Chapter 4 Advanced Correlation Scenarios

IP Interface Failure Scenarios

 

Table 4-1

IP Interface Status Down Alarm

 

 

 

 

 

 

 

 

 

Name

Description

 

Ticketable

Correlation allowed

Correlated to

Severity

 

 

 

 

 

 

Interface

Sent when an IP interface

Yes

Yes

Link Down/Device

Major

status

changes oper status to “down”

 

 

unreachable/Configuration

 

down/up

 

 

 

 

changed

 

 

 

 

 

 

 

 

The alarm’s description includes the full name of the IP interface, for example Serial0.2 (including the identifier for the subinterface if it is a subinterface) and the source of the alarm source points to the IP interface (and not to Layer1).

All syslogs and traps indicating changes in subinterfaces (above which an IP is configured) correlate to the “ip interface status down” alarm (if this alarm was supposed to be issued). The source of these events is the IP interface. Syslogs and traps that indicate problems in Layer1 (that do not have a subinterface qualifier in their description) are sourced to Layer1.

Note In case a syslog or trap is received from a subinterface that does not have an IP configured above it, the source of the created alarm is the underlying Layer 1.

For example:

Line-down trap (for subinterface).

Line-down syslogs (for subinterface). For events that occur on subinterfaces:

When sending the information northbound, the system uses the full subinterface name in the interface name in the source field, as described in the ifDesc/ifName OID (for example Serial0/0.1 and not Serial0/0 DLCI 50).

The source of the alarm is the IP interface configured above the subinterface.

If there is no IP configured, the source is the underlying Layer 1.

In case the main interface goes down, all related subinterfaces’ traps and syslogs are correlated as child tickets to the main interface parent ticket.

The following technologies are supported:

Frame Relay/HSSI

ATM

Ethernet, Fast Ethernet, Gigabit Ethernet

POS

CHOC

Correlation of Syslogs and Traps

When receiving a trap or syslog for the subinterface level, immediate polling of the status of the relevant IP interface occurs and a polled parent event (for example, ip interface status down) is created. The trap or syslog is correlated to this alarm.

Cisco Active Network Abstraction Fault Management User Guide, Version 3.6 Service Pack 1

4-4

OL-14284-01

 

 

Page 28
Image 28
Cisco Systems 3.6 specifications Correlation of Syslogs and Traps

3.6 specifications

Cisco Systems 3.6 marks a significant advancement in network technology, presenting an innovative suite of features and capabilities designed to enhance performance, security, and flexibility for modern networks. As a leader in networking solutions, Cisco continues to evolve its offerings, ensuring they meet the demands of businesses operating in increasingly complex environments.

One of the standout features of Cisco Systems 3.6 is the introduction of enhanced automation capabilities. Automation reduces the manual effort required for network management, allowing IT teams to focus on strategic initiatives rather than routine maintenance. The system leverages advanced machine learning algorithms to analyze network behavior, detect anomalies, and suggest optimizations, which enhances operational efficiency and uptime.

In terms of security, Cisco Systems 3.6 integrates robust cybersecurity measures directly into its architecture. It incorporates Cisco's SecureX framework, which provides centralized visibility and control across the entire security stack. This feature allows organizations to respond rapidly to threats, leveraging threat intelligence and automated response mechanisms to mitigate risks effectively.

Another notable characteristic is improved compatibility with cloud environments. With the rise of hybrid cloud models, Cisco Systems 3.6 offers seamless integration capabilities that enable businesses to connect their on-premises networks with public and private cloud infrastructures. This ensures greater flexibility and enhanced performance for cloud-based applications.

Cisco also emphasizes software-defined networking (SDN) with its updated platform. This approach allows for greater agility, enabling network administrators to programmatically manage resources through a centralized interface. SDN facilitates rapid deployment of services and applications, optimizing the overall user experience.

Cisco Systems 3.6 also boasts enhanced collaboration tools, fostering improved communication across teams. Featuring advanced video conferencing and messaging capabilities, it enhances productivity and streamlines processes, regardless of employee location. These tools are designed to support remote work environments, which have become increasingly important in today's business landscape.

Furthermore, energy efficiency is a core aspect of Cisco Systems 3.6. The system is designed to optimize power consumption and reduce overall operating costs, aligning with global sustainability goals. The efficient design prioritizes environmentally friendly practices while still delivering high performance.

In conclusion, Cisco Systems 3.6 represents a comprehensive evolution in networking technology, focusing on automation, security, cloud integration, SDN, collaboration, and energy efficiency. These features position Cisco as a pivotal player in supporting organizations as they navigate the complexities of digital transformation and the future of networking.