Tech Support Forum banner
Status
Not open for further replies.

Preventive maintenance checklist of Network devices router

31K views 12 replies 4 participants last post by  shadaab000 
#1 ·
Hi all,

Can anyone please advise on checklist for Preventive maintenance on IP devices router/switch/firewall based on software and hardware.
My IP network contains ZXR10 m6000-8s router, 8905E , 5900 series switch, CISCO 3750, h3c f5000 firewall.

its Urgent, Awaiting your response experts.

Thank you,
Shadaab
 
#2 ·
What exactly do you mean by preventative maintenance?

Particularly with a firewall you should be continuously reviewing your network devices to ensure that they comply with policy and ensure that nothing out of the ordinary is flowing across the network.

Do you have SNMP setup? This will help in reducing the administrative burden as it allows the devices to report certain statistics and information back to a centrialised management console for you to review.

Many Thanks,
Josh :smile:
 
#4 ·
Thanks corday and shadowjk for your reply.....
Dear Shadowjk.....my client has asked to do Prev Maint. on daily, weekly and monthly basis on products....so need to prepare checklist ....to ensure devices does not results in any failure and for smooth network operation ...else which might effect the network services....I work for ZTE corporation
Yes we have EMS which show alarms and gives details of the same.....and lot more information.
Something that might help in reducing the faults that might impact the service.
 
#5 ·
Well in terms of software there isn't much you can do really. Typically the only time you would handle the console of a device would be when performing an upgrade or when troubleshooting a network down situation.

One thing you might want to do is backup configurations and verify control-plane information. For example, were there any route flaps on the routing table? How frequent are these?

From a switching control-plane perspective, what is the STP topology? Has the root bridge changed at all? Where there any error logs shown?

For a hardware perspective I can only advise on Cisco equipment but I would check flash cards to see if they are being recognised by IOS. Since IOS is copied to RAM it may be possible for the flash to become faulty and then when a power outage comes the router or switch will be down as it cannot find the IOS image in flash.

Just my tips from experience,
Josh :smile:
 
#7 ·
Well the first command I would issue is the show file systems command to verify what storage systems are available on the system. Typically you want to look for the one with a '*' next to it as that is being used to hold the IOS. Equally you want to verify what it is listed as. Sometimes it can be referenced as flash: and other times it can be disk0:.

An example can be seen below:

Text Font Screenshot Technology


Now that the flash is recognised I would then check to make sure that the image is actually stored on it. Again, if the IOS image is not in local storage then the router or switch will not boot up after a power cycle.

This can be done by issuing the show flash: (This command reveals the entire contents of the flash card including sub directories and sub files). Or it can also be done using dir flash: (This command will show what is listed at the root of the flash which is where the image should be located).

Text Font


Hope This Helps,
Josh :smile:
 
#8 ·
On the subject of maintenance the most overlooked is vacuuming them out. Unless you are in a clean room environment [and ever then...] dust accumulates. But this is regularly disregarded as too low a priority. I have see more equipment fail from this than any other factor.

Otherwise the maintenance is reading the logs and checking stats. What you check is very different when you consider the equipment type.
 
#10 ·
Hi....
One thing w.r.t high cpu and memory utilization.?....need to know best ways to troubleshoot and solve the issue.....i saw on cisco website....there are so many factors of consideration to look for two things that cause this....1. system process taking too much time if overall cpu utilization is seen high 2. interrupts is seen high due high number of packets hitting the interface.
command # sh process cpu sorted

What i understand is if it is due to process then need to found the process and troubleshoot accordingly and if it is due to interrupts then need packet analyzer to analyse ....
But i need some guidance as new to this and cant expect much from senior where i work due to location . I am alone there so even i ask them something as they sit at Office and I at client site, i need to wait and wait for there simple reply.

If anyone can guide me simple and easy way to solve the issue of high cpu and memory utilization ?
 
#11 ·
Well it would mainly depend on what services the router is running. For example, if it was running BGP and had the entire internet routing table then chances are that will be why the CPU utilisation is high as well as high memory utilisation.

Any control-plane protocol is "punted" to the CPU for processing. All data-plane traffic should be switched in ASICs via CEF (Cisco Devices) or some caching service.

Therefore if you see high IP Input processing then it may indicate a potential DoS attack against the device as the only data-plane traffic that should affect the CPU is traffic destined for the device.

That said, you may find that fast control-plane timers can affect your CPU. For example, if you run OSPF internally and have the hello timers tuned down to sub-second convergence then that will bump up the CPU utilisation as the router or layer 3 switch has to process each hello.

To better determine if there is an issue you need to get a baseline reading... As in, what is the acceptable/normal statistics? This will help you to identify if something is out of the norm and then allow you to further troubleshoot it.

Generally speaking, in a stable network where the IGP has converged and no BGP processing is running I would expect CPU utilisation to be less than 50%. That said it all depends on what you are doing... For example, VPN encryption and decryption will take up CPU resources if you do not have a dedicated ASICs card to perform that operation.

Again, establish a baseline and then use it when performing maintenance...

Hope This helps,
Josh :smile:
 
#12 ·
As an example, I connected to a router on the internet that holds the entire internet routing table. You can see that the CPU utlisation is roughly 25% over time. This is just from the processing of BGP updates and withdraws that happen on the internet.

Text Font Lighting


I just want to iterate that normal behavior depends on what services you are running.

As a side note, this router has a high amount of CPU and memory horsepower and completing the same tasks on an enterprise router will most likely crash it.

Josh :smile:
 
#13 ·
Hi ,

Thanks for reply.

Till now no issue all devices cpu and mem utilization is normal ,,below threshold level.

One thing i am also checking is exception files.... need to know the purpose...like what are this files ....what info this files give...
# cd /sysdisk0/run_log & cd /sysdisk0/run_log/EXCINFO followed by dir.

Please advise.
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top