peer. Working LSP Number Number assigned to the working LSP. By default, the working LSP number is 0 and the protected LSP number is 1. Cisco Prime Network 4.0 User Guide 18-10 OL-29343-01 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels Table 18-4 MPLS-TP Tunnel Properties Window (continued) Field Description Protect LSP Number Number assigned to the protected LSP. By default, the working LSP number is 0 and the protected LSP number is 1. BFD Template BFD template associated with this MPLS-TP tunnel. Working LSP BFD State Configured state of the working LSP BFD template: Up or Down. Protect LSP BFD State Configured state of the protected LSP BFD template: Up or Down. Working LSP Fault OAM Indicates that a fault has been detected on the working LSP. Protect LSP Fault OAM Indicates that a fault has been detected on the protected LSP. Tunnel Name Tunnel name. Adjacent Hyperlink to the adjacent endpoint in logical inventory. Viewing LSPs Configured on an Ethernet Link A single Ethernet link can support a number of LSPs. Prime Network Vision enables you to view all LSPs on a single Ethernet link and to identify the source and destination labels. To view LSPs configured on an Ethernet link: Step 1 In the map view, right-click the required link and choose Properties. Step 2 In the link properties window, choose the required Ethernet link. The link properties window refreshes and displays the Labels button as shown in Figure 18-5. Cisco Prime Network 4.0 User Guide OL-29343-01 18-11 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels Figure 18-5 Step 3 Link Properties Window with All Labels Button Click Labels. The All Labels window is displayed as shown in Figure 18-6 with the LSP sources and destinations. Cisco Prime Network 4.0 User Guide 18-12 OL-29343-01 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels Figure 18-6 Step 4 All Labels Table To identify a specific path, click an outgoing label in the Source table. The corresponding in label is selected in the Destination table. Viewing MPLS-TE and P2MP-MPLS-TE links in a map Using the link filter available in Prime Network, you can view only the MPLS-TE and P2MP-MPLS-TE links in a map. Note The MPLS Point-to-Multipoint Traffic Engineering (P2MP TE) feature enables you to forward Multiprotocol Label Switching (MPLS) traffic from one source to multiple destinations. To view the MPLS-TE and P2MP-MPLS-TE links in a map: Step 1 Open the required map. Step 2 Click the Link filter icon in the navigation menu. Step 3 In the Link Filter window, select the MPLS-TE and P2MP MPLS-TE check boxes. Step 4 Click OK. The map refreshes and displays only the MPLS-TE and P2MP MPLS-TE links. Step 5 Right-click on the link and choose the Properties option. Cisco Prime Network 4.0 User Guide OL-29343-01 18-13 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels Step 6 In the Link Properties window, the type of link is displayed in the Link Type field, which can be either MPLS-TE and P2MP MPLS-TE based on the link that you have selected. Additional details about the link such as the MPLS TE tunnel, operational status of the tunnel, TE tunnel type are displayed in the Label Switching section. For more information about the Link Properties window, see Viewing LSPs Configured on an Ethernet Link, page 18-11. Viewing LSP Endpoint Redundancy Service Properties If an LSP endpoint in an MPLS-TP tunnel is configured for redundancy service, a redundancy service badge is applied to the secondary (backup) LSP endpoint in the navigation and map panes in Prime Network Vision. Additional redundancy service details are provided in the LSP endpoint properties window and the inventory window for the element on which the MPLS-TP tunnel is configured. To view LSP endpoint redundancy service properties: Step 1 To determine if an LSP endpoint on an MPLS-TP tunnel is configured for redundancy service, expand the required MPLS-TP tunnel in the navigation or map pane. If the LSP endpoint is configured for redundancy service, the redundancy service badge is displayed in the navigation and map panes as shown in Figure 18-7. Figure 18-7 Step 2 LSP Endpoint with Redundancy Service Badge To view properties for the LSP endpoint, navigate to and right-click the required endpoint in the map or navigation pane, and choose Properties. The LSP endpoint properties window is displayed as shown in Figure 18-8. Cisco Prime Network 4.0 User Guide 18-14 OL-29343-01 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels Figure 18-8 LSP Endpoint Properties Window Table 18-5 describes the information displayed in the LSP Endpoint Properties window. Table 18-5 LSP Endpoint Properties Window Field Description LSP Type Indicates whether the LSP is active (Working) or backup (Protected). LSP ID LSP identifier, derived from both endpoint identifiers and using the format src-node-ID::src-tunnel-number::dest-node-ID::dest-tunnel-number where: • src-node-ID represents the identifier of the node originating the signal exchange. • src-tunnel-number represents source tunnel identifier. • dest-node-ID represents the identifier of the target node. • dest-tunnel-number represents the destination tunnel identifier. In Label Incoming label identifier. Out Label Outgoing label identifier. Bandwidth (kbps) Bandwidth specification in Kb/s. Out Link ID Link identifier assigned to the outgoing interface. Out Interface Outgoing interface hyperlinked to the relevant entry in physical inventory. Role (Oper Status) Role of the LSP endpoint (Active or Standby) with the operational status (UP or DOWN) Step 3 To view LSP endpoint redundancy status in inventory, double-click the element on which the MPLS-TP tunnel is configured. Step 4 Choose Logical Inventory > MPLS-TP > MPLS-TP Global > LSP End Points. Step 5 The LSP End Points tab contains the following information related to LSP redundancy service (see Figure 18-9): • Whether the LSP endpoint is Working or Protected. • The LSP endpoint role, either Active or Standby. • The operational status of the LSP endpoint, either Up or Down. Cisco Prime Network 4.0 User Guide OL-29343-01 18-15 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels Figure 18-9 LSP End Points Tab in Logical Inventory Applying an MPLS-TP Tunnel Overlay You can select and display an overlay of a specific MPLS-TP tunnel on top of the devices displayed in a map view. The overlay is a snapshot of the network that visualizes the flows between the sites and tunnel peers. When an MPLS-TP tunnel is selected in the map, the following elements are highlighted in the map: • Elements on which TP endpoints and LSPs are configured. • Links that carry TP traffic. All elements and links that are not part of the MPLS-TP tunnel are dimmed. To apply an MPLS-TP tunnel overlay: Step 1 In Prime Network Vision, display the network map on which you want to apply an overlay. Step 2 From the main toolbar, click Choose Overlay Type and choose MPLS-TP tunnel. The Select MPLS-TP tunnel Overlay dialog box is displayed. Step 3 Do one of the following: • Choose a search category, enter a search string, then click Go to narrow the search results to a range of MPLS-TP tunnels or a specific MPLS-TP tunnel. Search categories include: – Description – Name – System Name Cisco Prime Network 4.0 User Guide 18-16 OL-29343-01 Chapter 18 Monitoring MPLS Services Working with MPLS-TP Tunnels The search condition is “contains.” Search strings are case-insensitive. For example, if you choose the Name category and enter “net,” Prime Network Vision displays MPLS-TP tunnels that have “net” in their names whether net appears at the beginning of the name, the middle, or at the end: for example, Ethernet. • Step 4 Choose Show All to display all MPLS-TP tunnels. Select the MPLS-TP tunnel overlay you want to apply to the map. The elements and links used by the selected MPLS-TP tunnel are highlighted in the network map, and the MPLS-TP tunnel name is displayed in the window title bar as shown in Figure 18-10. Figure 18-10 Note MPLS-TP Tunnel Overlay An overlay is a snapshot taken at a specific point in time and does not reflect changes that occur in the service. As a result, the information in an overlay can become stale. To update the overlay, click Refresh Overlay in the main toolbar. Cisco Prime Network 4.0 User Guide OL-29343-01 18-17 Chapter 18 Monitoring MPLS Services Viewing VPNs Viewing VPNs Figure 18-11 shows a VPN displayed in the Prime Network Vision map view. In this example, the VPN is selected in the navigation pane, so the VPN details, such as virtual routers and IP interfaces, are not shown in the map view. Figure 18-11 VPN in Prime Network Vision Map View 1 VPN in the navigation tree 4 VPN in the map view 2 Sites 5 VPN links 3 Virtual routers Cisco Prime Network 4.0 User Guide 18-18 OL-29343-01 Chapter 18 Monitoring MPLS Services Viewing VPNs Figure 18-12 shows a VPN with details, including virtual routers and sites, in the Prime Network Vision map view. Figure 18-12 VPN in Prime Network Vision Map View with VRFs and Sites 1 Virtual routers 2 Sites The Prime Network Vision navigation pane displays the VPN business elements in a tree-and-branch representation. Each business element is represented by an icon in a color that reflects the highest alarm severity. The icon might also have a management state badge or alarm. For more information about icon severity colors and badges, see Prime Network Vision Status Indicators, page 2-17. Cisco Prime Network 4.0 User Guide OL-29343-01 18-19 Chapter 18 Monitoring MPLS Services Viewing VPNs Table 18-6 shows the VPN icons in the Prime Network Vision map view. Table 18-6 Icon VPN Icons in Prime Network Vision Map View Description Root (map name) or aggregation VPN Virtual router Site The highest level of the navigation pane displays the root or map name. The branches display the VPN and aggregated business elements as well as their names. The Layer 3 VPN sub-branch displays the virtual routers and sites contained in the VPN along with the names of the business elements. In addition, CE devices can be displayed in the Layer 2 and Layer 3 VPN sub-branches. If you select an aggregated business element in the navigation pane, the map view displays the business elements contained within the aggregated business element. The Prime Network Vision map view displays the VPN business elements and aggregated business elements loaded in the map view, along with the names of the business elements. In addition, the map view displays the VPN topology (between the virtual routers in the VPNs) and the topology and associations between other business elements. After you select the root in the navigation pane, the map view displays all the VPNs. Prime Network Vision presents tickets related to the map in the ticket area, which allows you to view and manage the VPN tickets. Viewing Additional VPN Properties Prime Network Vision allows you to select any element in the navigation pane or map view and view additional underlying properties. To view additional properties for an object, either double-click it or right-click it and choose Properties. Table 18-7 shows the additional properties available for VPN entities. Table 18-7 Object VPN VRF Displaying Additional VPN Properties Option • Double-click a VPN to view the participating VRFs, sites, and network elements in the navigation pane and map view. • Right-click a VPN and choose Properties to view the VPN Properties window. For Additional Information Viewing VPN Properties, page 18-26 Double-click a VRF to view the VRF properties Viewing VRF Properties, page 18-27 window. Cisco Prime Network 4.0 User Guide 18-20 OL-29343-01 Chapter 18 Monitoring MPLS Services Managing VPNs Table 18-7 Displaying Additional VPN Properties (continued) Object Option For Additional Information Site Double-click a site to view the IP Interface Properties window Viewing Site Properties, page 18-27 Link Double-click a link to view the link properties window. The properties that are depend on the link type. Chapter 6, “Working with Links” Managing VPNs The following topics describe: • Creating a VPN, page 18-21 • Adding a VPN to a Map, page 18-22 • Removing a VPN from a Map, page 18-23 • Moving a Virtual Router Between VPNs, page 18-23 Creating a VPN You can change business configurations by manually creating VPNs. The VPNs that are manually created do not contain virtual routers and sites. To create a VPN: Step 1 In the Prime Network Vision navigation pane, select the map root. Step 2 From the File menu, choose Add to Map > VPN > New. Step 3 In the Create VPN dialog box, enter the following: • Name—A unique name for the new VPN. Note • Icon—To use a custom icon for the VPN, click the button next to the Icon field and navigate to the icon file. Note • Step 4 VPN business element names are case sensitive. If a path is not specified to an icon, the default VPN icon is used (for more information about icons, see Table 18-6 on page 18-20). Description—(Optional) An additional VPN description. Click OK. The new VPN is added to the VPN list in the Add VPN dialog box. Cisco Prime Network 4.0 User Guide OL-29343-01 18-21 Chapter 18 Monitoring MPLS Services Managing VPNs For more information about loading the newly created VPN in the service view map, see Adding a VPN to a Map, page 18-22. Adding a VPN to a Map You can add a VPN to a map view if the VPN was previously created by a user or discovered by Prime Network Vision and are not currently displayed in the map. Note Adding a VPN affects other users if they are working with the same map. To add an existing VPN to a map: Step 1 In Prime Network Vision, display the map to which you want to add the VPN. Step 2 Do either of the following: • From the File menu, choose Add to Map > VPN > Existing. • In the main toolbar, click Add to Map, then choose Add to Map > VPN > Existing. The Add VPN dialog box is displayed. Step 3 Do either of the following: • Choose a search category, enter a search string, then click Go to narrow search results to a range of VPNs or a specific VPN. Search categories include: – Description – Name The search condition is “contains.” Search strings are case-insensitive. For example, if you choose the Name category and enter “net,” Prime Network Vision displays VPNs that have “net” in their names whether at the beginning of the name, the middle, or the end. • Step 4 Select the VPN that you want to add to the map. Tip Step 5 Choose Show All to display all the VPNs. Press Shift or Ctrl to choose multiple adjoining or nonadjoining VPNs. Click OK. The VPN is displayed in the navigation pane and the selected map or subnetwork in the Prime Network Vision window content pane. In addition, any tickets are displayed in the ticket area. Cisco Prime Network 4.0 User Guide 18-22 OL-29343-01 Chapter 18 Monitoring MPLS Services Managing VPNs Removing a VPN from a Map You can remove one or more VPNs from the current active map. This change does not affect other maps. Removing a VPN from a map does not remove it from the Prime Network Vision database. The VPN will appear in the Add VPN dialog box, so you can add it back to the map at any time. When removing VPNs from maps, keep the following in mind: • Removing a VPN affects other users if they are working with the same map view. • This option does not change the business configuration or database. • You cannot remove virtual routers or sites from the map without removing the VPN. To remove a VPN, in the Prime Network Vision pane or map view, right-click the VPN and choose Remove from Map. The VPN is removed from the map view along with all VPN elements, such as connected CE devices. Remote VPNs (extranets) are not removed. Note If the routing information changes after an overlay is applied, the changes do not appear in the current overlay. Click Refresh Overlay to update the routing information. Moving a Virtual Router Between VPNs You can move a virtual router (including its sites) from one VPN to another after you create a VPN and add it to the service view map. Note Moving a virtual router moves all of its sites as well. To move a virtual router: Step 1 In the Prime Network Vision navigation pane or map, right-click the virtual router and choose Edit > Move selected. Step 2 Right-click the required VPN in the navigation pane or map to where you want to move the virtual router and choose Edit > Move here. Caution Moving a virtual router from one VPN to another affects all users who have the virtual router loaded in their service view map. The virtual router and its sites are displayed under the selected VPN in the navigation pane and in the map. Cisco Prime Network 4.0 User Guide OL-29343-01 18-23 Chapter 18 Monitoring MPLS Services Working with VPN Overlays Working with VPN Overlays The following topics describe: • Applying VPN Overlays, page 18-24 • Managing a VPN Overlay Display in the Map View, page 18-25 • Displaying VPN Callouts in a VPN Overlay, page 18-25 Applying VPN Overlays You can select and display an overlay of a specific VPN on top of the devices displayed in a map view. The overlay is a snapshot of the network that visualizes the flows between the sites and tunnel peers. When one network VPN is selected in the network map, the PE routers, MPLS routers, and physical links that carry the LSP used by the VPN are highlighted in the network map. All the devices and links that are not part of the VPN are dimmed. The VPN service overlay allows you to isolate the parts of a network that are being used by a particular service. This information can then be used for troubleshooting. For example, the overlay can highlight configuration or design problems when bottlenecks occur and all the site interlinks use the same link. To apply a VPN overlay: Step 1 In Prime Network Vision, display the network map on which you want to apply an overlay. Step 2 From the main toolbar, click Choose Overlay Type and choose VPN. The Select VPN Overlay dialog box is displayed. Step 3 Do one of the following: • Choose a search category, enter a search string, then click Go to narrow the search results to a range of VPNs or a specific VPN. Search categories include: – Description – Name The search condition is “contains.” Search strings are case-insensitive. For example, if you choose the Name category and enter “net,” Prime Network Vision displays VPNs that have “net” in their names whether net appears at the beginning of the name, the middle, or at the end: for example, Ethernet. • Step 4 Choose Show All to display all the VPNs. Select the VPN overlay that you want to apply to the map. The PE routers, MPLS routers, and physical links used by the selected VPN are highlighted in the network map. The VPN name is displayed in the title of the window. Note An overlay is a snapshot taken at a specific point in time and does not reflect changes that occur in the service. As a result, the information in an overlay can become stale. To update the overlay, click Refresh Overlay in the main toolbar. Cisco Prime Network 4.0 User Guide 18-24 OL-29343-01 Chapter 18 Monitoring MPLS Services Working with VPN Overlays Managing a VPN Overlay Display in the Map View After a VPN overlay is applied to a map, you can manage its display by using the overlay tools in the main toolbar: • To display the overlay, click Show Overlay on the main toolbar. • To hide an active overlay, click Hide Overlay on the main toolbar. Note • The Show Overlay button is a toggle. When clicked, the overlay is displayed. When clicked again, the overlay is hidden. To remove the VPN overlay, choose Show Overlay Type > None. Displaying VPN Callouts in a VPN Overlay You can display or hide the callouts for VPN links displayed in a VPN overlay to show the details of the sites that are interlinked through the selected links. The callouts (see Figure 18-13) enable you to view the VPN traffic links for a specific link (either bidirectional or unidirectional). Note The link must be displayed in the VPN overlay and not dimmed for you to display the link callouts. Figure 18-13 Callouts Window 1 Link details and direction. In this example, the 3 link is from P-North to PE-West. Details of sites using the link and interlinks. In this example, the site PE-West is linked to all sites on PE-South. 2 Details of the sites using the link and interlinks. In this example, the site PE-88 is linked to site PE-West. 4 Link details and the direction. In this example, the link is from PE-West to P-North. Cisco Prime Network 4.0 User Guide OL-29343-01 18-25 Chapter 18 Monitoring MPLS Services Monitoring MPLS Services To display or hide the callouts: Step 1 In the Prime Network Vision window, display the map view with the VPN overlay. Step 2 Right-click the required link in the map view and choose Show Callouts. Step 3 To hide the callouts, right-click the link in the map view that is displaying the callouts and choose Hide Callouts. Monitoring MPLS Services The following topics provide details for viewing MPLS services and technologies: • Viewing VPN Properties, page 18-26 • Viewing Site Properties, page 18-27 • Viewing VRF Properties, page 18-27 • Viewing VRF Egress and Ingress Adjacents, page 18-31 • Viewing Routing Entities, page 18-31 • Viewing Label Switched Entity Properties, page 18-39 • Viewing MP-BGP Information, page 18-45 • Viewing BFD Session Properties, page 18-47 • Viewing Cross-VRF Routing Entries, page 18-49 • Viewing Pseudowire End-to-End Emulation Tunnels, page 18-50 • Viewing MPLS TE Tunnel Information, page 18-52 Viewing VPN Properties To view the properties of a VPN: Step 1 In the Prime Network Vision navigation pane or map view, do either of the following: • If the VPN icon is of the largest size, click the Properties button. • Right-click the VPN and choose Properties. The VPN Properties window displays the following information: Step 2 • Name—Name of the VPN. • ID—Unique identifier assigned to the VPN. Click Close to close the VPN Properties dialog box. Cisco Prime Network 4.0 User Guide 18-26 OL-29343-01 Chapter 18 Monitoring MPLS Services Monitoring MPLS Services Viewing Site Properties Prime Network Vision enables you to view site properties, including the interfaces that are configured on the PE device. The displayed properties reflect the configuration that Prime Network Vision automatically discovered for the device. To view site properties, in the Prime Network Vision navigation pane or map view, right-click the required site and choose Properties. Table 18-8 describes the information that is displayed in the Router IP Interface Properties window: Table 18-8 Router IP Interface Properties Window for Sites Field Description Name Name of the site, such as FastEthernet4/1.252. State Interface state, either Up or Down. IP Address IP address of the interface. Mask Network mask. Interface Description Description applied to the interface. Associated Entity Element and interface associated with the site, hyperlinked to its entry in physical inventory. Addresses Table Subnet IP address and subnet mask. Note Type If the site is an IPv6 VPN over MPLS with IPv6 addresses provisioned, the IPv6 addresses are displayed. For more information, see Viewing IPv6 Information, page 17-2. Address type, such as Primary, Secondary, or IPv6 Unicast. Viewing VRF Properties Prime Network Vision enables you to view VRF properties, including the VRF route distinguisher, import and export route targets, and any provisioned sites and VRF routes. To view VRF properties, do either of the following in map view: • Double-click the element configured for VRFs. • Expand the required VPN and double-click the virtual router. Cisco Prime Network 4.0 User Guide OL-29343-01 18-27 Chapter 18 Monitoring MPLS Services Monitoring MPLS Services The VRF properties window is displayed as shown in Figure 18-14. Figure 18-14 VRF Properties The VRF Properties window contains the VRF routing table for the device. The table is a collection of routes that are available or reachable to all the destinations or networks in the VRF. The forwarding table also contains MPLS encapsulation information. Table 18-9 describes the information displayed in the VRF Properties window. Note The VRF Properties window only displays properties and attributes that are provisioned in the VRF. You might not see all the fields and tabs described in Table 18-9. Table 18-9 VRF Properties Field Description Route Distinguisher Route distinguisher configured in the VRF. Name VRF name. Description Description of the VRF. IPv4 Tab Export Route Targets IPv4 export route targets contained by the VRF. Import Route Targets IPv4 import route targets contained by the VRF. Route Maps Route maps for the VRF. Cisco Prime Network 4.0 User Guide 18-28 OL-29343-01 Chapter 18 Monitoring MPLS Services Monitoring MPLS Services Table 18-9 VRF Properties (continued) Field Description IPv6 Tab Export Route Targets IPv6 export route targets contained by the VRF. Import Route Targets IPv6 import route targets contained by the VRF. Route Maps Route maps for the VRF. Routing Tables Destination Destination of the specific network. Prefix Length Length of the network prefix in bits. Next Hop Next routing hop. Outgoing Interface Name of the outgoing interface; displayed if the Routing Protocol type is local. Type Route type: Direct (local), Indirect, or Static. Routing Protocol Routing protocol used to communicate with the other sites and VRFs: BGP or local. BGP Next Hop Border Gateway Protocol (BGP) next hop. This is the PE address from which to continue to get to a specific address. This field is empty when the routing entry goes to the CE. Bottom In Label Innermost label that is expected when MPLS traffic is received. Bottom Out Label Innermost label sent with MPLS traffic. Outer Label Outermost or top label in the stack used for MPLS traffic. MRoute_Table Source Address The source IP address from where the multicast information is sent. Group Address The group IP address of the multicast. Flags The flag information pertaining to the multicast. Up Time The amount of time the interface has been active. Protocol The protocol information, which can be 4 or 6. Sites Tab Name Site name. IP Address IP address of the interface. Mask Subnet mask. State State of the subinterface: Up or Down. Associated Entity Element and interface associated with the site, hyperlinked to its entry in physical inventory. Description Interface description. Input Access List Access list applied to the inbound traffic. Output Access List Access list applied to the outbound traffic. Cisco Prime Network 4.0 User Guide OL-29343-01 18-29 Chapter 18 Monitoring MPLS Services Monitoring MPLS Services Table 18-9 VRF Properties (continued) Field Description Rate Limits If a rate limit is configured on an IP interface, the limit is shown as an IP interface property. This option is checked when a rate limit is defined on the IP interface, meaning t