Agenda: exercises-netdot.txt

File exercises-netdot.txt, 11.7 KB (added by b.candler, 6 years ago)
Line 
1% Netdot exercise
2% Network Management Topics
3
4# Introduction
5
6The Network Documentation Tool (Netdot) is an open source software designed to
7help network administrators collect, organize and maintain network
8documentation. Netdot is actively developed at the University of Oregon.
9
10## Goals
11
12In these exercises we will install Netdot and demonstrate some of its most
13important features.
14
15## Notes
16
17* Commands preceded with "$" imply that you should execute the command as
18  a general user - not as root.
19* Commands preceded with "#" imply that you should be working as root.
20* Commands with more specific command lines (e.g. "RTR-GW>" or "mysql>")
21  imply that you are executing commands on remote equipment, or within
22  another program.
23
24# Installation
25
26_Netdot may already be installed in your PC. Ask the instructor._
27
28Log in to your virtual machine as the sysadm user and make sure your machine
29is up-to-date with the rest of the class:
30
31~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
32$ sudo apt-get install snmp snmp-mibs-downloader snmpd cacti smokeping \
33  nagios3 joe postfix
34~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
35
36## Download the Package
37
38First check if it's available in your classroom's NOC server:
39
40~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
41$ cd
42$ wget http://noc.ws.nsrc.org/downloads/netdot-1.0.4.tar.gz
43~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
44
45If not, try from the official site:
46
47~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
48$ wget http://netdot.uoregon.edu/pub/dists/netdot-1.0.4.tar.gz
49~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
50
51Unpack the tarball:
52
53~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
54$ tar xzvf netdot-1.0.4.tar.gz
55$ cd netdot-1.0.4
56~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
57
58## Install dependencies:
59
60~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
61$ sudo apt-get install build-essential
62$ sudo make apt-install
63
64Which RDBMS do you plan to use as backend: [mysql|Pg]? mysql
65
66We need to add a temporary repository of Netdot dependencies until all packages
67are in Debian/Ubuntu official repositories.
68Would you like to continue? [y/n] y
69~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
70
71This will download a lot of packages. Be patient.
72
73(If you had not installed mysql-server, you'll be asked for a DBA password.
74Ask the instructor for the Mysql root password).
75
76Say yes here:
77
78~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
79We will install the MIB files now. Continue? [y/n] y
80~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
81
82If you see this prompt, then answer yes:
83
84~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
85A new /etc/snmp/snmp.conf needs to be installed to point to the newly
86installed MIB files. The current file will be backed up. Continue? [y/n] y
87~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
88
89At the end of the installation you will see a list of Perl modules that
90have been installed (OK). If any did not install you will see "MISSING".
91
92If any of them are missing, type:
93
94~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
95$ sudo make installdeps
96
97Which RDBMS do you plan to use as backend: [mysql|Pg]? mysql
98~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
99
100You will now see three questions concerning CPAN setup to download the missing
101PERL dependency. Answer like this:
102
103~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
104Would you like to configure as much as possible automatically? [yes] yes
105
106What approach do you want?  (Choose 'local::lib', 'sudo' or 'manual')
107 [local::lib] <ENTER>
108 
109Would you like me to automatically choose some CPAN mirror
110sites for you? (This means connecting to the Internet) [yes]
111~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
112
113If you still see missing dependencies do:
114
115~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
116$ sudo make installdeps
117~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
118
119Until you don't see any more missing dependencies.
120
121This will try to install the missing modules using the CPAN archive. At the
122end, all the modules should show "ok".
123
124## Initialize the site configuration:
125
126~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
127$ cd ~/netdot-1.0.4/
128$ cp etc/Default.conf etc/Site.conf
129$ editor etc/Site.conf
130
131  Find and change the following values:
132
133NETDOTNAME => 'pcX.ws.nsrc.org',
134DB_DBA_PASSWORD => '(the password you used when installing mysql)',
135DEFAULT_SNMPCOMMUNITIES  =>  ['NetManage', 'public'],
136NMS_DEVICE => 'pcX.ws.nsrc.org',
137DEFAULT_DNSDOMAIN  => 'ws.nsrc.org',
138DEVICE_NAMING_METHOD_ORDER => [ 'sysname', 'snmp_target' ],
139~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
140
141Save and exit from the file.
142
143## Install the application and initialize the database.
144
145~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
146$ sudo make installdb
147$ sudo make install APACHEUSER=www-data APACHEGROUP=www-data
148$ sudo ln -s /usr/local/netdot/etc/netdot_apache2_local.conf \
149/etc/apache2/conf.d/
150$ sudo service apache2 graceful
151~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
152
153Install the cron jobs for automated tasks
154
155~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
156$ sudo cp netdot.cron /etc/cron.d/netdot
157~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
158
159# Operation
160
161## Log into the web interface
162
163In your browser, go to:
164
165~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
166http://pcX.ws.nsrc.org/netdot
167~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
168
169Log in with username: admin and password: admin
170
171## Changing default passwords
172
173Netdot comes with three default user accounts. You should change the default
174passwords on those.
175
176Go to the "Contacts" tab, then search for "Admin". You should see the details
177for the Admin user. Click on [edit], and find the Password field. Type the
178password you used to log in to your PC, then click on the "Update" button.
179
180Repeat the same steps for the other default users:
181
182* operator
183* guest
184
185## Discovering devices
186
187If you have not done so yet, configure SNMP on your PC and your router.
188
189_Ask the instructor to provide you with instructions for configuring SNMP
190on Cisco routers and Linux_
191
192Now back to Netdot. Let's create a file with all the devices in the lab network
193that respond to SNMP:
194
195~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
196$ editor /home/sysadm/discoverme.txt
197~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
198
199Copy and paste the following list:
200
201~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
202gw.ws.nsrc.org NetManage
203s1.ws.nsrc.org NetManage
204sw.ws.nsrc.org NetManage
205rtr1.ws.nsrc.org NetManage
206rtr2.ws.nsrc.org NetManage
207rtr3.ws.nsrc.org NetManage
208rtr4.ws.nsrc.org NetManage
209rtr5.ws.nsrc.org NetManage
210rtr6.ws.nsrc.org NetManage
211rtr7.ws.nsrc.org NetManage
212rtr8.ws.nsrc.org NetManage
213rtr9.ws.nsrc.org NetManage
214pc1.ws.nsrc.org NetManage
215pc2.ws.nsrc.org NetManage
216pc3.ws.nsrc.org NetManage
217pc4.ws.nsrc.org NetManage
218pc5.ws.nsrc.org NetManage
219pc6.ws.nsrc.org NetManage
220pc7.ws.nsrc.org NetManage
221pc8.ws.nsrc.org NetManage
222pc9.ws.nsrc.org NetManage
223pc10.ws.nsrc.org NetManage
224pc11.ws.nsrc.org NetManage
225pc12.ws.nsrc.org NetManage
226pc13.ws.nsrc.org NetManage
227pc14.ws.nsrc.org NetManage
228pc15.ws.nsrc.org NetManage
229pc16.ws.nsrc.org NetManage
230pc17.ws.nsrc.org NetManage
231pc18.ws.nsrc.org NetManage
232pc19.ws.nsrc.org NetManage
233pc20.ws.nsrc.org NetManage
234pc21.ws.nsrc.org NetManage
235pc22.ws.nsrc.org NetManage
236pc23.ws.nsrc.org NetManage
237pc24.ws.nsrc.org NetManage
238pc25.ws.nsrc.org NetManage
239pc26.ws.nsrc.org NetManage
240pc27.ws.nsrc.org NetManage
241pc28.ws.nsrc.org NetManage
242pc29.ws.nsrc.org NetManage
243pc30.ws.nsrc.org NetManage
244pc31.ws.nsrc.org NetManage
245pc32.ws.nsrc.org NetManage
246pc33.ws.nsrc.org NetManage
247pc34.ws.nsrc.org NetManage
248pc35.ws.nsrc.org NetManage
249pc36.ws.nsrc.org NetManage
250~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
251
252Now, tell Netdot to discover those devices:
253
254~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
255$ cd /usr/local/netdot
256$ sudo bin/updatedevices.pl -E /home/sysadm/discoverme.txt -IAF
257~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
258
259When that is done, go to the web interface and navigate to
260
261    Management -> Devices
262
263Leave the search box empty, and click on the "Find" button.
264
265You should see all the discovered devices in that list. Go to the link for your
266group's router (e.g. rtrX.ws.nsrc.org)
267
268* Navigate to all the tabs: Basic, Interfaces, Modules, IP Info, etc.
269  Netdot allows you to augment the information gathered from the device
270  with details entered manually.
271
272* In the ARP section, you should see one entry with a timestamp.
273  Click on that entry. You should see a table associating IP addresses
274  with MAC addresses. This is the ARP table discovered from rtr1. You should
275  see your PC's IP address and MAC address.
276
277
278## Finding a computer in your network
279
280* Obtain the MAC address from your laptop (or desktop). Copy it in the clipboard.
281* In the Netdot web interface, go to Management -> Devices
282* Paste your MAC address and hit ENTER
283
284Netdot will show you which devices were seeing that MAC address the last
285time that it discovered the network.
286
287## Managing IP address space
288
289Go to Management -> Address Space
290
291You should see a list of private IP blocks (from RFC-1918). These come
292pre-installed in Netdot.
293
294Click on 10.0.0.0/8
295
296You will see a list of discovered IP blocks, which are marked as "Subnets".
297These were found in routers.
298
299* Click on 10.10.1.0/24.
300* Click on [edit]
301* In the Description field, type "Group 1 PCs"
302* Click "Save"
303
304### Create a container to include all the group subnets
305
306In the section called "Address Space Tasks" on top, click on the "[new]"
307button and enter the following:
308
309* IP/Prefix: 10.10.0.0/16
310* Owner: click on [new].
311* In the new "Entity" window, enter:
312  * Name: NSRC Lab
313  * Insert button, then [close]
314* Used by: (leave blank)
315* Status: Container
316* Description: NSRC lab student networks
317* Save
318
319You should now see the new Container page. It shows a graphical representation
320of the /16 block. All the existing subnets are shown in red. The green space
321represents unused or available address space.
322
323* On the top of the graph there is a section called "Zoom: set one row equal to"
324  Select /24 from the drop-down menu. Each row now represents a /24 block
325* Click on [Tree View] to see a tree graph view of the IP hierarchy
326
327## Polling devices
328
329Periodically you will want to connect again to your routers and switches to
330fetch their routing tables, forwarding tables etc. You can run the command which
331does this:
332
333~~~
334$ sudo /usr/local/netdot/bin/updatedevices.pl -DIFAT
335~~~
336
337* -D: poll all devices already in the database
338* -I: get device info (e.g. sysName)
339* -F: get switch forwarding tables
340* -A: get router ARP tables
341* -T: re-calculate the topology
342
343To avoid having to run this by hand, you can install a crontab which will
344do it automatically at set times of day. We installed the crontab file in
345/etc/cron.d previously. If you look in /etc/cron.d/netdot you will see that
346this command executes once each hour by default.
347
348
349# More information
350
351[Official Netdot Website](http://netdot.uoregon.edu)
352
353
354
355