Cisco Info Center VPN Policy Manager Installation and User Guide, 3.1
Using Policy Manager (UNIX)
Download this chapter
Using Policy Manager (UNIX)Using Policy Manager (UNIX)
Download the complete book
Cisco Info Center VPN Policy Manager Installation and Configuration Guide, 3.1 (PDF version)Cisco Info Center VPN Policy Manager Installation and Configuration Guide, 3.1 (PDF version) (PDF - 2 MB)
give_us_feedback

Table Of Contents

Using Policy Manager (UNIX)

Starting Cisco Info Center VPN Policy Manager

Stopping Cisco Info Center VPN Policy Manager

Starting the VPN Policy Manager Desktop

Viewing VPN Policy Manager Event Lists

Launching the ISC GUI

Using the MPLS Troubleshooting Tools

Selecting an MPLS Troubleshooting Tool

Show VRF Tool

Show VRF Route Tool

Show VRF Interface Tool

Show CEF-VRF Forwarding Table

VRF Ping Tool

VRF Traceroute


Using Policy Manager (UNIX)

This chapter describes how to use VPN Policy Manager using an Info Desktop running on the UNIX platform.

This chapter contains the following sections:

Starting Cisco Info Center VPN Policy Manager

Stopping Cisco Info Center VPN Policy Manager

Starting the VPN Policy Manager Desktop

Viewing VPN Policy Manager Event Lists

Launching the ISC GUI

Using the MPLS Troubleshooting Tools

Starting Cisco Info Center VPN Policy Manager

If you have configured Cisco Info Center VPN Policy Manager for automatic startup, then it starts up automatically when the Info Server host is started.

If you have configured Cisco Info Center VPN Policy Manager for manual startup, then it starts up when you start the Info Server using the /etc/init.d/nco start command.

Stopping Cisco Info Center VPN Policy Manager

To stop the Cisco Info Center VPN Policy Manager components on a host, enter the following command:

/etc/init.d/nco stop

Starting the VPN Policy Manager Desktop

You view Cisco Info Center Policy Manager events using an Info Desktop. To start the Info Desktop on a UNIX host:

Step 1 If the FLEXlm license server is running on a remote host, enter the following command to set the LM_LICENSE_FILE environment variable to point to the host running the license server.

setenv LM_LICENSE_FILE 27000@<hostname>

where hostname is the name of the host running the license server.

Step 2 In a terminal window, enter the following command to start the Info Desktop:

nco &

The Info Desktop login window appears.

Step 3 Enter your username and password.

The main Conductor Window appears.

For detailed information on using the Conductor, refer to the Cisco Info Center User Guide, 3.6 at the following URL:

http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/info_ctr/3_6/install/index.htm

Viewing VPN Policy Manager Event Lists

To view an event list:

Step 1 On the Conductor main window, click on the Event List icon:

A set of monitor boxes appears. Each monitor box lists specific categories of event based on the filters set up for the monitor box.

Figure 4-1 shows the default monitor boxes for Cisco Info Center VPN Policy Manager on the UNIX platform.

Figure 4-1 Default VPN Policy Manager Monitor Boxes and Views

Step 2 To display a list of events for the view, click the View button the lower right of the monitor box.

You can select the following event views:

All Events—Shows all events currently received by the Info Server.

Syslog—Shows all syslog events currently received.

Table 4-1 describes the events that are shown in this event view. For the Cisco Info Center VPN Policy Manager application, syslog events regarding PE routers are displayed.

Table 4-1 Syslog Events in the Syslog Events View

Event
Description
Example Event Summary

Link Up

Indicates that a physical interface on a device that provides a link used in MPLS has come up.

%LINK-3-UPDOWN: Interface ATM0/0/0 changed state to up

Link Down

Indicates that a physical interface on a device that provides a link used in MPLS has gone down.

%LINK-3-UPDOWN: Interface ATM0/0/0 changed state to down

Line Protocol Up

Indicates that a line protocol associated with an interface that provides a link used in MPLS has come up.

%LINEPROTO-5-UPDOWN" Line protocol on interface ATM7/0/0 changed state to up

Line Protocol Down

Indicates that a line protocol associated with an interface that provides a link used in MPLS has gone down.

%LINEPROTO-5-UPDOWN" Line protocol on interface ATM7/0/0 changed state to down


SNMP —Shows all SNMP trap events.

Cisco Info Center VPN Policy Manager includes filters for SNMP events that effect the MPLS network. Table 4-2 describes these SNMP events.

Table 4-2 SNMP Events

Event
Description
Enhanced Event Information

MPLS VRF Up

Indicates that an interface used with VPN Routing Forwarding (VRF) has come up.

The CE routers, Customers, VPNs, Sites and Providers affected by the event.

MPLS VRF Down

Indicates that an interface used with VRF has gone down.

The CE routers, Customers, VPNs, Sites and Providers affected by the event.

Link Up

Indicates that an interface associated with an MPLS link has come up.

The CE routers, Customers, VPNs, Sites and Providers affected by the event.

Link Down

Indicates that an interface associated with an MPLS link has gone down.

The CE routers, Customers, VPNs, Sites and Providers affected by the event.


ISC Logging—Shows events received from the ISC host.

Table 4-3 describes the events received from the ISC host through the Tibco Info Mediator. For these events, additional event information is collected by Cisco VPN Policy Manager and used to create enhanced events.

Table 4-3 ISC Logging Events

Event
Description
Enhanced Event Information

PE added

Indicates that a PE router has been added to the network.

The VPNs and MPLS customers affected by the event.

PE deleted

Indicates that a PE router has been deleted.

The VPNs and MPLS customers affected by the event.

CPE added

Indicates that a customer premises equipment (CPE) device has been added to the network.

The VPNs and MPLS customers affected by the event.

CPE deleted

Indicates that a CPE device has been deleted.

The VPNs and MPLS customers affected by the event.


All MPLS Events—Shows all MPLS events.

The MPLS Event view shows all MPLS events. MPLS events are events that are generated by Cisco VPN Policy Manager when VPN Routing Forwarding (VRF) interfaces on MPLS devices go up or down or when interfaces or line protocols on MPLS devices go up or down.

Table 4-4 describes the MPLS events.

Table 4-4 MPLS Events

Event
Description

CE event

Shows information about a customer edge router (CE router) affected when an interface or line protocol on an MPLS device goes up or down.

PE event

Shows information about a provider edge router (PCE router) affected when an interface or line protocol on an MPLS device goes up or down.

Customer event

Shows information about an MPLS customer who is affected when an interface or line protocol on an MPLS device goes up or down.

VPN event

Shows information about a VPN that is affected when an interface or line protocol on an MPLS device goes up or down.


MPLS CE—Shows all MPLS Customer Edge (CE) router events.

CE events are generated when an interface or line protocol on an MPLS device goes up or down. They provide information about a CE router that is affected by the event on the MPLS device.

MPLS Customer—Shows MPLS customer events.

MPLS Customer events are generated when an interface or line protocol on an MPLS device goes up or down. They provide information about an MPLS Customer who is affected by the event on the MPLS device.

MPLS PE—Shows all MPLS Provider Edge (PE) router events.

MPLS PE events are generated when an interface or line protocol on an MPLS device goes up or down. They provide information about a PE router that is affected by the event on the MPLS device.

MPLS VPN—Shows all MPLS Virtual Private Network (VPN) events.

MPLS events are generated when an interface or line protocol on an MPLS device goes up or down. They provide information about a VPN that is affected by the event on the MPLS device.

After you select a view, an event list appears.

Figure 4-2 shows a typical VPN Policy Manager event list.

Figure 4-2 A VPN Policy Manager Event List

Step 3 To view details about an event, click on the event.

When any VPN Policy Manager event is selected, you can launch the ISC GUI to obtain additional information about the event.

When a provider edge router event (PE event) is selected, you can use the VPN Policy Manager MPLS Troubleshooting tools to view more information about the VRF.

For information on how to use the MPLS Troubleshooting tools, see the following section, the "Using the MPLS Troubleshooting Tools" section.

Launching the ISC GUI

To launch the ISC GUI.

Step 1 When a VPN Policy Manager event is selected, right click on the event.

The Cisco Info Center VPN Policy Manager Alerts menu appears, shown in Figure 4-3.

Figure 4-3 The VPN Policy Manager Tools Menu

Step 2 Select Launch ISC GUI.

The ISC GUI launches and you are prompted for the ISC username and password.

For information on using the ISC GUI, refer to the ISC 3.2 documentation at the following URL:

http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/isc/index.htm

Using the MPLS Troubleshooting Tools

When a provider edge (PE) event is selected, you can use the MPLS Troubleshooting tools to obtain additional information about the event.

Table 4-5 describes the MPLS Troubleshooting Tools.

Table 4-5 The MPLS Troubleshooting Tools 

Tool
Description

Show VRF

Logs in to the router that sent the event, issues the show ip vrf command, and shows the output from the command.

For information on using this tool, see the "Show VRF Tool" section.

Show VRF Route

Logs in to the router that sent the event, issues the show ip route vrf command, and shows the output from the command.

For information on using this tool, see the "Show VRF Route Tool" section

Show VRF Interface

Logs in to the router that sent the event, issues the show ip vrf interface command, and shows the output from the command

For information on using this tool, see the "Show VRF Interface Tool" section

Show CEF-VRF Forwarding Table

Logs in to the router that sent the event, issues the show ip cef vrf summary or the show ip cef vrf detail command, and shows the output from the command

For information on using this tool, see the "Show CEF-VRF Forwarding Table" section

VRF Ping

Logs in to the router that sent the event, issues the ping vrf command, and shows the output from the command.

For information on using this tool, see the "VRF Ping Tool" section

VRF Traceroute

Logs in to the router that sent the event, issues the traceroute vrf command, and shows the output from the command.

For information on using this tool, see the "VRF Traceroute" section


Selecting an MPLS Troubleshooting Tool

To select an MPLS Troubleshooting tool:

Step 1 Select a PE event.

Step 2 Right click on the event.

The Alerts menu appears.

Step 3 On the Alerts menu, select Tools.

The Tools menu appears, shown in Figure 4-4.

Figure 4-4 The Tools Menu

Step 4 On the Tools menu, select MPLS Troubleshooting Tools.

A pull-down menu appears showing the MPLS Troubleshooting Tool, shown in Figure 4-5.

Figure 4-5 MPLS Troubleshooting Tools Menu

Select the MPLS Troubleshooting tool that you want to run from the list of tools.

Show VRF Tool

Use the Show VRF tool to issue the show ip vrf command. This command displays the set of defined Virtual Private Network (VPN) routing/forwarding instances (VRFs) and associated interfaces.

To use the Show VRF tool:

Step 1 Right click on an MPLS PE event.

The Alerts Menu appears.

Step 2 Select Tools > MPLS Troubleshooting Tools > Show VRF

The Tool Parameter Dialog for the Show VRF Tool appears, as shown in Figure 4-6.

Figure 4-6 Tool Parameter Dialog for the Show VRF Tool

Step 3 Enter the Router User name, the Router Password and the Router Enable Password and then click OK.

The tool issues the show ip vrf command and displays the output.

Figure 4-7 shows sample output from the show ip vrf command.

Figure 4-7 Output from the Show VRF Tool

Show VRF Route Tool

Use the Show VRF Route tool to issue the show ip route vrf command. The show ip route vrf command displays the IP routing table associated with a Virtual Private Network (VPN) routing/forwarding instance (VRF).

To use the Show VRF Route tool:

Step 1 Right click on an MPLS PE event.

The Alerts Menu appears.

Step 2 Select Tools > MPLS Troubleshooting Tools > Show VRF Route

The Tool Parameter Dialog for the Show VRF Route Tool appears, as shown in Figure 4-8.

Figure 4-8 Tool Parameter Dialog for the Show VRF Route Tool

Step 3 Enter the Router User name, Router Password, Router Enable Password, and VRF Name and then click OK.

The tool issues the show ip route vrf command and displays the output.

Figure 4-9 shows sample output from the show ip route vrf command.

Figure 4-9 Output from the Show VRF Route Tool

Show VRF Interface Tool

Use the Show VRF Interface tool to issue the show ip vrf interface command. This command displays the VRF table associated with an interface.

To use the Show VRF Interface tool:

Step 1 Right click on an MPLS PE event.

The Alerts Menu appears.

Step 2 Select Tools > MPLS Troubleshooting Tools > Show VRF Interface.

The Tool Parameter Dialog for the Show VRF Interface Tool appears, as shown in Figure 4-10.

Figure 4-10 Tool Parameter Dialog for the Show VRF Interface Tool

Step 3 Enter the Router User name, Router Password, and Router Enable Password and then click OK.

The tool issues the show ip vrf interface command and displays the output.

Figure 4-11 shows sample output from the show ip vrf interface command.

Figure 4-11 Output from the Show VRF Interface Tool

Show CEF-VRF Forwarding Table

The Show CEF-VRF Forwarding Table tool issues the show ip cef vrf summary command or the show ip cef vrf detail command and displays the output. This command displays the Cisco Express Forwarding (CEF) forwarding table forwarding table associated with a Virtual Private Network (VPN) routing/forwarding instance (VRF).

To use the Show CEF-VRF Forwarding Table tool:

Step 1 Right click on an MPLS PE event.

The Alerts Menu appears.

Step 2 Select Tools > MPLS Troubleshooting Tools > Show CEF-VRF Forwarding Table.

The Tool Parameter Dialog for the Show CEF-VRF Forwarding Table Tool appears, as shown in Figure 4-10.

Figure 4-12 Tool Parameter Dialog for the Show CEF-VRF Forwarding Tool

Step 3 Enter the Router User name, Router Password, Router Enable Password, and VRF Name and then click OK.

Step 4 Pull down the menu in the Detail/Summary field and do one of the following:

To request a detailed report, select detail.

To request a summary report, select summary.

To request a report with only IP addresses (no detail or summary information), select none.

Step 5 Click OK.

The tool issues the show ip cef vrf summary or the show ip cef vrf detail command and displays the output.

Figure 4-13 shows sample output from the show ip cef vrf summary command.

Figure 4-13 Output from the Show CEF-VRF Forwarding Table Tool

VRF Ping Tool

To use the VRF Ping tool:

Step 1 Right click on an MPLS PE event.

The Alerts Menu appears.

Step 2 Select Tools > MPLS Troubleshooting Tools > VRF Ping.

The Tool Parameter Dialog for the VRF Ping Tool appears, as shown in Figure 4-14.

Figure 4-14 Tool Parameter Dialog for the VRF Ping Tool

Step 3 Enter the Router User name, Router Password, Router Enable Password, VRF Name, and VRF Destination IP address, then click OK.

The tool issues the ping vrf command and displays the output.

Figure 4-15 shows sample output from the ping vrf command.

Figure 4-15 Output from the Ping VRF Command

VRF Traceroute

To use the VRF Traceroute tool:

Step 1 Right click on an MPLS PE event.

The Alerts Menu appears.

Step 2 Select Tools > MPLS Troubleshooting Tools > VRF Traceroute.

The Tool Parameter Dialog for the VRF Traceroute Tool appears, as shown in Figure 4-16.

Figure 4-16 Tool Parameter Dialog for the VRF Traceroute Tool

Step 3 Enter the Router User name, Router Password, Router Enable Password, VRF Name, and VRF Destination IP, then click OK.

The tool issues the traceroute vrf command and displays the output.

Figure 4-17 shows sample output from the traceroute vrf command.

Figure 4-17 Output from the Traceroute VRF Command