In the official Cisco e-learning materials, we can find a lot of networking tools to help us with various jobs. Just to mention a few: HyperTerminal, TeraTerm, PuTTY, and Wireshark. There are also Cisco’s own tools: CCP, IP Communicator, Network Assistant, and so on. Most of them have one thing in common: they run under Windows OS. But if we want to use alternate tools, there’s another popular operating system that has great possibilities for networking. This OS is Linux. In this series of articles, we try to collect the useable software tools to replace those that are mentioned in the Cisco curricula. In this first article, we’ll focus on basic network management tools: terminal emulators, SSH clients, SNMP applications , Syslog, and FTP/TFTP servers.
In our labs, we’ll use Debian Linux, but any Linux distribution will do. Debian is a very popular distribution with many descendants, such as Ubuntu. I try to introduce software that is standard and can be used identically on every Linux version. In order to use Linux and Cisco devices together, we’ll use GNS3, as it allows connecting Linux virtual machines with Cisco devices. For this we have to prepare a Virtualbox (or QEMU) VM and install Debian into it. Under Windows, it’s faster to use Virtualbox, and throughout the article I’ll refer to it. For installing Debian, see the reference in the end of the article. We need just the basic installation with default LXDE graphical user interface. In order to let us install software later, we need an Internet connection, so configure one of its NICs to reach the outside world (see the attached lab topology for GNS3):
The first thing to do when we start using a Cisco device is to connect to its managing interface. Although we can use a web-based tool, the main option is the console connection, for which we need special software, called a terminal emulator, and a console cable attached to one of our serial ports (or to a USB port if we have a USB-to-serial adapter). To simulate this, we need a real router and we have to use the serial port from the VM. So we have to configure Virtualbox following this:
For the impatient, here are the relevant settings from the Settings/Serial Ports menu:
We need to set up the NIC of the Linux VM to connect to the Internet, and then launch it. When the login screen appears, login as root (although it’s not recommended in a live environment, it will be easier for our lab purposes).
Linux has text-based and graphical terminal emulators on board. The oldest of them is called minicom. It was a tool for modems, but we can use it for terminal access, also. The installation is simple: I’ll show how to install from CLI (from a terminal window), but it can be installed from the GUI package manager called Synaptic. The command we need is:
apt-get install minicom
Start the program with minicom –s. This puts the program into setup mode, and we’ll see the menu. Navigate to Serial port setup and we’ll see something similar to this:
In Linux, the serial ports have different names than in Windows: /dev/ttyS0 is the equivalent of COM1. If you need to change this, press the “A” key, write in the correct value and press “Enter.” This applies to the other settings also: The capital letters indicates which keys to press to enter to the various settings. Try to achieve the same settings as are shown in the above figure. After this, leave this menu by pressing “Enter” on the last question line and select Save setup as dfl menu entry—this saves the settings as default. Finally choose Exit and we can reach the CLI of the router:
As the text states, we need to press CTRL-A, then Z to enter the main menu of minicom. This is important in at least two cases:
- We need to quit: press CTRL-A, then Z, then X (or Q).
- We need to send a break signal to the router (in order to do password recovery, for example): press CTRL-A, then Z, then F.
Some can say that minicom is not a very user-friendly application—right, so search for some another alternative. A GUI terminal emulator is cutecom. Installation is the same as minicom, except that the package name differs. After launching it, we’ll see the following:
With the above settings we can click on the Open device button and we can write our commands into the Input field. It’s a bit weird that the output will be separated from the input, but the commands we typed in can be saved easily for later use.
Another GUI alternative is GTKTerm, which can be downloaded from here:
Download the proper version (under Debian, the stable branch is suggested), then issue the following command to install the .DEB file:
dpkg –i gtkterm_version_number.deb
After launching, select the Configuration/Port menu and check the settings:
Finally if someone is already familiar with good old PuTTY, she/he can use it under Linux, too. It’s not just a telnet/SSH client anymore; it can also use the serial port connection and it can handle Cisco devices out of the box.
From now on, we can use our GNS3 topology to try things. The router and Linux will communicate on the 10.1.1.0/24 network; set up the router accordingly, then issue the following command on Linux:
ip address add 10.1.1.1/24 dev eth0
Test the connectivity from the Linux side and notice that the ping won’t stop until you press CTRL-C.
When we want to manage our router/switch remotely, we can use Telnet, SSH, HTTP, or SNMP for this purpose. The simplest method is to use Telnet, but it’s the least secure (we can achieve higher security with usernames and passwords instead of the basic common password authentication on virtual terminals). In Linux, the Telnet command is in the basic command set, so we can use it immediately. We can use PuTTY also, just set the Connection type to Telnet.
For a more secure remote connection we should use SSH. PuTTY is widely known for this purpose also, but Linux has the CLI version, which is very similar to that in Packet Tracer. We just need to install the package:
apt-get install openssh-client
Then we configure SSH on our router:
Now from the Linux side:
As can be seen at the first connection, we need to check the RSA key fingerprint and accept it; then we can enter the router. Because SSH is strong enough to protect our passwords, we can define the admin user as a user with full administrator rights.
Now we can manage our device through the CLI, but sometimes it’s convenient to use SNMP for this purpose. In previous articles, I’ve already written about managing devices by SNMP, so here we just need to search alternatives for SNMP manager applications to Linux. First, the CLI version of basic SNMP usage: the package name is snmp – not much surprise here. On Debian, it will help if we install the snmp-mibs-downloader package also. We’ll get a lot of utilities, let’s try the snmpget first (but before this setup the SNMP server on the router: use myrouter as read-only, and myrouterw as read/write community string):
The meaning of command line switches are in order: version, community string, the MIB to use, the agent’s IP address, and the value to get. Now try to change this setting (the sysName) with snmpset:
One thing in addition to the previous command: this value is a string (“s”) and its new value is JohnDoe.
If we like typing, it’s okay but, if not, search for a GUI application instead. Fortunately we’ll find at least one: SnmpB. It can be downloaded from SourceForge:
After installing the .DEB package, the readers of my previous articles can see a familiar interface:
I’ve already created a profile under the name of myrouter via the Options/Manage Agent Profiles… menu. The most important settings are the Agent Address/Name and the community strings under the Snmpv1/v2c entry on the left. After this, it’s far easier to browse the MIB tree and do the basic SNMP management. SnmpB has network discovery feature and can act as a trap receiver also. If we need more serious tools to use SNMP, here are some suggestions: Cacti, Zabbix, OpenNMS—to name just a few.
Now that we can manage our devices, it can be useful to see logging messages. Cisco IOS has the syslog service, which has many similarities to the syslog in Linux (and other Unix systems). The logic behind them is the same: the facilities, the severity levels, and much more. The most common usage may be to send syslog messages from a Cisco device to a Linux server, or to use this server as a central point for collecting messages from numerous devices. In Linux systems, we can use more applications. In this article we’ll use the built in rsyslog, but there is syslog-ng as an alternative.
Rsyslog is part of the basic system, so we don’t need to install it, but we have to configure it just a bit to adapt the needs of a Cisco device. The configuration is based on plain text files, as is common in Linux (and was a long time ago in Windows also, before the Registry was introduced). These files are in the /etc directory. Here we’ll find the rsyslog.d/ directory and the main rsyslog.conf file. We’ll use this: open it with a text editor (for example LeafPad), and search for these lines near the top of the file:
# provides UDP syslog reception
The “#” character means that the following text is just a comment. In order to activate the UDP syslog reception we need to remove these characters from the lines beginning with $ModLoad and $UDPServerRun. This shows that it can be important to allow UDP port 514 through a firewall in a real environment.
Another thing that is advisable is to separate the incoming log messages into a file (by default these messages go to /var/log/messages and /var/log/syslog files). This is easy if we know that Cisco devices use the local7 facility. So scroll down to the end of the rsyslog.conf file and enter the following as the last line:
Now save the file and restart the rsyslog service with the following command:
service rsyslog restart
On the router, configure the logging by the following commands:
Finally generate some events that trigger a syslog message to send, and see the contents of the /var/log/cisco file: the messages should be there.
It’s time to save our configuration, not only to the NVRAM of the router but to another place on the network. Most often, this is a TFTP or FTP server. Linux has various alternatives for each: in this article, I’ll show tftpd-hpa for TFTP and ProFTPd for FTP, but you can search for another application with the apt-cache search keyword command.
Before the installation, we should set up the verbosity of the APT install system so that we get more options to choose from during the installation process. Issue the dpkg-reconfigure debconf command and choose Dialog for the interface, and Low for the priority. After this the installation itself can be done in one step for the two programs:
apt-get install tftpd-hpa proftpd
During the installation, we need to choose if we want to run ProFTPd in standalone mode (yes). For the TFTP server, we need to choose the system user who will be the owner of the process (tftp), the root directory of the served files (/srv/tftp), the IP address and port to listen to (0.0.0.0:69), and in the additional options we should enter “–secure –create.” The “create” parameter is important: without this, we can get files from the server but cannot create new ones. The services automatically start after the installation but we need to do one important step: the /srv/tftp directory must be under the ownership of the tftp user, so issue the following:
chown tftp /srv/tftp
Now copying to and from the TFTP server should work. The FTP server configuration is easier because we don’t need to configure anything—it just works! One thing to do is to create a user who can copy data from the Cisco router. This can be achieved by the adduser program, for example (there is a useradd utility, but this is a bit harder to use). Issue adduser cisco and use Cisco123 as the password—the steps are self-explanatory. On the router, we issue the following:
After this, try to copy the running-config to the FTP server. We should find it under the default johndoe-confg filename in the home directory of the cisco user (/home/cisco).
These exercises hopefully helped you to see that using Linux in conjunction with Cisco devices is not so difficult, and we can find alternative tools for the daily use.
Installing Debian in Virtualbox: http://www.youtube.com/watch?v=2hXiAWIWfb8
SNMP command usage in Linux: http://docs.oracle.com/cd/E19201-01/820-6413-13/SNMP_commands_reference_appendix.html
Using syslog-ng instead of rsyslog: http://paulpodolny.blogspot.hu/2009/12/syslog-ng-cisco-configuration.html