NSE-12 and NSE-22 quick start guide: Difference between revisions

From wiki.comcert.com
Jump to navigation Jump to search
No edit summary
No edit summary
 
(21 intermediate revisions by the same user not shown)
Line 2: Line 2:
== Introduction ==
== Introduction ==


Network Service Element come in two varieties: SPAN and TAP.  
Network Service Element is available in two configurations and two storage sizes, respectively SPAN and TAP and 500GB and 2TB.  


The SPAN model has two independent monitor interfaces labeled LAN 3 and LAN 4.  In a typical configuration, both ports will be connected to two SPAN output ports: one port representing all packets from the network to the site and the other port representing all packets in the opposite direction. The NSE offers great WAN visibility, including a more precise traffic measurements method than possible with flow based analysis or snmp.  Other applications of NSE are possible, for example the monitoring of server bound traffic in a relatively small remote datacenter.
The SPAN model has two independent monitor interfaces labeled LAN 3 and LAN 4.  In a typical configuration, both ports will be connected to two SPAN output ports: one port representing all packets from the network to the site and the other port representing all packets in the opposite direction. The NSE offers great WAN visibility, including a more precise traffic measurements method than possible with flow based analysis or snmp.  Other applications of NSE are possible, for example the monitoring of server bound traffic in a relatively small remote datacenter.
Line 10: Line 10:
 
 


 
== Solution ==
 
=== Connect to the appliance ===
 
The appliance is accessible through ssh using a terminal emulator program and via a serial console located on the back of the appliance.  It ships with two local user accounts, ''Administrator'' and ''comcert''. User ''Administrator'' has been created to be used by the end-user to safely shut-down and reboot the appliance.  User ''comcert'' is reserved for COMCERT Support (C-TAC). 
 
==== Using a computer or terminal: ====
 
From a computer running Windows: use a recent version of a program such as MobaXterm or Putty to connect to NSE.
 
From a computer running Linux: to connect to NSE, run the following command:
<pre>ssh -l Administrator <IPaddressPMA></pre>
 
==== Using the serial console: ====
 
Use a serial cable to connect to the RS-232/RJ45 serial port on the backside of the NSE. Set the serial port on your computer to match the settings of the appliance: 9600, 8N1, no flow control.


&nbsp;
&nbsp;


== Solution ==
=== Running commands ===


=== Accessing the appliance ===
User Administrator has restricted access to the appliance and can only run a predefined set of commands as user root (sudo).&nbsp; Please remember to add "sudo" in front of the classical nGenius commands.


&nbsp;
Example:


{{#invoke:Message box|ambox |type=info|text=We recommend using MobaXterm to access the appliance. Download MobaXterm at: [http://mobaxterm.mobatek.net/download.html http://mobaxterm.mobatek.net/download.html]}}
<code>./PS</code> will become <code>sudo ./PS</code>


&nbsp;
<code>./localconsole</code> will become <code>sudo ./localconsole</code>


The appliance is accessible through ssh using a terminal emulator program and ships with two local user accounts, ''Administrator''&nbsp;and ''comcert''. User ''Administrator'' has been created for the end-user to safely shut down and&nbsp;reboot the appliance.&nbsp;User&nbsp;''comcert'' is reserved&nbsp;for COMCERT Support (C-TAC).&nbsp; To connect to NSE from another terminal session, run the following command:
<code>systemctl restart vstream</code> will become <code>sudo systemctl restart vstream</code>
<pre>ssh -l Administrator <IPaddressPMA></pre>


&nbsp;
&nbsp;


=== Shutdown or reboot the appliance ===
=== Shutdown and reboot the appliance ===


&nbsp;
&nbsp;


{{#invoke:Message box|ambox |type=warning|text=All applications and virtuals machines must be brought-down properly before shutting down or rebooting the appliance. Failure to do so may result in irreparable damage to the databases and loss of recorded data.}}
{{#invoke:Message box|ambox |type=warning|text=All applications must be brought-down properly before shutting-down or rebooting the appliance. Failure to do so may result in loss of recorded data.}}


&nbsp;
&nbsp;


Connect to PMA and login as Administrator.
Connect to NSE and login as Administrator.


Once authenticated, run one of the following commands:
Once authenticated, run one of the following commands:
To restart&nbsp;the appliance:
<pre>$ nse-restart</pre>


To shut-down the appliance:
To shut-down the appliance:
<pre>$ sudo systemctl halt</pre>
<pre>$ nse-shutdown</pre>
 
&nbsp;


To reboot the appliance:
{{#invoke:Message box|ambox |type=warning|text=Power-off is the equivalent of removing the power cable from the appliance and it may cause data loss. Use only when restart and shutdown fails.}}
<pre>$ sudo systemctl reboot</pre>


In case and only in case the above commands fail (risk of data loss):
&nbsp;


To power-off the appliance (equivalent of removing&nbsp;the power source).&nbsp;&nbsp;
To power-off the appliance forcefully:
<pre>$ sudo systemctl poweroff
<pre>$ nse-poweroff
</pre>
</pre>

Latest revision as of 07:47, 14 August 2020

Introduction

Network Service Element is available in two configurations and two storage sizes, respectively SPAN and TAP and 500GB and 2TB.  

The SPAN model has two independent monitor interfaces labeled LAN 3 and LAN 4.  In a typical configuration, both ports will be connected to two SPAN output ports: one port representing all packets from the network to the site and the other port representing all packets in the opposite direction. The NSE offers great WAN visibility, including a more precise traffic measurements method than possible with flow based analysis or snmp.  Other applications of NSE are possible, for example the monitoring of server bound traffic in a relatively small remote datacenter.

The fail-safe TAP model has been designed to be installed inline between the CPE and the local switch.  No specific configuration of those devices is required.

 

Solution

Connect to the appliance

The appliance is accessible through ssh using a terminal emulator program and via a serial console located on the back of the appliance.  It ships with two local user accounts, Administrator and comcert. User Administrator has been created to be used by the end-user to safely shut-down and reboot the appliance.  User comcert is reserved for COMCERT Support (C-TAC). 

Using a computer or terminal:

From a computer running Windows: use a recent version of a program such as MobaXterm or Putty to connect to NSE.

From a computer running Linux: to connect to NSE, run the following command:

ssh -l Administrator <IPaddressPMA>

Using the serial console:

Use a serial cable to connect to the RS-232/RJ45 serial port on the backside of the NSE. Set the serial port on your computer to match the settings of the appliance: 9600, 8N1, no flow control.

 

Running commands

User Administrator has restricted access to the appliance and can only run a predefined set of commands as user root (sudo).  Please remember to add "sudo" in front of the classical nGenius commands.

Example:

./PS will become sudo ./PS

./localconsole will become sudo ./localconsole

systemctl restart vstream will become sudo systemctl restart vstream

 

Shutdown and reboot the appliance

 

 

Connect to NSE and login as Administrator.

Once authenticated, run one of the following commands:

To restart the appliance:

$ nse-restart

To shut-down the appliance:

$ nse-shutdown

 

 

To power-off the appliance forcefully:

$ nse-poweroff