Notas Estudo BCVRE 170-010 parte 4

Chapter 9 Logging

Logging Basics

As Log messages são guardadas /var/log/messages, quando o ficheiro atinge 500kb
renomeia-o para messages.0 e abre um novo ficheiro.

O vRouter mantém os logs separados para bootup messages, PPP connection setup, IPsec connection setup, e outras features

vyatta@training:~$ show log | match ERROR | more
May 16 13:30:50 training pluto[5686]: ERROR: “peer-76.74.103.7-tunnel-1”
#995: sendto on pppoe1 to 76.74.103.7:500 failed in ISAKMP notify. Errno 22:
Invalid argument
May 16 13:31:20 training pluto[5686]: ERROR: “peer-76.74.103.7-tunnel-1”
#995: sendto on pppoe1 to 76.74.103.7:500 failed in ISAKMP notify. Errno 22:
Invalid argument
May 18 00:10:55 training pluto[5686]: ERROR: “peer-76.74.103.7-tunnel-1”
#1043:sendto on pppoe1 to 76.74.103.7:500 failed in ISAKMP notify. Errno 22:
Invalid argument

show log all
!Mostra as ultimas 10 entradas
show log tail

Feature-Specific Logging

Actvar o debugging

vyatta@VYA1:~$ monitor protocol ospf enable ?
Possible completions:
database-timer
Enable OSPF database-timer debugging
events        Enable OSPF event packet debugging
ifsm          Enable OSPF ifsm debugging
lsa           Enable OSPF lsa debugging
nfsm          Enable OSPF nfsm debugging
nsm           Enable OSPF nsm debugging
packet        Enable OSPF packet debugging
route         Enable OSPF route debugging

vyatta@VYA1:~$ monitor protocol ospf enable events ?
Possible completions:
<Enter>       Execute the current command
abr           Enable OSPF abr event debugging
asbr          Enable OSPF asbr event debugging
lsa           Enable OSPF lsa event debugging
nssa          Enable OSPF nssa event debugging
os            Enable OSPF os event debugging
router        Enable OSPF router event debugging
vlink         Enable OSPF vlink event debugging

Para realizar logs de tráfego em transito (NAT,Firewall,etc) é preciso activar o log nas respectivas rules

vyatta@vRouter1# set nat source rule 10 log enable

As entradas sao guardadas em /var/log/messages

Monitor Real-Time

Monitorizar em real-time

monitor protocol ospf
monitor nat source

Crtl-C para sair da captura

Sample Log Output

OSPF Hello packets:

vyatta@vyatta:~$ monitor protocol ospf enable packet hello
vyatta@vyatta:~$ monitor protocol ospf
Apr  5 20:30:51 vRouter ospfd[1949]: Hello received from [172.24.42.53] v
[eth2:192.168.13.1]
Apr  5 20:30:51 vRouter ospfd[1949]:  src [192.168.13.3],
Apr  5 20:30:51 vRouter ospfd[1949]:  dst [224.0.0.5]
Apr  5 20:30:51 vRouter ospfd[1949]: Packet 172.24.42.53 [Hello:RECV]:
Options *|-|-|-|-|-|E|*
Apr  5 20:30:51 vRouter ospfd[1949]: make_hello: options: 2, int:
eth1:192.168.12.1
Apr  5 20:30:51 vRouter ospfd[1949]: make_hello: options: 2, int:
eth2:192.168.13.1
Apr  5 20:30:51 vRouter ospfd[1949]: Hello sent to [224.0.0.5] via
[eth1:192.168.12.1].
Apr  5 20:30:51 vRouter ospfd[1949]: make_hello: options: 2, int:
eth3:192.168.101.1
Apr  5 20:30:51 vRouter ospfd[1949]: Hello sent to [224.0.0.5] via
[eth2:192.168.13.1].
Apr  5 20:30:51 vRouter ospfd[1949]: Hello sent to [224.0.0.5] via
[eth3:192.168.101.1].

NAT packets:

vyatta@vyatta# set nat source rule 30 log enable

vyatta@vyatta# run show log nat
Apr  5 18:17:01 vRouter kernel: [595980.330716] [NAT-SRC-30-MASQ] IN=
OUT=pppoe1
SRC=192.168.2.104 DST=173.12.167.194 LEN=56 TOS=0x00 PREC=0x00 TTL=62
ID=52504 PROTO=UDP SPT=7172 DPT=64544 LEN=36
Apr  5 18:17:01 vRouter kernel: [595980.341042] [NAT-SRC-30-MASQ] IN=
OUT=pppoe1
SRC=192.168.2.104 DST=173.12.167.194 LEN=56 TOS=0x00 PREC=0x00 TTL=62
ID=16918 PROTO=UDP SPT=7172 DPT=64545 LEN=36
Output omitted

Chapter 10 OSPF Single-Area

Configuring OSPF

vyatta@R1# show protocols ospf
area 0 {
network 10.1.1.0/24
network 10.10.1.0/24
network 10.10.2.0/24
}

vyatta@R1# show protocols
ospf {
area 0 {
network 10.0.0.0/8
}
default-information {
originate {
}
}
passive-interface eth1
passive-interface eth2
}

Verifying OSPF Operations

vyatta@R1:~$ show ip route
Codes: K – kernel, C – connected, S – static, R – RIP, B – BGP
O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter
area
> – selected route, * – FIB route, p – stale info
Gateway of last resort is not set
O       10.1.1.0/24 [110/1] is directly connected, eth1, 00:02:57
C    *> 10.1.1.0/24 is directly connected, eth1
O    *> 10.2.1.0/24 [110/2] via 10.10.1.2, eth2, 00:01:30
O    *> 10.2.2.0/24 [110/2] via 10.10.1.2, eth2, 00:01:30
O    *> 10.3.1.0/24 [110/2] via 10.10.2.2, eth3, 00:00:41
O    *> 10.3.2.0/24 [110/2] via 10.10.2.2, eth3, 00:00:41
O       10.10.1.0/24 [110/1] is directly connected, eth2, 00:02:57
Output omitted

vyatta@R1:~$ show ip ospf neighbors
OSPF Process 0:
Neighbor ID     Pri State           Dead Time Address         Interface
172.24.42.52      1 Full/DR           31.721s 10.10.1.2       eth1
172.24.42.53      1 Full/DR           35.533s 10.10.2.2       eth2

vyatta@R1:~$ show ip ospf database
OSPF Router with ID (172.24.42.51) (Process ID 0)
Router Link States (Area 0.0.0.0)
Link ID         ADV Router      Age  Seq#       CkSum  Link count
172.24.42.51    172.24.42.51     869 0x80000005 0x1d44 3
172.24.42.52    172.24.42.52     884 0x80000005 0x84f7 3
172.24.42.53    172.24.42.53     836 0x80000005 0xe555 4
Net Link States (Area 0.0.0.0)
Link ID         ADV Router      Age  Seq#       CkSum
10.10.1.1       172.24.42.51     918 0x80000001 0x04a5
10.10.2.1       172.24.42.51     869 0x80000001 0x07a0
AS External Link States
Link ID         ADV Router      Age  Seq#       CkSum  Route              Tag
0.0.0.0         192.168.200.1     10 0x80000002 0xa3f1 E2 0.0.0.0/0       254

vyatta@R1:~$ show ip ospf database router 172.24.42.51
OSPF Router with ID (192.168.200.1) (Process ID 0)
Router Link States (Area 0.0.0.0)
LS age: 1587
Options: 0x2 (-|-|-|-|-|-|E|-)
Flags: 0x0
LS Type: router-LSA
Link State ID: 192.168.200.1
Advertising Router: 192.168.200.1
LS Seq Number: 80000005
Checksum: 0x1d44
Length: 60
Number of Links: 3
Link connected to: Stub Network
(Link ID) Network/subnet number: 10.1.1.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metric: 1
Link connected to: a Transit Network
(Link ID) Designated Router address: 10.10.1.1
(Link Data) Router Interface address: 10.10.1.1
Number of TOS metrics: 0
TOS 0 Metric: 1
Link connected to: a Transit Network
(Link ID) Designated Router address: 10.10.2.1
(Link Data) Router Interface address: 10.10.2.1
Number of TOS metrics: 0
TOS 0 Metric: 1

Referências:

Notas Estudo BCVRE 170-010 parte 1

Notas Estudo BCVRE 170-010 parte 2

Notas Estudo BCVRE 170-010 parte 3

Vyatta vRouter 5400 Online Documentation

Brocade Certified vRouter Engineer 2013 (BCVRE) Exam

Voucher gratuito Brocade Certified vRouter Engineer (BCVRE) 170-010 Exam

Network Functions Virtualization

Certification Brocade Community

Certification Exam Information

Leave a Comment

Translate »
Google no longer supports Google Images API and this plugin can't work.

You can try to use other plugins with the same feature:
WP Picasa Box - http://codecanyon.net/item/wp-picasa-box/16099962
WP Pixabay Search And Insert - http://wpclever.net/downloads/wordpress-pixabay-search-and-insert