NSE-12 and NSE-22 quick start guide: Difference between revisions

From wiki.comcert.com
Jump to navigation Jump to search
(Created page with " == Introduction == All Network Sevice Elemenet (NSE) are based on a hardened versions on CentOS 7 64-bit Linux Operating System.   == Solution == === Accessing the...")
 
No edit summary
 
(23 intermediate revisions by the same user not shown)
Line 2: Line 2:
== Introduction ==
== Introduction ==


All Network Sevice Elemenet (NSE) are based on a hardened versions on CentOS 7 64-bit Linux Operating System.
Network Service Element is available in two configurations and two storage sizes, respectively SPAN and TAP and 500GB and 2TB.  


The SPAN model has two independent monitor interfaces labeled LAN 3 and LAN 4.  In a typical configuration, both ports will be connected to two SPAN output ports: one port representing all packets from the network to the site and the other port representing all packets in the opposite direction. The NSE offers great WAN visibility, including a more precise traffic measurements method than possible with flow based analysis or snmp.  Other applications of NSE are possible, for example the monitoring of server bound traffic in a relatively small remote datacenter.


The fail-safe TAP model has been designed to be installed inline between the CPE and the local switch.  No specific configuration of those devices is required.


 
 
Line 10: Line 12:
== Solution ==
== Solution ==


=== Accessing the appliance ===
=== Connect to the appliance ===
 
The appliance is accessible through ssh using a terminal emulator program and via a serial console located on the back of the appliance.  It ships with two local user accounts, ''Administrator'' and ''comcert''. User ''Administrator'' has been created to be used by the end-user to safely shut-down and reboot the appliance.  User ''comcert'' is reserved for COMCERT Support (C-TAC). 
 
==== Using a computer or terminal: ====
 
From a computer running Windows: use a recent version of a program such as MobaXterm or Putty to connect to NSE.
 
From a computer running Linux: to connect to NSE, run the following command:
<pre>ssh -l Administrator <IPaddressPMA></pre>
 
==== Using the serial console: ====
 
Use a serial cable to connect to the RS-232/RJ45 serial port on the backside of the NSE. Set the serial port on your computer to match the settings of the appliance: 9600, 8N1, no flow control.


&nbsp;
&nbsp;


{{#invoke:Message box|ambox |type=info|text=We recommend using MobaXterm to access the appliance. Download MobaXterm at: [http://mobaxterm.mobatek.net/download.html http://mobaxterm.mobatek.net/download.html]}}
=== Running commands ===
 
User Administrator has restricted access to the appliance and can only run a predefined set of commands as user root (sudo).&nbsp; Please remember to add "sudo" in front of the classical nGenius commands.
 
Example:
 
<code>./PS</code> will become <code>sudo ./PS</code>
 
<code>./localconsole</code> will become <code>sudo ./localconsole</code>
 
<code>systemctl restart vstream</code> will become <code>sudo systemctl restart vstream</code>


&nbsp;
&nbsp;


The appliance is accessible through ssh using your favorite terminal emulator. The appliance ships with two user accounts, ''Administrator''&nbsp;and ''comcert''. User ''Administrartor'' has been created to allow the end-user to safely shut down and&nbsp;reboot the appliance.&nbsp;User&nbsp;''comcert'' is reserved&nbsp;for COMCERT support engineers.&nbsp; To connect to PMA from another terminal session, run the following command:
=== Shutdown and reboot the appliance ===
<pre>ssh -l Administrator <IPaddressPMA></pre>


&nbsp;
&nbsp;


=== Shutdown or reboot the appliance ===
{{#invoke:Message box|ambox |type=warning|text=All applications must be brought-down properly before shutting-down or rebooting the appliance. Failure to do so may result in loss of recorded data.}}


&nbsp;
&nbsp;


{{#invoke:Message box|ambox |type=warning|text=All applications and virtuals machines must be brought-down properly before shutting down or rebooting the appliance. Failure to do so may result in irreparable damage to the databases and loss of recorded data.}}
Connect to NSE and login as Administrator.


&nbsp;
Once authenticated, run one of the following commands:


Stage&nbsp;1 - shutdown the application
To restart&nbsp;the appliance:
<pre>$ nse-restart</pre>


Stage 2 - shutdown the virtual machine
To shut-down the appliance:
<pre>$ nse-shutdown</pre>


Stage 3&nbsp; - shutdown or reboot the appliance
&nbsp;


For your convienience, two scripts are&nbsp;created that will take care of these three&nbsp;stages in the correct order.&nbsp; To execute a script, you must first connect to PMA and login as Administrator.
{{#invoke:Message box|ambox |type=warning|text=Power-off is the equivalent of removing the power cable from the appliance and it may cause data loss. Use only when restart and shutdown fails.}}


Once authenticated, run one of the following commands:
&nbsp;
<pre>pma-reboot</pre>
<pre>pma-shutdown</pre>


It may take several minutes for the appliance to reboot or shutdown correctly.
To power-off the appliance forcefully:
<pre>$ nse-poweroff
</pre>

Latest revision as of 07:47, 14 August 2020

Introduction

Network Service Element is available in two configurations and two storage sizes, respectively SPAN and TAP and 500GB and 2TB.  

The SPAN model has two independent monitor interfaces labeled LAN 3 and LAN 4.  In a typical configuration, both ports will be connected to two SPAN output ports: one port representing all packets from the network to the site and the other port representing all packets in the opposite direction. The NSE offers great WAN visibility, including a more precise traffic measurements method than possible with flow based analysis or snmp.  Other applications of NSE are possible, for example the monitoring of server bound traffic in a relatively small remote datacenter.

The fail-safe TAP model has been designed to be installed inline between the CPE and the local switch.  No specific configuration of those devices is required.

 

Solution

Connect to the appliance

The appliance is accessible through ssh using a terminal emulator program and via a serial console located on the back of the appliance.  It ships with two local user accounts, Administrator and comcert. User Administrator has been created to be used by the end-user to safely shut-down and reboot the appliance.  User comcert is reserved for COMCERT Support (C-TAC). 

Using a computer or terminal:

From a computer running Windows: use a recent version of a program such as MobaXterm or Putty to connect to NSE.

From a computer running Linux: to connect to NSE, run the following command:

ssh -l Administrator <IPaddressPMA>

Using the serial console:

Use a serial cable to connect to the RS-232/RJ45 serial port on the backside of the NSE. Set the serial port on your computer to match the settings of the appliance: 9600, 8N1, no flow control.

 

Running commands

User Administrator has restricted access to the appliance and can only run a predefined set of commands as user root (sudo).  Please remember to add "sudo" in front of the classical nGenius commands.

Example:

./PS will become sudo ./PS

./localconsole will become sudo ./localconsole

systemctl restart vstream will become sudo systemctl restart vstream

 

Shutdown and reboot the appliance

 

 

Connect to NSE and login as Administrator.

Once authenticated, run one of the following commands:

To restart the appliance:

$ nse-restart

To shut-down the appliance:

$ nse-shutdown

 

 

To power-off the appliance forcefully:

$ nse-poweroff