I am out in San Francisco this week and next for the Cisco Live 2009 conference. Well, the first week is for vacation, the second week is for the conference.
Not getting much done this week on the programming. We had our second check-in conference call this week. I need to get a test plan together and finish getting the basics of the application installed on the VMware demo appliance. After those issues are worked out, the next step is getting the application installed on the real lab.
With the telnet & SNMP components working, there I am making pretty good progress on the overall application component (but we are already half-way through the contest).
I am currently studying for the CCIE-R/S written exam (scheduled for Sunday morning). I need that to re-certify my CCIE (I have till February, so its not that big of a deal if I don't pass it, but it would be one less thing to do in January / February).
I will post some more on Sunday night / Monday after I get the R/S out of t
Friday, June 26, 2009
Wednesday, June 17, 2009
Multi-threaded Polling
Converted the polling application to be multi-threaded similar to the SNMP collection process. I am still working on the SNMP collection and interpretation of the data. I can collect information, but I need to ensure I am able to correctly interpret and store the data collected.
Additionally, I need to work on the SSH process and then the collection process will be fairly complete.
I would have made more progress today, but I was up at 3:00AM for a customer troubleshooting session (that all worked out good).
Additionally, I need to work on the SSH process and then the collection process will be fairly complete.
I would have made more progress today, but I was up at 3:00AM for a customer troubleshooting session (that all worked out good).
Monday, June 15, 2009
Skipped gym and made great progress
I skipped the gym tonight (my neck is a little sore) and it seemed to pay off today.
I found a little simple copy/paste error that was causing the prompt detection to fail. After spending a couple of hours tracking down the issue, I was able to successfully gain access to 'enable mode' on the lab routers and execute the beginnings of the commands ('show version' only for right now).
The next step is to import the entire list of commands that need to be executed and then store them. The process is a little slow right now (the process to collect the data takes 82 seconds right now for just the single 'show version' command). I will need to optimize the process a little bit to get everything working at a reasonable speed.
The plan for the rest of the week is to get to the same point on the SSH collection process. After that, the process of porting the application onto the AXP VM appliance will begin.
I found a little simple copy/paste error that was causing the prompt detection to fail. After spending a couple of hours tracking down the issue, I was able to successfully gain access to 'enable mode' on the lab routers and execute the beginnings of the commands ('show version' only for right now).
The next step is to import the entire list of commands that need to be executed and then store them. The process is a little slow right now (the process to collect the data takes 82 seconds right now for just the single 'show version' command). I will need to optimize the process a little bit to get everything working at a reasonable speed.
The plan for the rest of the week is to get to the same point on the SSH collection process. After that, the process of porting the application onto the AXP VM appliance will begin.
Sunday, June 14, 2009
Not much accomplished this weekend
I had family in town this weekend, so not much was accomplished on the application. I am still having issues with the logon process for telnet data collection, I hope to correct the issues on Tuesday night.
I have started looking at creating the line graphs via Java. This looks to be a relatively straight forward process for the most part. It looks like I can use a pre-built library for creating the Java charts or do my own. I started working on the basic process on Friday afternoon since I was mostly disconnected from the lab.
I also ordered the license upgrades for my ASA-5505 on Friday. I will be getting the Security Plus license in addition to the AnyConnect Essentials license. With the Security Plus license, I will be able to have multiple DMZ interfaces off of the ASA (with full connectivity) instead of the very limited connectivity I have currently. In addition, I should be able to use the ASA as the gateway for the entire network (removing the need for the dual gateway configuration I have today). The AnyConnect Essentials license gives me 25 SSL VPN licenses (the lowest number) so I can connect remotely using the SSL VPN client from multiple devices.
I have started looking at creating the line graphs via Java. This looks to be a relatively straight forward process for the most part. It looks like I can use a pre-built library for creating the Java charts or do my own. I started working on the basic process on Friday afternoon since I was mostly disconnected from the lab.
I also ordered the license upgrades for my ASA-5505 on Friday. I will be getting the Security Plus license in addition to the AnyConnect Essentials license. With the Security Plus license, I will be able to have multiple DMZ interfaces off of the ASA (with full connectivity) instead of the very limited connectivity I have currently. In addition, I should be able to use the ASA as the gateway for the entire network (removing the need for the dual gateway configuration I have today). The AnyConnect Essentials license gives me 25 SSL VPN licenses (the lowest number) so I can connect remotely using the SSL VPN client from multiple devices.
Thursday, June 11, 2009
Slowly making progress
Debugging the telnet connection process. I have the main class and I am currently working on the authentication process for the telnet connections. I am currently having issues getting the password to be sent correctly. It looks like it is going to be a realtively simple issue to get fixed (as soon as I find out what the issue is).
I think I am going to have to upgrade my ASA to the 'Security Plus' license in order to support both external VPN connections into the lab equipment and also enable access to the inside of the network. Right now, I am debugging the application over the SSL VPN (which is working OK for now).
I have the VMware image setup on an external hard drive (I am running out of space on my laptop). I should be able to put at least the basics functions on the VMware image later this week or over the weekend.
I think I am going to have to upgrade my ASA to the 'Security Plus' license in order to support both external VPN connections into the lab equipment and also enable access to the inside of the network. Right now, I am debugging the application over the SSL VPN (which is working OK for now).
I have the VMware image setup on an external hard drive (I am running out of space on my laptop). I should be able to put at least the basics functions on the VMware image later this week or over the weekend.
Sunday, June 7, 2009
Made some more progress this weekend.
Team SNAT DescriptionI was able to get most of the SNMP discovery application completed and started working on the telnet components. The SNMP was relatively straight forward since the polling (which I completed last week) and the discovery are very similar. I just need to collect different OIDs and perform SNMP getnext versus standard SNMP gets.
Telnet is relatively straight forward as well. I am working on performing an automated discovery of the 'more' messages and automatically handling those. If I cannot get those worked out, I will be falling back to the standard of immediately turnning off the paging function using the 'term length 0' or similar commands.
I uploaded the Team SNAT video also today. I am attaching a link to the video (click the link below). It is my first video of this type, so don't be too harsh :)
Team SNAT Description
Telnet is relatively straight forward as well. I am working on performing an automated discovery of the 'more' messages and automatically handling those. If I cannot get those worked out, I will be falling back to the standard of immediately turnning off the paging function using the 'term length 0' or similar commands.
I uploaded the Team SNAT video also today. I am attaching a link to the video (click the link below). It is my first video of this type, so don't be too harsh :)
Team SNAT Description
Wednesday, June 3, 2009
Multi-threaded SNMP Polling
Learned how to implement a thread pool in Java today. This is pretty straight forward to implement (assuming you setup the thread class correctly of course). The key is to setup a class to execute as a single thread (although there is no reason the thread could not call additional threads). Then, the process is fairly straight forward.
For SNAT, I created a 'poller' class which executes the SNMP polling for a single host and all of the associated interfaces. From within the poller class, there is a number of database queries (gather SNMP parameters, interface information, etc). These all execute just as in the previous version 'for' loop. However, with the threaded implementation, the iterations through the for loop create a task for the thread pool. The Java ExecutorService handles the thread scheduling tasks (which made this job much easier).
Here is the before thread code:
The threaded version looks like the following:
While executing the code, the output from the threads are all interlaced together (versus being serialized). I do not have any data on the speed advantages for the threaded versus the non-threaded because I only have four hosts in the database.
The real test will come after I get the scanning component enabled (as opposed to hand entering the data for testing). Also, I decided not to do the threads on a per-interface basis at this time. This is to avoid overloading an individual host with too many bulk SNMP requests simultaneously.
For SNAT, I created a 'poller' class which executes the SNMP polling for a single host and all of the associated interfaces. From within the poller class, there is a number of database queries (gather SNMP parameters, interface information, etc). These all execute just as in the previous version 'for' loop. However, with the threaded implementation, the iterations through the for loop create a task for the thread pool. The Java ExecutorService handles the thread scheduling tasks (which made this job much easier).
Here is the before thread code:
for (long hostPKEY : hostList) {
System.out.println("Found host pkey: " + hostPKEY);
poller(hostPKEY);
} // End hostPKEY for loop
The threaded version looks like the following:
// Create the thread pool
ExecutorService threadPool = Executors.newFixedThreadPool(numberThreads);
for (long hostPKEY : hostList) {
System.out.println("Found host pkey: " + hostPKEY);
threadPool.execute(new poller(hostPKEY));
} // End hostPKEY for loop
While executing the code, the output from the threads are all interlaced together (versus being serialized). I do not have any data on the speed advantages for the threaded versus the non-threaded because I only have four hosts in the database.
The real test will come after I get the scanning component enabled (as opposed to hand entering the data for testing). Also, I decided not to do the threads on a per-interface basis at this time. This is to avoid overloading an individual host with too many bulk SNMP requests simultaneously.
Monday, June 1, 2009
Making good progress today
I have most of the SNMP polling working for the Java poller client! I still have some testing to do, but right now I have the poller able to query the assessment database to get a list of hosts that are enabled, have SNMP configured and have the appropriate information for the hosts. Then, I can poll the host.
The remaining items for the Java SNMP performance poller are the following:
Next on the list (After the above items are worked out) are the initial data gathering components. These will be the telnet / SSH client and the SNMP information gathering component (SNMP walk). I will be looking at making these multi-threaded as well since there could be a good amount of delay in between the commands being sent and the data returning (especially for older or WAN connected devices). The key will be altering the number of threads executing so as to not kill the AXP platform and also not kill the network. I am thinking of making this a configurable option initially (i.e. in the configuration, there will be a parameter for the number of threads for each of the options).
The remaining items for the Java SNMP performance poller are the following:
- Update the database with gathered information
- Convert the poller to a multi-threaded application for the polling (should be straight forward based on the current design)
- Testing
Next on the list (After the above items are worked out) are the initial data gathering components. These will be the telnet / SSH client and the SNMP information gathering component (SNMP walk). I will be looking at making these multi-threaded as well since there could be a good amount of delay in between the commands being sent and the data returning (especially for older or WAN connected devices). The key will be altering the number of threads executing so as to not kill the AXP platform and also not kill the network. I am thinking of making this a configurable option initially (i.e. in the configuration, there will be a parameter for the number of threads for each of the options).
Subscribe to:
Posts (Atom)