Cisco MPLS Diagnostics Expert 2.1.3 User Guide on ISC 5.1 - Chapter 2: Getting Started [Cisco IP Solution Center]

Table Of Contents

Getting Started

2.1  Installing MDE

2.2  Logging in to MDE

2.3  Licensing

2.4  User Roles

2.5  Creating Users

2.6  Network Configuration

2.6.1  MPLS IP Time To Live Propagation

2.6.2  MPLS LSP Ping/Trace Route Revision

2.6.3  31-Bit Prefixes on Point-to-Point Access Circuit Links

2.7  Inventory Setup

2.7.1  Manual Creation

2.7.2  Discovery

2.7.3  Inventory Manager Device Import

2.7.4  ISC APIs

2.7.5  Device Configuration Collection

Getting Started

This chapter describes how to get started using Cisco MPLS Diagnostics Expert (MDE).

This chapter contains the following sections:

•Installing MDE

•Logging in to MDE

•Licensing

•User Roles

•Creating Users

•Network Configuration

•Inventory Setup

Figure 2-1 describes the getting started workflow for MDE.

Figure 2-1 Getting Started with MDE

1. Install MDE—Install the MDE application. See Installing MDE.

2. Log in to MDE—For details of how to log in, see Logging in to MDE.

3. Install License—Install MDE license key. See Licensing.

4. Create Users—Create users and assign MDE user roles. See User Roles, and Creating Users.

5. Verify Network Configuration—Verify that all network devices have the configuration required for MDE. See Network Configuration.

6. Inventory Setup (Manual)—Manually create required ISC inventory objects. See Inventory Setup.

7. Inventory Setup (Discovery)—Create required ISC inventory objects using ISC Discovery. See Inventory Setup.

8. Inventory Setup (Device Import)—Create required ISC inventory objects using Inventory Manager Import Devices feature. See Inventory Setup.

9. Inventory Setup (API)—Create required inventory objects through ISC APIs. See Inventory Setup.

10. Collect Device Configuration—Collect device configuration, including interface configuration, and add to ISC inventory. A scheduled task can be set up to periodically synchronize ISC inventory with actual device configuration. See Device Configuration Collection.

11. Perform Test—Select, configure, and run an MPLS VPN Connectivity Verification test. See 3.2  Performing an MPLS VPN Connectivity Verification Test, page 3-5.

2.1  Installing MDE

MDE is installed as part of the standard ISC installation. It must then be activated by installing an MDE license. For detailed instructions of how to install MDE, see the Cisco IP Solution Center Installation Guide, 5.1

2.2  Logging in to MDE

For details of how to log in, see the Logging In for the First Time section in Chapter 2 of the Cisco IP Solution Center Installation Guide, 5.1.

2.3  Licensing

The MDE product requires a separate license key. The license key is provided with the ISC installation CD-ROM. Upgrade licenses for further attachment circuits can be purchased from Cisco.com.

MDE licensing is implemented using the standard ISC licensing mechanism. For detailed instructions of how to install the MDE license key, see the Administration chapter in the Cisco IP Solution Center Infrastructure Reference, 5.1.

Note If a valid license key has not been installed, the Diagnostics tab does not appear within ISC, and you are unable to invoke any MDE functionality.

2.4  User Roles

The functionality available to you as an ISC user is determined by your assigned user roles. User roles also allow you to create and delete devices, collect device configuration, and to perform an MPLS VPN Connectivity Verification test.

To use the MDE functionality, you must be assigned one or more of the following predefined MDE roles depending on the type of connectivity tests you are entitled to perform:

1. MplsDiagnosticsRole—You can perform an MPLS VPN connectivity test between two CEs.

2. MplsDiagnosticsPeToAttachedCeTestRole—You can perform an MPLS VPN connectivity test between a PE and an attached CE.

3. MplsDiagnosticsCetoPeAcrossCoreTestRole—You can perform an MPLS VPN connectivity test between a CE and a PE across the MPLS core.

4. MplsDiagnosticsPetoPeInVrfTestRole—You can perform an MPLS VPN connectivity test between two PEs.

5. MplsDiagnosticsPeToPeCoreTestRole—You can perform a core MPLS connectivity test between two PEs.

Note All MDE roles allow you to create and delete devices, collect device configuration, and to perform an MPLS VPN Connectivity Verification test. For further information, see the Administration chapter in the Cisco IP Solution Center Infrastructure Reference, 5.1.

2.5  Creating Users

For details on how to create ISC users, see the Administration chapter in the Cisco IP Solution Center Infrastructure Reference, 5.1.

2.6  Network Configuration

This section describes the network configuration required to allow MDE to troubleshoot your network.

2.6.1  MPLS IP Time To Live Propagation

MPLS IP Time To Live (TTL) propagation is enabled by default on Cisco devices. MDE requires that MPLS IP TTL propagation is enabled within the MPLS core. If MPLS IP TTL propagation is not enabled, then MDE is unable to troubleshoot problems within the MPLS core. Troubleshooting of problems in the access circuit, or on the edge of the MPLS core is still possible.

In Cisco IOS, it is possible to disable MPLS IP TTL propagation for packets forwarded to the MPLS core by using the no mpls ttl-propagate forward IOS command. This command stops TTL propagation for packets forwarded in to the MPLS core, but allows TTL propagation for packets sent from within the MPLS core. MDE functions correctly in this situation.

When TTL propagation is disabled using the Cisco IOS command no mpls ip propagate-ttl, or the Cisco IOS XR command mpls ip-ttl-propagate disable, then all TTL propagation is disabled and MDE is unable to troubleshoot your MPLS network.

2.6.2  MPLS LSP Ping/Trace Route Revision

MDE supports IOS MPLS LSP Ping/Traceroute implementations based on version 3 of the IETF LSP Ping draft (draft-ietf-mpls-lsp-ping-03.txt). Later versions of the IETF LSP Ping draft are not supported. Recent IOS versions (including 12.4(6)T), and IOS XR implement later versions of the IETF LSP Ping draft / RFC 4379. To use MDE with these IOS or IOS XR versions you must configure IOS or IOS XR to use version 3 of the IETF LSP Ping draft. To do so you should enter the mpls oam command followed by the echo revision 3 command in IOS or IOS XR global configuration mode. You should ensure that all routers in your core are using the same version of the IEFT LSP ping draft or RFC as appropriate.

2.6.3  31-Bit Prefixes on Point-to-Point Access Circuit Links

MDE supports troubleshooting over access circuit links configured with a 31-bit prefix. However, for each classful network, MDE does not support troubleshooting over two possible 31-bit prefix configurations. These are the subnets that use the classful network address or network broadcast address as a host address. For example, in the class A network, 10.0.0.0, the 31-bit prefix subnet that uses the IP addresses 10.0.0.0 and 10.0.0.1 as host addresses, and the subnet that uses the IP addresses 10.255.255.254 and 10.255.255.255 as host addresses, are not supported. All subnets between these ranges are supported.

If an MDE test is configured using an unsupported 31-prefix subnet, then the test is not run and a message is displayed informing you of the unsupported 31-bit prefix configuration. In this situation, you must manually troubleshoot this link or reconfigure the link to use a supported subnet configuration.

2.7  Inventory Setup

MDE can be used without any dependency on other ISC modules. However, before it can be used, the ISC repository must be populated with a number of objects. As a minimum this includes Provider, Provider Region, Device, and PE Device objects. The role of each of these objects is explained below:

•Provider—A Provider is typically a service provider or large corporation that provides network services to a customer. A Provider is a logical inventory object that represents a particular provider.

•Provider Region—A Provider Region is considered to be a group of provider edge routers (PEs) within a single Border Gateway Protocol (BGP) autonomous system. The primary objective for defining Provider Regions is to allow a provider to employ unique IP address pools in large Regions, such as Europe, Asia Pacific, and so forth.

•Device—A Device in ISC is a logical representation of a physical device in the network. Every network element that ISC manages must be defined as a device in the system.

•PE Device—A PE Device is a logical representation of a Provider Edge (PE) or Provider (P) router that has been associated with a particular Provider Region. A PE Device must first be added as a Device and then assigned a PE Device type.

All Provider Edge (PE) and Provider (P) routers in the MPLS network must be added to the ISC inventory. Each Provider Edge router should be created as a Device and then as a PE Device with a Role Type of N-PE (Network-facing PE). Each Provider device should be created as a Device and then as a PE Device with a role type of P (Provider). Adding customer premises equipment (CPE) devices to the ISC inventory is optional.

Note Where a Device is acting as both a Provider and Provider Edge Device it should be created as a PE Device with a Role Type of N-PE (Network-facing PE).

Many MPLS VPN networks employ a Route Reflector. It is recommended that Route Reflectors should be added to the ISC inventory. A Route Reflector should be added as a Device and then as a PE Device with role type of P. By adding the Route Reflector to the ISC inventory, MDE is able to identify possible failures involving this device.

Note If other ISC features are being used to manage the MPLS network, many of the required inventory objects might already exist. For example, if the ISC MPLS VPN feature is being used, the required Provider, Provider Region, and Provider Edge devices might already exist. In this case only the Provider devices must be added.

A number of options exist for creating the required inventory objects. These objects can be created manually through the ISC GUI, using the ISC Discovery functionality, using the Inventory Manager Import Devices functionality, or using third-party Operations Support System (OSS) client programs that utilize the ISC APIs. Each of these options is described in the following sections:

•Manual Creation

•Discovery

•Inventory Manager Device Import

•ISC APIs

•Device Configuration Collection

Note When creating Devices, the Device access information (login and passwords) must match that configured on the physical device.

2.7.1  Manual Creation

Manual creation allows you to add objects to the ISC Repository by entering the required configuration through the ISC Graphical User Interface (GUI). Manual object creation is recommended where a small number of objects are being added to the ISC Repository. The sequence for manual object creation is shown below:

1. Create Provider

2. Create Provider Region

3. Create Devices

4. Collect Device configuration, including interface configuration

5. Create PE Devices, including assigning roles for Provider and Provider Edge devices

Note Both Provider (P) and Provider Edge (PE) devices should be added to the ISC repository as PE Device objects with an appropriate PE Role Type. For details of the PE Role Types that should be assigned to Provider and Provider Edge devices, see Inventory Setup. When selecting the transport mechanism to be used between the ISC server and the device, Cisco CNS Configuration Engine cannot be used with MDE as it does not support the necessary commands that MDE requires. If attempts are made to use Cisco CNS Configuration Engine with MDE, then MDE incorrectly reports that the device cannot be contacted.

For details of how to manually create Provider, Provider Region, Device and PE Device objects, see Chapter 3 in the Cisco IP Solution Center Infrastructure Reference, 5.1.

When manually creating Devices, you must also add the interface configuration for these devices.

Interface configuration can either be added manually during Device creation, or by using a Task Manager Collect Configuration task. For details of how to perform a Task Manager Collect Configuration task, see Device Configuration Collection. We recommend that you use a Collect Configuration task.

2.7.2  Discovery

Discovery allows you to add the devices in your network to the ISC Repository by configuring minimal device and topology information in XML files. The Discovery process then queries these devices and populates the ISC Repository with the required device and topology information. We recommend that Discovery is used where a large number of objects are being added to the Repository.

ISC Discovery provides two methods for discovering devices: CDP or Device/Topology. Before performing Device Discovery it is necessary to create the required Discovery XML configuration files. For details of how to discover devices, see Chapter 4 in the Cisco IP Solution Center Infrastructure Reference, 5.1.

Note Both Provider (P) and Provider Edge (PE) devices should be added to the ISC repository as PE Device objects with an appropriate PE Role Type. For details of the PE Role Types that should be assigned to Provider and Provider Edge devices, see Inventory Setup.

Note After Discovery has completed, you must run a Task Manager Collect Configuration task for all discovered devices. If you do not run a Collect Configuration task, MDE is unable to log in to the discovered devices to perform troubleshooting. For details of how to perform a Task Manager Collect Configuration task, see Device Configuration Collection.

2.7.3  Inventory Manager Device Import

The Inventory Manager Import Devices feature allows you to import multiple devices in to the ISC Repository from files containing the Cisco IOS running configuration of the devices. We recommend that the Inventory Manager Import Devices feature is used where a large number of objects are being added to the Repository. For details of how to import devices, see the Inventory Manager section of Chapter 3 in the Cisco IP Solution Center Infrastructure Reference, 5.1.

Before importing Provider (P) and Provider Edge (PE) devices you must create the required Provider and Provider Region objects. For details of how to manually create Provider and Provider Region objects, see Chapter 3 in the Cisco IP Solution Center Infrastructure Reference, 5.1.

When importing devices you must specify the directory where files containing the Cisco IOS running configuration are located. Do not specify the file names. The files must be located in a file system directory accessible from the ISC server.

Note Both Provider (P) and Provider Edge (PE) devices should be added to the ISC repository as PE Device objects with an appropriate PE Role Type. For details of the PE Role Types that should be assigned to Provider and Provider Edge devices, see Inventory Setup.

Note The enable secret password is encrypted before it is added to the Cisco IOS running configuration. As a result, the Device Import feature is unable to set the enable secret password for devices imported in to the ISC Repository. If the enable secret password is set on any devices being imported, you must manually configure the enable password for these devices in the ISC Repository. If both the enable and enable secret passwords are set for a device, the Inventory Manager Import Devices feature uses the enable password for the device added to the ISC Repository. You must override this password with the correct enable secret password. The enable password for devices in the ISC Repository can be set during or after device import.

Note After Device Import has completed, you must run a Task Manager Collect Configuration task for all imported devices. If you do not run a Collect Configuration task, MDE is unable to log in to the imported devices to perform troubleshooting. For details of how to perform a Task Manager Collect Configuration task, see Device Configuration Collection.

2.7.4  ISC APIs

The Cisco IP Solution Center (ISC) application program interface (API) allows you to use operations support system (OSS) client programs to connect to the ISC system. The ISC APIs provide a mechanism for inserting, retrieving, updating, and removing data from ISC servers. It is possible to add the required Provider, Provider Region, Device and PE Device objects using the APIs.

Note The ISC API is not included as standard with MDE, it can be purchased separately.

For details of how to use the ISC APIs, see the Cisco IP Solution Center API Programmer Guide, 5.1 and the Cisco IP Solution Center API Programmer Reference, 5.1.

2.7.5  Device Configuration Collection

We recommend that a Task Manager Collect Configuration task is used to add interface configuration to Devices in the ISC Repository. A Task Manager Collect Configuration task connects to the physical device in the network, collects the device information from the router (including interface configuration), and populates the ISC Repository with this information.

For details of how to add Device interface configuration using a Task Manager Collect Configuration task, see the Task Manager section of Chapter 7 in the Cisco IP Solution Center Infrastructure Reference, 5.1.

Offline configuration collection is available only for MDE and is explained in the Cisco IP Solution Center Infrastructure Reference, 5.1

2.7.5.1  Synchronizing the ISC Repository with Device Configuration

Note The accuracy of MDE is dependent on up-to-date device information. We recommend that the device configuration is resynchronized with the physical devices after any configuration changes and at periodic intervals. This ensures that the device configuration held in the ISC inventory is consistent with the physical devices in the network.

We recommend that device configuration is kept up-to-date using a scheduled Task Manager task. Either Collect Configuration or Collect Configuration from File can be used. For details of how to create a scheduled Task Manager Collect Configuration task, see the Task Manager section of Chapter 7 in the Cisco IP Solution Center Infrastructure Reference, 5.1. All PE and P routers in the MPLS network should have their configuration collected using a scheduled Task Manager Collect Configuration task. The Task Manager Collect Configuration task collects details of interface configuration and other device attributes. The interval at which Task Manager Collect Configuration tasks should be scheduled to run depends on the frequency of configuration changes to the network. We recommend running the Task Manager Collect Configuration task daily on each P and PE router.

	Cisco MPLS Diagnostics Expert 2.1.3 User Guide on ISC 5.1
	Chapter 2: Getting Started
Cisco MPLS Diagnostics Expert 2.1.3 User Guide on ISC 5.1 Index About this Guide Chapter 1: Introduction Chapter 2: Getting Started Chapter 3: Using Cisco MPLS Diagnostics Expert Chapter 4: How Does Cisco MPLS Diagnostics Expert Work? Appendix A: Frequently Asked Questions Appendix B: VPN Topologies Appendix C: Cisco MPLS Diagnostics Expert Supplemental License Agreement	Download this chapter Chapter 2: Getting Started Download the complete book Cisco MPLS Diagnostics Expert 2.1.3 User Guide on ISC 5.1 (Entire Book Length PDF) (PDF - 2 MB) Table Of Contents Getting Started 2.1 Installing MDE 2.2 Logging in to MDE 2.3 Licensing 2.4 User Roles 2.5 Creating Users 2.6 Network Configuration 2.6.1 MPLS IP Time To Live Propagation 2.6.2 MPLS LSP Ping/Trace Route Revision 2.6.3 31-Bit Prefixes on Point-to-Point Access Circuit Links 2.7 Inventory Setup 2.7.1 Manual Creation 2.7.2 Discovery 2.7.3 Inventory Manager Device Import 2.7.4 ISC APIs 2.7.5 Device Configuration Collection Getting Started This chapter describes how to get started using Cisco MPLS Diagnostics Expert (MDE). This chapter contains the following sections: •Installing MDE •Logging in to MDE •Licensing •User Roles •Creating Users •Network Configuration •Inventory Setup Figure 2-1 describes the getting started workflow for MDE. Figure 2-1 Getting Started with MDE 1. Install MDE—Install the MDE application. See Installing MDE. 2. Log in to MDE—For details of how to log in, see Logging in to MDE. 3. Install License—Install MDE license key. See Licensing. 4. Create Users—Create users and assign MDE user roles. See User Roles, and Creating Users. 5. Verify Network Configuration—Verify that all network devices have the configuration required for MDE. See Network Configuration. 6. Inventory Setup (Manual)—Manually create required ISC inventory objects. See Inventory Setup. 7. Inventory Setup (Discovery)—Create required ISC inventory objects using ISC Discovery. See Inventory Setup. 8. Inventory Setup (Device Import)—Create required ISC inventory objects using Inventory Manager Import Devices feature. See Inventory Setup. 9. Inventory Setup (API)—Create required inventory objects through ISC APIs. See Inventory Setup. 10. Collect Device Configuration—Collect device configuration, including interface configuration, and add to ISC inventory. A scheduled task can be set up to periodically synchronize ISC inventory with actual device configuration. See Device Configuration Collection. 11. Perform Test—Select, configure, and run an MPLS VPN Connectivity Verification test. See 3.2 Performing an MPLS VPN Connectivity Verification Test, page 3-5. 2.1 Installing MDE MDE is installed as part of the standard ISC installation. It must then be activated by installing an MDE license. For detailed instructions of how to install MDE, see the Cisco IP Solution Center Installation Guide, 5.1 2.2 Logging in to MDE For details of how to log in, see the Logging In for the First Time section in Chapter 2 of the Cisco IP Solution Center Installation Guide, 5.1. 2.3 Licensing The MDE product requires a separate license key. The license key is provided with the ISC installation CD-ROM. Upgrade licenses for further attachment circuits can be purchased from Cisco.com. MDE licensing is implemented using the standard ISC licensing mechanism. For detailed instructions of how to install the MDE license key, see the Administration chapter in the Cisco IP Solution Center Infrastructure Reference, 5.1. Note If a valid license key has not been installed, the Diagnostics tab does not appear within ISC, and you are unable to invoke any MDE functionality. 2.4 User Roles The functionality available to you as an ISC user is determined by your assigned user roles. User roles also allow you to create and delete devices, collect device configuration, and to perform an MPLS VPN Connectivity Verification test. To use the MDE functionality, you must be assigned one or more of the following predefined MDE roles depending on the type of connectivity tests you are entitled to perform: 1. MplsDiagnosticsRole—You can perform an MPLS VPN connectivity test between two CEs. 2. MplsDiagnosticsPeToAttachedCeTestRole—You can perform an MPLS VPN connectivity test between a PE and an attached CE. 3. MplsDiagnosticsCetoPeAcrossCoreTestRole—You can perform an MPLS VPN connectivity test between a CE and a PE across the MPLS core. 4. MplsDiagnosticsPetoPeInVrfTestRole—You can perform an MPLS VPN connectivity test between two PEs. 5. MplsDiagnosticsPeToPeCoreTestRole—You can perform a core MPLS connectivity test between two PEs. Note All MDE roles allow you to create and delete devices, collect device configuration, and to perform an MPLS VPN Connectivity Verification test. For further information, see the Administration chapter in the Cisco IP Solution Center Infrastructure Reference, 5.1. 2.5 Creating Users For details on how to create ISC users, see the Administration chapter in the Cisco IP Solution Center Infrastructure Reference, 5.1. 2.6 Network Configuration This section describes the network configuration required to allow MDE to troubleshoot your network. 2.6.1 MPLS IP Time To Live Propagation MPLS IP Time To Live (TTL) propagation is enabled by default on Cisco devices. MDE requires that MPLS IP TTL propagation is enabled within the MPLS core. If MPLS IP TTL propagation is not enabled, then MDE is unable to troubleshoot problems within the MPLS core. Troubleshooting of problems in the access circuit, or on the edge of the MPLS core is still possible. In Cisco IOS, it is possible to disable MPLS IP TTL propagation for packets forwarded to the MPLS core by using the no mpls ttl-propagate forward IOS command. This command stops TTL propagation for packets forwarded in to the MPLS core, but allows TTL propagation for packets sent from within the MPLS core. MDE functions correctly in this situation. When TTL propagation is disabled using the Cisco IOS command no mpls ip propagate-ttl, or the Cisco IOS XR command mpls ip-ttl-propagate disable, then all TTL propagation is disabled and MDE is unable to troubleshoot your MPLS network. 2.6.2 MPLS LSP Ping/Trace Route Revision MDE supports IOS MPLS LSP Ping/Traceroute implementations based on version 3 of the IETF LSP Ping draft (draft-ietf-mpls-lsp-ping-03.txt). Later versions of the IETF LSP Ping draft are not supported. Recent IOS versions (including 12.4(6)T), and IOS XR implement later versions of the IETF LSP Ping draft / RFC 4379. To use MDE with these IOS or IOS XR versions you must configure IOS or IOS XR to use version 3 of the IETF LSP Ping draft. To do so you should enter the mpls oam command followed by the echo revision 3 command in IOS or IOS XR global configuration mode. You should ensure that all routers in your core are using the same version of the IEFT LSP ping draft or RFC as appropriate. 2.6.3 31-Bit Prefixes on Point-to-Point Access Circuit Links MDE supports troubleshooting over access circuit links configured with a 31-bit prefix. However, for each classful network, MDE does not support troubleshooting over two possible 31-bit prefix configurations. These are the subnets that use the classful network address or network broadcast address as a host address. For example, in the class A network, 10.0.0.0, the 31-bit prefix subnet that uses the IP addresses 10.0.0.0 and 10.0.0.1 as host addresses, and the subnet that uses the IP addresses 10.255.255.254 and 10.255.255.255 as host addresses, are not supported. All subnets between these ranges are supported. If an MDE test is configured using an unsupported 31-prefix subnet, then the test is not run and a message is displayed informing you of the unsupported 31-bit prefix configuration. In this situation, you must manually troubleshoot this link or reconfigure the link to use a supported subnet configuration. 2.7 Inventory Setup MDE can be used without any dependency on other ISC modules. However, before it can be used, the ISC repository must be populated with a number of objects. As a minimum this includes Provider, Provider Region, Device, and PE Device objects. The role of each of these objects is explained below: •Provider—A Provider is typically a service provider or large corporation that provides network services to a customer. A Provider is a logical inventory object that represents a particular provider. •Provider Region—A Provider Region is considered to be a group of provider edge routers (PEs) within a single Border Gateway Protocol (BGP) autonomous system. The primary objective for defining Provider Regions is to allow a provider to employ unique IP address pools in large Regions, such as Europe, Asia Pacific, and so forth. •Device—A Device in ISC is a logical representation of a physical device in the network. Every network element that ISC manages must be defined as a device in the system. •PE Device—A PE Device is a logical representation of a Provider Edge (PE) or Provider (P) router that has been associated with a particular Provider Region. A PE Device must first be added as a Device and then assigned a PE Device type. All Provider Edge (PE) and Provider (P) routers in the MPLS network must be added to the ISC inventory. Each Provider Edge router should be created as a Device and then as a PE Device with a Role Type of N-PE (Network-facing PE). Each Provider device should be created as a Device and then as a PE Device with a role type of P (Provider). Adding customer premises equipment (CPE) devices to the ISC inventory is optional. Note Where a Device is acting as both a Provider and Provider Edge Device it should be created as a PE Device with a Role Type of N-PE (Network-facing PE). Many MPLS VPN networks employ a Route Reflector. It is recommended that Route Reflectors should be added to the ISC inventory. A Route Reflector should be added as a Device and then as a PE Device with role type of P. By adding the Route Reflector to the ISC inventory, MDE is able to identify possible failures involving this device. Note If other ISC features are being used to manage the MPLS network, many of the required inventory objects might already exist. For example, if the ISC MPLS VPN feature is being used, the required Provider, Provider Region, and Provider Edge devices might already exist. In this case only the Provider devices must be added. A number of options exist for creating the required inventory objects. These objects can be created manually through the ISC GUI, using the ISC Discovery functionality, using the Inventory Manager Import Devices functionality, or using third-party Operations Support System (OSS) client programs that utilize the ISC APIs. Each of these options is described in the following sections: •Manual Creation •Discovery •Inventory Manager Device Import •ISC APIs •Device Configuration Collection Note When creating Devices, the Device access information (login and passwords) must match that configured on the physical device. 2.7.1 Manual Creation Manual creation allows you to add objects to the ISC Repository by entering the required configuration through the ISC Graphical User Interface (GUI). Manual object creation is recommended where a small number of objects are being added to the ISC Repository. The sequence for manual object creation is shown below: 1. Create Provider 2. Create Provider Region 3. Create Devices 4. Collect Device configuration, including interface configuration 5. Create PE Devices, including assigning roles for Provider and Provider Edge devices Note Both Provider (P) and Provider Edge (PE) devices should be added to the ISC repository as PE Device objects with an appropriate PE Role Type. For details of the PE Role Types that should be assigned to Provider and Provider Edge devices, see Inventory Setup. When selecting the transport mechanism to be used between the ISC server and the device, Cisco CNS Configuration Engine cannot be used with MDE as it does not support the necessary commands that MDE requires. If attempts are made to use Cisco CNS Configuration Engine with MDE, then MDE incorrectly reports that the device cannot be contacted. For details of how to manually create Provider, Provider Region, Device and PE Device objects, see Chapter 3 in the Cisco IP Solution Center Infrastructure Reference, 5.1. When manually creating Devices, you must also add the interface configuration for these devices. Interface configuration can either be added manually during Device creation, or by using a Task Manager Collect Configuration task. For details of how to perform a Task Manager Collect Configuration task, see Device Configuration Collection. We recommend that you use a Collect Configuration task. 2.7.2 Discovery Discovery allows you to add the devices in your network to the ISC Repository by configuring minimal device and topology information in XML files. The Discovery process then queries these devices and populates the ISC Repository with the required device and topology information. We recommend that Discovery is used where a large number of objects are being added to the Repository. ISC Discovery provides two methods for discovering devices: CDP or Device/Topology. Before performing Device Discovery it is necessary to create the required Discovery XML configuration files. For details of how to discover devices, see Chapter 4 in the Cisco IP Solution Center Infrastructure Reference, 5.1. Note Both Provider (P) and Provider Edge (PE) devices should be added to the ISC repository as PE Device objects with an appropriate PE Role Type. For details of the PE Role Types that should be assigned to Provider and Provider Edge devices, see Inventory Setup. Note After Discovery has completed, you must run a Task Manager Collect Configuration task for all discovered devices. If you do not run a Collect Configuration task, MDE is unable to log in to the discovered devices to perform troubleshooting. For details of how to perform a Task Manager Collect Configuration task, see Device Configuration Collection. 2.7.3 Inventory Manager Device Import The Inventory Manager Import Devices feature allows you to import multiple devices in to the ISC Repository from files containing the Cisco IOS running configuration of the devices. We recommend that the Inventory Manager Import Devices feature is used where a large number of objects are being added to the Repository. For details of how to import devices, see the Inventory Manager section of Chapter 3 in the Cisco IP Solution Center Infrastructure Reference, 5.1. Before importing Provider (P) and Provider Edge (PE) devices you must create the required Provider and Provider Region objects. For details of how to manually create Provider and Provider Region objects, see Chapter 3 in the Cisco IP Solution Center Infrastructure Reference, 5.1. When importing devices you must specify the directory where files containing the Cisco IOS running configuration are located. Do not specify the file names. The files must be located in a file system directory accessible from the ISC server. Note Both Provider (P) and Provider Edge (PE) devices should be added to the ISC repository as PE Device objects with an appropriate PE Role Type. For details of the PE Role Types that should be assigned to Provider and Provider Edge devices, see Inventory Setup. Note The enable secret password is encrypted before it is added to the Cisco IOS running configuration. As a result, the Device Import feature is unable to set the enable secret password for devices imported in to the ISC Repository. If the enable secret password is set on any devices being imported, you must manually configure the enable password for these devices in the ISC Repository. If both the enable and enable secret passwords are set for a device, the Inventory Manager Import Devices feature uses the enable password for the device added to the ISC Repository. You must override this password with the correct enable secret password. The enable password for devices in the ISC Repository can be set during or after device import. Note After Device Import has completed, you must run a Task Manager Collect Configuration task for all imported devices. If you do not run a Collect Configuration task, MDE is unable to log in to the imported devices to perform troubleshooting. For details of how to perform a Task Manager Collect Configuration task, see Device Configuration Collection. 2.7.4 ISC APIs The Cisco IP Solution Center (ISC) application program interface (API) allows you to use operations support system (OSS) client programs to connect to the ISC system. The ISC APIs provide a mechanism for inserting, retrieving, updating, and removing data from ISC servers. It is possible to add the required Provider, Provider Region, Device and PE Device objects using the APIs. Note The ISC API is not included as standard with MDE, it can be purchased separately. For details of how to use the ISC APIs, see the Cisco IP Solution Center API Programmer Guide, 5.1 and the Cisco IP Solution Center API Programmer Reference, 5.1. 2.7.5 Device Configuration Collection We recommend that a Task Manager Collect Configuration task is used to add interface configuration to Devices in the ISC Repository. A Task Manager Collect Configuration task connects to the physical device in the network, collects the device information from the router (including interface configuration), and populates the ISC Repository with this information. For details of how to add Device interface configuration using a Task Manager Collect Configuration task, see the Task Manager section of Chapter 7 in the Cisco IP Solution Center Infrastructure Reference, 5.1. Offline configuration collection is available only for MDE and is explained in the Cisco IP Solution Center Infrastructure Reference, 5.1 2.7.5.1 Synchronizing the ISC Repository with Device Configuration Note The accuracy of MDE is dependent on up-to-date device information. We recommend that the device configuration is resynchronized with the physical devices after any configuration changes and at periodic intervals. This ensures that the device configuration held in the ISC inventory is consistent with the physical devices in the network. We recommend that device configuration is kept up-to-date using a scheduled Task Manager task. Either Collect Configuration or Collect Configuration from File can be used. For details of how to create a scheduled Task Manager Collect Configuration task, see the Task Manager section of Chapter 7 in the Cisco IP Solution Center Infrastructure Reference, 5.1. All PE and P routers in the MPLS network should have their configuration collected using a scheduled Task Manager Collect Configuration task. The Task Manager Collect Configuration task collects details of interface configuration and other device attributes. The interval at which Task Manager Collect Configuration tasks should be scheduled to run depends on the frequency of configuration changes to the network. We recommend running the Task Manager Collect Configuration task daily on each P and PE router.
	© 1992-2009 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.