[nsp] Continuos Ping from Interface to Interface

Brennan_Murphy at NAI.com Brennan_Murphy at NAI.com
Wed Jul 30 15:42:36 EDT 2003


It sounds like you need to monitor latency and when it crosses
a threshold, you need an alert so you can login and perform diagnostics
to identify the
culprit. As rpcbind hinted, SAA is your likely choice and
it does have the requirement for scripting unless you use IPM. 
You could probably set it up to send an snmp trap however, associate
that with
an email alert and ouila. But once you know it's occuring,
you still have to figure out what is occurring. 

http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_configur
ation_guide_chapter09186a00800ca63e.html


Ahem. A sniffer or protocol analyzer would be superior to the nbar
suggestion--since if traffic or certain types of errors are
causing the problem--an analyzer is the best choice. But they arent 
cheap--which is why you could rent one or even bring in a consultant 
for a one time engagement. Also, the analyzer would tell you 
definitely if streaming is the cause. 

If you dont have access to one, I guess you'll be looking at
show interface for errors and sh ip account and sh top on
the switch to find top talkers.  You could apply an ip any any
ACL and log it....not a bad idea either in a troubleshooting
scenario...others may disagree.

good luck...

-----Original Message-----
From: rpcbind at speakeasy.net [mailto:rpcbind at speakeasy.net] 
Sent: Wednesday, July 30, 2003 1:41 PM
To: Richard Golodner
Cc: 'cisco-nsp at puck.nether.net'
Subject: Re: [nsp] Continuos Ping from Interface to Interface



NTP peering between point-to-point interfaces is always an easy way of
watching overall latency (sh ntp assoc). If you want to get more
involved, search cisco's site for 'SAA', though I've never found it very
useful without spending some time scripting data collection and such
(though once this is 
done, its great).

For your specific problem, despite problems on larger platforms, using
nbar to break out protocol stats would probably be a good start. However
on a 1720, 
you'll have to go up to 12.2T or 12.3 for the functionality.

If you really do just want to do pings, just enable and use the extended
ping 
('# ping'), where you can fire off as many pings as you want and check
the 
data at the end (marginally usefull, but you asked...)


On Wed, 30 Jul 2003, Richard Golodner wrote:

> 	I am seeing high latency on many of my private frame circuits
and 
> want to know if I can pinpoint the problem by running some type of 
> continuos ping from my remote router back to corporate. I a m 
> suspecting that one or some of my users are using some type of 
> streaming media, which is prohibited by our AUP.
> 	 I have searched the cisco.com site and have tried google
groups, 
> perhaps my search strings are not correct, but if anyone can give me a

> quick pointer I would be most grateful. I am running a 1720 with 12.1 
> (1) at all locations.
> 					Thank you, Richard Golodner 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
http://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list